Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do I check if im infected?


  • Please log in to reply
11 replies to this topic

#1 pigletisgod

pigletisgod

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 14 April 2014 - 04:36 AM

Can someone help me I may of installed some malware. Should I post of a log of a scan and how do I do so if that's what I should do?



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:46 AM

Posted 14 April 2014 - 05:26 AM

Hello -

What logs / scans do you wish to post and have looked at ??

Do you think that you have any "specific infections", and why do you think this ??

 

We usually start with diagnostic logs : Please download all tools to desktop and Copy and Paste all logs in this area.

 

First -

Download Screen317 Security Check and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do so.

 

 

Next -

Please download MiniToolBox to desktop and run it.
Checkmark the following boxes:

* List content of Hosts
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List last 10 Event Viewer log
* List Installed Programs
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and Copy / Paste the result. (result.txt)

 

 

Now -

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.

NOTE - If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.

 

Next - Do not reboot then run this scan -

 

 

* Please download AdwCleaner by Xplode and save to your Desktop.
* Double-click on AdwCleaner.exe to run the tool.
* Vista / Windows 7  /8 users right-click and select Run As Administrator.
* Click on the Scan button (only once)
* AdwCleaner will begin...be patient as the scan may take some time to complete.
* After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
* NOW : Click on the Clean button (only once)
* Press OK when asked to close all programs and follow the onscreen prompts.
* Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
* After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
* Copy and paste the contents of that logfile in your next reply.
* A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

Also -

Please download Junkware Removal Tool by thisisu and save it to your Desktop.
* Close all open programs and shut down any protection/security software now to avoid potential conflicts.

* Please see and follow How To Temporarily Disable Your Anti-virus
* Double-click on JRT.exe to run the tool.
* Vista / Windows 7 / 8 users right-click and select Run As Administrator.
* The tool will open and start scanning your system.
* Please be patient as this can take a while to complete depending on your system's specifications.
* On completion, a log file named JRT.txt will automatically open and be saved to your Desktop.
* Copy and paste the contents of JRT.txt in your next reply.
These tools will search for and remove many potentially unwanted programs (PUPs), adware, toolbars, browser hijackers, extensions, add-ons, browser helper objects (BHOs) and other junkware to include many related registry entires (values, keys)

 

 

Please run a Free online scan with the ESET Online Scanner

* Please read and follow How To Temporarily Disable Your Anti-virus while this scan runs
* Click on "Run ESET Online Scanner" button.
* Tick the box next to YES, I accept the Terms of Use

* Make sure that the option Remove found threats is ticked
* Click on Advanced Settings and ensure these options are ticked Remove found threats
* Scan for potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth Technology

* Accept any security warnings from your browser.
* Check Scan archives
* Click Start
* ESET will then download updates for itself, install itself, and begin scanning your computer.
* Please be patient as this will take quite some time. 2 hours or more can be expected for an infected system.
* When the scan completes, click on List of found threats
* Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan.
* Include the contents of this report in your next reply.
- Note : If no infections are found, it may not produce a log, so just tell me.



#3 pigletisgod

pigletisgod
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 15 April 2014 - 08:20 PM

I downloaded some programs called Oxy/Pile File and I think conduit search bar because I was under the impression it was a program that I was looking for not a package of malware! I installed malware bytes after doing a search on how to remove those programs on google and went to some website that recommended malware bytes and for the most part it feels like they are gone but I get notices in the bottom right from malware bytes once in a while here and there (haven't gotten one in days now) but am unsure if it's telling me about ad's that its blocking or if theres something I should be worried about. Since I haven't gotten anymore notices it feels like its fixed because it sais it quarantined successfully. I ran the first three tests you posted and here are the logs:

 

___

 Results of screen317's Security Check version 0.99.81  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player     13.0.0.182  
 Mozilla Firefox (28.0)
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 

___

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Niko (administrator) on 15-04-2014 at 20:08:36
Running from "C:\Users\Niko\Downloads"
Microsoft Windows 8 Pro  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




========================= Event log errors: ===============================

Application errors:
==================
Error: (04/15/2014 02:57:13 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/15/2014 07:09:59 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/15/2014 07:05:08 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/13/2014 03:22:10 AM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (04/13/2014 03:21:03 AM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/13/2014 02:32:05 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 28.0.0.5186 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1530

Start Time: 01cf56ea2f53eb35

Termination Time: 265

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: a4994187-c2dd-11e3-be75-bc5ff4ea52c7

Faulting package full name:

Faulting package-relative application ID:

Error: (04/12/2014 09:31:03 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (04/12/2014 09:22:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.2.9200.16433, time stamp: 0x50763312
Faulting module name: twinui.dll, version: 6.2.9200.16451, time stamp: 0x50988289
Exception code: 0xc0000005
Fault offset: 0x000000000017f6de
Faulting process id: 0x92c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (04/12/2014 09:16:19 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/12/2014 09:16:16 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


System errors:
=============
Error: (04/15/2014 07:05:08 AM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (04/15/2014 07:05:08 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (04/15/2014 06:55:51 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:22:53 AM on ?4/?15/?2014 was unexpected.

Error: (04/15/2014 04:42:21 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, is not ready for access yet.

Error: (04/14/2014 05:35:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Security Update for Internet Explorer Flash Player for Windows 8 for X64-based Systems (KB2942844).

Error: (04/14/2014 05:35:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2861704).

Error: (04/14/2014 05:35:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2898866).

Error: (04/14/2014 05:35:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Update for Windows 8 for x64-based Systems (KB2855336).

Error: (04/14/2014 05:35:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Update for Windows 8 for x64-based Systems (KB2928678).

Error: (04/14/2014 05:35:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Security Update for Microsoft .NET Framework 4.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2840632).


Microsoft Office Sessions:
=========================
Error: (04/15/2014 02:57:13 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/15/2014 07:09:59 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/15/2014 07:05:08 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/13/2014 03:22:10 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007232BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (04/13/2014 03:21:03 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007232BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/13/2014 02:32:05 AM) (Source: Application Hang)(User: )
Description: firefox.exe28.0.0.5186153001cf56ea2f53eb35265C:\Program Files (x86)\Mozilla Firefox\firefox.exea4994187-c2dd-11e3-be75-bc5ff4ea52c7

Error: (04/12/2014 09:31:03 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007232BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (04/12/2014 09:22:39 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.2.9200.1643350763312twinui.dll6.2.9200.1645150988289c0000005000000000017f6de92c01cf56be573fcdcdC:\Windows\Explorer.EXEC:\Windows\System32\twinui.dll7b73c201-c2b2-11e3-be75-bc5ff4ea52c7

Error: (04/12/2014 09:16:19 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007232BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/12/2014 09:16:16 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007232BRuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


=========================== Installed Programs ============================

µTorrent (Version: 3.4.1.30768)
Adobe Flash Player 13 Plugin (Version: 13.0.0.182)
Apple Application Support (Version: 3.0.1)
Apple Mobile Device Support (Version: 7.1.1.3)
Apple Software Update (Version: 2.1.3.127)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.16.2.0)
Asmedia ASM106x SATA Host Controller Driver (Version: 1.3.8.000)
Battle.net
Bonjour (Version: 3.0.0.10)
Counter-Strike: Source
CPUID CPU-Z 1.69
Diablo III
GeForce Experience NvStream Client Components (Version: 1.6.28)
Intel® Control Center (Version: 1.2.1.1008)
Intel® Manageability Engine Firmware Recovery Agent (Version: 1.0.0.36354)
Intel® Management Engine Components (Version: 8.1.0.1281)
Intel® Processor Graphics (Version: 10.18.10.3412)
Intel® Rapid Storage Technology (Version: 11.6.0.1030)
Intel® Trusted Connect Service Client (Version: 1.24.738.1)
iTunes (Version: 11.1.5.5)
League of Legends (Version: 3.0.0)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mIRC (Version: 7.32)
Mozilla Firefox 28.0 (x86 en-US) (Version: 28.0)
Mozilla Maintenance Service (Version: 28.0)
Mumble 1.2.5 (Version: 1.2.5)
NVIDIA 3D Vision Controller Driver 335.21 (Version: 335.21)
NVIDIA 3D Vision Driver 335.23 (Version: 335.23)
NVIDIA Control Panel 335.23 (Version: 335.23)
NVIDIA GeForce Experience 1.8.2.1 (Version: 1.8.2.1)
NVIDIA Graphics Driver 335.23 (Version: 335.23)
NVIDIA HD Audio Driver 1.3.30.1 (Version: 1.3.30.1)
NVIDIA Install Application (Version: 2.1002.147.1067)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Network Service (Version: 1.0)
NVIDIA PhysX (Version: 9.13.1220)
NVIDIA PhysX System Software 9.13.1220 (Version: 9.13.1220)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523)
NVIDIA Update 11.10.13 (Version: 11.10.13)
NVIDIA Update Core (Version: 11.10.13)
NVIDIA Virtual Audio 1.2.20 (Version: 1.2.20)
Realtek High Definition Audio Driver (Version: 6.0.1.6699)
SHIELD Streaming (Version: 1.7.321)
Skype™ 6.14 (Version: 6.14.104)
StarCraft II
Steam
Ultima Online Renaissance  5.0.8.3 (Version: 5.0.8.3)
War Thunder Launcher 1.0.1.335
World of Warcraft

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 8075.39 MB
Available physical RAM: 4072.4 MB
Total Pagefile: 16267.39 MB
Available Pagefile: 11836.36 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.59 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.88 GB) (Free:83.87 GB) NTFS

========================= Users: ========================================

User accounts for \\LIVINGROOM

Administrator            Guest                    Niko                     


**** End of log ****
 

___

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/15/2014 08:11:15 PM in x64 mode.
Windows Version: Windows 8 Pro

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 04/15/2014 08:12:26 PM
Execution time: 0 hours(s), 1 minute(s), and 11 seconds(s)
 



#4 pigletisgod

pigletisgod
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 15 April 2014 - 08:31 PM

# AdwCleaner v3.023 - Report created 15/04/2014 at 20:27:23
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8 Pro  (64 bits)
# Username : Niko - LIVINGROOM
# Running from : C:\Users\Niko\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\Niko\AppData\Local\Oxy
Folder Deleted : C:\Users\Niko\AppData\Roaming\Oxy

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Escolade

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16453


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\tu7ipqfa.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");

*************************

AdwCleaner[R0].txt - [1125 octets] - [15/04/2014 20:24:09]
AdwCleaner[S0].txt - [1023 octets] - [15/04/2014 20:27:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1083 octets] ##########



#5 pigletisgod

pigletisgod
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 15 April 2014 - 09:11 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 Pro x64
Ran by Niko on Tue 04/15/2014 at 20:33:17.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 04/15/2014 at 20:36:23.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:46 AM

Posted 15 April 2014 - 09:32 PM

Hi -

I have picked an error that is causing a bit of concern to some people, but it can be fixed. See the error below.

 

First, please read This Article from Microsoft (part quote below)
If you are running Windows 8, follow these steps:
1.Swipe in from the right edge of the screen, and then tap Search. Or, if you are using a mouse, point to the lower-right corner of the screen, and then click Search.
2.Type SLUI 04, and then tap or click the displayed icon to open the wizard.

 

 

Now read Windows 8 Enterprise Activation Error 0x8007232B for more details on your listed problem.

Error: (04/13/2014 03:22:10 AM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code: hr=0x8007232B

 

These may not remove Oxy and Pile File reminder problem, but they cover the other problem.

 

Keep us updated, as these 2 items are the latest in a series of unwanted Add-Ons.



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:46 AM

Posted 16 April 2014 - 03:13 AM

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

64-bit users go HERE

  • Double-click SystemLook.exe to run it.
  • Vista / Windows 7 / 8 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box and paste it into the main textfield:
Oxy
PileFile reminder
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt          



#8 pigletisgod

pigletisgod
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 19 April 2014 - 09:22 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 21:22 on 19/04/2014 by Niko
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

No Context: Oxy

No Context: PileFile reminder

-= EOF =-



#9 pigletisgod

pigletisgod
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 19 April 2014 - 09:24 PM

I also took care of the windows activation thing so if the unwanted stuff is gone it feels smooth so far! No pop-ups or unwanted programs opening, nor have I gotten any warnings/notifications from malware bytes!



#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:46 AM

Posted 20 April 2014 - 02:17 AM

If all is OK, I will just keep an eye here for a week, so post here if problems pop up

Your other option is Revo Uninstaller, if the programs still show in Programs and Features.

 

If you still can see Pile fie and Oxy - -

Please download and install Revo Uninstaller Free
Note: there is no need to click anything on that page, the download will start automatically

  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
    OXY
    
    Pile File
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next

Once done click Finish



#11 pigletisgod

pigletisgod
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 20 April 2014 - 03:50 AM

If all is OK, I will just keep an eye here for a week, so post here if problems pop up

Your other option is Revo Uninstaller, if the programs still show in Programs and Features.

 

If you still can see Pile fie and Oxy - -

Please download and install Revo Uninstaller Free
Note: there is no need to click anything on that page, the download will start automatically

  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
    OXY
    
    Pile File
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next

Once done click Finish

I could not find Oxy or Pile File on the list of programs on Revo Uninstaller! I think it is clean! Thanks again for your help and I'll double check back here in case I  missed something and if something pops up like you said! Thanks again you were a lot of help and very informative!


Edited by pigletisgod, 20 April 2014 - 03:51 AM.


#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:46 AM

Posted 21 April 2014 - 03:55 AM

Regards -

You are always welcome if we are able to offer a bit of help ....... . :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users