Actions needed to take from additions.txt, FRST.txt. EEK report

[judieni 0]

Hello,

 

I'm a new user and need help for the actions to remove infections. As suggested, I've run EEK and FRST and came up with three reports. Please advise and/or help with actions. Thanks!

FRST.txt

Addition.txt

Addition.txt

FRST.txt

EEKscan05131000am.txt

[Kevin Zoll 309]

Copy the below code to Notepad; Save As fixlist.txt to your Desktop.

HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2921615286-62549966-2512103416-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2921615286-62549966-2512103416-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: skypec2c - No CLSID Value
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
2015-04-24 17:07 - 2015-04-24 17:07 - 00000000 ____D () C:\bb8eb43c-3d27-4124-8a37-7304276e2126
2015-04-24 17:07 - 2015-04-24 17:07 - 00000000 ____D () C:\79e9beae-6037-4f11-8bd9-457888955123
2015-04-24 16:31 - 2015-04-24 16:31 - 00000000 ____D () C:\68108fe5-b7df-4535-bb5e-a34d87fcaa33
2015-04-24 16:29 - 2015-04-24 16:29 - 00000000 ____D () C:\b93ab35f-45cc-4afe-846f-63a4d78a95f2
2015-04-24 16:29 - 2015-04-24 16:29 - 00000000 ____D () C:\8cbe5ee1-09f8-44b0-a3a3-f89b32e2ea4f
2015-04-25 20:53 - 2014-12-16 05:07 - 00000000 ____D () C:\85264e80-70b0-4648-8d5b-187c8a64b5b7
2015-04-14 10:07 - 2014-10-19 01:34 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-09-01 01:18 - 2014-12-11 14:10 - 0001171 _____ () C:\Users\user\AppData\Roaming\FASPWB
2014-12-07 13:38 - 2014-12-07 13:38 - 0000008 _____ () C:\Users\user\AppData\Roaming\handle.txt
2015-05-12 09:58 - 2015-05-12 10:07 - 0000115 _____ () C:\Users\user\AppData\Roaming\LogFile.txt
2014-09-01 01:18 - 2015-03-23 03:42 - 0000365 _____ () C:\Users\user\AppData\Roaming\LSHLRGPF
2014-09-01 01:18 - 2015-03-23 03:42 - 0000365 _____ () C:\Users\user\AppData\Roaming\NIYZL
2014-09-01 01:18 - 2014-12-11 14:10 - 0001171 _____ () C:\Users\user\AppData\Roaming\QAKOG
2014-11-28 22:55 - 2014-12-13 04:00 - 0059169 _____ () C:\Users\user\AppData\Roaming\userenv.xml
2014-11-28 22:55 - 2014-11-28 23:04 - 0080930 _____ () C:\Users\user\AppData\Roaming\userenv.xml.urlencode
2014-12-07 14:16 - 2014-12-07 14:16 - 0000045 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2015-04-25 23:40 - 2015-04-25 23:40 - 0032356 _____ () C:\ProgramData\1430030351.bdinstall.bin
Task: {0C504999-2175-4B91-AD9E-8BF6D4BC1F3D} - \ATKOSD2 No Task File <==== ATTENTION
Task: {19B6DB7F-A7F2-4AEB-8232-0B2E464BA83A} - \{3B2C07AB-7E03-4725-9015-98FF4007A570} No Task File <==== ATTENTION
Task: {264BA37E-11DC-44DD-A109-8B3ED9B56612} - \USBChargerPlus No Task File <==== ATTENTION
Task: {2FEC14F9-8B9E-41CF-80EE-8B8CEE8E0442} - \{514F7894-7DE2-4905-9C4A-B0A64025BF60} No Task File <==== ATTENTION
Task: {5000CCEF-90FB-4EF4-9822-664AEB916D7B} - \ACMON No Task File <==== ATTENTION
Task: {71F6484D-C4D7-4369-A2B5-9FD7FA4D9D68} - \{181F4947-9301-43D5-94CE-3302BDCAB455} No Task File <==== ATTENTION
Task: {9C011AE2-0DE4-41EF-9B41-465286083740} - \ASUS SmartLogon Console Sensor No Task File <==== ATTENTION
Task: {A732BBAD-540C-4A3B-B553-A1D8A1748026} - \SidebarExecute No Task File <==== ATTENTION
Task: {ABE7E860-7BF2-4F7B-8FD1-84B0B67D78C5} - \ASUS Live Update No Task File <==== ATTENTION
Task: {C35C8A14-2468-46C4-ABE1-C5148F5ABF7F} - \ASUS P4G No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:05E9FFE5
AlternateDataStreams: C:\Users\user\Downloads\mbam-setup-2.0.4.1028.exe:BDU

Close Notepad.

NOTE: It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 and press the Fix button just once and wait.

If the tool needed a restart please make sure you let the system to restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply.

Note: If the tool warns you about an outdated version please download and run the updated version.

[Kevin Zoll 309]

Thread Closed

Reason: Lack of Response

PM either Kevin, Elise, or Arthur to have this thread reopened.

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread.