Logs are too long to post
REFER BACK TO:
http://forums.spybot.info/showthread...570#post455570
I've tried posting my logs to the forum but keep being told that they are too long... All I've done is copy and paste. Not sure if I'm missing something. The spacecount is currently 437561 characters after running the entire thing through Notepadd++ and removing all the whitespace... Any suggestions would be greatly appreciated.
Thanks
Frank
k, here's what came back...
Ken,
I didn't disclose it because i didn't even remember about it. I got it to play around with burp.suite. I think i used it but once about 1.5 months ago. as far as torrents, i didn't remember using a torrent downloader on this comp... but now that you've mentioned it i do recall getting some books around the same time as i was playing with burp.
anyway, this is what came back. I haven't actually applied any of the fixes. Pretty sure that's what you expected?
Thanks,
Frank
# AdwCleaner v3.216 - Report created 27/07/2014 at 00:48:43
# Updated 17/07/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : a - c
# Running from : C:\Users\a\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs
\Search.lnk
File Found : C:\WINDOWS\System32\Tasks\UpdaterEX
File Found : C:\WINDOWS\Tasks\UpdaterEX.job
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User
Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User
Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User
Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
Folder Found : C:\Users\a\AppData\Local\Google\Chrome\User Data
\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
Folder Found : C:\Users\a\AppData\Local\Google\Chrome\User Data
\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
Folder Found : C:\Users\a\AppData\Local\Google\Chrome\User Data
\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
Folder Found : C:\Users\a\AppData\LocalLow\Conduit
Folder Found : C:\Users\a\AppData\Roaming\DriverCure
Folder Found : C:\Users\a\AppData\Roaming\pdfforge
Folder Found : C:\Users\a\AppData\Roaming\UpdaterEX
Folder Found : C:\Users\bLtd\AppData\Local\Google
\Chrome\User Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
Folder Found : C:\Users\bLtd\AppData\Local\Google
\Chrome\User Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
Folder Found : C:\Users\bLtd\AppData\Local\Google
\Chrome\User Data\Default\Extensions\eiebcgmnpbbifoagcaobgelgnijgpaog
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions
\eiebcgmnpbbifoagcaobgelgnijgpaog
Key Found : HKCU\Software\Google\Chrome\Extensions
\eiebcgmnpbbifoagcaobgelgnijgpaog
Key Found : HKCU\Software\Google\Chrome\Extensions
\eiebcgmnpbbifoagcaobgelgnijgpaog
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings
\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\UpdaterEX
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\UpdaterEX
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions
\eiebcgmnpbbifoagcaobgelgnijgpaog
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions
\eiebcgmnpbbifoagcaobgelgnijgpaog
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions
\eiebcgmnpbbifoagcaobgelgnijgpaog
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\Software\Uniblue
Key Found : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout
\ConduitToolbar
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer
\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer
\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v30.0 (en-US)
[ File : C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles
\na5z5xw6.default\prefs.js ]
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data
\Default\preferences ]
Found [Extension] : eiebcgmnpbbifoagcaobgelgnijgpaog
[ File : C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default
\preferences ]
[ File : C:\Users\a\AppData\Local\Google\Chrome\User Data\Default
\preferences ]
Found [Extension] : eiebcgmnpbbifoagcaobgelgnijgpaog
[ File : C:\Users\a\AppData\Local\Google\Chrome\User Data\Default
\preferences ]
[ File : C:\Users\bLtd\AppData\Local\Google\Chrome\User
Data\Default\preferences ]
Found [Extension] : eiebcgmnpbbifoagcaobgelgnijgpaog
[ File : C:\Users\VIRTUAL\AppData\Local\Google\Chrome\User Data\Default
\preferences ]
*************************
AdwCleaner[R0].txt - [4609 octets] - [27/07/2014 00:48:44]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4669 octets]
##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by a on Sun 07/27/2014 at 0:52:38.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{4DABDDBA-3607-487A-BF21-92E49C647822}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
~~~ Files
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\a\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\a\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\a\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{09A183F0-3A66-4344-B4ED-85722C6111F1}
Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{17C49671-D795-4883-AA65-AD4F28821BFE}
Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{275EDE2D-F86B-43AD-9302-75B72B2A02CA}
Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{3A012331-A6C8-43A4-B9E7-9D5C7A16D5F1}
Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{49D80A72-B5D4-47CC-9F67-396A80DB13EC}
Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{9E680478-E665-41C5-B8F0-8AF3BEB18E91}
Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{9F327ACA-0073-483B-A98B-D32032EC3A2B}
Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{CF99848C-F99F-4AEB-B59D-C9B7B1F9DF5A}
Successfully deleted: [Empty Folder] C:\Users\a\appdata\local\{D434EB7D-DCD8-4073-AFCA-E6412C77FB05}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 07/27/2014 at 0:57:43.92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 7/27/2014
Scan Time: 12:59:08 AM
Logfile:
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.27.04
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: a
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 583762
Time Elapsed: 24 min, 40 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-3935980490-2378437961-526367122-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [f38d8f15ea91fb3b0aeda142887a2bd5],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 1
PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc, , [07791a8ad4a794a23b7d8e3819e9e31d],
Files: 11
PUP.Optional.InstalleRex, C:\$Recycle.Bin\S-1-5-21-3935980490-2378437961-526367122-1059\$R3IRTAX.exe, , [7f01475d562537ff158f2267a061ca36],
PUP.Optional.Softonic.A, C:\Users\a\Downloads\SoftonicDownloader_for_surgeon-simulator-2013.exe, , [6d13cada99e268ce9956d55337cadb25],
PUP.Optional.Softonic.A, C:\Users\a\Downloads\SoftonicDownloader_for_visual-basic (1).exe, , [730debb9611a7bbb9956b27643beb947],
PUP.Optional.Softonic.A, C:\Users\a\Downloads\SoftonicDownloader_for_visual-basic.exe, , [3947c4e02556e05643acc95ff50c41bf],
PUP.Optional.OutBrowse, C:\Users\bLtd\Downloads\setup (1).exe, , [136dddc7136813236ee53f5c8c758977],
PUP.Optional.Softonic.A, C:\Users\bLtd\Downloads\SoftonicDownloader_for_abcaus-excel-accounting-template.exe, , [85fbfea62f4cc274a24d40e8d62b06fa],
PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\config.dat, , [07791a8ad4a794a23b7d8e3819e9e31d],
PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\info.dat, , [07791a8ad4a794a23b7d8e3819e9e31d],
PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\prod.dat, , [07791a8ad4a794a23b7d8e3819e9e31d],
PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\STTL.DAT, , [07791a8ad4a794a23b7d8e3819e9e31d],
PUP.Optional.Updater.A, C:\Users\a\AppData\Roaming\UpdaterEX\UpdateProc\TTL.DAT, , [07791a8ad4a794a23b7d8e3819e9e31d],
Physical Sectors: 0
(No malicious items detected)
(end)