Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help with conduit


  • Please log in to reply
10 replies to this topic

#1 charlie37

charlie37

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 23 December 2013 - 12:26 PM

I think I have been infection with some version of Conduit.  I have been running Malwarebytes daily, sometimes removing, but each day it comes back.  Here is the first Malwarebytes log from 12/21:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.21.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Owner ::XXXXX [administrator]

12/21/2013 10:15:01 AM
MBAM-log-2013-12-21 (10-19-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212449
Time elapsed: 3 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCR\CLSID\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} (PUP.Optional.Conduit) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} (PUP.Optional.Conduit) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} (PUP.Optional.Conduit) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} (PUP.Optional.Conduit) -> No action taken.

Registry Values Detected: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{8E2479DE-6096-41F3-90AB-83BE9946AA2D} (PUP.Optional.Conduit) -> Data: Þy$Ž–`óA«ƒ¾™Fª- -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{8E2479DE-6096-41F3-90AB-83BE9946AA2D} (PUP.Optional.Conduit) -> Data:  -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{8E2479DE-6096-41F3-90AB-83BE9946AA2D} (PUP.Optional.Conduit) -> Data: InternetHelper3.7 Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{8E2479DE-6096-41F3-90AB-83BE9946AA2D} (PUP.Optional.Conduit) -> Data:  -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\InternetHelper3.7\prxtbInte.dll (PUP.Optional.Conduit) -> No action taken.

(end)

 

 

And here is the most recent Malwarebytes log from today:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.21.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Owner :: XXXXX [administrator]

12/23/2013 8:49:46 AM
MBAM-log-2013-12-23 (08-54-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212434
Time elapsed: 4 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

Any help to remove this permanently would be greatly appreciated.  Thanks in advance.



BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:19 AM

Posted 23 December 2013 - 12:37 PM

Hi charlie37,
 
The log says no action taken, but I'm not sure why that is. Did you make sure to check the items to remove them?
 
Lets run these and see if they deal with the detection:
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

---------

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 charlie37

charlie37
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 23 December 2013 - 01:05 PM

Thanks for the quick reply xXToffeeXx!  I ran the two programs, in the order you posted them.  After running JRT, I got a pop-up from IE saying my search provider selections had been corrupted and I was asked to select the search provider(s) I wanted to use.  When the selection pop-up came up there was Bing (selected by default) and 2 Googles.  I just x'd out without changing anything.

 

So, the logs show some deletions:

# AdwCleaner v3.016 - Report created 23/12/2013 at 12:44:25
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Owner - XXXXX
# Running from : C:\Users\Owner\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\Program Files (x86)\AppGraffiti
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Broderbund
Folder Deleted : C:\Program Files (x86)\InternetHelper3.7
Folder Deleted : C:\Users\Owner\AppData\Local\Conduit
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Broderbund
Folder Deleted : C:\Users\Owner\AppData\LocalLow\InternetHelper3.7
Folder Deleted : C:\Users\Owner\AppData\Roaming\Searchprotect
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\Tasks\SaveSense.job
File Deleted : C:\Windows\System32\Tasks\SaveSense

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2530712
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3315828
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81E93B9C-1052-4697-AAFE-B40CD69C1D22}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84F3EEE2-FA72-439F-9CA3-EE60D098A73C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B052E68E-A114-4480-B416-C8E617D346A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{81E93B9C-1052-4697-AAFE-B40CD69C1D22}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81E93B9C-1052-4697-AAFE-B40CD69C1D22}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{81E93B9C-1052-4697-AAFE-B40CD69C1D22}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{84F3EEE2-FA72-439F-9CA3-EE60D098A73C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B052E68E-A114-4480-B416-C8E617D346A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{09EADC02-38A2-47F9-9E66-1C974B28372F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACBAE44C-F8A1-4D4A-91A7-C5C3A4715988}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A9BD3DD-D28A-4FCF-BFE9-7C9F1D227B2F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD60BE36-29C5-4582-B515-AD6697AC8A9F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{81E93B9C-1052-4697-AAFE-B40CD69C1D22}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{81E93B9C-1052-4697-AAFE-B40CD69C1D22}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{81E93B9C-1052-4697-AAFE-B40CD69C1D22}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{81E93B9C-1052-4697-AAFE-B40CD69C1D22}]
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Broderbund
Key Deleted : HKCU\Software\AppDataLow\Software\InternetHelper3.7
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Broderbund
Key Deleted : HKLM\Software\InternetHelper3.7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Broderbund Toolbar

 

 

 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by Owner on Mon 12/23/2013 at 12:51:59.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LCTaskAssistant13_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LCTaskAssistant13_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LCTaskAssistant13_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LCTaskAssistant13_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7270CC1F-80F2-4C15-93AA-A0B033255A16}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF8A4201-ACCC-4139-A19E-E1E288D2ACD7}

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/23/2013 at 12:56:21.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Thanks, for the help so far....

 



#4 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:19 AM

Posted 23 December 2013 - 01:18 PM

Hi charlie37,

 

That message was for what search engine (like Bing or Google) you wanted to use. It's only for the search box at the top of the page, if you want to set it to say Bing or Google I suggest following these instructions.

 

Can you run Malwarebytes again to see if that detection still appears.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#5 charlie37

charlie37
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 23 December 2013 - 01:58 PM

Hi xXToffeeXx -

 

Yes, will run Malwarebytes full scan now, will take a liitle while.  Will post back as soon as it's done.



#6 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:19 AM

Posted 23 December 2013 - 02:04 PM

Hi charlie37,

 

No worries, I'll either reply tonight or tomorrow depending on how long it takes.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#7 charlie37

charlie37
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 23 December 2013 - 03:42 PM

Hi xXToffeeXx -

 

Malwarebytes found the items quarantined by Adware Cleaner:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.21.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Owner :: XXXXX [administrator]

12/23/2013 2:47:06 PM
MBAM-log-2013-12-23 (15-38-18).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 413482
Time elapsed: 49 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 9
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetHelper3.7\hk64tbInte.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetHelper3.7\hktbInte.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetHelper3.7\ldrtbInte.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetHelper3.7\tbInte.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\InternetHelper3.7\hk64tbInte.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\InternetHelper3.7\hktbInte.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\InternetHelper3.7\ldrtbInte.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\InternetHelper3.7\tbInte.dll.vir (PUP.Optional.Conduit) -> No action taken.

(end)

 

I selected them and clicked Remove Selected. 



#8 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:19 AM

Posted 23 December 2013 - 03:49 PM

Hi charlie37,
 
That's a good result. Those files were doing no harm and were neutralised already by AdwCleaner.
 
How is your computer running?
 
Run these for me to see if there is anything which needs updating, and to clean up:
 
Double click on AdwCleaner.exe to run the tool again.

  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.

 

--------
 
Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

xXToffeeXx~


Edited by xXToffeeXx, 23 December 2013 - 03:51 PM.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#9 charlie37

charlie37
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 23 December 2013 - 04:02 PM

xXToffeeXx -

 

Uninstalled AdwCleaner and ran SecurityCheck:

 

 Results of screen317's Security Check version 0.99.77 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 Windows Firewall Disabled! 
avast! Internet Security  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 7 Update 45 
 Adobe Reader 10.1.8 Adobe Reader out of Date! 
 Mozilla Thunderbird (24.2.0)
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````



#10 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:19 AM

Posted 23 December 2013 - 04:06 PM

Hi charlie37,

 

Update Adobe Reader here for me: http://get.adobe.com/uk/reader/

 

I think we are done, unless you have anything more for me to do?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#11 charlie37

charlie37
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 23 December 2013 - 04:13 PM

Hi xXToffeeXx -

 

Thank you very much!  Happy Holidays and Merry Christmas! 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users