Virus/Security Issues on Windows 8

December 7, 2013 at 01:20:08
Specs: Windows 8
Have ran AdwCleaner and Hi-Jack this.
Here is the AdwCleaner log...

# AdwCleaner v3.014 - Report created 07/12/2013 at 02:39:45
# Updated 01/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : BuddasGirl - JASON
# Running from : C:\Users\BuddasGirl\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Users\BuddasGirl\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\BuddasGirl\AppData\Roaming\Mozilla\Firefox\Profiles\aiz6eo8q.default\adawaretb
File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\BuddasGirl\AppData\Roaming\Mozilla\Firefox\Profiles\aiz6eo8q.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3230 octets] - [07/12/2013 02:37:38]
AdwCleaner[S0].txt - [2963 octets] - [07/12/2013 02:39:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3023 octets] ##########


And here is the Hi-Jack this Log Report...


# AdwCleaner v3.014 - Report created 07/12/2013 at 02:39:45
# Updated 01/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : BuddasGirl - JASON
# Running from : C:\Users\BuddasGirl\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Users\BuddasGirl\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\BuddasGirl\AppData\Roaming\Mozilla\Firefox\Profiles\aiz6eo8q.default\adawaretb
File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\BuddasGirl\AppData\Roaming\Mozilla\Firefox\Profiles\aiz6eo8q.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3230 octets] - [07/12/2013 02:37:38]
AdwCleaner[S0].txt - [2963 octets] - [07/12/2013 02:39:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3023 octets] ##########

Does anyone see any issues? I did fix quite a bit of registry errors with adwcleaner but im not quite proficient yet with Hi-Jack this.


See More: Virus/Security Issues on Windows 8

Report •


#1
December 7, 2013 at 07:06:21
Nice initiative jason2401, you posted the AdwCleaner log twice, no HJT log, shall have a look at that when posted.

Run these 2 programs as well.

Junkware Removal Tool
http://www.softpedia.com/get/Securi...
http://www.softpedia.com/progScreen...
http://www.bleepingcomputer.com/dow...
http://thisisudax.blogspot.com.au/2...
Download Junkware Removal Tool to your desktop.
Warning! Once the scan is complete JRT will shut down your browser with NO warning.
Shut down your protection software now to avoid potential conflicts.
Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
http://www.bleepingcomputer.com/for...
http://www.techsupportforum.com/for...
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7/8, right-click JRT and select Run as Administrator
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Copy and Paste the contents of the JRT.txt log please.

message edited by Johnw


Report •

#2
December 7, 2013 at 07:07:16
Malwarebytes' Anti-Malware ( MBAM ) Free Version. Use Quick scan. Copy and Paste the contents of the log please.
http://www.softpedia.com/get/Antivi...
http://www.softpedia.com/progScreen...
http://i.imgur.com/3DtG68Y.gif
http://www.malwarebytes.org/mbam.php
http://www.spywareinfoforum.com/ind...
http://www.bleepingcomputer.com/vir...
Make sure you uncheck > Enable free trial < during install.
http://i.imgur.com/tUFCbYz.gif
If your MBAM log indicates "No action taken." That's usually a result of NOT clicking the Remove Selected button after the scan.
Quick Scan versus Full Scan
http://forums.malwarebytes.org/inde...

Report •

Related Solutions


Ask Question