Login

**cdiana** · (This post was last modified: 02-08-2018, 09:08 PM by cdiana.)

Hi Brian,

Attached is the report from Farber scan on the Dell Machine. Machine is running very slow.
.txt

Addition.txt (Size: 76.87 KB / Downloads: 738)
.txt

FRST.txt (Size: 123.61 KB / Downloads: 700)

**Compton** · 01-27-2018, 11:55 PM

Zemana AntiMalware

download and install Zemana AntiMalware

check for updates select on scan after the scan is completed
remove any malware that is found
select on reports
select open report select file save as
save the report
post the report on your next reply on the forum

**cdiana** · (This post was last modified: 01-28-2018, 06:31 AM by cdiana.)

(01-27-2018, 11:55 PM)Compton Wrote: Zemana AntiMalware

download and install Zemana AntiMalware

check for updates select on scan after the scan is completed

remove any malware that is found

select on reports

select open report select file save as

save the report

post the report on your next reply on the forum

Thank you Compton. Hopefully I will be able to run the program within a week or so when travel to the location where the machine is. I will then post the report. I appreciate all you guys help.

**GuiltySpark** · (This post was last modified: 01-28-2018, 10:44 AM by GuiltySpark.)

Just F.Y.I these are the main issues;

Quote:==================== Installed Programs ======================

DNS Unlocker version 1.4 (HKLM-x32\...\{E1527582-8509-4011-B922-29E3FB548882}_is1) (Version: 1.4 - ) <==== ATTENTION

Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION

MixiDJ V52 Toolbar for IE (HKLM-x32\...\IECT3298588) (Version: 6.17.2.8 - MixiDJ V52) <==== ATTENTION

Plus-HD-4.5 (HKLM-x32\...\Plus-HD-4.5) (Version: 1.31.153.0 - Plus HD) <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

Task: {1931B8E5-2C32-4CB0-B79F-3636FDD39A35} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {4781248D-89FB-4E33-9EBA-A9C54D4510AB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {58FACDB2-9F2A-4BA4-AEA1-D270178E6E79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {7A4CE3E3-F02E-41E0-8C43-21954A9043FD} - System32\Tasks\DNSLOCKINGTON => C:\Program Files (x86)\DNS Unlocker\dnslockington.exe <==== ATTENTION

Task: {86258BAA-1B36-4FDE-AD17-CA91EBEBB17B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {86DFF89E-D413-40FE-A4E2-FC1CA45A8A39} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION

Task: {93FFDD8D-3384-4F3A-815A-F6F485FA7237} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {959EACDA-1E67-4227-9DE9-0B14856853FF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {A2F592B5-CB7B-4FFB-B49F-5CDF9B4B3D60} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {B220C7BA-7161-4D02-8F9F-F66AEC2867F7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {B2BA4B56-B008-4EAC-8FFF-9844AF815AA9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {C1B277E6-3B5B-4A2A-8FB7-7A70ADC79B6B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {D1E43840-3F43-45B2-AB4C-4E74699F606E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {FE760AE5-12FC-41F5-9D5A-38DEF93BD863} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-chromeinstaller.exe/installcrx /agentregpath='Plus-HD-4.5' /extensionfilepath C:\Program Files (x86)\Plus-HD-4.5\39678.crx' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installerfullversion=1.31.153.0 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-codedownloader.exeÆ°/reinstallapp /agentregpath='Plus-HD-4.5' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installerfullversion=1.31.153.0 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /codedownloaddomain=hxxp:/app-static.crossrider.com <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-enabler.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-enabler.exeÆ…/enablebho /agentregpath='Plus-HD-4.5' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-firefoxinstaller.exe/installxpi /agentregpath='Plus-HD-4.5' /extensionfilepath C:\Program Files (x86)\Plus-HD-4.5\39678.xpi' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installerfullversion=1.31.153.0 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=a892fa08-2d07-49e8-adce-f650222629ca@82592752-c212-4885-b999-cb2a1d2f9d09.com /extensionversion=0.93 /prefsbranch=aa892fa082d0749e8adcef650222629ca82592752c2124885b999cb2a1d2f9d09com39678 /updateurl=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/39678.rdf <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-updater.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-updater.exeÇ¨/runupdater /agentregpath='Plus-HD-4.5' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /monetizationdomain=hxxp:/stats.syncstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.srvstatsdata.com <==== ATTENTION

The biggest worries are the DNS Unlockers.

*Edit: The big clue to Malware in this case is the spelling of "filed" - "failed", always keep an eye out for these often small discrepancies.

***Britec*** · 01-28-2018, 12:52 PM

When you come back from your trip let us know and we can help you.

**cdiana** · 02-02-2018, 01:23 AM

Hello All,

Per Compton's advice to scan system with Zemana Malware, attached please see report.

Thanks for all your help.

cdiana

**Compton** · (This post was last modified: 02-02-2018, 01:32 AM by Compton.)

looking much better how is the system working?

lots of malware have been remove

Please download [Image: adwcleane.png]

AdwCleaner (by Xplode) and save it to your Desktop

Right-click on AdwCleaner.exe and Run as administrator.
Click Scan. (AdwCleaner will now scan for Adware.)
Once scan finishes, click Clean, now follow the on screen prompts.
Your computer should now reboot.
A log file will automatically open. Please Copy and Paste when you replay in your next post.

Note: The log can also be found in here: C:\AdwCleaner\

**cdiana** · 02-02-2018, 09:06 AM

Hello Compton,

Attached is the log file from Adware Cleaner. In response to your question as to how is the system doing? Well, before I ran Adware, the 4 usb hubs were not functioning at all, but now they are. It's still running slow on start up though. Chrome is opening a bit faster.

Thanks
cdiana

**Compton** · (This post was last modified: 02-02-2018, 11:48 AM by Compton.)

HitmanPro

Please download HitmanPro.
Launch the program by double clicking on the icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).
Click on the next button. You must agree with the terms of EULA.
Check the box beside "No, I only want to perform a one-time scan to check this computer".
Click on the next button.
The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
Click on the next button.
Click on the "Export scan results to XML file".
Save that file to your desktop and post in your next reply.

I don't know if you have access to flash drive and a next computer but I would create

Kaspersky Rescue Disk 10 and run

How to record Kaspersky Rescue Disk 10 to a USB device and boot a computer from it

How to start a virus scan using Kaspersky Rescue Disk

**cdiana** · 02-03-2018, 06:01 AM

Hi Compton,

Regarding Hitman Pro scan. Don't know why this was challenging. I scanned it twice because the 1st time around, after scan was completed, I clicked on next and right away the program started to create a restore point and so I could not click on the drop-down menu, so I stopped and started a new scan. I just hope that nothing was deleted that shouldn't have. I do not see any where I can export the file as a XML. I do have a txt file that I tried to attach, but I get a message that says the file is not the right format(don't recall exactly -I had to leave)
Will create rescue disk as soon as. Thank you for all your help.

cdiana