Seems like my netbook has a virus
Solved/Closed
bcn101
Posts
113
Registration date
Friday November 9, 2012
Status
Member
Last seen
July 28, 2014
-
Apr 10, 2013 at 04:56 PM
bcn101 - Apr 17, 2013 at 07:25 AM
bcn101 - Apr 17, 2013 at 07:25 AM
Related:
- Seems like my netbook has a virus
- Goose virus - Download - Other
- Can a jpg have a virus - Guide
- Ntuser.dat virus - Guide
- Attrib - r-h-s /s /d *.* virus - Viruses & Security Forum
- Attrib -h -r -s /s /d g:\*.* - Viruses & Security Forum
14 responses
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,163
Apr 10, 2013 at 04:57 PM
Apr 10, 2013 at 04:57 PM
To help you and prescribe the remedy, I must make a diagnostic and to do so, I require a log.
1. Open this link and download ZHPDiag2 :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message.)
2. Save the file on your Desktop.
3. Double click on ZHPDiag.exe and follow the installation instructions.
The tool creates three icons ZHPDiag, MRB, and ZHPFix (If necessary,we will use ZHPFix at the next step).
4. Double click on the short cut ZHPDiag on your Destktop.
5. Click on the green arrow to ensure you have the latest version. Click on the eyedropper icon and ensure all of the items are checked.
6. Click on the Magnifying glass with the + sign and run the analysis.
Wait for the tool to finished (maybe a long time)
7. Close ZHPDiag.
8. To transmit the report, click on this link :
https://authentification.site
9. Click on Parcourir and search the directory where you installed ZHPDiag (usually C:\desktop\zhpdiag.txt).
10. Select the file ZHPDiag.txt.
11. Click on "upload »
12. Copy the URL and post it here.
Best regards
Ambucias
Moderator /Security Contributor
1. Open this link and download ZHPDiag2 :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message.)
2. Save the file on your Desktop.
3. Double click on ZHPDiag.exe and follow the installation instructions.
The tool creates three icons ZHPDiag, MRB, and ZHPFix (If necessary,we will use ZHPFix at the next step).
4. Double click on the short cut ZHPDiag on your Destktop.
5. Click on the green arrow to ensure you have the latest version. Click on the eyedropper icon and ensure all of the items are checked.
6. Click on the Magnifying glass with the + sign and run the analysis.
Wait for the tool to finished (maybe a long time)
7. Close ZHPDiag.
8. To transmit the report, click on this link :
https://authentification.site
9. Click on Parcourir and search the directory where you installed ZHPDiag (usually C:\desktop\zhpdiag.txt).
10. Select the file ZHPDiag.txt.
11. Click on "upload »
12. Copy the URL and post it here.
Best regards
Ambucias
Moderator /Security Contributor
bcn101
Posts
113
Registration date
Friday November 9, 2012
Status
Member
Last seen
July 28, 2014
Apr 11, 2013 at 05:10 PM
Apr 11, 2013 at 05:10 PM
Ambucias,
Thanks for the immediate reply, please see the link below. Thanks.
http://speedy.sh/WhFC6/ZHPDiag.txt
Thanks for the immediate reply, please see the link below. Thanks.
http://speedy.sh/WhFC6/ZHPDiag.txt
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,163
Apr 11, 2013 at 05:24 PM
Apr 11, 2013 at 05:24 PM
Hello
Thanks for the log. Please stand-by for results.
Thanks for the log. Please stand-by for results.
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,163
Apr 11, 2013 at 05:36 PM
Apr 11, 2013 at 05:36 PM
Hello again,
There are 42 malware in your system : spyware, adware and a trojan horse (Browser Helper Object)
I will request that you run two tools which you must run according to the directions. Once you have run those tools, please post the logs in this thread, (no need to upload on Speedyshare), then run another ZHP diag log and upload on speedyshare.
Here are the tools:
Tool One adwcleaner:
Download the following Adwcleaner created by Xplode
https://ccm.net/downloads/security-and-maintenance/6911-adwcleaner/
Launch it (for Windows 7 and 8, click right to run as administrator)
Click on delete
Post the log C:\Adwcleaner[Sx].txt on this thread.
Tool two: Malwarebyte
Download, install and run Malwarebyte which you can find on this site:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware
Ensure you make an update.
Please request a FULL system scan, which may take from 20 minutes to hours. Do not interfere no matter how long in takes. The creators of Malwarebyte recommend that while the tool is running that you go do something else, such as watching a rerun of Gone with the Wind or read Tolstoy's War and Peace.
If Malwarebyte restarts your system, launch it again to finish the Full scan.
When the scan is completed, delete all items found.
Good luck
There are 42 malware in your system : spyware, adware and a trojan horse (Browser Helper Object)
I will request that you run two tools which you must run according to the directions. Once you have run those tools, please post the logs in this thread, (no need to upload on Speedyshare), then run another ZHP diag log and upload on speedyshare.
Here are the tools:
Tool One adwcleaner:
Download the following Adwcleaner created by Xplode
https://ccm.net/downloads/security-and-maintenance/6911-adwcleaner/
Launch it (for Windows 7 and 8, click right to run as administrator)
Click on delete
Post the log C:\Adwcleaner[Sx].txt on this thread.
Tool two: Malwarebyte
Download, install and run Malwarebyte which you can find on this site:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware
Ensure you make an update.
Please request a FULL system scan, which may take from 20 minutes to hours. Do not interfere no matter how long in takes. The creators of Malwarebyte recommend that while the tool is running that you go do something else, such as watching a rerun of Gone with the Wind or read Tolstoy's War and Peace.
If Malwarebyte restarts your system, launch it again to finish the Full scan.
When the scan is completed, delete all items found.
Good luck
bcn101
Posts
113
Registration date
Friday November 9, 2012
Status
Member
Last seen
July 28, 2014
Apr 11, 2013 at 06:17 PM
Apr 11, 2013 at 06:17 PM
Ambucias,
I don't really know how did I get those trojans and malwares, can you tell me?
I am running malwarebytes now so atm I'm sending you the adwcleaner log:
# AdwCleaner v2.200 - Fichero creado el 11/04/2013 a 23:52:17
# Actualizado el 02/04/2013 por Xplode
# Sistema operativo : Windows 7 Starter (32 bits)
# Usuario : Usuario - USUARIO-PC
# Modo de inicio : Normal
# Ejecutado desde : C:\Users\Usuario\Downloads\adwcleaner.exe
# Opción [Supresión]
***** [Servicios] *****
Parado & Suprimido : DefaultTabSearch
Parado & Suprimido : DefaultTabUpdate
Parado & Suprimido : Partner Service
***** [Ficheros / Carpetas] *****
Carpeta Suprimido : C:\Program Files\DefaultTab
Carpeta Suprimido : C:\ProgramData\Partner
Carpeta Suprimido : C:\Users\Usuario\AppData\Local\Temp\boost_interprocess
Carpeta Suprimido : C:\Users\Usuario\AppData\Roaming\DefaultTab
Fichero Suprimido : C:\Users\Public\Desktop\eBay.lnk
***** [Registro] *****
Clave Supprimida : HKCU\Software\Alexa Internet
Clave Supprimida : HKCU\Software\AppDataLow\Software\DefaultTab
Clave Supprimida : HKCU\Software\Default Tab
Clave Supprimida : HKCU\Software\DefaultTab
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Clave Supprimida : HKCU\Software\Softonic
Clave Supprimida : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
Clave Supprimida : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1
Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Clave Supprimida : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Clave Supprimida : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Clave Supprimida : HKLM\Software\Default Tab
Clave Supprimida : HKLM\Software\DefaultTab
Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]
***** [Navegadores] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] El registro no contiene ninguna entrada ilegítima.
-\\ Google Chrome v26.0.1410.64
Fichero : C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] El fichero no contiene ninguna entrada ilegítima.
*************************
AdwCleaner[S1].txt - [6026 octets] - [11/04/2013 23:52:17]
########## EOF - C:\AdwCleaner[S1].txt - [6086 octets] ##########
THANKS.
I don't really know how did I get those trojans and malwares, can you tell me?
I am running malwarebytes now so atm I'm sending you the adwcleaner log:
# AdwCleaner v2.200 - Fichero creado el 11/04/2013 a 23:52:17
# Actualizado el 02/04/2013 por Xplode
# Sistema operativo : Windows 7 Starter (32 bits)
# Usuario : Usuario - USUARIO-PC
# Modo de inicio : Normal
# Ejecutado desde : C:\Users\Usuario\Downloads\adwcleaner.exe
# Opción [Supresión]
***** [Servicios] *****
Parado & Suprimido : DefaultTabSearch
Parado & Suprimido : DefaultTabUpdate
Parado & Suprimido : Partner Service
***** [Ficheros / Carpetas] *****
Carpeta Suprimido : C:\Program Files\DefaultTab
Carpeta Suprimido : C:\ProgramData\Partner
Carpeta Suprimido : C:\Users\Usuario\AppData\Local\Temp\boost_interprocess
Carpeta Suprimido : C:\Users\Usuario\AppData\Roaming\DefaultTab
Fichero Suprimido : C:\Users\Public\Desktop\eBay.lnk
***** [Registro] *****
Clave Supprimida : HKCU\Software\Alexa Internet
Clave Supprimida : HKCU\Software\AppDataLow\Software\DefaultTab
Clave Supprimida : HKCU\Software\Default Tab
Clave Supprimida : HKCU\Software\DefaultTab
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Clave Supprimida : HKCU\Software\Softonic
Clave Supprimida : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
Clave Supprimida : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1
Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Clave Supprimida : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Clave Supprimida : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Clave Supprimida : HKLM\Software\Default Tab
Clave Supprimida : HKLM\Software\DefaultTab
Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]
***** [Navegadores] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] El registro no contiene ninguna entrada ilegítima.
-\\ Google Chrome v26.0.1410.64
Fichero : C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] El fichero no contiene ninguna entrada ilegítima.
*************************
AdwCleaner[S1].txt - [6026 octets] - [11/04/2013 23:52:17]
########## EOF - C:\AdwCleaner[S1].txt - [6086 octets] ##########
THANKS.
Didn't find the answer you are looking for?
Ask a question
bcn101
Posts
113
Registration date
Friday November 9, 2012
Status
Member
Last seen
July 28, 2014
Apr 11, 2013 at 07:56 PM
Apr 11, 2013 at 07:56 PM
Ambucias,
Hi again, malwarebytes has finished running. result is ZERO.
See the log below, thanks :)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.04.11.12
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Usuario :: USUARIO-PC [administrator]
4/12/2013 12:10:14 AM
mbam-log-2013-04-12 (00-10-14).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 277599
Time elapsed: 1 hour(s), 41 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Hi again, malwarebytes has finished running. result is ZERO.
See the log below, thanks :)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.04.11.12
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Usuario :: USUARIO-PC [administrator]
4/12/2013 12:10:14 AM
mbam-log-2013-04-12 (00-10-14).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 277599
Time elapsed: 1 hour(s), 41 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,163
Apr 12, 2013 at 04:29 AM
Apr 12, 2013 at 04:29 AM
Ola,
Sorry for the late response.
I had a little difficulty in reading the Spanish log but I managed.
Most of the malware came from applications you have downloaded, IM Booster, Amazon, for example.
You may now remove adwcleaner and Malwarebyte from your computer.
For optimisation download and run the following tools:
File cleaner:
https://ccm.net/downloads/security-and-maintenance/4555-ccleaner/
This totally free yet very efficient registry cleaner :
https://ccm.net/download/download-13339-eusing-free-registry-cleaner
Delete the items that are found.
Last, I would like to check if the BHO Trojan is really gone it has to do with "Partner Service"
Please produce another ZHP log and upload it on speedyshare.
Asta la proxima
Sorry for the late response.
I had a little difficulty in reading the Spanish log but I managed.
Most of the malware came from applications you have downloaded, IM Booster, Amazon, for example.
You may now remove adwcleaner and Malwarebyte from your computer.
For optimisation download and run the following tools:
File cleaner:
https://ccm.net/downloads/security-and-maintenance/4555-ccleaner/
This totally free yet very efficient registry cleaner :
https://ccm.net/download/download-13339-eusing-free-registry-cleaner
Delete the items that are found.
Last, I would like to check if the BHO Trojan is really gone it has to do with "Partner Service"
Please produce another ZHP log and upload it on speedyshare.
Asta la proxima
Hi, I am so sorry for the spanish text,how can I change it to English?
BTW, I have downloaded the cleaner and the other tool. I have run SCAN and REPAIR, but it didn't give me any logs. How can I find it?
Thanks again.
BTW, I have downloaded the cleaner and the other tool. I have run SCAN and REPAIR, but it didn't give me any logs. How can I find it?
Thanks again.
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,163
Apr 13, 2013 at 05:02 PM
Apr 13, 2013 at 05:02 PM
Ola,
There is no need to change the log to English, I understood the Spanish log.
I just need another ZHP log such as the one you produced on April 11.
How is your system working now ?
Best regards
There is no need to change the log to English, I understood the Spanish log.
I just need another ZHP log such as the one you produced on April 11.
How is your system working now ?
Best regards
Hi,
Yeah, I know that you understood the spanish text but Iwould like to ask for some help too of changing the language of my notebook to english,except the keyboard. Would that be possible.
And about the log, as what I have told you about the tool that you asked me to download and run, it didn't give me any logs after I click SCAN and REPAIR.
just confused.
thanks
Yeah, I know that you understood the spanish text but Iwould like to ask for some help too of changing the language of my notebook to english,except the keyboard. Would that be possible.
And about the log, as what I have told you about the tool that you asked me to download and run, it didn't give me any logs after I click SCAN and REPAIR.
just confused.
thanks
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,163
Apr 14, 2013 at 05:55 AM
Apr 14, 2013 at 05:55 AM
I meant a ZHP Diag log as you did in the very beginning.
To change the language, go to the control panel, open regional settings, click on the language tab and select English, click ok
To change the language, go to the control panel, open regional settings, click on the language tab and select English, click ok
Ambucias,
Hi, stillcan't change the language... idk why. Anyway, is my notebook all clean now? Do I still have to do smth?
Thanks.
Hi, stillcan't change the language... idk why. Anyway, is my notebook all clean now? Do I still have to do smth?
Thanks.
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,163
Apr 17, 2013 at 06:27 AM
Apr 17, 2013 at 06:27 AM
No
Good luck
Good luck
thanks for the quick reply...as always,just confused with the "NO" is that an answer to : Anyway, is my notebook all clean now?
or to: Do I still have to do smth?
thanks ambu :)
or to: Do I still have to do smth?
thanks ambu :)
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,163
Apr 17, 2013 at 06:50 AM
Apr 17, 2013 at 06:50 AM
Yes, as clean as a whistle, so clean it could squeek !:-)
You are awesome..as always!!!
So, I'll delete all the tools that you told me to download right?
So, I'll delete all the tools that you told me to download right?
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,163
Apr 17, 2013 at 07:22 AM
Apr 17, 2013 at 07:22 AM
Hola
Correct, you can delete all except for Eusing Free and CCleaner which are useful tools to use once at least week to keep your machine optimised.
Asta la proxima.
Correct, you can delete all except for Eusing Free and CCleaner which are useful tools to use once at least week to keep your machine optimised.
Asta la proxima.
