magna86
9
Hi,
FRST log shows me that you have been run ComboFix. Note for future:
Combofix is not a tool that is supposed to be used without expert oversight, sUBs the creator of Combofix has gone to great lengths to let people know this, including a clear and succinct message which is displayed every time that Combofix is run.
Open notepad.
[*]Click Start
[*] Type notepad.exe in the search programs and files box and click Enter.
[] A blank Notepad page should open.
[] Copy/Paste the contents of the code box below into Notepad.
Start
HKU\John Taylor\...\Run: [dhoaxjug] - C:\Users\John Taylor\AppData\Local\skqrlmcs.exe [92160 2013-11-13] ()
HKU\John Taylor\...\Run: [Google Update] - [x]
HKU\John Taylor\...\Run: [AS2014] - C:\ProgramData\dasrnsa3\dasrnsa3.exe [569344 2013-11-13] ()
S2 Updater Service for StartNow Toolbar; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [244960 2011-10-25] ()
C:\Users\John Taylor\AppData\Local\skqrlmcs.exe
C:\ProgramData\dasrnsa3\dasrnsa3.exe
C:\Program Files (x86)\StartNow Toolbar
2013-11-13 16:50 - 2013-11-13 16:50 - 00301568 _____ C:\Users\John Taylor\AppData\Local\bilbdqqs.exe
2013-11-13 16:50 - 2013-11-13 16:50 - 00001666 _____ C:\Users\John Taylor\Desktop\Antivirus Security Pro.lnk
2013-11-13 16:50 - 2013-11-13 16:50 - 00000118 _____ C:\Users\John Taylor\Desktop\Antivirus Security Pro support.url
2013-11-13 16:49 - 2013-11-13 16:50 - 00000000 ____D C:\ProgramData\dasrnsa3
2013-11-13 16:49 - 2013-11-13 16:49 - 00569344 _____ C:\Users\John Taylor\AppData\Local\tqickgrx.exe
013-11-13 10:52 - 2013-11-13 10:52 - 00287232 _____ C:\Users\John Taylor\AppData\Local\viivlkcg.exe
2013-11-13 09:40 - 2013-11-13 09:40 - 00287232 _____ C:\Users\John Taylor\AppData\Local\rqpnnqpf.exe
2013-11-13 09:39 - 2013-11-13 09:39 - 00067958 _____ C:\Users\John Taylor\AppData\Local\xpqakiui
2013-11-13 09:38 - 2013-11-13 09:38 - 00000000 _____ C:\Users\John Taylor\AppData\Roaming\SharedSettings.ccs
2013-11-13 09:13 - 2013-11-13 09:13 - 00092160 _____ C:\Users\John Taylor\AppData\Local\skqrlmcs.exe
C:\Users\John Taylor\AppData\Local\Google\Desktop\Install
C:\Users\John Taylor\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\John Taylor\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\John Taylor\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\John Taylor\AppData\Local\Temp\msimg32.dll
End
[*] Save it to your USB flashdrive as fixlist.txt
Boot into Recovery Environment
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens …
[*] Press the Fix button once and wait.
[*] FRST will process fixlist.txt
[*] When finished, it will produce a log fixlog.txt on your USB flashdrive.
Exit out of Recovery Environment and post me the log please.
THEN…
Try to run FRST in normal mode. Just press Scan button and post me fresh FRST.txt logreport.