Jump to content

FrankR

Members
  • Posts

    20
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Sorry been busy on a friday... I restarted the computer again today and the MSE popped up in the tray. The taskmngr has MS security client running (which I suppose is the .exe for MSE). The msconfig -> startup has the "MS Security Client" checked for startup. It just wasnt the obvious title of "MS Essentials" I was looking for. Everything looks back to normal and I appreciate all the help, the removal and all the links to disable useless software and what-have-you. I will certainly keep MBAM up to date and compute more discerningly. Thanks again Mr C. ~FrankR
  2. SystemLook 30.07.11 by jpshortstuff Log created at 19:19 on 15/12/2011 by Sean Administrator - Elevation successful ========== reg ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "UCam_Menu"=""C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"" "QPService"=""C:\Program Files\HP\QuickPlay\QPService.exe"" "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" "hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "MSC"=""c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] -= EOF =-
  3. That box was already unchecked. I went to msconfig. Microsoft Security Essentials was not listed in the startup. There is, however, a "Microsoft Security Client."
  4. Perfect....it is now gone. One small thing, my MSE doesnt appear in my tray. I assume its working in the background (maybe I assume too much) but Im not sure if it is turned on upon startup or if I turn it on when I go to Start -> Programs -> MSE. Nothing in the settings deal with shortcuts or tray icons.
  5. I also dealt with this malware and unhid some things. However now my start menu looks quite inadequate:
  6. Trust me, I want to rid myself of unwanted programs. Its just that I went to control panels and uninstalled the viewer, however I still see it in my task manager. I even restarted to see if the ViewpointService.exe was still starting up and sure enough it is (despite my control panel uninstalling it). Thoughts? Could I just deleted the files from my C: or is that not preferred? The item is gone from the control panel but the file remains... I did get MSE up and running, it is now catching up with updates. I also disabled the 5 services listed on the link as it instructed.
  7. The viewer. Im kinda thinking that is something that is part of my hp or OS. I dont see it on my control panel uninstall list and the task manager thinks its part of the system: The OTL did make me reboot. Here is the log that popped up after reboot. 12152011_123153.log
  8. Uninstall went ok...I downloaded the exe went to install and toward the end of the install this popped up:
  9. Problem with combofix. When it was up and running it disabled my MS Essentials. The moment I uninstalled combo fix, the red MS Essentials popped back in the tray and its still doing the same stuff I captured on the screenshots. So I dont know if I need to reinstall MS Essentials or what. I did update java and took care of OTL as described.
  10. Its running pretty good. I will have to reinstall MS Essentials, but other than that I cant complain. Updating MBAM and scanning when things get slow... Thanks for all your help MrC.
  11. Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8365 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 12/13/2011 10:43:52 mbam-log-2011-12-13 (10-43-52).txt Scan type: Quick scan Objects scanned: 175082 Time elapsed: 3 minute(s), 43 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) I couldnt find where the mbam txt is saved or I would have made it an attachment. Thanks so much Mr C
  12. Im not sure if combofix is able to finish... Its stuck on the bluescreen where it says it "should take less than 10mins or sometimes twice as long". Then a popup came up saying my system has a "rootkit zero access, it messes with the tcp/ip stack" and I should restart if I cannot access internet. Is it safe to restart with combofix up?
  13. Ok did the combofix. I had the rootkit zero access. MrC, should I continue the instructions on on the combofix link you gave me with the manual "windows recovery"? Or is that only if my OS was disturbed? I guess I dont know if the "automatic install of Recovery Console" occurred. BTW, thanks for the help. ComboFix.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.