Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows command Processor C:\Windows\SysWOW64\cmd.exe


  • Please log in to reply
7 replies to this topic

#1 elenapena85

elenapena85

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 21 June 2014 - 06:11 PM

hi,

 

I keep getting a Windows command prompt asking me if want to allow the following program to make changes to this computer, even though I click no it doesn't go away.

 

i would very much appreciate any help.

 

 

elena

 

Windows 7

Browser IE 11

 

 

 



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:02 AM

Posted 21 June 2014 - 07:48 PM

Hello elena -

Please run these few cleaning and information programs so we can help you -

 

Please download all tools to desktop and Copy and Paste all replies. Remember to ask if you do not understand, or get stuck on anything.

 

Please try and run these in the order that they are posted (first a bit of information to help us).(later a few detection tools)

 You can post these replies one at a time, or save them up.

 

First -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

Next -

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
Click Go and copy / paste the result (Result.txt).

 

 

Next -

Please download and run RKill by Grinler.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

Please Copy and Paste the small log generated.

 

Important: Do not reboot your computer until you complete the next step.

 

Now:

Please download AdwCleaner by Xplode and save to your Desktop.
NOTE : Please close or save all work, as the computer will be Rebooted
Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button. (only once)
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. 
If you see any which you do not want removed, remove the check mark next to it. 
Next: Click on the Clean button (only once) to remove the selected items. 
You will receive a message telling you that all programs will be close so that the infections can be removed. 
Click on OK, and then OK again to confirm the reboot.
When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop. 
Please copy and the paste this log in your next post.

 

A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

Next -

Shut down your protection software now to avoid potential conflicts.
* How To Temporarily Disable Your Anti-virus
* Please download Junkware Removal Tool to your desktop.
* Run the tool by double-clicking it.
* If you are using Windows Vista, 7, or 8, right click JRT.exe and select "Run as Administrator".
* The tool will open and start scanning your system.
* Please be patient as this can take a while to complete depending on your system's specifications.
* On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
* Post the contents of JRT.txt into your next message.

 

 

Next -

If you have this program installed, be sure to update prior to any scan.

* Download Malwarebytes Anti-Malware Free and save it to your desktop
* Double click the desktop icon, click Run, then OK
* Click Next
* Select I accept the agreement then continue to click Next then finally click Install
** Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
* If you are notified the Database is out of date click Update Now
* Click Scan Now >>
----------
 

** Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
* Click Start (Start, Search, All files and folders for Windows XP) then type mbam
* Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com
----------
** When completed click the down arrow on Export Log and select Text file (*.txt)
* Save the file to your desktop as MBAM
* Click Apply Actions then restart your computer if requested
* Copy and past the contents of MBAM.txt in your reply

 

 

Next -

Please perform a scan with >>> Eset Online Anti-virus Scanner.
If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.

Vista/Windows 7/8 users need to run Internet Explorer/Firefox as Administrator.
To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
Next follow How To Temporarily Disable Your Anti-virus to avoid conflicts

  • Click the green ESET Online Scanner button.
  • Read the End User License Agreement and check the box:
  • Check .Yes I accept the Terms of Use
  • Click the Start  button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check  and check Remove found threats
  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan can take quite some time to complete...close all programs and do NOT use the computer while the scan is running.
    If given the option (when threats are found), choose "Quarantine" instead of delete.
  • When the scan completes, push
  • Push , and save the file to your desktop as ESETScan.txt.
  • Push the  button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a log.

-- Note: If you recognize any of the detections as legitimate programs, it's possible they are "false positives" and you can ignore them or get a second opinion if you're not sure. Eset's detection rate is high and can include legitimate files which it considers suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not always the case. Be careful what you choose to remove. If in doubt, ask before taking action.



#3 elenapena85

elenapena85
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 22 June 2014 - 07:08 AM

hi,

 

thank you so much for your help.

 

 Results of screen317's Security Check version 0.99.85 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.70.0.1100 
 Out of date Malwarebytes Anti-Malware installed!
 Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

 

MiniToolBox by Farbar  Version: 20-06-2014
Ran by elena (administrator) on 22-06-2014 at 11:56:17
Running from "C:\Users\elena\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/21/2014 11:27:59 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1824

Start Time: 01cf8d7b06652b36

Termination Time: 330

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (06/21/2014 11:22:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/19/2014 08:20:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 514772

Error: (06/19/2014 08:20:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 514772

Error: (06/19/2014 08:20:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/19/2014 07:58:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/17/2014 09:45:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25553

Error: (06/17/2014 09:45:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25553

Error: (06/17/2014 09:45:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/17/2014 09:42:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

System errors:
=============
Error: (06/22/2014 11:37:38 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (06/21/2014 07:15:47 PM) (Source: DCOM) (User: elena-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}elena-PCelenaS-1-5-21-2551164617-114655775-1065987220-1000LocalHost (Using LRPC)

Error: (06/21/2014 06:25:20 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (06/20/2014 11:19:53 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (06/19/2014 08:20:34 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (06/19/2014 08:20:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (06/19/2014 05:17:20 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (06/18/2014 08:55:55 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (06/17/2014 07:50:00 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.

Error: (06/17/2014 07:50:00 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.

Microsoft Office Sessions:
=========================
Error: (06/21/2014 11:27:59 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17126182401cf8d7b06652b36330C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (06/21/2014 11:22:48 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/19/2014 08:20:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 514772

Error: (06/19/2014 08:20:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 514772

Error: (06/19/2014 08:20:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/19/2014 07:58:59 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/17/2014 09:45:10 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25553

Error: (06/17/2014 09:45:10 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25553

Error: (06/17/2014 09:45:10 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/17/2014 09:42:03 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

CodeIntegrity Errors:
===================================
  Date: 2013-03-24 03:20:13.168
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-24 03:20:13.012
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-13 20:49:05.061
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-13 20:49:04.998
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-13 20:49:04.936
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-06-13 20:49:04.858
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-05-17 13:01:21.837
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-05-17 13:01:21.759
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

=========================== Installed Programs ============================
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.5 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
ALCATEL PC Suite V6.3.23 (HKLM-x32\...\ALCATEL PC Suite_is1) (Version:  - Singularity Software Co., Ltd.)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.10 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3814.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3814.50 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.10.0 - Uniblue Systems Ltd)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mysearchdial (HKCU\...\mysearchdial) (Version:  - Mysearchdial)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RoboForm 7-8-7-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-8-7-5 - Siber Systems)
SAGEM F@st 800-840 (HKLM-x32\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version:  - )
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Update for Zip Extractor (HKCU\...\Digital Sites) (Version:  - Update for Zip Extractor)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version:  - )
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 2806.71 MB
Available physical RAM: 1805.69 MB
Total Pagefile: 5611.6 MB
Available Pagefile: 4199.4 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.8 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:221.54 GB) NTFS

========================= Users: ========================================

User accounts for \\ELENA-PC

Administrator            elena                    Guest                   

**** End of log ****

 

Rkill 2.6.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 06/22/2014 12:02:36 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 06/22/2014 12:03:20 PM

 

# AdwCleaner v3.212 - Report created 22/06/2014 at 12:04:29
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : elena - ELENA-PC
# Running from : C:\Users\elena\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\Digital Sites
File Found : C:\Windows\System32\Tasks\dsmonitor
File Found : C:\Windows\System32\Tasks\MySearchDial
File Found : C:\Windows\Tasks\Digital Sites.job
File Found : C:\Windows\Tasks\dsmonitor.job
File Found : C:\Windows\Tasks\MySearchDial.job
Folder Found : C:\Program Files (x86)\Uniblue
Folder Found : C:\Program Files (x86)\Uniblue\DriverScanner
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\DriverScanner
Folder Found : C:\Users\elena\AppData\Local\Mysearchdial
Folder Found : C:\Users\elena\AppData\Roaming\DigitalSites
Folder Found : C:\Users\elena\AppData\Roaming\Mysearchdial
Folder Found : C:\Users\elena\AppData\Roaming\Uniblue
Folder Found : C:\Users\elena\AppData\Roaming\Uniblue\DriverScanner

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Key Found : HKCU\Software\mysearchdial
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKCU\Software\mysearchdial
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites_14_11_ie&cd=2XzuyEtN2Y1L1QzutC0CyByDtDzzyEyD0CyCyCyE0DyD0FyCtN0D0Tzu0SzztDyCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtAzzyB0A0AtCtAtGyBtA0FzytG0CyD0D0AtGtAyEtCtAtGyE0DyCzyzytDyDzyzytD0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByBzyyD0F0E0DzztG0EtDyEtAtGzyyCzyyCtGtD0ByEyCtGtAzztD0BzyyDyE0FyC0FyCyD2Q&cr=1166032816&ir=

-\\ Google Chrome v

[ File : C:\Users\elena\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1774 octets] - [07/12/2013 21:07:28]
AdwCleaner[R1].txt - [1834 octets] - [09/12/2013 11:14:26]
AdwCleaner[R2].txt - [1894 octets] - [10/12/2013 00:44:32]
AdwCleaner[R3].txt - [1058 octets] - [10/12/2013 01:08:25]
AdwCleaner[R4].txt - [4618 octets] - [22/06/2014 12:04:29]
AdwCleaner[S0].txt - [1985 octets] - [10/12/2013 00:56:00]
AdwCleaner[S1].txt - [1120 octets] - [10/12/2013 01:09:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [4798 octets] ##########



#4 elenapena85

elenapena85
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 22 June 2014 - 02:30 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by elena on 22/06/2014 at 12:44:31.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1

 

~~~ Files

Successfully deleted: [File] "C:\Users\elena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk"
Successfully deleted: [File] C:\Windows\syswow64\sho7785.tmp

 

~~~ Folders

 

 Results of screen317's Security Check version 0.99.85 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.70.0.1100 
 Out of date Malwarebytes Anti-Malware installed!
 Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

 

ESET SCAN

 

should I click the Run ESET online scanner (blue button) or the Free Trial ( green button) ?



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:02 AM

Posted 22 June 2014 - 05:23 PM

Online Virus Scanner is in Blue. I am just in the habit of using Green for ESET -
 

 

Please note that Malwarebytes Anti-Malware is very much outdated now

Malwarebytes Anti-Malware Former version 1.75.0.1300 has now been upgraded to Version 2.0.2

Please follow Removal methods. (link is to Malwarebytes site) if required -

 

 

* Download Malwarebytes Anti-Malware and save it to your desktop
* Double click the desktop icon, click Run, then OK
* Click Next
* Select I accept the agreement then continue to click Next then finally click Install
** Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
* If you are notified the Database is out of date click Update Now
* Click Scan Now >>
----------

** Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
* Click Start (Start, Search, All files and folders for Windows XP) then type mbam
* Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com
----------

** When completed click the down arrow on Export Log and select Text file (*.txt)
* Save the file to your desktop as MBAM
* Click Apply Actions then restart your computer if requested
* Copy and past the contents of MBAM.txt in your reply

 

 

With AdwCleaner Hit Clean and remove the junk that still exists.(see second part of directions)

You can then post a Clean Scan result back here after it Reboots.

 

There seems to be no Antivirus program installed, so please just Google M.S.E. and use that for now



#6 elenapena85

elenapena85
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 26 June 2014 - 04:46 PM

hello,

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26/06/2014
Scan Time: 21:46:08
Logfile: malware.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.26.08
Rootkit Database: v2014.06.23.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: elena

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 287229
Time Elapsed: 7 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.InstallIQ.A, C:\$RECYCLE.BIN\S-1-5-21-2551164617-114655775-1065987220-1000\$RVCNTIC.exe, , [be52abd2b3c851e5d582889345bccc34],

Physical Sectors: 0
(No malicious items detected)

(end)

 

C:\$RECYCLE.BIN\S-1-5-21-2551164617-114655775-1065987220-1000\$RVCNTIC.exe a variant of Win32/InstallIQ potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\elena\AppData\Local\Mysearchdial\1.8.29.0\mysearchdialApp.dll.vir a variant of Win32/Toolbar.Montiera.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\elena\AppData\Local\Mysearchdial\1.8.29.0\mysearchdialEng.dll.vir probably a variant of Win32/Toolbar.Montiera.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\elena\AppData\Local\Mysearchdial\1.8.29.0\mysearchdialsrv.exe.vir a variant of Win32/Toolbar.Montiera.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\elena\AppData\Local\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll.vir a variant of Win32/Toolbar.Montiera.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\elena\AppData\Local\Mysearchdial\1.8.29.0\bh\mysearchdial.dll.vir a variant of Win32/Toolbar.Escort.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\elena\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe.vir Win32/DealPly.S potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\elena\AppData\Roaming\Mysearchdial\UpdateProc\UpdateTask.exe.vir a variant of Win32/DealPly.S potentially unwanted application
C:\Users\elena\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PLW11MJU\73404313077[1].mp3 Win32/TrojanDownloader.Agent.AGV trojan
C:\Users\elena\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VCYSXSFD\Player Setup[1].exe a variant of Win32/DomaIQ.BG potentially unwanted application
C:\Users\elena\AppData\Local\Temp\instract.exe a variant of Win32/OutBrowse.D potentially unwanted application
C:\Users\elena\AppData\LocalLow\Feod.exe Win32/Spy.Zbot.ABV trojan
C:\Users\elena\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\1e16928d-740ea22e multiple threats
C:\Users\elena\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\14a5504e-3e292fbb multiple threats
C:\Users\elena\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\4b523515-2221857c multiple threats
C:\Users\elena\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\53878f9a-217f2f59 a variant of Java/Exploit.CVE-2010-4452.I trojan
C:\Users\elena\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\3c0cc9a3-78435f37 Java/Exploit.CVE-2012-1723.BU trojan
C:\Users\elena\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\635731c6-5e90bf79 Java/Exploit.CVE-2012-1723.M trojan
C:\Users\elena\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\1449f3bd-6353fe3a Java/Exploit.CVE-2012-0507.BR trojan
 



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:02 AM

Posted 26 June 2014 - 05:43 PM

Hello -

You must now please update me on your problems, so I know the next step.

Has the computer problems in any way improved.

 

 

If so, Clear Cache / Temp Files
Download TFC by OldTimer to your desktop
• Please double-click TFC.exe to run it.
For Vista, Win 7 / 8 right-click on the file and choose Run As Administrator.
• It will close all programs when run, so make sure you have saved all your work before you begin.
• Click the Start button to begin the process.
• Once it's finished click OK and it may reboot your machine.
• If it does not, please manually reboot the machine yourself to ensure a complete clean.



#8 elenapena85

elenapena85
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 04 July 2014 - 03:34 PM

hi,

 

I just finished Old Timer. my laptop is working  really well now, the annoying messages have stopped.

 

Thank you so much for all your help.

 

Elena






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users