Jump to content

C:\ProgramData\boost_interprocess


Recommended Posts

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

 

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced log..

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

 

  •  

     

  • Shut down your protection software now to avoid potential conflicts.

     

     

  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

     

     

  • The tool will open and start scanning your system.

     

     

  • Please be patient as this can take a while to complete depending on your system's specifications.

     

     

  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

     

     

  • Post the contents of JRT.txt into your next message.

     

     

 

 

Next,

 

Please download SystemLook from the following link below and save it to your Desktop. Use the correct version 32bit or 64bit.
 

http://jpshortstuff.247fixes.com/SystemLook_x64.exe      <<-   64 bit….

 

http://images.malwareremoval.com/jpshortstuff/SystemLook.exe  <<-  32 bit

 

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :folderfindboost_interprocess:regfindboost_interprocess
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.


Note: The log can also be found on your Desktop entitled SystemLook.txt

 

Let me see those logs..

 

Kevin

Link to post
Share on other sites

Download OTM from either of the following links and save to your Desktop: (If your security alerts to OTM, either accept the alert or turn off security to allow OTM to run)

http://oldtimer.geekstogo.com/OTM.exe.
http://www.itxassociates.com/OT-Tools/OTM.com
http://www.itxassociates.com/OT-Tools/OTM.exe  

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion.... If your security alerts to OTM either, accept the alert or turn off security until OTM completes...

  • Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Ensure to start with and include the colon before Files :Files

    :Filesipconfig /flushdns /cC:\ProgramData\boost_interprocessC:\ProgramData\dvdfab\boost_interprocessC:\Users\All Users\boost_interprocessC:\Users\All Users\dvdfab\boost_interprocess:Commands[EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red btnmoveit.png button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM


Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

Re-boot your PC and see if the nuisance returns, Also run System Look again, this time use the 64 bit version....

Please download SystemLook from the following link below and save it to your Desktop. Use the correct version 32bit or 64bit.

http://jpshortstuff.247fixes.com/SystemLook_x64.exe      <<-   64 bit….

http://images.malwareremoval.com/jpshortstuff/SystemLook.exe  <<-  32 bit

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :folderfindboost_interprocess:regfindboost_interprocess*boost_interprocess*
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.


Note: The log can also be found on your Desktop entitled SystemLook.txt

 

Kevin..

Link to post
Share on other sites

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\QuadForce 2\Desktop\cmd.bat deleted successfully.
C:\Users\QuadForce 2\Desktop\cmd.txt deleted successfully.
C:\ProgramData\boost_interprocess\20140303173208.125599 folder moved successfully.
C:\ProgramData\boost_interprocess folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\FF0C5DC392C5CE01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\FCEB361C94BACD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\CE88A20D36A7CD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\BAFE5950A284CD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\BAD990FC1710CD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\BACB2DEB7740CE01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\BAA635884409CD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\BA921A23B987CD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\BA826F9C5243CE01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\BA7F0C8B0558CE01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\BA4CBA99EC37CE01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\3AE7FCCABD2DCD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\3A9B9BD4B2E4CE01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\3A92657214EFCD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\3A76D175C914CD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\3A4DEF6C83E7CC01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\3A0DC4DC41E8CC01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\3A0D497CF41FCD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\2AD480870558CE01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\0E42C6E25BDFCD01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess\05A00D1C2ADACC01 folder moved successfully.
C:\ProgramData\dvdfab\boost_interprocess folder moved successfully.
File/Folder C:\Users\All Users\boost_interprocess not found.
File/Folder C:\Users\All Users\dvdfab\boost_interprocess not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 57472 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: QuadForce 2
->Temp folder emptied: 3674930 bytes
->Temporary Internet Files folder emptied: 261547 bytes
->Java cache emptied: 8196 bytes
->FireFox cache emptied: 31247250 bytes
->Flash cache emptied: 57964 bytes
 
User: Raney
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 53258588 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 195 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 195 bytes
RecycleBin emptied: 140740 bytes
 
Total Files Cleaned = 85.00 mb
 
 
OTM by OldTimer - Version 3.1.21.0 log created on 03042014_183928

Files moved on Reboot...
C:\Users\QuadForce 2\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\QuadForce 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

Registry entries deleted on Reboot...

 

SystemLook.txt

Link to post
Share on other sites

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion.... If your security alerts to OTM either, accept the alert or turn off security until OTM completes...

  • Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Ensure to start with and include the colon before Files :Files

    :FilesC:\ProgramData\boost_interprocessC:\Users\All Users\boost_interprocess:Commands[EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red btnmoveit.png button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM


Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

 

See if boost_interprocess returns

Link to post
Share on other sites

All processes killed
========== FILES ==========
C:\ProgramData\boost_interprocess\20140304184038.125599 folder moved successfully.
C:\ProgramData\boost_interprocess folder moved successfully.
File/Folder C:\Users\All Users\boost_interprocess not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: QuadForce 2
->Temp folder emptied: 1914834 bytes
->Temporary Internet Files folder emptied: 61755 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16951551 bytes
->Flash cache emptied: 492 bytes
 
User: Raney
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 53254250 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 69.00 mb
 
 
OTM by OldTimer - Version 3.1.21.0 log created on 03042014_192232

Files moved on Reboot...
C:\Users\QuadForce 2\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\QuadForce 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
 

SystemLook.txt

Link to post
Share on other sites

Ok so the nuisance returns after a re-boot... Obviously we have a service running that replaces boost_interprocess each time we remove it.

 

Go to the following link: http://support.microsoft.com/kb/929135 follow the instructions and run your system in a "Clean Boot" mode. In that mode all none MS services are disabled...

 

Now rerun OTM and move the problem folders...

 

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion.... If your security alerts to OTM either, accept the alert or turn off security until OTM completes...

  • Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Ensure to start with and include the colon before Files :Files

    :FilesC:\ProgramData\boost_interprocessC:\Users\All Users\boost_interprocess:Commands[EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red btnmoveit.png button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM


Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.....

 

If OTM does not re-boot the system do that yourself, we should still be in a clean boot mode, check if nuisance is back......

Link to post
Share on other sites

SystemLook 30.07.11 by jpshortstuff

Log created at 17:18 on 05/03/2014 by QuadForce 2

Administrator - Elevation successful

========== folderfind ==========

Searching for "boost_interprocess"

C:\AdwCleaner\Quarantine\C\ProgramData\boost_interprocess d------ [21:31 25/01/2014]

C:\_OTM\MovedFiles\03042014_183928\C_ProgramData\boost_interprocess d------ [23:34 03/03/2014]

C:\_OTM\MovedFiles\03042014_183928\C_ProgramData\dvdfab\boost_interprocess d------ [23:33 09/02/2012]

C:\_OTM\MovedFiles\03042014_192232\C_ProgramData\boost_interprocess d------ [00:42 05/03/2014]

C:\_OTM\MovedFiles\03052014_171405\C_ProgramData\boost_interprocess d------ [01:28 05/03/2014]

========== regfind ==========

Searching for "boost_interprocess"

No data found.

Searching for "*boost_interprocess*"

No data found.

-= EOF =-

Link to post
Share on other sites

It is now a process of elimination to find the problem service, this is a somewhat laborious task.....

 

Access msconfig again, select the services tab. Ensure "Hide all MS services" is checked (ticked). Check (tick) the first none MS service to enable, re-boot and see if the nuisance returns. If not, repeat again. Do that until eventually the problem service will be found.

 

Are those instructions ok to follow. like I said before, a bit of a laborious task but should find the culprit..

 

Kevin

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.