i have hidden viruses in my computer

frane79

New Member
Messages
1
Location
nz
i have a toshiba qosmio running windows 8.1
A few days ago i started getting pop up add and search bar hijackers that i cant get rid of if i do another one pops up, i have windows defender which i quick scan every 2 day and deep scan every week, in the last two days it kept coming up with trojens, malware and adware which i delete and each time it gets worse, i switched my comp to safe mode and scanned it withoutwifi or bluebooth on and it cameup with the same plus a few extra things and a hidden search bar and addware which i removed.
Switching over to normal mode slowly it came back with addware and its seriously slowing my computer i have ran hijack i will post the results for that
so my question is can anyone see where the virus is or give me a list of file names im most likely to find and a way to erradicate them

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 7:17:53 PM, on 1/15/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)




Boot mode: Normal


Running processes:
C:\Program Files (x86)\Stardock\ModernMix\MMIX_32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Fran\Downloads\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZPDymsjBsKesWSsW73xOEouSiWjowAGc9It7P42gA2KQ6HH10KFNfNsHk1PT-eMTuKXSWmPUT8qy_7188V7XxwaUi2mvqKsxP_85AsSJeuzdBz2tBUkxnRxx125Z3O8LGrZ2A3CM3V4pdAjBqUiD7j0aQv_o-AvcaefPdOR1R3o,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZPDymsjBsKesWSsW73xOEouSiWjowAGc9It7P42gA2KQ6HH10KFNfNsHk1PT-eMTuKXSWmPUT8qy_7188V7XxwaUi2mvqKsxP_85AsSJeuzdBz2tBUkxnRxx125Z3O8LGrZ2A3CM3V4pdAjBqUiD7j0aQv_o-AvcaefPdOR1R3o,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZPDymsjBsKesWSsW73xOEouSiWjowAGc9It7P42gA2KQ6HH10KFNfNsHk1PT-eMTuKXSWmPUT8qy_7188V7XxwaUi2mvqKsxP_85AsSJeuzdBz2tBUkxnRxx125Z3O8LGrZ2A3CM3V4pdAjBqUiD7j0aQv_o-AvcaefPdOR1R3o,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?p=mKO_AwFzX...tVWEVRrn4IzJ-vnCOt-TMKfAAhv6lGtF5fxdotaWQnHRk,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv6&uid=785YT1B1T_TOSHIBAMK2049GSY&tm=1448854979
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZPDymsjBsKesWSsW73xOEouSiWjowAGc9It7P42gA2KQ6HH10KFNfNsHk1PT-eMTuKXSWmPUT8qy_7188V7XxwaUi2mvqKsxP_85AsSJeuzdBz2tBUkxnRxx125Z3O8LGrZ2A3CM3V4pdAjBqUiD7j0aQv_o-AvcaefPdOR1R3o,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Users\Fran\Desktop\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\Fran\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_8797E65132DFED3DFFC4739AD58AC75C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Fran\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [apphide] C:\Program Files (x86)\baidu\ppt.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O20 - AppInit_DLLs: C:\ProgramData\caMyciloP\Lattough.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ApplicationHosting - Unknown owner - C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe
O23 - Service: caMyciloP - Unknown owner - C:\ProgramData\\caMyciloP\\caMyciloP.exe (file missing)
O23 - Service: Notification Store Card (cecurozuzbt) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: cmdidx - Unknown owner - C:\Program Files\cmdidx\cmdidx.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Unknown owner - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Stardock ModernMix (ModernMix) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Net.Tcp Service Handler (NetTcpHandler) - Unknown owner - C:\Users\Fran\AppData\Roaming\NetService\netservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Designer Licensed (pupivyhi) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Underscore Poster (ryrojiry) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SSFK - Unknown owner - C:\Program Files (x86)\SFK\SSFK.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Windows Net Proxy Auto Service (WinNetSvc) - Unknown owner - C:\Users\Fran\AppData\Roaming\WinNetSvc\WinNetSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Free Space Decimal Point (wucotusy) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Underscore Paragraph (xojihewy) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Replicate Exit (zutuzuni) - Unknown owner - C:\Program.exe (file missing)


--
End of file - 10840 bytes
 

My Computer

System One

  • OS
    8.1

My Computer

System One

  • OS
    windows 8.1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    self build
    CPU
    Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
    Motherboard
    Asrock P55 Pro
    Memory
    DDR3 Team--Elite-1333 8 gb
    Graphics Card(s)
    Sapphire R9 280x
    Sound Card
    Realtek Alc 855
    Monitor(s) Displays
    Acer V233H
    Screen Resolution
    1920 x 1020
    Hard Drives
    Samsung evo 850 SSd
    Seagate ST 320 gb
    Samsung HD 750 gb
    Seagate ST 3000gb
    PSU
    OCZ Stealth 600 watt
    Case
    Antec 300
    Mouse
    Speedlink Ledos and Nexus
Spybot 1.62 is a bit less invasive and resource-hungry than Spybot 2.
 
Last edited:

My Computer

System One

  • OS
    Windows 7 Pro 64bit [MS blue-disk set]
    Computer type
    PC/Desktop
    System Manufacturer/Model
    2 Acers & 1 Antec[?]
    CPU
    i7 in 2 Acers, i5 in desktop
    Motherboard
    Desktop w/Gigabyte
    Memory
    Two w/16GB, 1 w/8GB
    Graphics Card(s)
    Laptops GameWorthy; Desktop maybe GameWorthy
    Monitor(s) Displays
    flatscreens; 2 are BluRay worthy
    Screen Resolution
    1368x768; 1600x900
    Hard Drives
    1TB internals; 2 ext usb WD 1TB HDs
    PSU
    what's PSU?
    Cooling
    Regular plus external fans
    Keyboard
    desktio w/PS2
    Mouse
    desktop w/PS2
    Internet Speed
    DSL middle level [160?]
    Browser
    from Netscape 0.9 to FF 36
    Antivirus
    well-balanced, well-configured mult-layered defense is best
    Other Info
    From MS-DOS 3.3, MS-DOS 6.22, from Windows 3.1 to WFW 3.11 to Windows 95-98SE, now to Windows 7 Pro.
    Security for now: Windows 7 Firewall, Emsisoft AM, MSE [scan-only], SpywareBlaster, Ruiware/BillP combine
Your definitely going to need to run this along with HitmanPro linked above..

Free Virus Scan | ESET Online Scanner | ESET


run with these settings


esetscannner.JPG
 

My Computer

System One

  • OS
    windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Lenovo g750
    CPU
    i5
    Motherboard
    Some Chinese Crap..
    Memory
    8
    Graphics Card(s)
    Nvidia 755
    Antivirus
    Windows Defender
Spybot 1.62 is a bit less invasive and resource-hungry than Spybot 2.

That's true, and it's much more user friendly, but having said that......
I have used Spybot S&D, ver 1.62 for years, and for the last week I've not been able to download any updates for it, on multiple PC's.
With ver. 2.x being out for quite a while now, I just wonder if they are cutting off updates to ver. 1.62. ??? Makes one wonder!
I don't like Spybot S&D 2.0. It's way to complicated for my older customers.

Just last week, a friend could not get Windows Defender to start, after he had removed AVG 2016 FREE. He found that the solution to his problem was to UN-Install Spybot S&D ver. 1.62. Once that was gone and he rebooted his PC, Windows Defender came up and ran just fine.
Just FWIW.

Y'all have a great day now, Y'hear?

Cheers Mates!
TechnoMage :cool:
 

My Computer

System One

  • OS
    Win-8.1/Pro/64
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Acer X-1200
    CPU
    AMD 2 Core
    Motherboard
    Acer
    Memory
    Crucial, 4GB
    Graphics Card(s)
    NVIDEA GeForce 9200
    Sound Card
    On Board
    Monitor(s) Displays
    24" Acer
    Hard Drives
    Sandisk, SSD 500GB
    PSU
    Acer
    Case
    SFF Slimline
    Keyboard
    emachines 101 key
    Mouse
    Logitech Wireless
    Internet Speed
    5 Meg
    Browser
    Firefox
    Antivirus
    Windows Defender
    Other Info
    Using Classic Shell on Win-8.1 /pro/64
Back
Top