InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : P. C Power Speed: fake? Malware? did homework; logs below? |
|
Answer» I went ahead and pulled up add/remove programs and deleted P. C. Power Speed, (which showed itself as version 1.0.0.27). It seemed to work quickly and the undesired program no longer shows up as a desktop icon or in all programs. Question: do you want me to use the program's listed, "uninstaller," or go into Control Panel and use, "add/remove," programs?Check if the program has it's own uninstaller. If not, use the second method. Yes, it had it's own un-installer. However, LAST night I decided that if there was one bad way to uninstall, you'd have said so. Soooo..., in a quick note above, "I went ahead and pulled up add/remove programs and deleted P. C. Power Speed, (which showed itself as version 1.0.0.27). It seemed to work quickly and the undesired program no longer shows up as a desktop icon or in 'all programs.' I wonder if it really did completely remove it??? Could something still be buried in the registry? (I don't know much about working in the registry) ?? Follow up point: my wife has an iPad she likes. Along with her iPhone and iPod, she has put them all on Apple's, "iCloud." Which she updates regularly from the desktop computer you are working on here. Did you see any problems in her computer that were significant in the first place (regardless of P C Power Speed)? Do you see any reason that her other devices could be infected with anything because of what you found in her computer? Anything left to do?" Dennis Quote I wonder if it really did completely remove it??? Could something still be buried in the registry? (I don't know much about working in the registry)Please run another scan with adwCleaner and post the log. Quote Do you see any reason that her other devices are infected with anything because of what you found in her computer?No, there wasn't anything dangerous on the computer.Thank you again, Dave. My wife and I both are getting pretty excited about this. If I did it right again, here's the AdwCleaner log: # AdwCleaner v2.011 - Logfile created 12/02/2012 at 18:48:42 # Updated 02/12/2012 by Xplode # Operating SYSTEM : Microsoft Windows XP Service Pack 3 (32 bits) # User : User - RCI-E295BA48E47 # Boot Mode : Normal # Running from : C:\Documents and Settings\User\Desktop\AdwCleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF808758-C780-404C-A4EE-4526323FD9B6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] ***** [Internet Browsers] ***** -\\ Internet Explorer v7.0.6000.17114 [OK] Registry is clean. OK? Dennis Ok. We should do some cleanup. To uninstall ComboFix
(Note: Make sure there's a space between the word ComboFix and the forward-slash.)
Click Start> Computer> right click the C Drive and choose Properties> enter Click DISK Cleanup from there. Click OK on the Disk Cleanup Screen. Click Yes on the Confirmation screen. This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive) ******************************************** Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable SHOPPING sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Protect yourself against spyware using the IMMUNIZE feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing!Dave: I've done everything up to getting the Web of Trust which will be next. I'll work through your suggestions for maintenance now. I'm guessing that about winds it up. ?? I really appreciate your help and my wife appreciates it even more ! Thank you, DennisYou're welcome. I will lock this thread. If you need it re-opened, please send me a pm. |
|