Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unable to disinfect


  • Please log in to reply
7 replies to this topic

#1 somae

somae

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 25 August 2014 - 01:55 PM

We've got bitdefender free antivirus. I run the live cd scan every so often when I suspect a problem. The scan has been finding something called "Gen:Application.Bundler.DefaultTab.1.virus". Bitdefender has been unable to disinfect or delete it but says that it's able to rename it. Although it supposedly renamed it, the same malware is detected if I run the scan again.

 

We're using windows vista business.

 

Help appreciated. Thanks.



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:31 PM

Posted 25 August 2014 - 03:47 PM

Hello somae

Let's see if these will get that PUP.

ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    >>>>

    Download 51a46ae42d560-malwarebytes_anti_malware.MalwareBytes Anti-Malware to your desktop.
    • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
    • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
    • Click the Scan Now button, a threat scan will start automatically.
    • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
    • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 somae

somae
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 26 August 2014 - 04:58 PM

Here are the logs. -- I couldn't see a way to attach a file.

 

 

# AdwCleaner v3.308 - Report created 25/08/2014 at 17:50:06
# Updated 20/08/2014 by Xplode
# Operating System : Windows Vista ™ Business Service Pack 2 (32 bits)
# Username : admin - DELL-TOP
# Running from : C:\downloads\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16563


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\xane6hm3.default\prefs.js ]


[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\x9k1dvxj.default\prefs.js ]


[ File : C:\Users\soma\AppData\Roaming\Mozilla\Firefox\Profiles\v7udhzzt.default-1408650052943\prefs.js ]


-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\soma\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1067 octets] - [22/08/2013 15:35:54]
AdwCleaner[R10].txt - [2356 octets] - [26/03/2014 03:09:47]
AdwCleaner[R11].txt - [2476 octets] - [14/04/2014 15:18:16]
AdwCleaner[R12].txt - [2837 octets] - [23/04/2014 00:11:01]
AdwCleaner[R13].txt - [2757 octets] - [24/04/2014 19:30:39]
AdwCleaner[R14].txt - [2674 octets] - [29/04/2014 02:57:36]
AdwCleaner[R15].txt - [3300 octets] - [30/04/2014 17:32:55]
AdwCleaner[R16].txt - [3429 octets] - [08/07/2014 03:41:07]
AdwCleaner[R17].txt - [3415 octets] - [22/08/2014 19:44:56]
AdwCleaner[R18].txt - [3419 octets] - [25/08/2014 17:46:19]
AdwCleaner[R1].txt - [1146 octets] - [30/08/2013 02:22:26]
AdwCleaner[R2].txt - [1198 octets] - [20/09/2013 01:43:17]
AdwCleaner[R3].txt - [2802 octets] - [08/10/2013 16:06:51]
AdwCleaner[R4].txt - [1661 octets] - [12/11/2013 14:52:09]
AdwCleaner[R5].txt - [3202 octets] - [10/12/2013 14:25:48]
AdwCleaner[R6].txt - [1872 octets] - [08/01/2014 16:43:46]
AdwCleaner[R7].txt - [2021 octets] - [23/01/2014 04:04:48]
AdwCleaner[R8].txt - [2116 octets] - [03/03/2014 03:08:47]
AdwCleaner[R9].txt - [1866 octets] - [09/03/2014 19:28:50]
AdwCleaner[S0].txt - [957 octets] - [22/08/2013 15:37:45]
AdwCleaner[S10].txt - [2418 octets] - [26/03/2014 03:11:25]
AdwCleaner[S11].txt - [2538 octets] - [14/04/2014 15:20:06]
AdwCleaner[S12].txt - [2903 octets] - [23/04/2014 00:13:18]
AdwCleaner[S13].txt - [2821 octets] - [24/04/2014 19:36:49]
AdwCleaner[S14].txt - [2736 octets] - [29/04/2014 02:59:42]
AdwCleaner[S15].txt - [3370 octets] - [30/04/2014 17:35:03]
AdwCleaner[S16].txt - [3499 octets] - [08/07/2014 03:43:27]
AdwCleaner[S17].txt - [3479 octets] - [22/08/2014 19:47:02]
AdwCleaner[S18].txt - [2801 octets] - [25/08/2014 17:50:06]
AdwCleaner[S1].txt - [1037 octets] - [30/08/2013 02:24:17]
AdwCleaner[S2].txt - [1086 octets] - [20/09/2013 01:45:26]
AdwCleaner[S3].txt - [2879 octets] - [08/10/2013 16:07:59]
AdwCleaner[S4].txt - [1722 octets] - [12/11/2013 14:54:05]
AdwCleaner[S5].txt - [3264 octets] - [10/12/2013 14:26:57]
AdwCleaner[S6].txt - [1933 octets] - [08/01/2014 16:45:04]
AdwCleaner[S7].txt - [2082 octets] - [23/01/2014 04:06:26]
AdwCleaner[S8].txt - [2177 octets] - [03/03/2014 03:10:54]
AdwCleaner[S9].txt - [1927 octets] - [09/03/2014 19:30:27]

########## EOF - \AdwCleaner\AdwCleaner[S18].txt - [3402 octets] ##########

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/26/2014
Scan Time: 3:36:42 PM
Logfile: mbam-log-8-26-14.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.26.07
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: admin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 404811
Time Elapsed: 38 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 1
Broken.OpenCommand, HKCR\regfile\shell\open\command, regedit "Good: (regedit.exe "Bad: (regedit "%1" %*),Replaced,[ffffffffffffffffffffffffffffffff]")" %*, %4, %5

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:31 PM

Posted 26 August 2014 - 07:51 PM

Please run one more ..this may take a couple hours.

ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 somae

somae
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 30 August 2014 - 01:50 PM

Here's the ESET log. It took over 10 hours! For a while I thought it was hanging. It found 30 infections.

 

C:\Documents and Settings\Administrator\Local Settings\Temp\is754907076\MyBabylonTB.exe    Win32/Toolbar.Babylon application    cleaned by deleting - quarantined
C:\downloads\movie_player_1280.exe    a variant of Win32/InstallIQ application    cleaned by deleting - quarantined
C:\downloads\mozilla-firefox.exe    a variant of Win32/InstallCore.X application    cleaned by deleting - quarantined
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-07-09 12:24:08
# local_time=2012-07-09 08:24:08 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777213 66 100 0 2074340 0 0
# compatibility_mode=8192 67108863 100 0 24496335 24496335 0 0
# scanned=68994
# found=1
# cleaned=1
# scan_time=7040
C:\Documents and Settings\Administrator\Local Settings\Temp\nst491\nss492.tmp\SetupDataMngr_Searchqu.exe    a variant of Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-24 01:05:37
# local_time=2012-08-24 09:05:37 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777213 66 100 3858906 6054318 0 0
# compatibility_mode=8192 67108863 100 0 28476313 28476313 0 0
# scanned=75638
# found=2
# cleaned=2
# scan_time=3951
C:\Documents and Settings\Administrator\Local Settings\Temp\is754907076\GiantSavings_US.exe    Win32/Toolbar.CrossRider application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\downloads\Setup_FreeBurner.exe    Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-27 02:48:06
# local_time=2012-08-26 10:48:06 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777213 66 100 4084908 6280320 0 0
# compatibility_mode=8192 67108863 100 0 28702315 28702315 0 0
# scanned=2
# found=0
# cleaned=0
# scan_time=97
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-15 04:47:51
# local_time=2012-09-15 12:47:51 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777213 66 100 5773309 7968721 0 0
# compatibility_mode=8192 67108863 100 0 30390716 30390716 0 0
# scanned=75969
# found=0
# cleaned=0
# scan_time=3669
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-06 05:44:46
# local_time=2012-10-06 01:44:46 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 7591197 9786609 0 0
# compatibility_mode=8192 67108863 100 0 32208604 32208604 0 0
# scanned=78079
# found=1
# cleaned=1
# scan_time=3598
C:\downloads\smartdefrag.exe    a variant of Win32/ELEX application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-20 10:04:36
# local_time=2012-10-20 06:04:36 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777213 66 100 8815976 11011388 0 0
# compatibility_mode=8192 67108863 100 0 33433383 33433383 0 0
# scanned=78639
# found=0
# cleaned=0
# scan_time=4016
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-31 03:03:04
# local_time=2012-10-31 11:03:04 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 0 0 0 0
# compatibility_mode=8192 67108863 100 0 34358490 34358490 0 0
# scanned=81661
# found=0
# cleaned=0
# scan_time=4014
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=1
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=1
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-11-15 06:39:41
# local_time=2012-11-15 01:39:41 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 0 1085586 0 0
# compatibility_mode=8192 67108863 100 0 35667377 35667377 0 0
# scanned=84710
# found=0
# cleaned=0
# scan_time=4131
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-11-18 06:34:45
# local_time=2012-11-18 01:34:45 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 0 1344580 0 0
# compatibility_mode=8192 67108863 100 0 35926371 35926371 0 0
# scanned=80802
# found=0
# cleaned=0
# scan_time=4039
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-11-22 07:48:22
# local_time=2012-11-22 02:48:22 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 0 1689692 0 0
# compatibility_mode=8192 67108863 100 0 36271483 36271483 0 0
# scanned=81761
# found=0
# cleaned=0
# scan_time=8936
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-11-28 05:44:22
# local_time=2012-11-28 12:44:22 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 113629 2205621 0 0
# compatibility_mode=8192 67108863 100 0 36787412 36787412 0 0
# scanned=81756
# found=4
# cleaned=4
# scan_time=3976
C:\Documents and Settings\Administrator\Local Settings\Temp\LEBRlxfl.exe.part    Win32/InstallMonetizer.AF application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\Documents and Settings\Administrator\My Documents\Downloads\ovideojoiner(1).exe    Win32/InstallMonetizer.AF application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\Documents and Settings\Administrator\My Documents\Downloads\ovideojoiner.exe    Win32/InstallMonetizer.AF application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\downloads\ovideojoiner.exe    Win32/InstallMonetizer.AF application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-12-05 04:52:29
# local_time=2012-12-05 11:52:29 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777213 66 100 717510 2809502 0 0
# compatibility_mode=8192 67108863 100 0 37391293 37391293 0 0
# scanned=11483
# found=1
# cleaned=1
# scan_time=1757
C:\downloads\Motorola_Phone_Tools_5_0_5_zip.exe    multiple threats (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-12-05 06:04:54
# local_time=2012-12-05 01:04:54 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 719361 2811353 0 0
# compatibility_mode=8192 67108863 100 0 37393144 37393144 0 0
# scanned=81147
# found=0
# cleaned=0
# scan_time=4277
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-12-29 06:35:06
# local_time=2012-12-29 01:35:06 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 2794195 4886187 0 0
# compatibility_mode=8192 67108863 100 0 39467978 39467978 0 0
# scanned=81806
# found=0
# cleaned=0
# scan_time=4852
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-06 07:34:47
# local_time=2013-01-06 02:34:47 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 3489572 5581564 0 0
# compatibility_mode=8192 67108863 100 0 40163355 40163355 0 0
# scanned=83492
# found=0
# cleaned=0
# scan_time=4253
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-14 07:09:28
# local_time=2013-01-14 02:09:28 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 4179396 6271388 0 0
# compatibility_mode=8192 67108863 100 0 40853179 40853179 0 0
# scanned=85006
# found=1
# cleaned=1
# scan_time=4099
C:\RECYCLER\S-1-5-21-57989841-507921405-725345543-1003\Dc27.exe    a variant of Win32/Adware.iBryte.D application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-28 05:36:20
# local_time=2013-01-28 12:36:20 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 5383519 7475511 0 0
# compatibility_mode=8192 67108863 100 0 42057302 42057302 0 0
# scanned=83978
# found=3
# cleaned=3
# scan_time=3992
C:\RECYCLER\S-1-5-21-57989841-507921405-725345543-1003\Dc26.exe    Win32/DownloadAdmin.G application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\RECYCLER\S-1-5-21-57989841-507921405-725345543-1008\Dc1.exe    Win32/DownloadAdmin.G application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\RECYCLER\S-1-5-21-57989841-507921405-725345543-1008\Dc2.exe    a variant of Win32/OpenInstall application (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-31 08:04:57
# local_time=2013-01-31 03:04:57 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777214 66 100 5651360 7743352 0 0
# compatibility_mode=8192 67108863 100 0 42325143 42325143 0 0
# scanned=82609
# found=0
# cleaned=0
# scan_time=4274
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=13117
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-11 06:18:06
# local_time=2013-02-11 01:18:06 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 85 94 7621065 136351758 0 0
# compatibility_mode=6401 16777213 66 100 0 8648421 0 0
# scanned=34854
# found=0
# cleaned=0
# scan_time=2277
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=13323
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-07 04:10:38
# local_time=2013-03-07 11:10:38 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 100 94 9726617 138460910 0 0
# compatibility_mode=6401 16777213 66 100 1678024 10757573 0 0
# scanned=85205
# found=0
# cleaned=0
# scan_time=4621
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=13477
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-25 12:26:53
# local_time=2013-03-25 08:26:53 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 100 94 11268392 140002685 0 0
# compatibility_mode=6401 16777213 66 100 3219799 12299348 0 0
# scanned=88188
# found=0
# cleaned=0
# scan_time=4126
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=13687
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-24 03:29:24
# local_time=2013-04-24 11:29:24 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 85 93 1224034 142605636 0 0
# compatibility_mode=6401 16777214 66 100 5826350 14902299 0 0
# scanned=89070
# found=0
# cleaned=0
# scan_time=4909
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=13779
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-08 03:02:59
# local_time=2013-05-07 11:02:59 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 85 93 33220 143770451 0 0
# compatibility_mode=6401 16777214 66 100 6987565 16067114 0 0
# scanned=91497
# found=0
# cleaned=0
# scan_time=4139
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=13949
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-29 06:41:59
# local_time=2013-05-29 02:41:59 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 85 93 0 145641191 0 0
# compatibility_mode=6401 16777213 66 100 435835 17937854 0 0
# scanned=91001
# found=0
# cleaned=0
# scan_time=4392
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=14872
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-22 10:27:09
# local_time=2013-08-22 06:27:09 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 85 93 2726099 152998701 0 0
# compatibility_mode=6401 16777213 66 100 7793345 25295364 0 0
# scanned=76287
# found=0
# cleaned=0
# scan_time=2972
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=15407
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-08 09:16:45
# local_time=2013-10-08 05:16:45 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=6401 16777213 66 100 0 1338618 0 0
# scanned=63755
# found=1
# cleaned=0
# scan_time=2932
sh=5E734363DB1E7B4A521562F58C311CF6D86F2BFB ft=1 fh=08d7650af5f28415 vn="a variant of Win32/Adware.iBryte.G application" ac=I fn="C:\Documents and Settings\soma.DELL-TOP\Local Settings\Temp\lrmqXqjX.exe.part"
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=15551
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-20 06:21:14
# local_time=2013-10-20 02:21:14 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=771 16777214 16 1 2410766 2410766 0 0
# compatibility_mode=1799 16775165 100 95 0 32995 0 0
# compatibility_mode=6401 16777213 66 100 0 0 0 0
# scanned=77878
# found=1
# cleaned=1
# scan_time=2879
sh=5E734363DB1E7B4A521562F58C311CF6D86F2BFB ft=1 fh=08d7650af5f28415 vn="a variant of Win32/Adware.iBryte.G application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\soma.DELL-TOP\Local Settings\Temp\lrmqXqjX.exe.part"
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=15700
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-30 08:31:07
# local_time=2013-10-30 04:31:07 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775165 100 95 0 947988 0 0
# compatibility_mode=6401 16777214 66 100 0 379679 0 0
# scanned=109992
# found=0
# cleaned=0
# scan_time=3957
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=15784
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-06 10:45:58
# local_time=2013-11-06 05:45:58 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775165 100 95 0 1560879 0 0
# compatibility_mode=6401 16777213 66 100 609221 992570 0 0
# scanned=113591
# found=0
# cleaned=0
# scan_time=4462
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=16217
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-10 08:30:09
# local_time=2013-12-10 03:30:09 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775166 100 95 0 4490324 0 0
# compatibility_mode=6401 16777214 66 100 1812879 3922021 0 0
# scanned=260557
# found=0
# cleaned=0
# scan_time=5485
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=16571
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-09 12:10:58
# local_time=2014-01-08 07:10:58 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775165 100 95 0 7009173 0 0
# compatibility_mode=6401 16777213 66 100 1047327 6440870 0 0
# scanned=206017
# found=0
# cleaned=0
# scan_time=5732
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=16760
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-23 09:30:17
# local_time=2014-01-23 04:30:17 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775165 100 95 0 8252332 0 0
# compatibility_mode=6401 16777213 66 100 2290486 7684029 0 0
# scanned=115847
# found=0
# cleaned=0
# scan_time=4148
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=17886
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-14 10:05:01
# local_time=2014-04-14 06:05:01 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775165 100 95 0 15296016 0 0
# compatibility_mode=6401 16777213 66 100 493449 14727713 0 0
# scanned=120092
# found=0
# cleaned=0
# scan_time=3481
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3a1d81db88423f4aa50ea4068bfa8fcc
# engine=17985
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-23 06:33:23
# local_time=2014-04-23 02:33:23 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775165 100 95 0 16017718 0 0
# compatibility_mode=6401 16777213 66 100 1215151 15449415 0 0
# scanned=177151
# found=0
# cleaned=0
# scan_time=4560
esets_scanner_update returned -1 esets_gle=12
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:31 PM

Posted 03 September 2014 - 05:49 PM

Hello sorry to have lost you.. It looks like we did remove a bundled installer. Run your Bitdefender again to see if it finds anything now.

But first.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 somae

somae
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 06 September 2014 - 12:39 PM

Bitdefender is still finding the bundled installer.

 

Just saw that you were saying to reboot into windows after using TFC. I rebooted into the Bitdefender CD - don't know if that made a problem.

 

Also - if I recall, Bitdefender doesn't find the bundled installer if I run it from windows - but it does find it when I run it by rebooting into the CD.

 

Thanks for your help.


Edited by somae, 06 September 2014 - 12:44 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:31 PM

Posted 06 September 2014 - 10:19 PM

Then I think it is jus finding that file as that file is always on the CD.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users