Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Product Update message at startup


  • Please log in to reply
6 replies to this topic

#1 sdct

sdct

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:31 PM

Posted 30 April 2014 - 05:55 PM

Hello, 

 

I just got done removing a lot of Malware/Adware from this laptop and now every time I boot into Windows Vista it comes up with a window that is titled "Product Update". The box along the bottom has a red "P" but otherwise it doesn't state anywhere which product or software it is talking about. I've looked at the startup programs and I can't seem to find which entry is making this box appear. The box states, "There is an error with your installation. Please reinstall the application". Nothing happens if I click the "X" to close or the "OK" button.

 

When I began the Uninstall/Change option was not available for any installed program in the Programs and Features menu. I used system restore from safe mode to restore to about a month ago before a lot of these Adware/Malware programs were installed. FileCure, RegCurePro, etc. Once the system restore finished I was able to uninstall the programs. I also ran Malwarebytes and Spybot Search & Destroy which confirmed that there wasn't anything left over after uninstalling the programs. 

 

Not sure how to get a screenshot on this forum, but here is a link:

http://imgur.com/Ml28NmN

 

Laptop is an HP G70t-200

Windows Vista Basic 32-bit


Edited by sdct, 30 April 2014 - 06:31 PM.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:31 PM

Posted 30 April 2014 - 08:29 PM

Not sure how to get a screenshot on this forum, but here is a link:

Perfect Screen shot thanks -

Hello -

With a link like this, you have no related program given to update -

We can dig around and try to find a few "unlisted" items if you like.

Please download these to Desktop, Temporarily Disable Your Anti-virus if needed and Copy and Paste all logs.

 

 

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

 

Next -

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
Click Go and copy / paste the result (Result.txt).

 

Next -

Please post a snapshot with Speccy for more system details -
How to Publish a snapshot with Speccy <<-- Full Directions Here

 

 

Next -

Please download and run RKill by Grinler.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully. Please post the small log back here

 

Important: Do not reboot your computer until you complete the next step.

Now:  Download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button. (only once)
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Uncheck any elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• Look over the log especially under Files/Folders for any program you want to save.
• If there's a program you want to save, just uncheck it from AdwCleaner.
• If you're not sure, post the log for review.
NOW : If you're ready to clean it all up.....click the Clean button.(only once)
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.

• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
• To restore an item that has been deleted (if necessary):
• Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

 

Finally -

Please Update your Malwarebytes program to the current version, and run a Threat Scan



#3 sdct

sdct
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:31 PM

Posted 01 May 2014 - 03:34 AM

Security Check by Screen317 checkup.txt:

 Results of screen317's Security Check version 0.99.82  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
[b][u]``````````````Antivirus/Firewall Check:``````````````[/b][/u] 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
  (On Access scanning [b]disabled[/b]!) 
 [color=red]Error obtaining update status for antivirus![/color]  
[b][u]`````````Anti-malware/Other Utilities Check:`````````[/b][/u] 
 MVPS Hosts File  
 Spybot - Search & Destroy 
 Java 7 Update 55  
 Adobe Reader 10.1.9 [color=red][b]Adobe Reader out of Date![/b][/color]  
 Mozilla Firefox (29.0) 
 Google Chrome 33.0.1750.154  
 Google Chrome 34.0.1847.131  
[b][u]````````Process Check: objlist.exe by Laurent````````[/b][/u]  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 [b][color=red]Spybot Teatimer.exe is disabled![/color][/b] 
[b][u]`````````````````System Health check`````````````````[/b][/u] 
 Total Fragmentation on Drive C: 2 % [color=red][b]Defragment your hard drive soon! (Do NOT defrag if SSD!)[/b][/color]
[b][u]````````````````````End of Log``````````````````````[/b][/u] 

Result.txt:

MiniToolBox by Farbar  Version: 23-01-2014
Ran by JRC (administrator) on 01-05-2014 at 03:22:09
Running from "C:\Users\JRC\Desktop"
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is enabled.
ProxyServer: localhost:21320

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1	localhost

127.0.0.1	localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com

There are 15473 more lines starting with "127.0.0.1"


========================= Event log errors: ===============================

Application errors:
==================
Error: (04/30/2014 05:35:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2014 04:39:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2014 03:59:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2014 03:27:07 PM) (Source: Application Hang) (User: )
Description: The program wmplayer.exe version 11.0.6002.18311 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1694
Start Time: 01cf64b27c49c780
Termination Time: 66

Error: (04/30/2014 03:24:26 PM) (Source: Application Hang) (User: )
Description: The program wmplayer.exe version 11.0.6002.18311 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 15fc
Start Time: 01cf64b21b9464e0
Termination Time: 67

Error: (04/30/2014 02:42:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2014 02:36:43 PM) (Source: Application Error) (User: )
Description: Faulting application Revouninstaller.exe, version 1.9.5.0, time stamp 0x51d40c7a, faulting module Revouninstaller.exe, version 1.9.5.0, time stamp 0x51d40c7a, exception code 0xc0000409, fault offset 0x0012fdba,
process id 0x17b4, application start time 0xRevouninstaller.exe0.

Error: (04/30/2014 02:25:46 PM) (Source: Application Error) (User: )
Description: Faulting application ISAdmin.exe, version 16.0.0.400, time stamp 0x4ab84bb7, faulting module ISSetup.dll, version 16.0.0.400, time stamp 0x4ab84b70, exception code 0xc0000005, fault offset 0x000a7a6f,
process id 0x1144, application start time 0xISAdmin.exe0.

Error: (04/30/2014 02:24:49 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a888f9a7-3210-4653-af18-563d99315654}

Error: (04/30/2014 02:23:20 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a888f9a7-3210-4653-af18-563d99315654}


System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-28 20:00:57.582
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-28 20:00:57.001
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-28 20:00:56.413
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-28 20:00:55.827
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-28 20:00:52.949
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-28 20:00:52.333
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-28 20:00:51.687
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-28 20:00:51.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2010-03-29 12:45:44.100
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2010-03-29 12:45:43.991
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 1.0.0)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Reader X (10.1.9) (Version: 10.1.9)
Adobe Shockwave Player (Version: 11.0)
aioscnnr (Version: 7.6.13.10)
Atheros Driver Installation Program (Version: 5.2)
Bing Rewards Client Installer (Version: 16.0.345.0)
C4USelfUpdater (Version: 1.00.0000)
center (Version: 7.7.2.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.58.1.0)
Corel WordPerfect Office - iFilter (Version: 1.00.000)
CyberLink DVD Suite (Version: 6.0.2203)
CyberLink YouCam (Version: 2.0.2328)
D3DX10 (Version: 15.4.2368.0902)
ESET Online Scanner v3
essentials (Version: 7.7.2.0)
ESU for Microsoft Vista (Version: 1.0.0)
Google Chrome (Version: 34.0.1847.131)
Google Update Helper (Version: 1.3.23.9)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Active Support Library (Version: 3.1.9.1)
HP Customer Experience Enhancements (Version: 5.7.0.2664)
HP Doc Viewer (Version: 1.03.0001)
HP DVD Play 3.7 (Version: 3.7.0.5723)
HP Help and Support (Version: 2.1.1.0)
HP Quick Launch Buttons 6.40 H2 (Version: 6.40 H2)
HP Support Solutions Framework (Version: 11.50.0015)
HP Total Care Advisor (Version: 2.4.4941.2798)
HP Total Care Setup (Version: 1.1.1983.2818)
HP Update (Version: 4.000.010.008)
HP User Guides 0118 (Version: 1.01.0000)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HPNetworkAssistant (Version: 1.1.70)
Intel(R) Graphics Media Accelerator Driver
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK AiO Software (Version: 7.7.6.0)
LabelPrint (Version: 2.5.0926)
Lexmark X5100 Series
LightScribe System Software  1.14.17.1 (Version: 1.14.17.1)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.5.0216.0)
Microsoft Security Essentials (Version: 4.5.216.0)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 29.0 (x86 en-US) (Version: 29.0)
Mozilla Maintenance Service (Version: 29.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee Reveal (Version: 7.0.35.6951)
NetWaiting (Version: 2.5.52)
ocr (Version: 6.2.3.50)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Power2Go (Version: 6.0.2202)
PowerDirector (Version: 7.0.2201)
PreReq (Version: 6.2.4.0)
PrintProjects (Version: 1.0.0.9282)
Quicken WillMaker Plus 2011
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek USB 2.0 Card Reader (Version: 3.0.1.3)
SeeSimilar02 (Version: 1.0.0.3)
Segoe UI (Version: 15.4.2271.0615)
Skype™ 6.14 (Version: 6.14.104)
Spybot - Search & Destroy (Version: 2.3.39)
Synaptics Pointing Device Driver (Version: 11.1.3.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Mobile Broadband Drivers (Version: 3.02.002.002)
Verizon Wireless USB760 Firmware Updates (Version: 1.0.5)
Vista Codec Package (Version: 6.6.5)
VLC media player 0.9.2 (Version: 0.9.2)
VZAccess Manager (Version: 7.3.13.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WordPerfect Lightning - EN (Version: 1.0)
WordPerfect Lightning - IPM (Version: 1.0)
WordPerfect Lightning - Messages (Version: 1.0)
WordPerfect Lightning - MSOM (Version: 1.1)
WordPerfect Lightning (Version: 1.0)
WordPerfect Office X4
WordPerfect Office X4 - Common (Version: 14.2)
WordPerfect Office X4 - Content (Version: 14.2)
WordPerfect Office X4 - EN (Version: 14.2)
WordPerfect Office X4 - Filters (Version: 14.2)
WordPerfect Office X4 - Graphics (Version: 14.2)
WordPerfect Office X4 - ICA (Version: 14.0)
WordPerfect Office X4 - IPM (Version: 14.2)
WordPerfect Office X4 - IPM T EN (Version: 14.2)
WordPerfect Office X4 - MAIL (Version: 14.0)
WordPerfect Office X4 - Migration Manager (Version: 14.2)
WordPerfect Office X4 - PerfectExperts (Version: 14.2)
WordPerfect Office X4 - PR (Version: 14.2)
WordPerfect Office X4 - QP (Version: 14.2)
WordPerfect Office X4 - Skins (Version: 14.1)
WordPerfect Office X4 - System (Version: 14.0)
WordPerfect Office X4 - WP (Version: 14.2)
WordPerfect Office X4 (Version: 14.2)

========================= Memory info: ===================================

Percentage of memory in use: 65%
Total physical RAM: 3002.44 MB
Available physical RAM: 1032.12 MB
Total Pagefile: 6237.14 MB
Available Pagefile: 4453.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.55 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:222.53 GB) (Free:138.89 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10.35 GB) (Free:1.74 GB) NTFS

========================= Users: ========================================

User accounts for \\JRC-PC

Administrator            Guest                    JRC                      
lxba_JRC-PC              


**** End of log ****

Speccy Snapshot:

 

http://speccy.piriform.com/results/2PkVPOlsheLQKhJIyUibNCm



#4 sdct

sdct
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:31 PM

Posted 01 May 2014 - 03:40 AM

Rkill.txt:

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/01/2014 03:38:12 AM in x86 mode.
Windows Version: Windows Vista (TM) Home Basic Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity: 

 * No issues found.

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found: 

  127.0.0.1	localhost
  ::1	localhost
  127.0.0.1	www.007guard.com
  127.0.0.1	007guard.com
  127.0.0.1	008i.com
  127.0.0.1	www.008k.com
  127.0.0.1	008k.com
  127.0.0.1	www.00hq.com
  127.0.0.1	00hq.com
  127.0.0.1	010402.com
  127.0.0.1	www.032439.com
  127.0.0.1	032439.com
  127.0.0.1	www.0scan.com
  127.0.0.1	0scan.com
  127.0.0.1	1000gratisproben.com
  127.0.0.1	www.1000gratisproben.com
  127.0.0.1	1001namen.com
  127.0.0.1	www.1001namen.com
  127.0.0.1	100888290cs.com
  127.0.0.1	www.100888290cs.com

  20 out of 15494 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 05/01/2014 03:39:07 AM
Execution time: 0 hours(s), 0 minute(s), and 54 seconds(s)



#5 sdct

sdct
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:31 PM

Posted 01 May 2014 - 03:54 AM

AdwCleaner[S0].txt:

# AdwCleaner v3.205 - Report created 01/05/2014 at 03:46:15
# Updated 28/04/2014 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : JRC - JRC-PC
# Running from : C:\Users\JRC\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.0.5

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\NewPlayer
Folder Deleted : C:\Program Files\predm
Folder Deleted : C:\Program Files\RadioRage_4j
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\SeeSimilar02
Folder Deleted : C:\Program Files\Uniblue
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\ParetoLogic
Folder Deleted : C:\Windows\system32\IBUpdaterService
Folder Deleted : C:\Windows\system32\SearchProtect
Folder Deleted : C:\Users\JRC\.android
Folder Deleted : C:\Users\JRC\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\JRC\AppData\Local\Mobogenie
Folder Deleted : C:\Users\JRC\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\JRC\AppData\Local\NewPlayer
Folder Deleted : C:\Users\JRC\AppData\Local\TBHostSupport
Folder Deleted : C:\Users\JRC\AppData\Local\WhiteListing
Folder Deleted : C:\Users\JRC\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\JRC\AppData\Roaming\Activeris
Folder Deleted : C:\Users\JRC\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\JRC\AppData\Roaming\file scout
Folder Deleted : C:\Users\JRC\AppData\Roaming\File Type Helper
Folder Deleted : C:\Users\JRC\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\JRC\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\JRC\AppData\Roaming\SeeSimilar02
Folder Deleted : C:\Users\JRC\AppData\Roaming\Systweak
Folder Deleted : C:\Users\JRC\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\JRC\Documents\Mobogenie
File Deleted : C:\Users\JRC\daemonprocess.txt
File Deleted : C:\Users\JRC\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\JRC\AppData\Roaming\aps.scan.quick.results
File Deleted : C:\Users\JRC\AppData\Roaming\aps.scan.results
File Deleted : C:\Users\JRC\AppData\Roaming\aps.uninstall.scan.results
File Deleted : C:\Users\JRC\Desktop\SeeSimilar.lnk
File Deleted : C:\Windows\Tasks\paretologic update version3.job
File Deleted : C:\Windows\System32\Tasks\paretologic update version3

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [freegames4357@bestoffers]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [freegames4357@bestoffers]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [seesimilar02@SeeSimilar.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [seesimilar02@SeeSimilar.com]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fegpgkakakkgjlnfdfoghgoohkbcejpm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B20E192-E27D-4CE2-B599-A07EB7C4CB0F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60A8DCE6-4D2C-4592-A25F-D9BC349C98D1}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B20E192-E27D-4CE2-B599-A07EB7C4CB0F}
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@RadioRage_4j.com/Plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3297947
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1E8FC16F-4C51-49C4-BC9B-4FC24BDDCEE7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44DB423D-A0DB-4664-9477-CCDCEB7CD666}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5731AB1-8566-4441-AEFB-9AFB2EEA63D9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C56FABD3-4A78-421D-A875-A68508D099EB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE61EF65-A537-43D6-A5E2-7DD0082F1524}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\RadioRage_4j
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\RadioRage_4j
Key Deleted : HKCU\Software\AppDataLow\Software\ShoppingReport2
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Begin-download_FLV_B2
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\PerformerSoft
Key Deleted : HKLM\Software\RadioRage_4j
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Begin-download_FLV_B2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SeeSimilar02
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\clickpotatolitesa
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PC Performer_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RadioRage_4jbar Uninstall Firefox
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RadioRage_4jbar Uninstall Internet Explorer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SeeSimilar02
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Speed Analysis 2
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Begin-download_FLV_B2 Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545


-\\ Mozilla Firefox v29.0 (en-US)

[ File : C:\Users\JRC\AppData\Roaming\Mozilla\Firefox\Profiles\23evk5ow.default\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\JRC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : acfoobbgoakpihljnfedbcfaipcdlfhk
Deleted [Extension] : fegpgkakakkgjlnfdfoghgoohkbcejpm

*************************

AdwCleaner[R0].txt - [11606 octets] - [01/05/2014 03:42:23]
AdwCleaner[S0].txt - [11704 octets] - [01/05/2014 03:46:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11765 octets] ##########



#6 sdct

sdct
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:31 PM

Posted 01 May 2014 - 04:22 AM

After running AdwCleaner and rebooting the "Product Update" message is gone. Everything seems to be working fine now. The proxy settings were set to localhost and that port because I had enabled Spybot Search & Destroy's proxy. I also ran the Immunization which is why there were so many entries in the hosts file. I'm also attaching the Malwarebytes Threat Scan log. It didn't seem to find much of anything that wasn't already in the recycle bin from AdwCleaner.

 

Threat Scan:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/1/2014
Scan Time: 4:10:38 AM
Logfile: Threat_scan.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.01.06
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: JRC

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 276383
Time Elapsed: 13 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 6
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE, , [4cee71db4c2fbd79f0e18dd99270a15f], 
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3279412, , [4cee71db4c2fbd79f0e18dd99270a15f], 
PUP.Optional.FreeGames.A, C:\Users\JRC\AppData\Roaming\freegames4357, , [a595e567d3a874c2001eb6b2bb47bb45], 
PUP.Optional.SpeedTest.A, C:\Users\JRC\AppData\Roaming\speedtest4354, , [f84285c7dd9e87af59c8c2a6ba48f20e], 
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\Multi\CT3279412, , [a991f9531f5c78be27fd5c0cf50dbe42], 
PUP.Optional.CrossRider.A, C:\Users\JRC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl, , [6dcda9a35c1fe1556c5d9fce52b0b14f], 

Files: 12
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RRBWS96\hk64tbapp2.dll, , [e65490bcf18a1b1b57266bc4857b05fb], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RRBWS96\hktbapp2.dll, , [d4661d2f0477d165314c39f627d9b34d], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RRBWS96\ldrtbapp2.dll, , [c8726ae26318a393a3da51de42be738d], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RRBWS96\tbapp2.dll, , [59e1fc50d8a3171f44392a056e927090], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RXK0DGT\hk64tbBeg0.dll, , [68d2ff4ded8e2f07126b5bd4f70933cd], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RXK0DGT\hktbBeg0.dll, , [93a725276615de580b72210ecc3438c8], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RXK0DGT\ldrtbBeg0.dll, , [0a30ff4d9edda294c6b759d619e73dc3], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RXK0DGT\tbBeg0.dll, , [bb7f3f0dceadb284fe7fb6791ee2867a], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RJ03IE9\hk64tbappb.dll, , [7ebc96b680fb1422bebf3bf49769bc44], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RJ03IE9\hktbappb.dll, , [e6540a42502b3cfa5726a788f50b639d], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RJ03IE9\ldrtbappb.dll, , [152564e893e8ab8bbebf3af57f818977], 
PUP.Optional.Conduit, C:\$RECYCLE.BIN\S-1-5-21-3803915560-182292758-1562296938-1000\$RJ03IE9\tbappb.dll, , [0f2bfe4e2853d4623e3f240b36cafe02], 

Physical Sectors: 0
(No malicious items detected)


(end)

Can you see anything else that needs to be done? 

 

Thanks a lot for your help! 



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:31 PM

Posted 01 May 2014 - 06:36 AM

Hi -

You can now re-open AdwCleaner and this time hit the Uninstall button. This will remove the program and all items in Quarantine.

 

Please download Temp File Cleaner by Old Timer
* Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
* Double-click on the TFC icon.
* Vista / Windows 7 & 8 users Right click on the icon and select Run as Administrator
* When the program opens, click on the Start button. 
* TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
* When done, press OK and reboot your computer to finish the cleanup.

No log is generated -

 

Keep and run Temp File Cleaner and Malwarebytes programs every week to help keep the system clean from infection and Temp File build-up.

 

Please watch the computer for a day or so, just to be sure all is OK -

Post back to this topic if the problem seems related, as we have the history here, or start a new topic if you have new problems -

 

Good Luck -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users