Britec Tech Support Forum

Britec Tech Support Forum > Computer Software > Software Repairs and Troubleshooting > Follow up Load Language Filed-Farber Scan report
Full Version: Follow up Load Language Filed-Farber Scan report
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4 5

cdiana

01-27-2018, 09:46 PM
Hi Brian,

Attached is the report from Farber scan on the Dell Machine. Machine is running very slow.[attachment=3280][attachment=3279]

Compton

01-27-2018, 11:55 PM
[Image: icon1449155872.png]Zemana AntiMalware

download and install Zemana AntiMalware
  • check for updates select on scan [Image: 2fSZJuQ]  after the scan is completed
  • remove any malware that is found
  • select on  reports [Image: 2gOiKD6]
  • select open report select file save as
  • save the report
  • post the report on your next reply on the   forum

cdiana

01-28-2018, 06:21 AM
(01-27-2018, 11:55 PM)Compton Wrote: [ -> ][Image: icon1449155872.png]Zemana AntiMalware

download and install Zemana AntiMalware

  • check for updates select on scan [Image: 2fSZJuQ]  after the scan is completed
  • remove any malware that is found
  • select on  reports [Image: 2gOiKD6]
  • select open report select file save as
  • save the report
  • post the report on your next reply on the   forum

Thank you Compton. Hopefully I will be able to run the program within a week or so when travel to the location where the machine is. I will then post the report. I appreciate all you guys help.

GuiltySpark

01-28-2018, 10:40 AM
Just F.Y.I these are the main issues;

Quote:==================== Installed Programs ======================


DNS Unlocker version 1.4 (HKLM-x32\...\{E1527582-8509-4011-B922-29E3FB548882}_is1) (Version: 1.4 - ) <==== ATTENTION

Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - ) <==== ATTENTION

MixiDJ V52 Toolbar for IE (HKLM-x32\...\IECT3298588) (Version: 6.17.2.8 - MixiDJ V52) <==== ATTENTION

Plus-HD-4.5 (HKLM-x32\...\Plus-HD-4.5) (Version: 1.31.153.0 - Plus HD) <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

Task: {1931B8E5-2C32-4CB0-B79F-3636FDD39A35} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {4781248D-89FB-4E33-9EBA-A9C54D4510AB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {58FACDB2-9F2A-4BA4-AEA1-D270178E6E79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {7A4CE3E3-F02E-41E0-8C43-21954A9043FD} - System32\Tasks\DNSLOCKINGTON => C:\Program Files (x86)\DNS Unlocker\dnslockington.exe <==== ATTENTION

Task: {86258BAA-1B36-4FDE-AD17-CA91EBEBB17B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {86DFF89E-D413-40FE-A4E2-FC1CA45A8A39} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION

Task: {93FFDD8D-3384-4F3A-815A-F6F485FA7237} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {959EACDA-1E67-4227-9DE9-0B14856853FF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {A2F592B5-CB7B-4FFB-B49F-5CDF9B4B3D60} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {B220C7BA-7161-4D02-8F9F-F66AEC2867F7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {B2BA4B56-B008-4EAC-8FFF-9844AF815AA9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {C1B277E6-3B5B-4A2A-8FB7-7A70ADC79B6B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {D1E43840-3F43-45B2-AB4C-4E74699F606E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {FE760AE5-12FC-41F5-9D5A-38DEF93BD863} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-chromeinstaller.exe/installcrx /agentregpath='Plus-HD-4.5' /extensionfilepath C:\Program Files (x86)\Plus-HD-4.5\39678.crx' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installerfullversion=1.31.153.0 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-codedownloader.exeÆ°/reinstallapp /agentregpath='Plus-HD-4.5' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installerfullversion=1.31.153.0 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /codedownloaddomain=hxxp:/app-static.crossrider.com <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-enabler.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-enabler.exeÆ…/enablebho /agentregpath='Plus-HD-4.5' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-firefoxinstaller.exe/installxpi /agentregpath='Plus-HD-4.5' /extensionfilepath C:\Program Files (x86)\Plus-HD-4.5\39678.xpi' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installerfullversion=1.31.153.0 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=a892fa08-2d07-49e8-adce-f650222629ca@82592752-c212-4885-b999-cb2a1d2f9d09.com /extensionversion=0.93 /prefsbranch=aa892fa082d0749e8adcef650222629ca82592752c2124885b999cb2a1d2f9d09com​39678 /updateurl=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/39678.rdf <==== ATTENTION

Task: C:\WINDOWS\Tasks\Plus-HD-4.5-updater.job => C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-updater.exeǨ/runupdater /agentregpath='Plus-HD-4.5' /appid=39678 /srcid='000739' /subid='0' /zdata='0' /bic=789BC73E353345CD8E5048F6CCBBEA1BIE /verifier=d320b4d2c50f5f5a658f91da85d95019 /installerversion=1_31_153 /installationtime=1386037918 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /monetizationdomain=hxxp:/stats.syncstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.srvstatsdata.com <==== ATTENTION

The biggest worries are the DNS Unlockers.

*Edit: The big clue to Malware in this case is the spelling of "filed" - "failed", always keep an eye out for these often small discrepancies.

Britec

01-28-2018, 12:52 PM
When you come back from your trip let us know and we can help you.

cdiana

02-02-2018, 01:23 AM
Hello All,

Per Compton's advice to scan system with Zemana Malware, attached please see report.


Thanks for all your help.

cdiana

Compton

02-02-2018, 01:31 AM
looking much better how is the system working?

lots of malware have been remove


Please download [Image: adwcleane.png] AdwCleaner (by Xplode) and save it to your Desktop

  • Right-click on AdwCleaner.exe and Run as administrator
  • Click Scan. (AdwCleaner will now scan for Adware.)

  • Once scan finishes, click Clean, now follow the on screen prompts.

  • Your computer should now reboot.

  • A log file will automatically open. Please Copy and Paste when you replay in your next post.


Note: The log can also be found in here: C:\AdwCleaner\

cdiana

02-02-2018, 09:06 AM
Hello Compton,

Attached is the log file from Adware Cleaner.  In response to your question as to how is the system doing?  Well, before I ran Adware, the 4 usb hubs were not functioning at all, but now they are.  It's still running slow on start up though. Chrome is opening a bit faster.  

Thanks
cdiana

Compton

02-02-2018, 11:24 AM
[Image: hitmanpro.png]HitmanPro


  • Please download HitmanPro.
  • Launch the program by double clicking on the icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).
  • Click on the next button. You must agree with the terms of EULA.
  • Check the box beside "No, I only want to perform a one-time scan to check this computer".
  • Click on the next button.
  • The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
  • When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
  • Click on the next button.
  • Click on the "Export scan results to XML file".
  • Save that file to your desktop and post in your next reply.




I don't know if you have access to flash drive and a next computer but I would create

Kaspersky Rescue Disk 10 and run

How to record Kaspersky Rescue Disk 10 to a USB device and boot a computer from it

How to start a virus scan using Kaspersky Rescue Disk




cdiana

02-03-2018, 06:01 AM
Hi Compton,

Regarding Hitman Pro scan. Don't know why this was challenging. I scanned it twice because the 1st time around, after scan was completed, I clicked on next and right away the program started to create a restore point and so I could not click on the drop-down menu, so I stopped and started a new scan. I just hope that nothing was deleted that shouldn't have. I do not see any where I can export the file as a XML. I do have a txt file that I tried to attach, but I get a message that says the file is not the right format(don't recall exactly -I had to leave)
Will create rescue disk as soon as. Thank you for all your help.

cdiana
Pages: 1 2 3 4 5
Britec Tech Support Forum > Computer Software > Software Repairs and Troubleshooting > Follow up Load Language Filed-Farber Scan report