Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 laptop becomes unresponsive except for mouse pointer


  • Please log in to reply
7 replies to this topic

#1 fmedwards3

fmedwards3

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 21 December 2014 - 03:57 PM

Running Windows 7.  Laptop becomes unresponsive, except that the mouse pointer moves as normal.  Control-Alt-Delete results in dark screen for quite a while, then message box appears titled "Failure to Display Security and Shutdown Options".  Hard power-off and restart solves the problem -- until it happens again.  Viper Internet Security scan finds nothing.  Please help.



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 04:00 PM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Non-malware removal steps
 
Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup

Thanks and good luck!



#3 fmedwards3

fmedwards3
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 07:46 PM

Took a while.  The laptop 'hangs' for a while, then works for a while.

Logs follow:

**************************************************************************************

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/21/2014
Scan Time: 5:47:09 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.12.21.05
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: fmeadmin
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340410
Time Elapsed: 33 min, 36 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 4
PUP.Optional.Spigot.A, HKU\S-1-5-21-1335140160-3885307917-3555358319-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Search Protection, Quarantined, [9bde85e028544de9c8ed32297c87b749], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-1335140160-3885307917-3555358319-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Search Protection, Quarantined, [9bde85e028544de9c8ed32297c87b749], 
Malware.Trace, HKU\S-1-5-21-1335140160-3885307917-3555358319-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DC3_FEXEC, Quarantined, [f683283dfb818da9069a6cd07094d32d], 
PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-1335140160-3885307917-3555358319-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Protection, Quarantined, [1a5f6ef7304cf73f75470194cf34e818], 
 
Registry Values: 1
Trojan.Agent.WSTGen, HKU\S-1-5-21-1335140160-3885307917-3555358319-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|win, C:\Users\chris\AppData\Local\Temp\win\win.exe, Quarantined, [d5a41154017b4cea8708c19acb38b34d]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 2
PUP.Optional.Spigot.A, C:\Users\fmeadmin\AppData\Roaming\Search Protection, Quarantined, [9bde85e028544de9c8ed32297c87b749], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
 
Files: 18
PUP.Optional.Spigot, C:\Users\fmeadmin\AppData\Local\Temp\~spC7A6.tmp, Quarantined, [0e6beb7a7903d660aaca6059946d1ee2], 
PUP.Riskware.Patcher, C:\Users\fmeadmin\AppData\Local\Temp\FileMaker.Pro.13.Advanced.(13.0v1).Patch-MPT4470242564324804730.zip, Quarantined, [95e41c49c9b3979f6b2749e170914cb4], 
PUP.Optional.Spigot.A, C:\Users\fmeadmin\AppData\Roaming\Search Protection\Uninstall.exe, Quarantined, [9bde85e028544de9c8ed32297c87b749], 
PUP.Optional.Spigot.A, C:\Users\fmeadmin\AppData\Roaming\Search Protection\SP.exe, Quarantined, [9bde85e028544de9c8ed32297c87b749], 
Backdoor.Agent.DCE, C:\Users\fmeadmin\AppData\Local\Temp\AppLunch\svchost.exe, Quarantined, [3940fa6b0e6e92a4e8654557ff04d62a], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2013-12-06-6.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2013-12-07-7.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2013-12-21-7.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2013-12-22-1.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2013-12-25-4.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2013-12-26-5.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2014-02-17-2.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2014-02-18-3.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2014-02-20-5.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2014-02-21-6.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2014-02-23-1.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2014-02-24-2.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
Stolen.Data, C:\Users\fmeadmin\AppData\Roaming\dclogs\2014-02-25-3.dc, Quarantined, [fb7e4e175c204fe71a313d2e48bcaf51], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
**************************************************************************************
 

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Disabled!  
ThreatTrack Security VIPRE   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 25  
 Java version 32-bit out of Date! 
 Google Chrome (39.0.2171.71) 
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 33% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 
 
************************************************************************************************
 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by fmeadmin (administrator) on 21-12-2014 at 17:45:19
Running from "C:\Users\fmeadmin\Desktop\Bleeping Computer"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Active@ Partition Manager 3.0 (HKLM\...\{FE2483C5-A90C-401D-967F-023A9C3CAAAF}_is1) (Version: 3.0 - LSoft Technologies Inc)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
BDE Data Samples 1.3 (HKLM\...\{F96E84E6-C17B-4262-BC65-8AE71ADA3D1F}_is1) (Version: 1.3 - Borland)
calibre (HKLM\...\{8FAFEF8C-295D-4D71-95FC-91D9B7D75F3E}) (Version: 2.13.0 - Kovid Goyal)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric)
DocFetcher (HKLM\...\DocFetcher) (Version: 1.1.12 - )
Dropbox (HKCU\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
dtSearch (HKLM\...\{259D789C-2A51-4CCE-AF8A-3377A6C1DF60}) (Version: 7.75.8175 - dtSearch Corp.)
Everything 1.3.4.686 (x86) (HKLM\...\Everything) (Version:  - )
FileMaker Pro 13 (HKLM\...\{EA92821A-03A5-4B00-85F4-834BBD8ABC24}_FileMaker) (Version: 13.0.1.0 - FileMaker, Inc.)
FileMaker Pro 13 (Version: 13.0.1.0 - FileMaker, Inc.) Hidden
Flowcode V5 (HKLM\...\{A9232EC5-085E-464C-A8FC-6451F648765D}) (Version: 1.3.4 - Matrix Multimedia Ltd.)
Flowcode V5 (HKLM\...\{F5939182-A1D7-4CBD-8818-C4443D2B76D8}) (Version: 1.3.8 - Matrix Multimedia Ltd.)
FormMax Evaluation  3.5 (HKLM\...\FormMax Evaluation_is1) (Version:  - Acro Software Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Hddb File Search (HKLM\...\Hddb) (Version: 2.0.0 - hddb.xp-zed.com)
Imagic Photo (HKLM\...\Imagic Photo8.0) (Version: 8.0 - Imagic Photo)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
Introduction to microcontroller programming (HKLM\...\{7349CD57-0C08-4477-8A3F-CBCAA96F3058}) (Version: 1.1.1 - Matrix Multimedia Ltd)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (Version: 2.8.25.18 - Oracle Corporation) Hidden
Longtion Database Application Builder 3.0 (HKLM\...\Database Application Builder_is1) (Version:  - )
LyX 2.0.7 (HKLM\...\LyX207) (Version: 2.0.7 - LyX Team)
LyXConverter version 1.0 (HKLM\...\LyXConverter_is1) (Version: 1.1 - )
Magic ISO Maker v5.5 (build 0276) (HKLM\...\Magic ISO Maker v5.5 (build 0276)) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OmniForm Premium 5.0 (HKLM\...\{D9E2AA0C-078F-491E-A728-1A621ADF9900}) (Version: 5.00.029 - ScanSoft, Inc.)
Oracle VM VirtualBox 4.3.6 (HKLM\...\{F56CC4E6-DFC4-4B87-BAE9-C605C305E05C}) (Version: 4.3.6 - Oracle Corporation)
OSForensics (HKLM\...\OSForensics_is1) (Version:  - PassMark Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd)
PRO-VISION Player (HKLM\...\{E94F2899-9A98-4A8C-BDBF-F17B1047F80A}) (Version:  - )
QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)
R for Windows 3.1.1 (HKLM\...\R for Windows 3.1.1_is1) (Version: 3.1.1 - R Core Team)
RStudio (HKLM\...\RStudio) (Version: 0.98.1085 - RStudio)
Samsung Magician (HKLM\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Search Protection (HKCU\...\Search Protection) (Version: 10.6.0.1 - Spigot, Inc.)
Stata 12 (HKLM\...\{5006A0E8-B9B0-48DF-981A-41D005B3E937}) (Version: 12.0 - StataCorp LP)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)
Texmaker (HKLM\...\Texmaker) (Version:  - )
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TeXstudio 2.7.0 (HKLM\...\TeXstudio_is1) (Version: 2.7.0 - Benito van der Zander)
TeXworks 0.4.5 (HKLM\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version:  - TeX Users Group)
TouchChip USB Driver 2.6 (Version: 2.6.0.0097 - UPEK Inc.) Hidden
UltraSearch V2.0 (HKLM\...\UltraSearch_is1) (Version: 2.0 - JAM Software)
USB Video/Audio Device Driver (HKLM\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - EETI)
VIPRE Internet Security (HKLM\...\{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}) (Version: 7.0.6.2 - ThreatTrack Security, Inc.)
VIPRE Internet Security (Version: 7.0.6.2 - ThreatTrack Security, Inc.) Hidden
VLC media player 2.0.0 (HKLM\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
========================= Restore Points ==================================
 
20-12-2014 02:31:06 Removed Bonjour
20-12-2014 05:28:41 Installed calibre
 
**** End of log ****
 


#4 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 22 December 2014 - 04:55 AM

Hello there,

:step1: Please uninstall some programs
 
There's currently some programs on your PC that we need to remove, for the time-being at least. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • µTorrent
  • Java 8 Update 25
  • Search Protection

If any programs listed above aren't in Programs and Features, you can just skip them. Please download JavaRa from here and once opened it, select 'remove JRE' (If that's not there, select remove Java Runtime). Make sure you skip the re-install Java option!

:step2: Please download rKill to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)
  • The tool will run and then a log file should open.
  • Please post the contents of it in your next reply.

Please don't restart your computer before running the next step.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

:step5: Please visit the ESET Online Scanner webpage
:exclame: Internet Explorer MUST be used for this step.  :exclame:

  • Click the checkbox next to 'Yes, I accept the Terms of Use' and click start.
  • Select the checkboxes which are displayed in the picture below.

jqnp8z.png

  • Press start and the scan will now begin - this scan will take a long time.
  • When the scand finished, select list threats and then export.
  • Choose a name for the log (e.g ESET) and click save (to your desktop)
  • Press the back button and then click finish. Please include the contents of the log in your reply.


#5 fmedwards3

fmedwards3
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 22 December 2014 - 10:04 PM

 
ESET just finished and reported "No threats found", but I can't find or didn't save the log file.  The other log files are below.
Thanks for your continued assistance.
 
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Rkill 2.6.9 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 12/22/2014 08:49:35 AM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 12/22/2014 08:49:48 AM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)
 
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 
# AdwCleaner v4.106 - Report created 22/12/2014 at 08:54:57
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : fmeadmin - IPD211
# Running from : C:\Users\fmeadmin\Desktop\Bleeping Computer\adwcleaner_4.106.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\fmeadmin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\fmeadmin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\fmeadmin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-
 
journal
File Deleted : C:\Users\fmeadmin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ultrafilesearch.com_0.localstorage
File Deleted : C:\Users\fmeadmin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ultrafilesearch.com_0.localstorage-
 
journal
File Deleted : C:\Users\fmeadmin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
File Deleted : C:\Users\fmeadmin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\fmeadmin\AppData\Local\Google\Chrome\User Data\Default\Local Storage
 
\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\fmeadmin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\717548102152621913982030839111949405002050989913
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Google Chrome v39.0.2171.95
 
 
*************************
 
AdwCleaner[R0].txt - [2197 octets] - [22/12/2014 08:51:54]
AdwCleaner[S0].txt - [2140 octets] - [22/12/2014 08:54:57]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2200 octets] ##########
 
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 
 
 
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Ultimate x86
Ran by fmeadmin on Mon 12/22/2014 at  9:01:27.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/22/2014 at  9:08:13.99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@


#6 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 23 December 2014 - 05:00 AM

How is the PC now?

 

I must ask, are you using an alternative firewall?



#7 fmedwards3

fmedwards3
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  

Posted 23 December 2014 - 10:15 AM

Computer is running fine -- thank you very much!

I use Viper Internet Security, which includes a firewall.

 

I do have a few questions:

1)  What was the (main) problem?

2)  Any idea why Viper didn't prevent or detect the problem(s)?

3)  If Viper is substandard, please recommend an alternative antivirus and firewall.

4)  I have programs that require Java Runtime Environment 1.6, which you had me remove.  Can I re-install it?

 

Once again, thanks.  



#8 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 23 December 2014 - 10:22 AM

Glad your issue is now resolved :)

For one last final step, please download Delfix from here and save it to your desktop. Right-click it and select run as administrator. Select the following and press run:

  • Remove disinfection tools
  • Purge system restore

To prevent infections in the future, I recommend you install the programs below:

The problem you were experiencing has a high possibility that it was caused by malware. Viper didn't detect it, due to the malicious items that were removed, are classed as PUPs (potentially unwanted program) and only anti-malware tools, such as AdwCleaner, Malwarebytes Anti-Malware, detect them.

 

Java is an unnecessary security risk and can make your PC vulnerable, malicious sites can use them to exploit your PC. You may want to check out these links provided by quitman7:

 

* Why You don't need Java
* W3Techs usage statistics and market share data of Java on the web
* Don’t Need Java? Junk It
* Is it time to give Java the boot? Experts say yes
* Java: should you remove it?

 

Happy surfing!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users