I just deleted the folder '0D0S1L2Z1P1B' and all its contents and then emptied Recycle Bin.
contents of '0D0S1L2Z1P1B':
1 folder: 'Zip Extractor Packages'
1 file: 'uninstaller.exe' (located in...
Type: Posts; User: JD the DJ; Keyword(s):
I just deleted the folder '0D0S1L2Z1P1B' and all its contents and then emptied Recycle Bin.
contents of '0D0S1L2Z1P1B':
1 folder: 'Zip Extractor Packages'
1 file: 'uninstaller.exe' (located in...
Your help is greatly appreciated.
Thanks again!
OTL log file
All processes killed
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry key...
A popup appears with mostly a blank page
upper left a title : 'Uninstall Manager'
upper right : an 'x' button
lower left: blue highlighted text that can be clicked 'Remove this program from...
It won't do the folder, seemed to default to the only file in that folder.
https://www.virustotal.com/en/file/248482662fe9874fd0b8a20802861a7a531c1a63cc8b5660e1e2f29de8f1ba70/analysis/1385729989/
Below is the log file for SystemLook for: Zip Extractor Packages
I could not find a file on the desktop called 'iminent'
Although, I know Iminent was one of the many unwanted items on desktop...
SystemLook.txt
SystemLook 30.07.11 by jpshortstuff
Log created at 16:59 on 28/11/2013 by Dana
Administrator - Elevation successful
========== filefind ==========
Searching for "Zip Extractor...
'C:\Program Files\Uninstaller\Uninstall.exe' , the file and its folder, are gone.
And is not in list of programs to Remove in 'Programs and Features'.
'Zip Extractor Packages' is still in list...
It was in the list in 'Programs and Features'
clicked 'Uninstall/Change' and it disappeared from list.
While in 'Programs and Features' , i saw another suspicious program. 'Zip Extractor...
Ya, I think it's iffy (at best)
November 9th was when the desktop was obviously infected.
There does not appear to be a program on desktop for this program to uninstall.
The Digital Signature...
Happy Thanksgiving!
purged the files in Spybot's Recovery
ran a scan on VirusTotal for:
C:\Program Files\Uninstaller\Uninstall.exe
...
ran ESET
aborted run, when it got to files in C:\ProgramData\WildTangent\GameInstalls\
(it took over 1 hour for ESET to scan 2 files)
deleted 28 files (~5 GB)
While navigating to the folder I saw...
It was actually the lower-case 'u' ( update.exe )
Hewlett-Packard\HP PrecisionScan\PrecisionScan\update.exe
The desktop seems to be running great. I have not noticed anything else that is of...
SystemLook 30.07.11 by jpshortstuff
Log created at 15:42 on 27/11/2013 by Dana
Administrator - Elevation successful
========== filefind ==========
Searching for "Update.exe"
C:\Program Files...
Great!
Just get a 'User Account Control' popup on startup
Program: Update.exe
Publisher: Unknown
I think it is to run the SuperAntiSpyware popup notification that appears in lower right on...
11272013_134905
All processes killed
========== OTL ==========
C:\Windows\SysNative\drivers\etc\hosts.20131111-183805.backup moved successfully.
========== SERVICES/DRIVERS ==========...
EXTRAS.txt
OTL Extras logfile created on: 11/27/2013 12:44:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dana\Desktop
64bit- Home Premium Edition Service Pack 1 (Version...
OTL.txt (part 2 of 2)
========== Files - Modified Within 30 Days ==========
[2013/11/27 12:42:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dana\Desktop\OTL.exe
[2013/11/27...
OTL.txt file (part 1 of 2)
OTL logfile created on: 11/27/2013 12:44:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dana\Desktop
64bit- Home Premium Edition Service Pack 1...
The start pages of all 3 browsers (Chrome, IE and FF) do not use that page now (THANKS! :) )
Restarted desktop to be sure it didn't come back (had to wait for many updates to download and install)...
already had MBAM on desktop, but downloaded MBAM from link you provided
Installed, Updated, Ran 'Quick Scan'
MBAM log file
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
...
Line Deleted : user_pref("CT3015261.globalFirstTimeInfoLastCheckTime", "Sun Jul 08 2012 20:32:06 GMT-0600 (Mountain Daylight Time)");
Line Deleted :...
Started desktop in 'Safe Mode with Networking', ran AdwCleaner 'Scan', however, clicking 'Clean' did not work.
Restarted desktop in Normal mode, ran AdwCleaner 'Scan', clicked 'Clean', it worked.
...
Line Found : user_pref("CT3015261.testingCtid", "");
Line Found : user_pref("CT3015261.toolbarAppMetaDataLastCheckTime", "Fri Oct 18 2013 10:58:08 GMT-0600 (Mountain Standard Time)");
Line Found :...
Thanks for helping!
Started desktop in 'Safe Mode with Networking'
Downloaded AdwCleaner (right clicked and 'Ran as Admin..' )
Clicked 'Scan'
Clicked 'Report' (although Notepad did not...
This malware was unable to be removed by MBAM, Spybot or SAS.
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2
Run by Dana at...
Looking good.
Except for the same 5 MS updates that keep getting installed every time I shut PC down (KB982524, KB983583, KB2418241, KB982168, KB979909)
TeaTimer reset went well.
Pasted below are:
1) CFScript log
2) DDS log
CFScript log...
1) Was unable to remove Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
None of the programs listed it (Add/Remove ; Revo ; Spybot; or, CCleaner)
2) Downloaded Firefox 3.6.13 setup;...
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6419
#...
1) No, it is my old PC. Currently, I only use it for DJ gigs.
2) I will start the ESET scan process tonight and post log tomorrow,
Also, since the run of ComboFix finished (~9 hours ago), no...
1) I'm sorry, I do not know what your question is about my computer. (Unless it was the question from your earlier post about the Attach.txt file from the DDS scan. Since the answer was "Yes", I...
Here is the Rootkit Unhooker log Report
---------------------------------------------------
RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows...
- Ran Script on good machine
- Attach.txt is below
- Last MBAM log of a Full Scan of Drive C: is below
- Will close all programs and start on Rootkit Unhooker and post that soon
(Am posting...
OK, USBNoRisk installed on good machine.
Only connected 1 USB device (4GB)
---------------------------------------------------------------
USBNoRisk 2.7 (28 December 2010) by bobby
Started...
OK.
Btw, I was unable to post to this forum using the infected PC.
Last week, after scanning and removal of malware acquired a few days earlier (with MBAM and Spybot S&D), and neither program was identifying any more threats, I performed a "final" scan using MBAM...
OS: Windows XP SP3
Windows Firewall
The PC in question was infected with several viruses.
Used Spybot, MBAM, SuperAntiSpyware and online scans.
However now, in Normal Mode, IE8, Firefox 3 and...