Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer crashes all the time....


  • This topic is locked This topic is locked
31 replies to this topic

#1 Shivashish

Shivashish

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangalore, India.
  • Local time:05:01 AM

Posted 19 March 2014 - 12:58 AM

Hi,

   My computer is restarting on its own. I want to fix it right away. I want help from you people regarding this so that I can fix it efficiently. 

 

   My computer config.:

 

   Windows edition:

  

   Windows 7 Professional

   Service pack 1

 

   System:

 

   Processor: Intel® Core™ i3-2100 CPU @ 3.10GHz 3.10GHz

   Installed Memory(RAM): 4.00GB (3.61GB Usable)

   System type: 32-bit Operating System

   Pen and Touch: No pen or touch input is available for this Display

 

 

   Please help me to fix this problem. This may be an insipid challenge for you but this also is a challenge :P...

 

Thanks,

Shivashish.



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:31 AM

Posted 19 March 2014 - 04:53 AM

Hello -

My computer is restarting on its own.

We must start as this being the only post, all other info is generally useless for now.

You do not mention any problem with downloading small programs, so I must assume that you can.

Download all programs to desktop and Copy and Paste all responses.

 

First -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

 

Next -

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 
Click Go and Copy / Paste the result (Result.txt).

 

 

Next -

Please download and run RKill by Grinler.

This will also run in Safe Mode if you are having very big problems.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

Please post the small log back here

 

 

Now: Please download AdwCleaner by Xplode and save to your Desktop.
* NOTE : Please close or save all work, as the computer will be Rebooted
* Double-click on AdwCleaner.exe to run the tool.
* Vista/Windows 7/8 users right-click and select Run As Administrator.
* Click on the Scan button. (only once)
* AdwCleaner will begin...be patient as the scan may take some time to complete.
* After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. 
* If you see any which you do not want removed, remove the check mark next to it. 
 

* Next: Click on the Clean button (only once) to remove the selected items. 
* You will receive a message telling you that all programs will be close so that the infections can be removed. 
* Click on OK, and then OK again to confirm the reboot.
* When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop. 
* Please copy and the paste this log in your next post.

* A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

Also -

Shut down your protection software now to avoid potential conflicts.
* How To Temporarily Disable Your Anti-virus
* Please download Junkware Removal Tool to your desktop.
* Run the tool by double-clicking it.
* If you are using Windows Vista, 7, or 8, right click JRT.exe and select "Run as Administrator".
* The tool will open and start scanning your system.
* Please be patient as this can take a while to complete depending on your system's specifications.
* On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
* Post the contents of JRT.txt into your next message.

 

 

Next -

Download Malwarebytes' Anti-Malware Free (aka MBAM)
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Full Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
Be sure to reboot the computer if required after you post the log.
To remove all "found items" you can follow the steps in this Malwarebytes illustrated blog post:
http://blog.malwarebytes.org/news/2013/09/selecting-all-pups/



#3 Shivashish

Shivashish
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangalore, India.
  • Local time:05:01 AM

Posted 20 March 2014 - 03:02 AM

These are the 6 logs that you wanted.

 

 

 

 

 

 

 

 

 Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Quick Heal Total Security 2014   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 51  
 Adobe Flash Player 12.0.0.77  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Quick Heal Quick Heal Total Security onlinent.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
 
 
 
 
 
 
 
 
 
MiniToolBox by Farbar  Version: 13-07-2013
Ran by shivashish (administrator) on 20-03-2014 at 12:25:04
Running from "C:\Users\shivashish\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
# Adobe Tool v3.6 Beta: 05/07/2013 21:43:31.
127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com 
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com 
127.0.0.1 adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com 
127.0.0.1 lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp 
127.0.0.1 wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com 
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com cmdls.adobe.com na1r.services.adobe.com prod-rel-ffc-ccm.oobesaas.adobe.com 
127.0.0.1 drm-pc.angrybirdsgame.com
127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com 
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com 
127.0.0.1 adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com 
127.0.0.1 lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp 
127.0.0.1 wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com 
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com cmdls.adobe.com na1r.services.adobe.com prod-rel-ffc-ccm.oobesaas.adobe.com 
 
========================= IP Configuration: ================================
 
Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : shivashish-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
   Physical Address. . . . . . . . . : 4C-72-B9-56-A0-6D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9810:529f:bef7:1cac%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, March 20, 2014 9:40:15 AM
   Lease Expires . . . . . . . . . . : Friday, March 21, 2014 11:51:26 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 239891129
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-E3-AE-C5-4C-72-B9-56-A0-6D
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{E2B66C66-D6EC-4F86-85E0-193AF3AEFE10}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:100f:2903:8a3f:aac3(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::100f:2903:8a3f:aac3%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2404:6800:4003:803::1006
 173.194.38.174
 173.194.38.160
 173.194.38.161
 173.194.38.162
 173.194.38.163
 173.194.38.164
 173.194.38.165
 173.194.38.166
 173.194.38.167
 173.194.38.168
 173.194.38.169
 
 
Pinging google.com [173.194.38.164] with 32 bytes of data:
Reply from 173.194.38.164: bytes=32 time=90ms TTL=55
Reply from 173.194.38.164: bytes=32 time=91ms TTL=55
 
Ping statistics for 173.194.38.164:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 90ms, Maximum = 91ms, Average = 90ms
Server:  UnKnown
Address:  192.168.1.1
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=309ms TTL=47
Reply from 98.138.253.109: bytes=32 time=313ms TTL=47
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 309ms, Maximum = 313ms, Average = 311ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...4c 72 b9 56 a0 6d ......Intel® 82579V Gigabit Network Connection
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:5ef5:79fb:100f:2903:8a3f:aac3/128
                                    On-link
 10    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::100f:2903:8a3f:aac3/128
                                    On-link
 10    276 fe80::9810:529f:bef7:1cac/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
 
System errors:
=============
Error: (03/20/2014 09:43:00 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (03/20/2014 09:43:00 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/20/2014 07:49:35 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (03/20/2014 07:49:35 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/20/2014 07:45:49 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (03/20/2014 07:45:49 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/19/2014 11:31:42 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (03/19/2014 11:31:42 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/19/2014 11:21:20 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (03/19/2014 11:21:20 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
Adobe AIR (Version: 4.0.0.1390)
Adobe Creative Cloud (Version: 2.2.1.260)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Help Manager (Version: 4.0.244)
Adobe Illustrator CS6 (Version: 16.0)
Adobe InDesign CS6 (Version: 8.0.2.413)
Adobe Reader X (10.1.9) (Version: 10.1.9)
Adobe® Content Viewer (Version: 3.4.2)
Angry Birds Seasons (Version: 1.5.1)
BitTorrent (Version: 7.8.2.30489)
CameraHelperMsi (Version: 13.50.854.0)
Citrix Online Launcher (Version: 1.0.179)
erLT (Version: 1.20.138.34)
Google Chrome (Version: 33.0.1750.154)
Google Update Helper (Version: 1.3.22.5)
GoToMeeting 6.1.0.1312 (Version: 6.1.0.1312)
Guvernor of Poker 2 Premium Edition 1.00
High-Definition Video Playback (Version: 7.1.13900.47.0)
Intel® Management Engine Components (Version: 7.1.40.1161)
Intel® Network Connections 17.0.200.2 (Version: 17.0.200.2)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Logitech Vid HD (Version: 7.2 (7248))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.50.854.0)
LWS Help_main (Version: 13.50.862.0)
LWS Launcher (Version: 13.50.859.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.50.861.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Need for Madness Single Player (Version: 17)
Nero 10 Menu TemplatePack Basic (Version: 10.2.10000.0.0)
Nero 10 Movie ThemePack Basic (Version: 10.2.10000.0.0)
Nero BurnRights 10 (Version: 4.2.10500.1.102)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.17800.8.5)
Nero CoverDesigner 10 (Version: 5.2.11400.11.100)
Nero DiscCopy Gadget 10 (Version: 3.2.10700.9.100)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero Express 10 (Version: 10.2.12400.25.100)
Nero InfoTool 10 (Version: 7.2.10400.5.100)
Nero MediaHub 10 (Version: 1.2.12900.31.100)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10400)
Nero Recode 10 (Version: 4.8.10400.3.100)
Nero StartSmart 10 (Version: 10.2.11300.12.100)
Nero Update (Version: 1.0.0018)
Nero Vision 10 (Version: 7.2.15500.17.100)
NVIDIA 3D Vision Controller Driver 310.90 (Version: 310.90)
NVIDIA 3D Vision Driver 310.90 (Version: 310.90)
NVIDIA Control Panel 310.90 (Version: 310.90)
NVIDIA Graphics Driver 310.90 (Version: 310.90)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1090)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
PDF Settings CS6 (Version: 11.0)
Quick Heal Total Security (Version: 15.00)
Rail Simulator (Version: 1.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6602)
Skype™ 6.11 (Version: 6.11.102)
TSST OEM Content (Version: 10.0.10300.0.0)
Virtua Tennis 4 (Version: 1.0.0001.130)
Virtua Tennis 4™ (Version: 1.0.0000.130)
VLC media player 2.0.6 (Version: 2.0.6)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
World domination II (Version: 2.0.0)
Wsys Control 10.2.1.2652 (Version: 10.2.1.2652)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 25%
Total physical RAM: 3698.42 MB
Available physical RAM: 2740.76 MB
Total Pagefile: 7395.12 MB
Available Pagefile: 5714.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.16 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:146.39 GB) (Free:104.74 GB) NTFS
2 Drive d: () (Fixed) (Total:146.48 GB) (Free:131.47 GB) NTFS
3 Drive e: () (Fixed) (Total:172.79 GB) (Free:161.13 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\SHIVASHISH-PC
 
Administrator            Guest                    shivashish               
UpdatusUser              
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 
 
 
 
 
 
 
 
 
 
 
Rkill 2.6.5 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/20/2014 12:28:50 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.
 
 * HOSTS file entries found: 
 
  127.0.0.1 drm-pc.angrybirdsgame.com
  127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com 
  127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com 
  127.0.0.1 adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com 
  127.0.0.1 lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp 
  127.0.0.1 wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com 
  127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com cmdls.adobe.com na1r.services.adobe.com prod-rel-ffc-ccm.oobesaas.adobe.com 
 
Program finished at: 03/20/2014 12:29:20 PM
Execution time: 0 hours(s), 0 minute(s), and 30 seconds(s)
 
 
 
 
 
 
 
 
 
 
 
 
# AdwCleaner v3.022 - Report created 20/03/2014 at 12:47:10
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : shivashish - SHIVASHISH-PC
# Running from : C:\Users\shivashish\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\yourfiledownloader
Folder Deleted : C:\Users\shivashish\AppData\Local\Conduit
Folder Deleted : C:\Users\SHIVAS~1\AppData\Local\Temp\eIntaller
Folder Deleted : C:\Users\shivashish\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\shivashish\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\shivashish\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Folder Deleted : C:\Users\shivashish\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
File Deleted : C:\Users\shivashish\AppData\Roaming\Mozilla\Firefox\Profiles\xn9kyw0r.default\searchplugins\Askcom.xml
File Deleted : C:\Users\shivashish\AppData\Roaming\Mozilla\Firefox\Profiles\xn9kyw0r.default\user.js
File Deleted : C:\Users\shivashish\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Windows\System32\Tasks\YourFile Update
 
***** [ Shortcuts ] *****
 
[x] Not Disinfected : C:\Users\shivashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[x] Not Disinfected : C:\Users\shivashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[x] Not Disinfected : C:\Users\shivashish\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[x] Not Disinfected : C:\Users\shivashish\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[x] Not Disinfected : C:\Users\shivashish\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKCU\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7997A0B6-E855-46E4-8F75-060F019025FD}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7997A0B6-E855-46E4-8F75-060F019025FD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit(1)_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit(1)_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vlc-media-player_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vlc-media-player_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\V9Software
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16448
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\shivashish\AppData\Roaming\Mozilla\Firefox\Profiles\xn9kyw0r.default\prefs.js ]
 
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\shivashish\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [7829 octets] - [20/03/2014 12:35:21]
AdwCleaner[S0].txt - [6366 octets] - [20/03/2014 12:47:10]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6426 octets] ##########
 
 
 
 
 
 
 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x86
Ran by shivashish on Thu 03/20/2014 at 12:54:52.76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4D86A8A2-E5B8-4C63-9069-524A55D52F96}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\shivashish\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\shivashish\appdata\local\download beast"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/20/2014 at 12:58:00.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.20.02
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
shivashish :: SHIVASHISH-PC [administrator]
 
Protection: Enabled
 
3/20/2014 1:09:43 PM
mbam-log-2014-03-20 (13-09-43).txt
 
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 55461
Time elapsed: 11 minute(s), 16 second(s) [aborted]
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 13
C:\Users\shivashish\Downloads\setup (1).exe (PUP.Optional.Bundlore) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\setup.exe (PUP.Optional.Bundlore) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\ADOBE_ILLUSTRATOR_CS6__[thethingy]_secure.exe (PUP.Optional.Topmedia) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\WAT Remover Tool for Windows 7 - Download wat remover .exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\Windows_Loader_v2.2.1.zip (Hacktool.Agent) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\world_domination_2_full_version_free_downloader.exe (PUP.Optional.GoForFiles.A) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\removewga.exe (PUP.RemoveWGA) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\Adobe Illustrator CS6\DLL FILE\32bit\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\Adobe Illustrator CS6\DLL FILE\64bit\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\Adobe Indesign CS6\DLL FILE\32bit\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\Adobe Indesign CS6\DLL FILE\64bit\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\Adobe Indesign CS6\DLL FILE\Original - 32bit\Indesign\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Users\shivashish\Downloads\Adobe Indesign CS6\DLL FILE\Original - 64bit\Adobe Media Encoder CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
 
(end)


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:31 AM

Posted 20 March 2014 - 05:13 AM

Hello -

There was a few "minor enimies" found by Malwarebytes, but nothing major.

 

Please scan your computer with ESET Online Scanner
Disable active Antivirus and Antimalware programs How To Temporarily Disable Your Anti-virus
This scan is best performed with Internet Explorer, as it uses ActiveX
If you will not use Internet Explorer, then please read item 3 - a and b in this post

1 - Open Internet Explorer and hold down Control (Ctrl) key and click on This Link to open ESET OnlineScan in a new window.
2 - Click the ESET Online Scanner button.
3 - For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
a - Click on eset.exe to download the ESET Smart Installer. Save it to your desktop.
b - Double click on the  icon on your desktop.
4 - Check "YES, I accept the Terms of Use."
5 - Click the Start button.
6 - Accept any security warnings from your browser.
7 - Under scan settings, check "Scan Archives" and "Remove found threats"
8 - Click Advanced settings and select the following:
* Scan potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth technology

9 - ESET will then download updates for itself, install itself, and begin scanning your computer.
10 - Please be patient as this will take some time (first time scans are always longer, several hours)
11 - When the scan completes, click List Threats
12 - Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
13 - Click the Back button and then Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
If you lose the log it can be found at C:\Program Files\ESET\EsetOnlineScanner\log.txt
If no infections are found then please tell me -
You can ignore any ESET detection of AdwCleaner...it is a false positive and just cleaning up.

 

 

Re open AdwCleaner, this time click the Uninstall Button, as the progran can not yet be Updated.

When you click OK, your computer should be rebooted again.

 

 

You have a very specific Hosts file set, even though you have installed programs that are included ??

If you wish to install the "standard Hosts file", please follow the link after this line =>

Windows7 Hosts file restore - http://go.microsoft.com/?linkid=9668866

Click the Fixit link, and follow the basic instructions. Note this is optional if you do understand .....



#5 Shivashish

Shivashish
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangalore, India.
  • Local time:05:01 AM

Posted 20 March 2014 - 02:14 PM

ESET online scanner report:
 
 
C:\Users\All Users\InstallMate\{873D0244-5145-4F1A-ADF1-19675CDE20B2}\Custom.dll Win32/InstalleRex.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\shivashish\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\10.26.9.505_0\APISupport\APISupport.dll.vir a variant of Win32/Toolbar.Conduit.Z potentially unwanted application deleted - quarantined
C:\Program Files\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\ProgramData\InstallMate\{873D0244-5145-4F1A-ADF1-19675CDE20B2}\Custom.dll Win32/InstalleRex.M potentially unwanted application deleted - quarantined
C:\Users\shivashish\Downloads\cbsidlm-cbsi134-Virtual_Music_Composer-ORG-10752304.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\shivashish\Downloads\cbsidlm-cbsi5_4_0_104-Pandora_Recovery-BP-10694796.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
E:\OLD PC DATA\Shivashish\General Utilities\kundli4100.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
 
 
 
Okay, I also want to inform that I turn on the anti-virus protection every time I finish carrying out the steps you give. Also, since I avoid unnecessary installations, I unstill the program once it is used. I checked the "uninstall application" for ESET online scanner too. Last but not the least, I did not do the fixit thing (hosts file thing). Is that okay?????? 


#6 Shivashish

Shivashish
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangalore, India.
  • Local time:05:01 AM

Posted 20 March 2014 - 02:16 PM

 

ESET online scanner report:
 
 
C:\Users\All Users\InstallMate\{873D0244-5145-4F1A-ADF1-19675CDE20B2}\Custom.dll Win32/InstalleRex.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\shivashish\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\10.26.9.505_0\APISupport\APISupport.dll.vir a variant of Win32/Toolbar.Conduit.Z potentially unwanted application deleted - quarantined
C:\Program Files\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\ProgramData\InstallMate\{873D0244-5145-4F1A-ADF1-19675CDE20B2}\Custom.dll Win32/InstalleRex.M potentially unwanted application deleted - quarantined
C:\Users\shivashish\Downloads\cbsidlm-cbsi134-Virtual_Music_Composer-ORG-10752304.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\shivashish\Downloads\cbsidlm-cbsi5_4_0_104-Pandora_Recovery-BP-10694796.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
E:\OLD PC DATA\Shivashish\General Utilities\kundli4100.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
 
 
 
Okay, I also want to inform that I turn on the anti-virus protection every time I finish carrying out the steps you give. Also, since I avoid unnecessary installations, I unstill the program once it is used. I checked the "uninstall application" for ESET online scanner too. Last but not the least, I did not do the fixit thing (hosts file thing). Is that okay?????? 

 

*I uninstall the program once it is used



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:31 AM

Posted 20 March 2014 - 10:42 PM

*I uninstall the program once it is used

Hi -

This is often a good idea, and some people tend to lose the install of the program.

 

Note I do ask to "Download to Desktop", which usually makes removal easier.

 

Please update me on all computer problems, and any Specific Problems.



#8 Shivashish

Shivashish
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangalore, India.
  • Local time:05:01 AM

Posted 21 March 2014 - 07:01 AM

 

*I uninstall the program once it is used

Hi -

This is often a good idea, and some people tend to lose the install of the program.

 

Note I do ask to "Download to Desktop", which usually makes removal easier.

 

Please update me on all computer problems, and any Specific Problems.

 

 

To put it correctly, there are no problems while I am working on the computer. But the computer turns off and then boots again at times. 



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:31 AM

Posted 21 March 2014 - 08:28 PM

Hello -

You can install Malwarebytes Anti-Malware and leave it installed as this is a very good program.

I do ask that the Trial Pro version is not installed, just because it can be confusing.

 

When the computer turns Off and On, what is displayed on the screen ??

Do you get a normal Windows 7 screen, or will the program you last worked on appear ??

Will this ever happen while you are working on a program, or playing a game ??

 

This is important as the computer may just enter a Sleep state.

 

Can you bring it back by hitting the Space Bar several times, or do you need to fully Restart the computer ??



#10 Shivashish

Shivashish
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangalore, India.
  • Local time:05:01 AM

Posted 22 March 2014 - 01:51 PM

Firstly, I have Quick Heal Total Security 2014 installed in my PC which has got in-built softwares for all kinds of problems. For ex, you can scan for viruses, malwares and rootkits. It indeed provides total security because when it finds a new sort of virus (using this as a general term here), it requests me to send its information to the research labs of Quick Heal. Thats the level of security this provides so I do not think that I need any other program. Would like to know your views on this......

 

 

Now, regarding the problem that I have, I will give you these pts:

 

1. The rebooting happens once or twice in a week. Sometimes it can happen thrice, but I would still consider it as a rare phenomenon.

 

2. The computer turns off and on. So, I should call it rebooting if I am not wrong.

 

3. When the comp restarts, it asks if the PC has to be started in the safe mode or the normal mode. 

 

4. There are no allied problems in the comp. It works just fine with no signs of viruses (using it as a general term for all kinds on comp bugs).

 

5. I don't remember correctly but I guess the thing once happened when I was about to play a video. I am not sure though.

 

6. Basically, I am not given any scope to play the space bar. The comp restarts fully on its own.

 

7. Everytime this happens, the comp is successfully restarted again. I mean, it doesn't sit there rebooting the system again and again which is the case for some.

 

8. It is not that the computer experiences this very often, but even scattered occurences of this problem is problematic for me coz I use this for online classes.  



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:31 AM

Posted 22 March 2014 - 05:21 PM

Hi -

I have given a few opinions, and you can ask any questions at any time regarding these.

 

 

BitTorrent (Version: 7.8.2.30489) is about the only other program I would remove now.

Most Torrent programs carry some infections, and are never safe to download from.

 

Re : Quick Heal program, and the full value of it.
For ex, you can scan for viruses, malwares and rootkits. It indeed provides total security because when it finds a new sort of virus (using this as a general term here), it requests me to send its information to the research labs of Quick Heal.

This is called 2 things -
First, the program is still regarded as a "baby" in the big world, so it is constantly gathering information.

Second, the program exists on a lot of "Heuristical" evaluation. This means that while it has some data base, it also works on the theory that if a program Looks Bad, there is a chance that it may Be Bad.

Sorry but it has failed on both accounts. If I were reviewing this as a retail product, I would currently only give it about two and a bit out of five star rating (at the most).

You can see from the basic scans that we have done above, there is still a GREAT amount of small to medium infections (plus at least one larger infection) that should have been stopped at the "Front Door" and not allowed in at all.

 

1. The rebooting happens once or twice in a week. <= OK - This is to be done in the first 2 items.

 

2. The computer turns off and on. Etc <= Yes, if you click on Start and do not select "Shut Down", there are options for Restart (often called Reboot).

 

3. When the comp restarts, it asks if the PC has to be started in the safe mode or the normal mode. <= You get a Black screen with options of selecting Safe Mode / Safe Mode with Networking / Last Known Good ....... Etc Etc, and you just press Enter at Normal Mode.

This often means it has been taken back to a Safe House, with the option of continuing or starting in another Mode.

Quite often due to hardware failing <= We are looking at this last -

 

Other points are normal as you describe.......

 

Next 2 steps are these - Check Disk and Scan Disk :

 

Run a Disk Check on your C: drive (or main drive) in Windows 7:
• Click Start and open Computer
• Right-click on C: (or your main hard drive letter) and select Properties
• Click on the Tools tab
• Under Error-checking click the Check Now... button
• Mark the 2 boxes next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors

• Click on the Start button
• When the message box pops up, click the Schedule disk check button and Restart your computer
• Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so
This will take (on average) 1 to 2 hours depending on your system, so please let it finish.
DO NOT force a reboot once started a you will lose data and may damage the computer
NOTE - If this is a Laptop please plug it into a reliable power source, as batteries may fail.
The computer will reboot to normal mode once it has completed all 5 stages -

 

 

Once completed then run a sfc /scannow check

Go - Start > Programs > Accessories > now find Command Prompt > Right click on it and select Run as administrator.

Note : This is Very important, as it will not run other wise.

Now type sfc /scannow exactly as written (note there is one space between the c and /)

Similar instructions as above, but this will only take (on average) 15 to 20 minutes

 

 

Once you have finished those, please post a snapshot with "Speccy" as this may give us a bit more to look at -
Publish a Snapshot using Speccy << Follow These Directions (only post the link as per directions)



#12 Shivashish

Shivashish
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangalore, India.
  • Local time:05:01 AM

Posted 23 March 2014 - 10:40 PM

1. "I have given a few opinions". Are you referring to the opinions you made below this??
 
2. About BitTorrent: Basically, I want to download torrents. Is there any safe software to do this. Also, please mention safe websites (if any).
 
3. I agree with what you've said regarding Quick Heal. I would give it more time to grow coz I have paid them.
 
4. I have done both the scans suggested by you.
 


#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:31 AM

Posted 24 March 2014 - 03:25 AM

Hello -

Please note that Quick Heal is only for early operating systems, and generally useless after XP versions

What is Quick Heal? What platforms does it run on? (See Below)

 

It is useless on your Windows 7 based computer, and you are much better to install Microsoft Security Essentials as your Antivirus.

It is free and it is suitable for your operating system => Install M.S.E.
http://windows.microsoft.com/en-US/windows/products/security-essentials

 

Quick Heal is anti-virus software that provides reliable and constant virus protection in a single, fully integrated product to the computers. It can be installed on Windows NT/2000/XP/2003; Windows 95/98/Me; DOS/Windows 3.1x and NetWare computers. It provides both on-access and on-demand scanning.

 

I would advise you to select your installed version, and use the given removal tool listed, now.

 

With a Windows 7 system, this program is useless.

Product Removal Tool
Use Quick Heal Product removal tool to uninstall Quick Heal Product from your system.

Please choose the removal tool for your product.

 

Quick Heal 2014 - Removal Tool
Use following link to download removal tool for Quick Heal 2014
Quick Heal 2014 (32 Bit) - Removal Tool
Quick Heal 2014 (64 Bit) - Removal Tool
 
Quick Heal 2013 - Removal Tool
Use following link to download removal tool for Quick Heal 2013
Quick Heal 2013 (32 Bit) - Removal Tool
Quick Heal 2013 (64 Bit) - Removal Tool

 

These links and Quotes are direct from Quick Heal.

Except for the link to M.S.E. (that is mine)

 

I would give it more time to grow coz I have paid them. <= If you paid more than a few hundred Rupees, then you were ripped off (they almost give the program away now).

 

I want to download torrents. <= What type of programs do you need that are not available by going directly to Legal Sites and not to Rip-Off Torrents ??

Also, please mention safe websites (if any). <= All Legal sites are mostly safe, and most illegal sites are not safe (plus you have NO working Antivirus).

 

I have never installed uTorrent / Bit Torrent / or any similar site that Will infect you.

 

I am running out of ideas quickly, so please post back after the next Automatic reboot of your system, and please make as many notes that you can -

Time / How long the computer was on / What program you were using or watching / and any other details that may help.

 

Also tell me that you have removed Quick Heal, and installed Microsoft Security Essentials.

 

Please download Temp File Cleaner by Old Timer
Usage Instructions:

  • Download TFC from the download link above and save the file on your desktop.
  • Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
  • Double-click on the TFC icon.
  • Vista/Windows 7 / 8 users Right click on the icon and select Run as administrator.
  • When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
  • When done, press OK to reboot your computer and finish the cleanup.

Keep this tool to remove downloaded Temp Files, and run it once a week.


Edited by noknojon, 24 March 2014 - 03:33 AM.


#14 Shivashish

Shivashish
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangalore, India.
  • Local time:05:01 AM

Posted 24 March 2014 - 09:10 AM

Hello, thanks for furnishing all that info but do look here : http://www.quickheal.co.in/home-users/quick-heal-total-security

 

They do sell it for nearly 2K officically. So, I did not get ripped off. And as per the product details, it does get installed on Windows 7 and even 8. Yeah, but I agree that this does not mean that the program is equally efficient on Windows 7. You might have a point here, it being that this isn't very good for Win 7. Now, one thing I can assure you of is, this product isn't old or fake or is being distributed at a give away price. They do send me security tips everyday which should be enough evidence that the company still exists. 

 

Basically there are 2 reasons why I hold on to this:

 

1. This antivirus provides all the tools that are required for good protection. There are a lot of utilities all in one place which makes this very efficient. You must use this to     understand that.

2. I paid them Rs. 2000 in Jan and would not want to discontinue with this now. 

 

But the fact is this ----- my comp got infected with bugs...as we have already seen...

 

I will be getting back to you with the reports though...and would also like to have your response to this.... 



#15 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:31 AM

Posted 24 March 2014 - 04:31 PM

Hello -

First Let me say that I am sorry if this offends you and this program in any way.

 

I do understand that you want to stay with your Indian program, but it is not working, and here are the prices today.

I only followed your link.

 

Bargain price at this time =>
Buy Now »  Rs. 599 - 1 User, 1 Year
Try it for 30 Days »

Regular price as listed on their site
Buy Now » Rs. 849.00 

 

Quick Heal
 AntiVirus Pro

Maximum price =>
Buy Now >> Rs. 999
Try it for 30 Days »

 

it does get installed on Windows 7 and even 8.<= Yes, it can be installed on any system, but that does not mean it will work correctly.

1. This antivirus provides all the tools that are required for good protection. There are a lot of utilities all in one place which makes this very efficient. <= I do test /review programs on a regular basis, and this is a program that falls short of what it promises.

 

If you read the Antivirus area, I have twice reviewed YAC program as it is claimed to be a Virus, but it is not.

 

It is just a useless program, and I am not afraid to say this if a program fails, or is not what it claims.

 

 

Quick Heal falls into the area of not very good, and there are many Free programs that will do what you want, and better.

 

I do not mean to say that you, or any person has no ideas, but I am just stating what you can see from above.

 

I will still keep helping you, but I am just offering advice.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users