Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Systweak Advanced System Protector LOG


  • This topic is locked This topic is locked
3 replies to this topic

#1 Pete454

Pete454

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:30 PM

Posted 01 August 2013 - 11:05 PM

Hello, can anyone please tell me if this detection log is fake. Its really strange i used Malwarebytes and Emsisoft Emergency Kit before scanning with this app and no vírus was found. Does this program bundles with some vírus to make you believe you are infected??

 

 

 

Systweak

Advanced System Protector

 

Scan Date quinta-feira, 1 de Agosto de 2013 Database Version 1447 Total Items Found 18 Objects Scanned : 341872 Time Elapsed : 00:54:29 Name Found Items

 

Item Name

trojan-backdoor.bifrose

Category

Backdoor

Threat Level

Severe

Action Performed

Quarantine

Items Found

1

 

Found Area

Registry

   

Details

Registry Key

hkey_current_user

   

software\wget

   

 

Item Name

roguesecurityprogram.winantivirus-pro-2006

Category

Rogue Antispyware Program

Threat Level

Severe

Action Performed

Quarantine

Items Found

6

 

Found Area

Registry

   

Details

Registry Key

hkey_classes_root

   

*\shellex\contextmenuhandlers\shellextension

   

 

Found Area

Registry

   

Details

Registry Key

hkey_classes_root

   

directory\shellex\contextmenuhandlers\shellextension

   

 

Found Area

Registry

   

Details

Registry Key

hkey_classes_root

   

drive\shellex\contextmenuhandlers\shellextension

   

 

Found Area

Registry

   

Details

Registry Key

hkey_local_machine

   

software\classes\*\shellex\contextmenuhandlers\shellextension

   

 

Found Area

Registry

   

Details

Registry Key

hkey_local_machine

   

software\classes\directory\shellex\contextmenuhandlers\shellextension

   

 

Found Area

Registry

   

Details

Registry Key

hkey_local_machine

   

software\classes\drive\shellex\contextmenuhandlers\shellextension

   

 

Item Name

roguesecurityprogram.pro-antispyware-2009

Category

Rogue Antispyware Program

Threat Level

Severe

Action Performed

Quarantine

Items Found

2

 

Found Area

Registry

   

Details

Registry Key

hkey_current_user

   

software\microsoft\windows\currentversion\drivers\video

   

 

Found Area

Registry

   

Details

Registry Key

hkey_current_user

   

software\microsoft\windows\currentversion\drivers\video\options

   

 

Item Name

roguesecurityprogram.ms-antispyware-2009

Category

Rogue Antispyware Program

Threat Level

Severe

Action Performed

Quarantine

Items Found

1

 

Found Area

Registry

   

Details

Registry Key

hkey_current_user

   

software\microsoft\windows\currentversion\drivers

   

 

Item Name

trojan-spy.banker

Category

Trojan Spy

Threat Level

Elevated

Action Performed

Quarantine

Items Found

6

 

Found Area

Registry

   

Details

Registry Key

hkey_local_machine

   

system\currentcontrolset\services\catchme

   

 

Found Area

Registry

   

Details

Registry Key

hkey_local_machine

   

system\currentcontrolset\services\catchme

 

type

 

Found Area

Registry

   

Details

Registry Key

hkey_local_machine

   

system\currentcontrolset\services\catchme

 

errorcontrol

 

Found Area

Registry

   

Details

Registry Key

hkey_local_machine

   

system\currentcontrolset\services\catchme

 

start

 

Found Area

Registry

   

Details

Registry Key

hkey_local_machine

   

system\currentcontrolset\services\catchme

 

imagepath

 

Found Area

Registry

   

Details

Registry Key

hkey_local_machine

   

system\currentcontrolset\services\catchme

 

group

 

Item Name

malware.generic

Category

Generic Malware

Threat Level

High

Action Performed

Quarantine

Items Found

1

 

Item Name

monitoring.employees-pc-monitor

Category

Monitoring Tool

Threat Level

High

Action Performed

Quarantine

Items Found

1

 

Found Area

Registry

   

Details

Registry Key

hkey_users

   

s-1-5-18\software\microsoft\windows\currentversion\policies\system

   

 

Copyright © Systweak Software 2012


Edited by Pete454, 01 August 2013 - 11:24 PM.


BC AdBot (Login to Remove)

 


#2 satchfan

satchfan

  • Malware Response Team
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:30 PM

Posted 02 August 2013 - 03:46 AM

Hello Pete454 and welcome to Bleeping Computer.

My name is Satchfan and I would be glad to help you with your computer problem.

Systweak Advanced System Protector is not a reliable program and is regarded as malware. We’ll need to run some scans on your computer to see what else is there and then hopefully clean it all up.


Please read the following guidelines which will help to make cleaning your machine easier:
 

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested


Run RogueKiller

IMPORTANT: Please remove any usb or external drives from the computer before you run this scan!

Close all running programs.


Download RogueKiller to your desktop.

For 64-bit systems download it from here

  • close all running programs
  • for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
  • when the pre-scan is finished, click on Scan
  • click on Report and copy/paste the content in your next post
  • NOTE: DO NOT attempt to remove anything that the scan detects –everything that is reported is not necessarily bad

If the program is blocked, continue to try it several times. If it still doesn’t work, (it could happen), rename it to winlogon.exe.
Please post the contents of the RKreport.txt in your next reply.

===================================================

Run DDS

Please download DDS by sUBs from the following link and save it to your desktop.
 

DDS.pif

  • Disable any script blocking protection (How to Disable your Security Programs)
  • double click DDS icon to run the tool (may take up to 3 minutes to run)
  • when done, DDS.txt will open.
  • after a few moments,  attach.txt will open in a second window.
  • save both reports to your desktop.
  • Post the contents of the DDS.txt and Attach.txt reports in your next reply.

===================================================

Run aswMBR
 

  • download aswMBR.exe to your desktop.
  • double click aswMBR.exe to run it
  • if asked, accept the AVAST virus definition download
  • click the "Scan" button to start scan
  • on completion of the scan click Save log, save it to your desktop and post in your next reply. Note - do NOT attempt any Fix yet.

Please include the following in your next post :

RKreport.txt
DDS.txt
Attach.txt
aswMBR log


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#3 satchfan

satchfan

  • Malware Response Team
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:30 PM

Posted 05 August 2013 - 02:40 AM

Hi Pete454

 

It has been a few days since I replied to your request for help with your computer problems.

 

Please let me know if you are having problems and still need help.

 

Thanks

 

Satchfan


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#4 satchfan

satchfan

  • Malware Response Team
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:30 PM

Posted 07 August 2013 - 05:16 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users