Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Fake Adobe Update tryed to get installed. What to do? [Solved]


  • This topic is locked This topic is locked

#31
SamStencil

SamStencil

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Hey Nutloaf...had to close the first scan of JTR before finishing cause I forgot to turn off AVG, I hope it hasn't damaged anything or given wrong results on the second scan... here it is

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Test on 02.06.2013 at 15:57:26,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.06.2013 at 16:01:27,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

Advertisements


#32
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there Sam I am glad that we have come to a resolution regarding the SAVE folder. My apologies for this once more, I hope it hasn't tainted your experience here. At least you have what is one the USB and Phone or Card.

I will look over these logs and prepare my next post for you. In the meantime while you wait, you can run through the following troubleshooter for HP products before we look into that further :)

HP Memory Card Reader Trouble shooter.

Many thanks Posted Image
  • 0

#33
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi Sam how would you feel about running ADWcleaner to scan only. There were entries in the 1st scan that would need dealing with. Anything that does not need deleting we can move onto USB before deleting.

1. Run ADWcleaner

For your next reply I need the ADWcleaner log, if Run and how you got on with the Memory Card issues.
  • 0

#34
SamStencil

SamStencil

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Uhm... I just tried to run ADW and when opening the log on Editor it says "access denied" and the File is blank. Should I Unninstall the program and try again?
  • 0

#35
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Yes please, this was downloaded before the restore. Uninstall and try again :)
  • 0

#36
SamStencil

SamStencil

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Done, here's the log ^^

# AdwCleaner v2.301 - Datei am 02/06/2013 um 17:49:37 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Test - TEST-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Test\Desktop\AdwCleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v27.0.1453.94

Datei : C:\Users\Test\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [962 octets] - [02/06/2013 17:49:37]

########## EOF - C:\AdwCleaner[R1].txt - [1021 octets] ##########
  • 0

#37
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi Sam :)

The ADWcleaner logs reveal the lines I want to delete and nothing else, so......

1. Run ADWcleaner
  • Double click ADWcleaner and select Search
  • The search will complete and a log produced I do not need to see this log.
  • Back to ADWcleaner and click Delete and O.K to remove malware.
  • A reboot will be asked for click O.K
  • On reboot a log is produced. I need to see this log

2. Install the latest version of Windows Essentials
Older versions of Live mail leave a lot of empty folders in the Users folder. The latest version clears up after itself.

3. UPDATE PROGRAMS
  • Download and Install Filehippo Update Checker
  • Run once a month to check that programmes are up to date, therefore more secure.


Things I want to see in your next post.
  • ADWcleaner log
  • How are things running now please?

  • 0

#38
SamStencil

SamStencil

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
# AdwCleaner v2.301 - Datei am 04/06/2013 um 18:45:31 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Test - TEST-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Test\Desktop\AdwCleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v27.0.1453.94

Datei : C:\Users\Test\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1090 octets] - [02/06/2013 17:49:37]
AdwCleaner[R2].txt - [1151 octets] - [04/06/2013 18:45:08]
AdwCleaner[S1].txt - [1084 octets] - [04/06/2013 18:45:31]

########## EOF - C:\AdwCleaner[S1].txt - [1144 octets] ##########




Everything is running normal I'd say... :)
and about the Memory Card thing, I think it's because it's not supported. Tested it one more time with the older Card and it worked, funnily...well..
  • 0

#39
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi Sam, I'm pleased that the PC is running well. My next post will be passed by tomorrow. Posted Image
  • 0

#40
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
I am pleased to say that this machine is clean. All we have to do is make a Clean Restore Point then flush the old ones and remove the tools used. :)

1. OTL
Copy the entire text in the Quote box below, do not include the word QUOTE and Paste into the Custom Scans/Fixes box in OTL.

:COMMANDS
[CREATERESTOREPOINT]

  • Then click Run Fix
  • When complete a log file will tell you if sucessfull. I do not need to see this.
  • Now click the CleanUp button on OTL. This will delete the log files, and OTL itself.
  • Click O.K to Reboot.

2. Flush Old System Restore Points
  • Click on Start(Windows 7 Orb) >> All Programs >> Accessories >> System Tools >> right-click on Disk Cleanup and select Run as Administrator.
  • If prompted Select the system drive, C then OK.
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked.
  • Now click on the More Options tab. If not shown - Click on Clean up system files >> Select the system drive, C then OK. now click More Options Tab.
  • Under:- System Restore and Shadow Copies Click on Clean up... select Delete >> OK then Delete Files.

3. Uninstall ADWcleaner
  • Open ADWcleaner and select uninstall.

4. Delete Security Check Icon
  • Right click the Security Check Icon and select Delete

5. Delete JRT icon and folder
  • Right click the Junkware Removal Tool Icon and select Delete
  • Click Start then Computer and double-click Local Disk (C:) and delete the JRT Folder

Avoid the following
  • Torrent downloaders, Torrent files and Torrent sites. - Otherwise known as P2P. The files are mainly illegal, contain malware and\or adult material. Steer clear of P2P programs and files..
  • Registry Cleaners - They can clean a little too much and remove needed entries. The best thing to do with the registry is leave it be.
  • PC Performance Boosters. - Programs that promise to speed up your PC. These are useless and\or come packed with Toolbars and other uneeded software that runs in the background causing, you guessed it Performance Issues!
  • Not Checking Install Screens - Dont just click next, next, next and Install when installing programs. Some of the screens may contain Browsers or Toolbars. Check each screen before clicking next.

The main thing is to Keep On Top Of Your Updates and run Weekly Scans with Malwarebytes and AVG. :)

If there are any problems with the above then let me know as I will keep this thread open for 24 hours.

Select the following link and add it to your Favourites or Bookmark for future use. The answers to the majority of PC problems. :wave:
  • 0

Advertisements


#41
SamStencil

SamStencil

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
So, everything done! Comp is working normally.

Thank you very, very much Nutloaf :) I take good care of my pc but things may happen, you never know!

Thank you guys for keeping up the good work!!
  • 0

#42
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
No problem Sam that's why we are here. Thanks again for sticking with me, I really appreciated it. :thumbsup:
  • 0

#43
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP