So I had a virus on my computer for a bit and it decided to attack one day, it was about 20 days ago, I used multiple anti-viruses and other software of the kind. (Including: MalwareBytes, Unhackme and hitmanpro), all other malware was easy to destroy but this one virus was quite difficult to destroyed it is the: Netengine.exe I removed it 2 times with unhackme and when I decided, today, to do another scan(I just scan at random times for no reason)
I found that: Netengine.exe was back and I removed it with unhackme
And Malware bytes found 4 other things inside of the temp files.
To the light of the fact I didn't clean my temp files I found this forum and downloaded the following: () and Started theses up.
Logs for all of the things is below the security check was done after ALL that.
Now the current anti viruses I have are... well the default windows defender and Malwarebytes, at one point I got AVG but it's crap and was destroyed in one attack I think(Or was just corrupted by an update it tried to do to itself).
But I have A WHOLE LOT of anti-viruses wares, also including a key to boot up the PC if it can no longer boot itself up.
All the softwares are on my computer and on an USB Key I decided to call "The Destroyer"... cuz it sounds cool(And cheesy!) and I can get rid of most viruses with it.
So what I'm asking currently is: If I can get a little diagnosis on if my computer safe atm based on the current logs provided.(Excluding Java I am updating it now) If you need more info feel free to ask!(Since it's for mah safety!)
(I will now also provide the Logs of earlier attacks on my computer)
This is the log for the Security Check: (To the light of the Out-of date message I will now update my JAVA.)
Results of screen317's Security Check version 1.002
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader XI
Google Chrome (42.0.2311.135)
Google Chrome (42.0.2311.152)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Malwarebytes Anti-Malware mbam.exe
Christopher Desktop fighting viruses SecurityCheck.exe
Windows Defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
This is the log for Malwarebytes 4 detections:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 2015-05-19
Scan Time: 5:25:39 AM
Logfile:
Administrator: Yes
Version: 2.01.6.1022
Malware Database: v2015.05.19.01
Rootkit Database: v2015.05.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Christopher
Scan Type: Custom Scan
Result: Cancelled
Objects Scanned: 880215
Time Elapsed: 10 hr, 1 min, 48 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 4
PUP.Optional.Tuto4PC.A, C:\Users\Christopher\AppData\Local\Temp\setup_gmsd_ca.exe, Quarantined, [324b197c404a2e08376d3b2145c1bc44],
PUP.Optional.Goobzo.SIDA, C:\Users\Christopher\AppData\Local\Temp\tu17p84.exe, Quarantined, [97e60095eaa030062e6eb9a37294be42],
PUP.Optional.Somoto.SID.A, C:\Users\Christopher\AppData\Local\Temp\nswCC94.tmp, Quarantined, [5c21d2c3503a0c2a9de746168e782ed2],
PUP.Optional.Goobzo.SIDA, C:\Users\Christopher\AppData\Local\Temp\Install_15840\ins_smk.exe, Quarantined, [0974c8cd6e1c7cba742878e47b8b817f],
Physical Sectors: 0
(No malicious items detected)
(end)
THIS IS THE JUNKWARE REMOVAL LOG
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.4 (05.19.2015:1)
OS: Windows 8.1 x64
Ran by Christopher on 2015-05-19 at 15:33:24.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1121267219-1145382535-3596252993-1001
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1121267219-1145382535-3596252993-1004
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1121267219-1145382535-3596252993-500
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
~~~ Files
Successfully deleted: [File] C:\end
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_lyrics.wikia.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_lyrics.wikia.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_st.chatango.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_st.chatango.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_static.audienceinsights.net_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal
~~~ Folders
Successfully deleted: [Folder] C:\WINDOWS\syswow64\ai_recyclebin
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Christopher\appdata\local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-05-19 at 15:40:35.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
OLDER LOGS ABOUT THE TIME I GOT ATTACKED ABOUT A MONTH AGO:
MALWAREBYTES: (REMOVED UNNECESSARY INFO)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 2015-04-22
Scan Time: 3:38:33 AM
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.22.01
Rootkit Database: v2015.04.21.01
License: Free
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 1664320
Time Elapsed: 15 hr, 38 min, 34 sec
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 5
RiskWare.Tool.CK, C:\Program Files (x86)\Ubisoft\Heroes of the Pacific\cracktro.exe, Quarantined, [ee4ced8278123df97bc0245e4fb18e72],
PUP.Optional.CrossRider, C:\Users\Christopher\AppData\Local\Microsoft\Windows\INetCache\IE\0F2431SK\ setup[1].exe, Quarantined, [0c2e4926c7c32313bf3c12d0ae5347b9],
PUP.Optional.Somoto.A, C:\Users\Christopher\AppData\Local\Temp\appshat_generic.exe, Quarantined, [1822f7786e1cdb5b4c230d1752aea65a],
PUP.Optional.BreakingNewsAlert.A, C:\Users\Christopher\AppData\Local\Temp\Setup.exe, Quarantined, [300a2a453654fe38e719db8e6f9127d9],
PUP.Optional.Somoto, C:\Users\Christopher\AppData\Local\Temp\bitool.dll, Quarantined, [c07af57ac3c70036bf88cd9e936f32ce],
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 2015-04-21
Scan Time: 1:51:33 PM
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.21.05
Rootkit Database: v2015.04.20.01
License: Free
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 556325
Time Elapsed: 10 min, 52 sec
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 4
PUP.Optional.Goobzo, C:\Program Files\Common Files\Goobzo, Delete-on-Reboot, [2217640b1377c6709d335256ac579d63],
PUP.Optional.Goobzo, c:\program files\common files\goobzo\gbupdateplus, Quarantined, [2217640b1377c6709d335256ac579d63],
PUP.Optional.GamesDesktop.A, c:\users\christopher\appdata\local\gmsd_ca_404, Quarantined, [31088de2a6e4979fc438773cbb48a858],
PUP.Optional.GamesDesktop.A, c:\program files (x86)\gmsd_ca_404, Quarantined, [e851640b6d1d0e2815e8a50e0102af51],
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 2015-04-21
Scan Time: 1:33:16 PM
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.21.05
Rootkit Database: v2015.04.20.01
License: Free
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 552926
Time Elapsed: 3 min, 52 sec
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 10
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\25286, Quarantined, [0f2aaac51674dd592b2e9d6739cb4bb5],
PUP.Optional.AppLid.A, HKLM\SOFTWARE\WOW6432NODE\App Lid, Quarantined, [96a35718f7933204214cd900719241bf],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [e75239361a70e0565d47467ad72c3ac6],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\25286, Quarantined, [95a4224dc7c346f07adfd034030108f8],
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, Quarantined, [a39656196921f343b83cbd93de27f20e],
PUP.Optional.SearchModule.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SMUPDPLUS, Quarantined, [80b989e6256537ffd0883499fc0725db],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1121267219-1145382535-3596252993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [4ced442b0981dd598677d366ce37a55b],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-1121267219-1145382535-3596252993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [2d0cdd92652594a2884d53ef4bba12ee],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1121267219-1145382535-3596252993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\25286, Quarantined, [70c91b54048648eec8f6538e14ef3cc4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1121267219-1145382535-3596252993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Lid, Quarantined, [70c92748494172c41f51578206fdf60a],
Registry Values: 2
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, 96A2792B-7020-4941-937D-C6959D57E272, Quarantined, [a39656196921f343b83cbd93de27f20e]
PUP.Optional.SearchModule.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SMUPDPLUS|ImagePath, C:\Program Files\Common Files\Goobzo\GBUpdatePlus\smu.exe /service, Quarantined, [80b989e6256537ffd0883499fc0725db]
Registry Data: 0
(No malicious items detected)
Folders: 6
PUP.Optional.BrowserHelper.A, C:\Users\Christopher\AppData\Local\BrowserHelper, Quarantined, [3ffa185794f65ed841ebbb07689b0ef2],
PUP.Optional.Goobzo, C:\Program Files\Common Files\Goobzo, Delete-on-Reboot, [43f6d897e3a753e3329e3f69986b31cf],
PUP.Optional.Goobzo, c:\program files\common files\goobzo\gbupdateplus, Quarantined, [43f6d897e3a753e3329e3f69986b31cf],
PUP.Optional.GamesDesktop.A, c:\users\christopher\appdata\local\gmsd_ca_404, Quarantined, [8bae7af536542b0b20dc63506e9504fc],
PUP.Optional.GamesDesktop.A, c:\program files (x86)\gmsd_ca_404, Quarantined, [d66395da127890a616e7149fd132b44c],
PUP.Optional.SearchModulePlus.A, C:\ProgramData\SearchModulePlus, Quarantined, [a198f37cdfab9a9c44ce9b25986b36ca],
Files: 2
PUP.Optional.BrowserHelper.A, C:\Users\Christopher\AppData\Local\BrowserHelper\BrowserHelperBk.txt, Quarantined, [3ffa185794f65ed841ebbb07689b0ef2],
PUP.Optional.BrowserHelper.A, C:\Users\Christopher\AppData\Local\BrowserHelper\BrowserHelper.txt, Quarantined, [3ffa185794f65ed841ebbb07689b0ef2],
Physical Sectors: 0
(No malicious items detected)
(end)
ACTUALLY MOST OF THESES CONSIST OF THE SAME RESULTS, I JUST POSTED IT SO YOU CAN SEE WHAT ATTACKED MY SYSTEM AND SEE IF IT WAS SNEAKIER THEN IT LOOKED.