Windows 8 and 8.1 Forums

i have hidden viruses in my computer

  1. #1

    i have hidden viruses in my computer

    i have a toshiba qosmio running windows 8.1
    A few days ago i started getting pop up add and search bar hijackers that i cant get rid of if i do another one pops up, i have windows defender which i quick scan every 2 day and deep scan every week, in the last two days it kept coming up with trojens, malware and adware which i delete and each time it gets worse, i switched my comp to safe mode and scanned it withoutwifi or bluebooth on and it cameup with the same plus a few extra things and a hidden search bar and addware which i removed.
    Switching over to normal mode slowly it came back with addware and its seriously slowing my computer i have ran hijack i will post the results for that
    so my question is can anyone see where the virus is or give me a list of file names im most likely to find and a way to erradicate them

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 7:17:53 PM, on 1/15/2016
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.9600.18123)

    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Stardock\ModernMix\MMIX_32.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZPDymsjBsKesWSsW73xOEouSiWjowAGc9It7P42gA2KQ6HH10KFNfNsHk1PT-eMTuKXSWmPUT8qy_7188V7XxwaUi2mvqKsxP_85AsSJeuzdBz2tBUkxnRxx125Z3O8LGrZ2A3CM3V4pdAjBqUiD7j0aQv_o-AvcaefPdOR1R3o,&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZPDymsjBsKesWSsW73xOEouSiWjowAGc9It7P42gA2KQ6HH10KFNfNsHk1PT-eMTuKXSWmPUT8qy_7188V7XxwaUi2mvqKsxP_85AsSJeuzdBz2tBUkxnRxx125Z3O8LGrZ2A3CM3V4pdAjBqUiD7j0aQv_o-AvcaefPdOR1R3o,&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZPDymsjBsKesWSsW73xOEouSiWjowAGc9It7P42gA2KQ6HH10KFNfNsHk1PT-eMTuKXSWmPUT8qy_7188V7XxwaUi2mvqKsxP_85AsSJeuzdBz2tBUkxnRxx125Z3O8LGrZ2A3CM3V4pdAjBqUiD7j0aQv_o-AvcaefPdOR1R3o,&q={searchTerms}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%...F5fxdotaWQnHRk,
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZPDymsjBsKesWSsW73xOEouSiWjowAGc9It7P42gA2KQ6HH10KFNfNsHk1PT-eMTuKXSWmPUT8qy_7188V7XxwaUi2mvqKsxP_85AsSJeuzdBz2tBUkxnRxx125Z3O8LGrZ2A3CM3V4pdAjBqUiD7j0aQv_o-AvcaefPdOR1R3o,&q={searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe" /start
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun
    O4 - HKCU\..\Run: [Steam] "C:\Users\Fran\Desktop\Steam\steam.exe" -silent
    O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\Fran\AppData\Local\Pay-By-Ads\Yahoo! Search\\dsrlte.exe
    O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_8797E65132DFED3DFFC4739AD58AC75C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Fran\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
    O4 - HKCU\..\Run: [apphide] C:\Program Files (x86)\baidu\ppt.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
    O20 - AppInit_DLLs: C:\ProgramData\caMyciloP\Lattough.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ApplicationHosting - Unknown owner - C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe
    O23 - Service: caMyciloP - Unknown owner - C:\ProgramData\\caMyciloP\\caMyciloP.exe (file missing)
    O23 - Service: Notification Store Card (cecurozuzbt) - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: cmdidx - Unknown owner - C:\Program Files\cmdidx\cmdidx.exe (file missing)
    O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
    O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Unknown owner - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Stardock ModernMix (ModernMix) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Net.Tcp Service Handler (NetTcpHandler) - Unknown owner - C:\Users\Fran\AppData\Roaming\NetService\netservice.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Designer Licensed (pupivyhi) - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: Underscore Poster (ryrojiry) - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: SSFK - Unknown owner - C:\Program Files (x86)\SFK\SSFK.exe (file missing)
    O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: Windows Net Proxy Auto Service (WinNetSvc) - Unknown owner - C:\Users\Fran\AppData\Roaming\WinNetSvc\WinNetSvc.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Free Space Decimal Point (wucotusy) - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Underscore Paragraph (xojihewy) - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Replicate Exit (zutuzuni) - Unknown owner - C:\Program.exe (file missing)

    End of file - 10840 bytes

      My System SpecsSystem Spec

  2. #2

    Posts : 660
    windows 8.1

    What antimalware/virus are you running to get rid of the malware/virusses.
    Use this free Malwarebytes
    Spybot free
    Hitman Pro free licentie 30 days HitmanPro 3 - SurfRight
      My System SpecsSystem Spec

  3. #3

    Austin TX metro area
    Posts : 640
    Windows 7 Pro 64bit [MS blue-disk set]

    Spybot 1.62 is a bit less invasive and resource-hungry than Spybot 2.
    Last edited by RolandJS; 16 Jan 2016 at 08:15.
      My System SpecsSystem Spec

  4. #4

    Your definitely going to need to run this along with HitmanPro linked above..

    Free Virus Scan | ESET Online Scanner | ESET

    run with these settings

    Click image for larger version
      My System SpecsSystem Spec

  5. #5

    Quote Originally Posted by RolandJS View Post
    Spybot 1.62 is a bit less invasive and resource-hungry than Spybot 2.
    That's true, and it's much more user friendly, but having said that......
    I have used Spybot S&D, ver 1.62 for years, and for the last week I've not been able to download any updates for it, on multiple PC's.
    With ver. 2.x being out for quite a while now, I just wonder if they are cutting off updates to ver. 1.62. ??? Makes one wonder!
    I don't like Spybot S&D 2.0. It's way to complicated for my older customers.

    Just last week, a friend could not get Windows Defender to start, after he had removed AVG 2016 FREE. He found that the solution to his problem was to UN-Install Spybot S&D ver. 1.62. Once that was gone and he rebooted his PC, Windows Defender came up and ran just fine.
    Just FWIW.

    Y'all have a great day now, Y'hear?

    Cheers Mates!
      My System SpecsSystem Spec

i have hidden viruses in my computer
Related Threads
Hello! I have the shortcut virus on a non-windows partition and wscript.exe suspecisous file. any help please?
Removing viruses can be fun in Chillout Room
Yeah I know I am wierd heh... Anybody else get a new type of virus (obviously before you find out how much hell it can be) and you are like "challenge accepted!" Maybe it's just a quirk of mine but removing them (I remove mine manually before I use a scanner if I can help it) seems kind of...
3 viruses detected in System Security
Hello all, I have 3 viruses detected on my last full PC scan which was moments ago. Viruses and Trojans Quarantined: Artemis!7F706C6E8821 ^ This code cannot be found on the Mcafee website. ^ This code was given when the scan was finished, this is the code for the trojan, virus I have? ...
Solved Hidden items stay hidden in General Support
I unchecked the Hidden Items but those items did show up in the system drive. What could be wrong?
Viruses & Windows 8 in System Security
Dear All, I have a question, can we trust Windows defender comes with Windows 8 as antivirus and other threats or we will need an additional antivirus software, because as I know there wasn't any security notifications appear in windows 8 when no any antivirus software installed in Windows 8, as...
Just asking.... Is it possible that windows 8 which is designed if i'm not mistaken to be virus proof... and so far i've been using windows 8 and i've found no i was wondering if the story i herd was that he can't delete a certain folder... because of a virus...but so far i wanted to...
Eight Forums Android App Eight Forums IOS App Follow us on Facebook