Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVAST not working. "This programis blocked by group policy..."


  • Please log in to reply
17 replies to this topic

#1 TheVeryOldGeezer

TheVeryOldGeezer

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 02 December 2014 - 02:55 PM

I have an HP Pavilion Elite M9452P, running Vista Home Premium 64-bit, and free version of AVAST.

 

A few weeks ago I noticed that AVAST was turned off.  When I clicked on the AVAST icon I got "This program is blocked by group policy.  For more information, contact your system administrator." I ran Spybot and Malwarebytes Anti-Malware and found nothing.  I also tried to install AVG and kept getting an error saying drivers would not load.

 

What kind of virus is this?  What harm/damage could it be doing to my computer?  Can you provide any divine guidance on how to get rid of this virus.

 

Thank you for your time and assistance ... TheVeryOldGeezer



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 02 December 2014 - 04:58 PM

Hello there      :welcome:

 

I'm LighthouseParty and I'll be assisting you with your concern today. Let's run a couple of scans to see what could be causing this.
 

:step1: Download MiniToolBox

  1. Click here to download MiniToolBox to your desktop.
  2. Double click MiniToolBox.
  3. Select the following and then press go.
  4. Post the log in your next reply.

Flush DNS

Reset IE Proxy Settings

Reset FF Proxy Settings

List Installed Programs

List Restore Points

 

:step2: Install and run a scan with Malwarebytes Anti-Malware
  1. Click here to download Malwarebytes to your desktop.
  2. Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  3. On the dashboard, click update now.
  4. After that, click scan now - the scan will now begin.
  5. When the scan's completed, select apply actions - make sure the action is quarantine.
  6. Restart your computer.

How to get the log.

  1. On the dashboard, select the history tab and click application logs.
  2. Select the log which has the time and date of when you did the scan.
  3. Click copy to clipboard and paste it into your reply.

:step3: Download Security Check

  1. Click here to download Security Check to your desktop.
  2. Double click SecurityCheck and follow the on-screen instructions.
  3. A log should open, called checkup.txt.
  4. Please post the contents of it in your next reply.

Thanks and good luck!



#3 maggot7

maggot7

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 02 December 2014 - 05:54 PM

Just out of curiosity, you didn't install CryptoPrevent (the protection software by Foolibleep to combat Crypto-Ransomware), did you?

 

I know it makes group policy changes and also might be one of the few legitimate programs that could be causing this problem.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,112 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:02 AM

Posted 02 December 2014 - 06:19 PM

Just out of curiosity, you didn't install CryptoPrevent (the protection software by Foolibleep to combat Crypto-Ransomware), did you?
 
I know it makes group policy changes and also might be one of the few legitimate programs that could be causing this problem.

I have had CryptoPrevent on my wife's notebook with avast! Free for about a year now and there are no such issues.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 maggot7

maggot7

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:02 AM

Posted 02 December 2014 - 06:39 PM

 

Just out of curiosity, you didn't install CryptoPrevent (the protection software by Foolibleep to combat Crypto-Ransomware), did you?
 
I know it makes group policy changes and also might be one of the few legitimate programs that could be causing this problem.

I have had CryptoPrevent on my wife's notebook with avast! Free for about a year now and there are no such issues.

 

 

Oh okay, I think it's great software. I have installed as well with BitDefender and I have had no problems at all.

 

EDIT: Hahaha I just realized that the forum filter changed the name of the developer. That's awesome.


Edited by maggot7, 02 December 2014 - 06:40 PM.


#6 TheVeryOldGeezer

TheVeryOldGeezer
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 03 December 2014 - 11:35 AM

Hello LightHouseParty ... Thanks for your timely response and for taking the time to help me out here.

 

As requested, I've posted the scan logs below.  Please let me know what else I can do to help you help me.

 

Thanks!

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by OM (administrator) on 03-12-2014 at 07:42:27
Running from "C:\Users\OM\Desktop\Bleeping Analysis 1\MiniToolBox"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 1.8.2 - )
µTorrent (HKCU-x32\...\uTorrent) (Version: 1.8.2 - )
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (x32 Version: 7.2.8 - Hewlett-Packard) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (x32 Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{33EB1061-ABF1-4470-A540-32E97A610536}) (Version: 3.2.0.47 - Apple Inc.)
Apple Mobile Device Support (HKLM-x32\...\{33EB1061-ABF1-4470-A540-32E97A610536}) (Version: 3.2.0.47 - Apple Inc.)
Bonjour (HKLM\...\{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}) (Version: 2.0.3.0 - Apple Inc.)
Bonjour (HKLM-x32\...\{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}) (Version: 2.0.3.0 - Apple Inc.)
Branches (HKCU\...\29a4322383accab2) (Version: 1.2.2.7 - Sherwood Electronics Laboratories Inc.)
Branches (HKCU-x32\...\29a4322383accab2) (Version: 1.2.2.7 - Sherwood Electronics Laboratories Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
CutePDF Writer 3.0 (HKLM-x32\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Dropbox (HKCU-x32\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM-x32\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GIMP 2.8.10 (HKLM-x32\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk (remove only) (HKCU-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
Hardware Diagnostic Tools (HKLM-x32\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Customer Participation Program 10.0 (HKLM-x32\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Deskjet Printer Driver Software. 8.0.B (HKLM\...\{0411A7A4-23D4-47ad-B109-3CBE7E8093F1}) (Version: 8.0 - HP)
HP Deskjet Printer Driver Software. 8.0.B (HKLM-x32\...\{0411A7A4-23D4-47ad-B109-3CBE7E8093F1}) (Version: 8.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM-x32\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM-x32\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Essential 3.5 (HKLM-x32\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Scanjet G4000 Series (HKLM-x32\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Scanjet G4000 series 9.0 (Version: 8.1 - HP) Hidden
HP Scanjet G4000 series 9.0 (x32 Version: 8.1 - HP) Hidden
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM-x32\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
Hulu Desktop (HKCU-x32\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM-x32\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}) (Version: 10.0.1.22 - Apple Inc.)
iTunes (HKLM-x32\...\{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}) (Version: 10.0.1.22 - Apple Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM-x32\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM-x32\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (x32 Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (x32 Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office Home and Student 60 day trial (HKLM-x32\...\OfficeTrial) (Version:  - )
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM-x32\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM-x32\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM-x32\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM-x32\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM-x32\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM-x32\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Network64 (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Network64 (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA Drivers (HKLM-x32\...\NVIDIA Drivers) (Version:  - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OCR Software by I.R.I.S. 13.0 (HKLM-x32\...\HPOCR) (Version: 13.0 - HP)
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version:  - Tracker Software)
PDF-XChange 3 (HKLM-x32\...\PDF-XChange 3_is1) (Version:  - Tracker Software)
PlayReady PC runtime (HKLM\...\{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}) (Version: 1 - Microsoft Corporation)
PlayReady PC runtime (HKLM-x32\...\{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}) (Version: 1 - Microsoft Corporation)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
Roxio Drag-to-Disc (HKLM-x32\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
SF_CDB_ToolboxIni64 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
SF_CDB_ToolboxIni64 (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
Shop for HP Supplies (HKLM-x32\...\Shop for HP Supplies) (Version: 10.0 - HP)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM-x32\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM-x32\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM-x32\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (x32 Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Language Selector (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
========================= Restore Points ==================================
 
Could not list Restore Points.
 
**** End of log ****

 

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/3/2014
Scan Time: 7:46:38 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.12.03.08
Rootkit Database: v2014.12.02.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: OM
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 450001
Time Elapsed: 13 min, 14 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
 

Results of screen317's Security Check version 0.99.91  
 Windows Vista Service Pack 2 x64 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Spybot - Search & Destroy 
 SlimCleaner     
 Java™ 6 Update 20  
 Java™ 6 Update 32  
 Java 7 Update 55  
 Java™ SE Runtime Environment 6 Update 1 
 Java version 32-bit out of Date! 
 Adobe Reader 9  
 Adobe Reader XI  
 Google Chrome (39.0.2171.65) 
 Google Chrome (39.0.2171.71) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0 % 
````````````````````End of Log`````````````````````` 
 


#7 TheVeryOldGeezer

TheVeryOldGeezer
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 03 December 2014 - 12:00 PM

 

Hello there      :welcome:

 

I'm LighthouseParty and I'll be assisting you with your concern today. Let's run a couple of scans to see what could be causing this.
 

:step1: Download MiniToolBox

  1. Click here to download MiniToolBox to your desktop.
  2. Double click MiniToolBox.
  3. Select the following and then press go.
  4. Post the log in your next reply.

Flush DNS

Reset IE Proxy Settings

Reset FF Proxy Settings

List Installed Programs

List Restore Points

 

:step2: Install and run a scan with Malwarebytes Anti-Malware
  1. Click here to download Malwarebytes to your desktop.
  2. Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  3. On the dashboard, click update now.
  4. After that, click scan now - the scan will now begin.
  5. When the scan's completed, select apply actions - make sure the action is quarantine.
  6. Restart your computer.

How to get the log.

  1. On the dashboard, select the history tab and click application logs.
  2. Select the log which has the time and date of when you did the scan.
  3. Click copy to clipboard and paste it into your reply.

:step3: Download Security Check

  1. Click here to download Security Check to your desktop.
  2. Double click SecurityCheck and follow the on-screen instructions.
  3. A log should open, called checkup.txt.
  4. Please post the contents of it in your next reply.

Thanks and good luck!

 

Hello LightHouseParty ... Thanks for your timely response and for taking the time to help me out here.

 

As requested, I've posted the scan logs below.  Please let me know what else I can do to help you help me.

 

Thanks!

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by OM (administrator) on 03-12-2014 at 07:42:27
Running from "C:\Users\OM\Desktop\Bleeping Analysis 1\MiniToolBox"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 1.8.2 - )
µTorrent (HKCU-x32\...\uTorrent) (Version: 1.8.2 - )
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (x32 Version: 7.2.8 - Hewlett-Packard) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (x32 Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{33EB1061-ABF1-4470-A540-32E97A610536}) (Version: 3.2.0.47 - Apple Inc.)
Apple Mobile Device Support (HKLM-x32\...\{33EB1061-ABF1-4470-A540-32E97A610536}) (Version: 3.2.0.47 - Apple Inc.)
Bonjour (HKLM\...\{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}) (Version: 2.0.3.0 - Apple Inc.)
Bonjour (HKLM-x32\...\{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}) (Version: 2.0.3.0 - Apple Inc.)
Branches (HKCU\...\29a4322383accab2) (Version: 1.2.2.7 - Sherwood Electronics Laboratories Inc.)
Branches (HKCU-x32\...\29a4322383accab2) (Version: 1.2.2.7 - Sherwood Electronics Laboratories Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
CutePDF Writer 3.0 (HKLM-x32\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Dropbox (HKCU-x32\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM-x32\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GIMP 2.8.10 (HKLM-x32\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk (remove only) (HKCU-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
Hardware Diagnostic Tools (HKLM-x32\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Customer Participation Program 10.0 (HKLM-x32\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Deskjet Printer Driver Software. 8.0.B (HKLM\...\{0411A7A4-23D4-47ad-B109-3CBE7E8093F1}) (Version: 8.0 - HP)
HP Deskjet Printer Driver Software. 8.0.B (HKLM-x32\...\{0411A7A4-23D4-47ad-B109-3CBE7E8093F1}) (Version: 8.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM-x32\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM-x32\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Essential 3.5 (HKLM-x32\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Scanjet G4000 Series (HKLM-x32\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Scanjet G4000 series 9.0 (Version: 8.1 - HP) Hidden
HP Scanjet G4000 series 9.0 (x32 Version: 8.1 - HP) Hidden
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM-x32\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
Hulu Desktop (HKCU-x32\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM-x32\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}) (Version: 10.0.1.22 - Apple Inc.)
iTunes (HKLM-x32\...\{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}) (Version: 10.0.1.22 - Apple Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM-x32\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM-x32\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (x32 Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (x32 Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office Home and Student 60 day trial (HKLM-x32\...\OfficeTrial) (Version:  - )
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM-x32\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM-x32\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM-x32\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM-x32\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM-x32\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM-x32\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Network64 (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Network64 (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA Drivers (HKLM-x32\...\NVIDIA Drivers) (Version:  - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OCR Software by I.R.I.S. 13.0 (HKLM-x32\...\HPOCR) (Version: 13.0 - HP)
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version:  - Tracker Software)
PDF-XChange 3 (HKLM-x32\...\PDF-XChange 3_is1) (Version:  - Tracker Software)
PlayReady PC runtime (HKLM\...\{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}) (Version: 1 - Microsoft Corporation)
PlayReady PC runtime (HKLM-x32\...\{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}) (Version: 1 - Microsoft Corporation)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
Roxio Drag-to-Disc (HKLM-x32\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
SF_CDB_ToolboxIni64 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
SF_CDB_ToolboxIni64 (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
Shop for HP Supplies (HKLM-x32\...\Shop for HP Supplies) (Version: 10.0 - HP)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM-x32\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM-x32\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM-x32\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (x32 Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Language Selector (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
========================= Restore Points ==================================
 
Could not list Restore Points.
 
**** End of log ****

 

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/3/2014
Scan Time: 7:46:38 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.12.03.08
Rootkit Database: v2014.12.02.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: OM
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 450001
Time Elapsed: 13 min, 14 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
 

Results of screen317's Security Check version 0.99.91  
 Windows Vista Service Pack 2 x64 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File  
 Spybot - Search & Destroy 
 SlimCleaner     
 Java™ 6 Update 20  
 Java™ 6 Update 32  
 Java 7 Update 55  
 Java™ SE Runtime Environment 6 Update 1 
 Java version 32-bit out of Date!
 Adobe Reader 9  
 Adobe Reader XI  
 Google Chrome (39.0.2171.65) 
 Google Chrome (39.0.2171.71) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0 % 
````````````````````End of Log``````````````````````
 
 


#8 TheVeryOldGeezer

TheVeryOldGeezer
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 03 December 2014 - 12:02 PM

Just out of curiosity, you didn't install CryptoPrevent (the protection software by Foolibleep to combat Crypto-Ransomware), did you?

 

I know it makes group policy changes and also might be one of the few legitimate programs that could be causing this problem.

No maggot7, I haven't installed CryptoPrevent.  Thanks for asking.



#9 TheVeryOldGeezer

TheVeryOldGeezer
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 03 December 2014 - 12:11 PM

To all following this thread ... I apologize for multiple copies of my response to Lighthouse Party.  I'm new to this and can't figure out how to delete my mistakes.  Anyway, I think I've figured out now how to reply to a specific post.

 

Thanks again for your patience with a Rookie!



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,112 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:02 AM

Posted 03 December 2014 - 01:34 PM

To all following this thread ... I apologize for multiple copies of my response to Lighthouse Party.  I'm new to this and can't figure out how to delete my mistakes.  Anyway, I think I've figured out now how to reply to a specific post.

Not a problem. We were all new to this forum at one time.

Posting Tip: There is no need to quote the entire post you're replying to. Just use the TEGAddReply.png button (found at the top and bottom of the page) instead of the ''Quote" button (found under each post).
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 TheVeryOldGeezer

TheVeryOldGeezer
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 03 December 2014 - 01:43 PM

Thanks Global Moderator!!

 



#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,112 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:02 AM

Posted 03 December 2014 - 01:45 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 03 December 2014 - 02:37 PM

Hello there,

 

:step1: Uninstall some programs

 

There's currently some programs on your PC that we need to remove, for the time-being at least. Click the start menu, type in Programs and Features and click Programs and Features. Navigate to each of the following below one-by-one and click uninstall:

  • µTorrent 

Please download JavaRa from here and once opened it, select 'remove JRE'. Did you run the MiniToolBox and the Security Log on the same day? Did you remove programs before running MiniToolBox? Just curious because Security Check, is listing programs, which isn't in the MiniToolBox log.

 

:step2: Download and run AdwCleaner

  1. Click here to download AdwCleaner to your desktop.
  2. Double click adwcleaner_x.xxx.exe. If prompted, click I agree.
  3. Click scan. When it's finished, select clean.
  4. Allow AdwCleaner to restart your computer.
  5. Once you've restarted, a log should appear. Please post this in your next reply.

:step3: Download Junkware Removal Tool

  1. Click here to download Junkware Removal Tool to your desktop.
  2. Double click JRT.exe. (Win 7 and Vista users, right-click and select run as admin)
  3. Press any key and the scan will begin.
  4. At the end, a log will open. Please post this in your next reply.


#14 maggot7

maggot7

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:02 AM

Posted 03 December 2014 - 02:49 PM

uTorrent, itself, is not malicious.



#15 TheVeryOldGeezer

TheVeryOldGeezer
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 03 December 2014 - 04:21 PM

LighthouseParty,

 

I have removed uTorrent and Java.  I actually ran MiniToolBox first, then immediately ran Malwarebytes.  I inadvertently turned my computer off after that, and immediately re-booted and ran Security Check.  I did not knowingly delete any program during this time.  Would be glad to run MiniToolBox and Security Check again if you'd like.

 

I may have messed this up though ... I ran AdwCleaner first, then ran Junkware Removal Tool.  I thought I saved both logs, but I could only find the Junkware log (pasted below).  I found all the deleted elements from the initial AdwCleaner scan in Quarantine Management, but can't figure out how to print them.  There in a scroll-down window which is very small, requiring many screen shots to record them all.  Would you want me to restore all the elements deleted by AdwCleaner, and re-scan?  Wouldn't this produce a log similar to the one I can't find? Sorry for the mistake!

 

Attached below is the Junkware Removal Tool scan logs.

 

Thanks for your patience!!

 

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows ™ Vista Home Premium x64
Ran by OM on Wed 12/03/2014 at 12:31:10.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-02747EB8.pf
Successfully deleted: [File] "C:\Windows\wininit.ini"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\OM\appdata\local\pc_drivers_headquarters"
Successfully deleted: [Empty Folder] C:\Users\OM\appdata\local\{07916769-8FD4-4B9C-8173-2C76BD1BC88A}
Successfully deleted: [Empty Folder] C:\Users\OM\appdata\local\{550A25C2-6CA7-4B9C-97FC-65FB87BBFD48}
Successfully deleted: [Empty Folder] C:\Users\OM\appdata\local\{6C4241ED-3E08-4DF7-83AD-79B64CF8955A}
Successfully deleted: [Empty Folder] C:\Users\OM\appdata\local\{DB213265-DEA7-442E-96EA-2F6B4E9BB515}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/03/2014 at 12:36:51.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users