Search:

Im all clean, malwarebytes and spybot both come up with nothing unusual!

Scan looks good, ill run another tomorrow to be sure but looks to be clean! Was it just something leftover in the reg?

Search results from Spybot - Search & Destroy

11/21/2013 7:34:58 PM
Scan took 00:27:30.
61 items found.

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
...

Ill have to give it a few days, as I honestly did not know the trojan was there until I had some annoying browser issues that could have been unrelated. Things seem good and I'm going to run a scan...

OTL logfile created on: 11/21/2013 3:50:58 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dave\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type =...

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1E648A66-EA59-4BEE-97A7-AB258586E914}\ deleted successfully....

https://www.virustotal.com/en/file/4a7955272285a3723ac26940bfb8fbd74866147ab82a02c5cdbaf84122242c3b/analysis/1385009258/
...

I'm sorry to say the Extras.txt was not created when I went looking for it. I only have the first one from the first run.

OTL logfile created on: 11/20/2013 11:18:14 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dave\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type =...

C:\Users\Dave\AppData\Roaming\flmem.exe a variant of MSIL/Injector.BRF trojan
C:\Users\Dave\AppData\Roaming\FLup.exe a variant of MSIL/Injector.BRF trojan
Operating memory a variant of...

Malwarebytes didnt do it on it's own before, lets see how it did it now. Here's the log.


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.19.12
...

# AdwCleaner v3.012 - Report created 19/11/2013 at 14:52:49
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dave - DABBA
# Running...

It did not take very long at all..


# AdwCleaner v3.012 - Report created 18/11/2013 at 22:25:31
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64...

OTL Extras logfile created on: 11/17/2013 11:05:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dave\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) -...

OTL logfile created on: 11/17/2013 11:05:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dave\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type =...

Search results from Spybot - Search & Destroy

11/17/2013 7:03:29 PM
Scan took 00:27:47.
85 items found.

SweetIM: [SBI $8D9D81BD] Settings (Registry Key, nothing done)
...

Thanks for the reply Ken, just got home, heres the log for combofix:

ComboFix 13-11-16.01 - Dave 11/17/2013 16:05:39.1.4 - x64
Microsoft Windows 7 Home Premium ...

Hello, first I would like to say this is my first time asking for help in removing a threat. Most times I'm able to use spybot or malwarebytes to remove the threats. This time though, this particular...

Hello, first I would like to say this is my first time asking for help in removing a threat. Most times I'm able to use spybot or malwarebytes to remove the threats. This time though, this particular...