Jump to content

Need help with Computer issues after SMART HDD virus infection


Recommended Posts

Oops, it seems we need 64 bit version:

http://jpshortstuff.247fixes.com/SystemLook_x64.exe

Please try again.

BUT, I do have this other program "updatechecker.exe" that is part of the ASUS motherboard I have. I have read mixed reviews about it so I never use it, but did use it one time. I will not use it in the future either and since it pops up every time I log in it's probably doing more harm than good...even if that's just because it butts in on my space. What do you think, do I need to use it, or something like it? It's suppose to check for drver updates, but I read some versions are a security risk. And, well you know how we feel about those...

Presents a risk because there are cases in which malicious software can use it for their own purposes. This does not mean that it is generally unsafe.

Link to post
Share on other sites

Ok about the "updatechecker.exe," since I never use it, is there a way to stop it from popping up every time I log in? That happens to be on ANY account I choose to log in on, it still appears requesting to do 'what ever it is' that it is requesting to do. In the meantime, here is the correct log, for 64 bit...

Thank you, again

Dwwann

SystemLook 30.07.11 by jpshortstuff

Log created at 02:15 on 30/04/2012 by The Wand

Administrator - Elevation successful

========== filefind ==========

Searching for "*RegistryBooster* "

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\RegistryBooster\RegistryBooster.lnk --a---- 1824 bytes [11:28 24/11/2011] [11:28 24/11/2011] F239E51575F80B267CF0FE3B4E1DEFD8

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\RegistryBooster\Uninstall RegistryBooster.lnk --a---- 1064 bytes [11:28 24/11/2011] [11:28 24/11/2011] 78B0CD93725D5C43D1BCDAA2FDE12A16

C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Uniblue\RegistryBooster\RegistryBooster.lnk --a---- 1824 bytes [11:28 24/11/2011] [11:28 24/11/2011] F239E51575F80B267CF0FE3B4E1DEFD8

C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Uniblue\RegistryBooster\Uninstall RegistryBooster.lnk --a---- 1064 bytes [11:28 24/11/2011] [11:28 24/11/2011] 78B0CD93725D5C43D1BCDAA2FDE12A16

C:\Windows\System32\Tasks\RegistryBooster --a---- 2524 bytes [11:28 24/11/2011] [11:28 24/11/2011] 28A2EB42B3B247ACD56B52FEEE289035

C:\_OTL\MovedFiles\04262012_105257\C_Windows\Tasks\RegistryBooster.job --a---- 350 bytes [11:28 24/11/2011] [17:43 26/04/2012] D3D61B27663526091D8624C73A08B30A

Searching for " "

No files found.

========== folderfind ==========

Searching for "*uniblue* "

C:\Program Files (x86)\Uniblue d------ [11:28 24/11/2011]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue d------ [11:28 24/11/2011]

C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Uniblue d------ [11:28 24/11/2011]

Searching for " "

No folders found.

========== regfind ==========

Searching for "uniblue "

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]

"DisplayName"="Uniblue RegistryBooster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]

"Publisher"="Uniblue Systems Ltd"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]

"Contact"="Uniblue Systems Ltd"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]

"Comments"="Copyright © Uniblue Systems Limited 2009"

Searching for "registrybooster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\registrybooster[1].exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EF9D18C-DADC-4CD4-97E8-44365380A8D5}]

"Path"="\RegistryBooster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegistryBooster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\registrybooster_RASAPI32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\registrybooster_RASMANCS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]

"DisplayName"="Uniblue RegistryBooster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]

"InstallLocation"="C:\Program Files (x86)\Uniblue\RegistryBooster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Uniblue\Registry Booster2]

"InstalledLocation"="C:\Program Files (x86)\\Uniblue\RegistryBooster\Launcher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Uniblue\Registry Booster2]

"LatestDownloadUrl"="http://download.uniblue.com/aff/rb/sevenforums/bt-11-030/a/registrybooster.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Uniblue\Registry Booster2]

"CampaignDownloadUrl"="http://download.uniblue.com/aff/rb/sevenforums/bt-11-030/a/registrybooster.exe"

-= EOF =-

Link to post
Share on other sites

Folow the instructions here to stop it:

http://www.netsquirrel.com/msconfig/msconfig_win7.html

Now, locate to:

C:\Program Files (x86)\Uniblue

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue

C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Uniblue

Then manually delete them.

Next:

Open notepad and copy and paste next in it: (don't forget to copy and paste REGEDIT4)

REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\registrybooster[1].exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EF9D18C-DADC-4CD4-97E8-44365380A8D5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegistryBooster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\registrybooster_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\registrybooster_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Uniblue]

Save this as fixicon.reg Choose to save as *all files and place it on your desktop.

It should look like this: reg.gif

Doubleclick on it and when it asks you if you want to merge the contents to the registry, click yes/ok.

Then log off or reboot your computer to apply the changes.

Let me know.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.