Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Advanced System Protector


  • Please log in to reply
12 replies to this topic

#1 Rick605

Rick605

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:52 AM

Posted 22 April 2014 - 08:38 PM

Hi

 

Monday I installed my new computer and within an hour I had conduit on it.

 

malware bytes took most of it off but something called Advanced System Protector is still on it.

 

Can someone help me get this off?



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:52 AM

Posted 22 April 2014 - 09:21 PM


Advanced System Protector is a anti-spyware program by Systweak (the creators of Advanced System Optimizer, RegClean Pro and other junkware) which purports to remove malware. Although it can be downloaded from the vendor's site, it is usually installed on a computer as bundled software when you download and install other free software. When running a scan and threats are found, the user is prompted to purchase the program in order to remove the detected items. In my opinion it is a dubious program which is not very effective compared to others with a proven track record and I would not trust all the detections provided by its scanning engine.

Vendor instructions: How to remove Advanced System Protector
How to remove "Advanced System Protector"
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:52 AM

Posted 22 April 2014 - 09:22 PM

After doing the above...continue as follows:

Please download and use the following tools (in the order listed) which will search for and remove many potentially unwanted programs (PUPs), adware, toolbars, browser hijackers, extensions, add-ons and other junkware as well as related registry entries (values, keys) and remnants.

RKill created by Grinler (aka Lawrence Abrams), the site owner of BleepingComputer.
AdwCleaner created by Xplode.
Junkware Removal Tool created by thisisu.

1. Double-click on RKill to launch the tool. A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. A log file will be created and saved to the root directory, C:\RKill.log. Copy and paste the contents of RKill.log in your next reply.

Important: Do not reboot your computer until you complete the next step.

2. Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


Close all open programs and shut down any protection/security software to avoid potential conflicts.

3. Double-click on JRT.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log file named JRT.txt will automatically open and be saved to your Desktop.
  • Copy and paste the contents of JRT.txt in your next reply.
.
4. As a final step, download, install and perform a THREAT SCAN with Malwarebytes Anti-Malware 2.0.
When done, please post the complete results of your Malwarebytes scan for review.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right..
Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Rick605

Rick605
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:52 AM

Posted 23 April 2014 - 08:44 AM

Thank You for your help Quietman7 :)

 

 

 

I tried the vendor instructions and it wasn't showing on the remove list even thought the icon was still on my computer.

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/23/2014 08:46:55 AM in x64 mode.
Windows Version: Windows 8.1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * MsKeyboardFilter [Missing Service]
 * CSC [Missing Service]
 * E1G60 [Missing Service]
 * kbldfltr [Missing Service]
 * storvsp [Missing Service]
 * Vid [Missing Service]
 * vmbusr [Missing Service]
 * vpcivsp [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 04/23/2014 08:47:23 AM
Execution time: 0 hours(s), 0 minute(s), and 28 seconds(s)

 

 

# AdwCleaner v3.201 - Report created 23/04/2014 at 08:55:01
# Updated 22/04/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Richard - RICK
# Running from : C:\Users\Richard\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\Users\Richard\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Richard\AppData\Local\Systweak
Folder Deleted : C:\Users\Richard\AppData\Roaming\Systweak
File Deleted : C:\Users\Public\Desktop\Advanced System Protector.lnk
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector_startup
File Deleted : C:\Windows\System32\Tasks\RegClean Pro

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1997 octets] - [23/04/2014 08:51:51]
AdwCleaner[S0].txt - [1926 octets] - [23/04/2014 08:55:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1986 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Richard on Wed 04/23/2014 at  9:15:38.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2639599823-3024943084-2445285041-1001\Software\Microsoft\Internet Explorer\Main\\Start Page

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 04/23/2014 at  9:19:37.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/23/2014
Scan Time: 9:30:58 AM
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.23.05
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Richard

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 243811
Time Elapsed: 5 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)



#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:52 AM

Posted 23 April 2014 - 11:02 AM

Looking good. How is your computer running now?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Rick605

Rick605
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:52 AM

Posted 23 April 2014 - 02:11 PM

Was looking great until I tried installing Firefox. Then malwatebytes started blocking things.

 

I ran malwarebytes again and everything is good. Adware cleaner found this. There was also an icon for it on my desktop which is gone now.

 

 

# AdwCleaner v3.202 - Report created 23/04/2014 at 15:00:56
# Updated 23/04/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Richard - RICK
# Running from : C:\Users\Richard\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : VOsrv

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Richard\AppData\Roaming\VOPackage
File Deleted : C:\Users\Richard\Desktop\Configure VO Package.lnk

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1997 octets] - [23/04/2014 08:51:51]
AdwCleaner[R1].txt - [1083 octets] - [23/04/2014 14:59:43]
AdwCleaner[S0].txt - [2066 octets] - [23/04/2014 08:55:01]
AdwCleaner[S1].txt - [1015 octets] - [23/04/2014 15:00:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1075 octets] ##########



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:52 AM

Posted 23 April 2014 - 03:22 PM

What exactly did Malwarebytes block?

After a security vendor updates its product version or releases an update to definition databases, it is not uncommon for subsequent scans to detect more files or traces of remnants and registry entries which had previously gone undetected (not reported) by prior scans.

 

Try doing an online scan to see if it finds anything else that the other scans may have missed.

Please perform a scan with Eset Online Anti-virus Scanner.
If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.
Vista/Windows 7/8 users need to run Internet Explorer/Firefox as Administrator.
To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
 

  • Click the green esetOnline.png button.
  • Read the End User License Agreement and check the box:
  • Check esetAcceptTerms.png.
  • Click the esetStart.png button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check esetScanArchives.png and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan can take some time to complete...close all programs and do NOT use the computer while the scan is running.
    If given the option (when threats are found), choose "Quarantine" instead of delete.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop as ESETScan.txt.
  • Push the esetBack.png button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a log.

-- Note: If you recognize any of the detections as legitimate programs, it's possible they are "false positives" and you can ignore them or get a second opinion if you're not sure. Eset's detection rate is high and can include legitimate files which it considers suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not always the case. Be careful what you choose to remove. If in doubt, ask before taking action.
 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Rick605

Rick605
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:52 AM

Posted 23 April 2014 - 03:29 PM

It blocked something called VO Package. I'll run the scan now.

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 4/23/2014 2:54:42 AM, SYSTEM, RICK, Scheduler, Malware Database, 2014.4.23.1, 2014.4.23.3,
Protection, 4/23/2014 2:54:42 AM, SYSTEM, RICK, Protection, Refresh, Starting,
Protection, 4/23/2014 2:54:42 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopping,
Protection, 4/23/2014 2:54:42 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopped,
Protection, 4/23/2014 2:54:45 AM, SYSTEM, RICK, Protection, Refresh, Success,
Protection, 4/23/2014 2:54:45 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 2:54:45 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Update, 4/23/2014 5:03:28 AM, SYSTEM, RICK, Scheduler, Malware Database, 2014.4.23.3, 2014.4.23.4,
Protection, 4/23/2014 5:03:29 AM, SYSTEM, RICK, Protection, Refresh, Starting,
Protection, 4/23/2014 5:03:29 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopping,
Protection, 4/23/2014 5:03:29 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopped,
Protection, 4/23/2014 5:03:31 AM, SYSTEM, RICK, Protection, Refresh, Success,
Protection, 4/23/2014 5:03:31 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 5:03:31 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Update, 4/23/2014 8:23:35 AM, SYSTEM, RICK, Scheduler, Malware Database, 2014.4.23.4, 2014.4.23.5,
Protection, 4/23/2014 8:23:36 AM, SYSTEM, RICK, Protection, Refresh, Starting,
Protection, 4/23/2014 8:23:36 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopping,
Protection, 4/23/2014 8:23:36 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopped,
Protection, 4/23/2014 8:23:38 AM, SYSTEM, RICK, Protection, Refresh, Success,
Protection, 4/23/2014 8:23:38 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 8:23:38 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Protection, 4/23/2014 8:57:56 AM, SYSTEM, RICK, Protection, Malware Protection, Starting,
Protection, 4/23/2014 8:57:56 AM, SYSTEM, RICK, Protection, Malware Protection, Started,
Protection, 4/23/2014 8:57:56 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 8:58:00 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Protection, 4/23/2014 9:24:19 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopping,
Protection, 4/23/2014 9:24:19 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopped,
Protection, 4/23/2014 9:24:19 AM, SYSTEM, RICK, Protection, Malware Protection, Stopping,
Protection, 4/23/2014 9:24:19 AM, SYSTEM, RICK, Protection, Malware Protection, Stopped,
Protection, 4/23/2014 9:24:30 AM, SYSTEM, RICK, Protection, Malware Protection, Starting,
Protection, 4/23/2014 9:24:30 AM, SYSTEM, RICK, Protection, Malware Protection, Started,
Protection, 4/23/2014 9:24:30 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 9:24:31 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Update, 4/23/2014 9:24:39 AM, SYSTEM, RICK, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 4/23/2014 9:25:12 AM, SYSTEM, RICK, Manual, Malware Database, 2014.3.4.9, 2014.4.23.5,
Protection, 4/23/2014 9:25:13 AM, SYSTEM, RICK, Protection, Refresh, Starting,
Protection, 4/23/2014 9:25:13 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopping,
Protection, 4/23/2014 9:25:13 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopped,
Protection, 4/23/2014 9:25:15 AM, SYSTEM, RICK, Protection, Refresh, Success,
Protection, 4/23/2014 9:25:15 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 9:25:15 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Update, 4/23/2014 10:12:31 AM, SYSTEM, RICK, Scheduler, Malware Database, 2014.4.23.5, 2014.4.23.6,
Protection, 4/23/2014 10:12:32 AM, SYSTEM, RICK, Protection, Refresh, Starting,
Protection, 4/23/2014 10:12:32 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopping,
Protection, 4/23/2014 10:12:32 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopped,
Protection, 4/23/2014 10:12:34 AM, SYSTEM, RICK, Protection, Refresh, Success,
Protection, 4/23/2014 10:12:34 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 10:12:35 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Protection, 4/23/2014 11:42:05 AM, SYSTEM, RICK, Protection, Malware Protection, Starting,
Protection, 4/23/2014 11:42:05 AM, SYSTEM, RICK, Protection, Malware Protection, Started,
Protection, 4/23/2014 11:42:05 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 11:42:09 AM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Update, 4/23/2014 2:14:31 PM, SYSTEM, RICK, Scheduler, Malware Database, 2014.4.23.6, 2014.4.23.7,
Protection, 4/23/2014 2:14:31 PM, SYSTEM, RICK, Protection, Refresh, Starting,
Protection, 4/23/2014 2:14:31 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopping,
Protection, 4/23/2014 2:14:31 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopped,
Protection, 4/23/2014 2:14:34 PM, SYSTEM, RICK, Protection, Refresh, Success,
Protection, 4/23/2014 2:14:34 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 2:14:34 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Detection, 4/23/2014 2:31:24 PM, Richard, RICK, Protection, Malware Protection, File, PUP.Optional.SearchProtect.A, C:\Users\Richard\AppData\Local\Temp\0_Offer_0.exe, Quarantine, [665da489aecd3402923c5cdf17e9c739]
Detection, 4/23/2014 2:31:25 PM, SYSTEM, RICK, Protection, Malware Protection, File, PUP.Optional.PlurPush.A, C:\Users\Richard\AppData\Local\Temp\1_Offer_4.exe, Quarantine, [5f64929ba5d61c1a21250719b54f5aa6]
Detection, 4/23/2014 2:31:48 PM, SYSTEM, RICK, Protection, Malware Protection, File, PUP.Optional.RegCleanerPro, C:\Users\Richard\AppData\Local\Temp\rcpsetup_binstall22_binstall22.exe, Quarantine, [edd6c26b2a515cdac88b27dffa078d73]
Protection, 4/23/2014 2:31:48 PM, SYSTEM, RICK, Protection, SDKQuarantine, 2, Failed, C:\Users\Richard\AppData\Local\Temp\rcpsetup_binstall22_binstall22.exe,
Error, 4/23/2014 2:31:48 PM, SYSTEM, RICK, Protection, SDKQuarantine, 2, Failed, C:\Users\Richard\AppData\Local\Temp\rcpsetup_binstall22_binstall22.exe,
Detection, 4/23/2014 2:31:49 PM, SYSTEM, RICK, Protection, Malware Protection, File, PUP.Optional.WeatherAlerts.A, C:\Users\Richard\AppData\Local\Temp\1_Offer_9.exe, Quarantine, [982b78b5ed8e142206d41a3bb94b6f91]
Detection, 4/23/2014 2:42:02 PM, SYSTEM, RICK, Protection, Malware Protection, File, PUP.Optional.InstallCore.A, C:\Users\Richard\AppData\Local\Temp\nsa30B5.tmp, Quarantine, [b310c667a4d70c2aeec3ea82ba47d12f]
Protection, 4/23/2014 3:02:01 PM, SYSTEM, RICK, Protection, Malware Protection, Starting,
Protection, 4/23/2014 3:02:01 PM, SYSTEM, RICK, Protection, Malware Protection, Started,
Protection, 4/23/2014 3:02:01 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 3:02:04 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,
Update, 4/23/2014 3:15:41 PM, SYSTEM, RICK, Scheduler, Malware Database, 2014.4.23.7, 2014.4.23.8,
Protection, 4/23/2014 3:15:45 PM, SYSTEM, RICK, Protection, Refresh, Starting,
Protection, 4/23/2014 3:15:45 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopping,
Protection, 4/23/2014 3:15:46 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Stopped,
Protection, 4/23/2014 3:15:48 PM, SYSTEM, RICK, Protection, Refresh, Success,
Protection, 4/23/2014 3:15:48 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Starting,
Protection, 4/23/2014 3:15:48 PM, SYSTEM, RICK, Protection, Malicious Website Protection, Started,



#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:52 AM

Posted 23 April 2014 - 04:01 PM

It blocked something called VO Package. I'll run the scan now.

That's what AdwCleaner detected/removed during the second scan.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Rick605

Rick605
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:52 AM

Posted 23 April 2014 - 04:18 PM

Yes, and ESET found nothing, should I run RKILL and JRT again?

 

Can I continue to download firefox?



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:52 AM

Posted 23 April 2014 - 05:20 PM

Yes, and ESET found nothing, should I run RKILL and JRT again?
 
Can I continue to download firefox?

No need to re-run those tools and yes you can download Firefox.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 Rick605

Rick605
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:52 AM

Posted 23 April 2014 - 05:41 PM

Thank you quietman7 :)



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:52 AM

Posted 23 April 2014 - 06:32 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users