soberali
-
Posts
11 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by soberali
-
-
I do have a SSD. how come I shouldn't defrag?
.....And......Thank you so very much!! You're the best.
-
I rean Adwcleaner. There were no results, it seemed it wouldn't run. Then I ran Security Check and here are the results.
the Results of screen317's Security Check version 0.99.77
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Symantec Endpoint Protection
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 45
Adobe Flash Player 11.9.900.117
Adobe Reader 10.1.8 Adobe Reader out of Date!
Mozilla Firefox (25.0)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 30% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
-
The Adwcleaner won't run. It searches, doesn't come up with anything and then just hangs at "Pending. Please uncheck elements you don't want to remove." However, nothing comes up.
Shall I move onto running security check?
What is my next action.Thanks Marius.
-
after running adwcleaner for an hour, nothing came up. the log looks clean.
I think maybe a glitch? what shall I do?
thanks.
# AdwCleaner v3.012 - Report created 14/11/2013 at 10:28:51
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ALI - ALIONE
# Running from : C:\Users\ALI\Desktop\adwcleaner(1).exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v25.0 (en-US)
[ File : C:\Users\ALI\AppData\Roaming\Mozilla\Firefox\Profiles\0ll3yo2u.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [5628 octets] - [13/11/2013 02:10:03]
AdwCleaner[R1].txt - [5688 octets] - [13/11/2013 02:17:03]
AdwCleaner[R2].txt - [5748 octets] - [13/11/2013 02:30:12]
AdwCleaner[R3].txt - [1003 octets] - [14/11/2013 09:00:42]
AdwCleaner[R4].txt - [1063 octets] - [14/11/2013 09:41:32]
AdwCleaner[R5].txt - [928 octets] - [14/11/2013 10:28:51]
AdwCleaner[s0].txt - [5816 octets] - [13/11/2013 02:45:39]
########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1047 octets] ##########
-
Here's what I did: a sort of "work around" -- at 99% before it could hang and crash, I generated the log file. Here are the results.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\bin\cltmng.exe.vir a variant of Win32/Conduit.SearchProtect.B application
C:\AdwCleaner\Quarantine\C\Users\ALI\AppData\Roaming\Searchprotect\bin\cltmng.exe.vir a variant of Win32/Conduit.SearchProtect.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\bin\SPRunner.exe.vir a variant of Win32/Conduit.SearchProtect.D application
C:\AdwCleaner\Quarantine\C\Users\ALI\AppData\Roaming\Searchprotect\bin\SPRunner.exe.vir a variant of Win32/Conduit.SearchProtect.D application
C:\Users\ALI\AppData\Local\Temp\tbConn.dll a variant of Win32/Toolbar.Conduit.B application
C:\Users\ALI\AppData\Local\Temp\ct3306061\ieLogic.exe multiple threats
C:\$Recycle.Bin\S-1-5-21-3037077486-3211791067-4127863810-1000\$RQVN6JL.exe probably a variant of Win32/CNETInstaller.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\bin\ChromeModule.dll.vir probably a variant of Win32/Conduit.SearchProtect.C application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\bin\FirefoxModule.dll.vir probably a variant of Win32/Conduit.SearchProtect.C application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\bin\InternetExplorerModule.dll.vir probably a variant of Win32/Conduit.SearchProtect.C application
C:\AdwCleaner\Quarantine\C\Users\ALI\AppData\Roaming\Searchprotect\bin\ChromeModule.dll.vir probably a variant of Win32/Conduit.SearchProtect.C application
C:\AdwCleaner\Quarantine\C\Users\ALI\AppData\Roaming\Searchprotect\bin\FirefoxModule.dll.vir probably a variant of Win32/Conduit.SearchProtect.C application
C:\AdwCleaner\Quarantine\C\Users\ALI\AppData\Roaming\Searchprotect\bin\InternetExplorerModule.dll.vir probably a variant of Win32/Conduit.SearchProtect.C application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js.vir Win32/Conduit.SearchProtect.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\ffprotect\nsprotector.js.vir Win32/Conduit.SearchProtect.A application
C:\AdwCleaner\Quarantine\C\Users\ALI\AppData\Roaming\Searchprotect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application
C:\AdwCleaner\Quarantine\C\Users\ALI\AppData\Roaming\Searchprotect\ffprotect\nsprotector.js.vir Win32/Conduit.SearchProtect.A application -
I found this on the eset site:
Computer scan hangs at 99% and then crashes with a blue screenKB Solution ID: SOLN2916|Last Revised: July 29, 2013
IssueComputer scan reaches 99% completion then crashes with blue screen (BSoD)
HOTFIXThis article was written as a hotfix to a known issue. The steps below may not resolve this issue in some cases.
SolutionIn some cases, ESET Computer scans hang at 99% and are followed by a blue screen crash (BSoD). Though this issue is rare, our team is aware of it and working hard to resolve it. If you are experiencing this issue, we recommend that you email ESET Customer Care and include a scan log. To do so, please follow the steps in the appropriate Knowledgebase article below:
-
ran it about 5 times. this last time when i was 99% it crashed and I got a BSOD. i had 18 threats but i couldn't get to the end. can i end it at 99% so at least it completes?
what now?
-
# AdwCleaner v3.012 - Report created 13/11/2013 at 02:45:39
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ALI - ALIONE
# Running from : C:\Users\ALI\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : CltMngSvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Users\ALI\AppData\Local\Conduit
Folder Deleted : C:\Users\ALI\AppData\Local\PackageAware
Folder Deleted : C:\Users\ALI\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\ALI\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\ALI\AppData\Roaming\Searchprotect
File Deleted : C:\Users\ALI\AppData\Roaming\Mozilla\Firefox\Profiles\0ll3yo2u.default\invalidprefs.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Deleted : C:\Users\ALI\AppData\Roaming\Mozilla\Firefox\Profiles\0ll3yo2u.default\searchplugins\Conduit.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchProtect]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v25.0 (en-US)
[ File : C:\Users\ALI\AppData\Roaming\Mozilla\Firefox\Profiles\0ll3yo2u.default\prefs.js ]
Line Deleted : user_pref("CT3306061.FF19Solved", "true");
Line Deleted : user_pref("CT3306061.UserID", "UN24417170612182312");
Line Deleted : user_pref("CT3306061.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3306061.fullUserID", "UN24417170612182312.IN.20131110143708");
Line Deleted : user_pref("CT3306061.installDate", "10/11/2013 14:37:10");
Line Deleted : user_pref("CT3306061.installSessionId", "{0389EAC7-DF1D-4A38-BCAC-A486D65BED55}");
Line Deleted : user_pref("CT3306061.installSp", "TRUE");
Line Deleted : user_pref("CT3306061.installerVersion", "1.8.0.14");
Line Deleted : user_pref("CT3306061.keyword", "true");
Line Deleted : user_pref("CT3306061.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3306061.originalSearchEngine", "");
Line Deleted : user_pref("CT3306061.originalSearchEngineName", "");
Line Deleted : user_pref("CT3306061.searchRevert", "true");
Line Deleted : user_pref("CT3306061.searchUserMode", "2");
Line Deleted : user_pref("CT3306061.smartbar.homepage", "true");
Line Deleted : user_pref("CT3306061.toolbarInstallDate", "10-11-2013 14:37:08");
Line Deleted : user_pref("CT3306061.versionFromInstaller", "10.21.1.7");
Line Deleted : user_pref("CT3306061.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "Connect DLC 5 Customized Web Search");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3306061");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3306061");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3306061");
Line Deleted : user_pref("smartbar.machineId", "0LDOC7WCGTOBSHP73JO9NMSSDDRQCNLDPC9QK37KDBSCJ2FEQN3KQ9TVKTGFN/SLIINAHGTVVAXXKALII/6C5Q");
*************************
AdwCleaner[R0].txt - [5628 octets] - [13/11/2013 02:10:03]
AdwCleaner[R1].txt - [5688 octets] - [13/11/2013 02:17:03]
AdwCleaner[R2].txt - [5748 octets] - [13/11/2013 02:30:12]
AdwCleaner[s0].txt - [5676 octets] - [13/11/2013 02:45:39]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5736 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by ALI on Wed 11/13/2013 at 2:50:42.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{77309F16-52E6-4D10-B2DB-B4004187D128}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\ALI\AppData\Roaming\mozilla\firefox\profiles\0ll3yo2u.default\minidumps [21 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/13/2013 at 2:57:49.16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -
Hi Marius,
thank you for helping. I've been running Adwcleaner and it is slow. I think it generated a log file but scan is still grayed out and top bar says "Pending. Please uncheck elements you don't wnat to remove."
is it finished?shall i clean and move onto the JRT?
-
any assistance would be appreciated.
I downloaded a free font renamer and goofed. it installed so quickly and tricked me.
can you help me remove this bugger?TIA
soberali
PUP. Optional. Conduit.A removal assistance
in Resolved Malware Removal Logs
Posted
thanks again.