Author Topic: PC Cleaner Pro  (Read 11570 times)

0 Members and 1 Guest are viewing this topic.

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #15 on: December 08, 2015, 07:55:02 PM »
- Open the report
- Select all text (ctrl+a)
- Copy the text (ctrl+c)
- Open notepad
- Paste the text there
- Save the notepad file
- Attach the file to your post

ctrl+a doesn't work. Apologies, I am wrestling with a delinquent ADSL router which works occasionally, this make take some time. I will read the and action the rest of your posts.

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #16 on: December 08, 2015, 08:16:36 PM »
Here is the fixlog.

I am getting there slowly, have to reset the router every 5 minutes.

Steve

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #17 on: December 08, 2015, 08:34:37 PM »
And here are the Adwcleaner files.

Can I proceed with the Avast installation now??.

The only problem it has thrown up is that IPC Audio shuts down but I can probably live with that.

Steve

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: PC Cleaner Pro
« Reply #18 on: December 08, 2015, 09:45:10 PM »
No as the rootkit has not gone... I really do need to see at least the last 10 lines of the TDSSKiller log

Scan with Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save the file to your desktop.
Note that the tool is still in its BETA stage, therefore not all functionalities may be added.
  • Right-click on icon and select Run as Administrator to start the tool
  • It will ask you for an extraction place - make sure you will unpack it to your desktop
  • After the extraction, the tool should start itself (no action required)
  • On the Introduction screen click Next
  • On the Update screen click Update
  • When prompted about the succesful update, click Next
  • On the Scan System screen, make sure that all three options
    • Drivers
    • Sectors
    • System
    are checked for scanning and press Scan.
Wait patiently and don't do anything on your machine while MBAR goes through your system!
  • If no infection is found, just close the tool.
  • If an infection is found, make sure that Create Restore Point is checked, then select Cleanup button to remove threats. The process will start and your machine will prompt you to reboot upon completion.
When finished (either with or without cleanup), please navigate to the MBAR directory.
Search there for these two files:
> mbar-log-date(time).txt
> system-log.txt
Please include the content of both files in your reply.

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #19 on: December 08, 2015, 10:26:02 PM »
Okay, by hook or by crook I will get it to you somehow tomorrow, and I will run the Malwarebytes routine also.

I have Rkill on there from a previous problem, is that worth a try?.

Thanks

Steve

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #20 on: December 09, 2015, 10:25:45 AM »
Finally here it is

I may be on and off today depending on how my router behaves.

Thanks

Steve

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #21 on: December 09, 2015, 11:00:06 AM »
Just a query on Mbar, it has found malware but there is no option to create a restore point, will it do it automatically?

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #22 on: December 09, 2015, 11:16:38 AM »
Just a query on Mbar, it has found malware but there is no option to create a restore point, will it do it automatically?

Sorry please ignore this, fixed it.

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #23 on: December 09, 2015, 11:32:28 AM »
Mbar log files attached.


Thanks


Steve

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37028
Re: PC Cleaner Pro
« Reply #24 on: December 09, 2015, 11:34:58 AM »
Essexboy is usually online after 15:00 european time   ;)


Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #25 on: December 09, 2015, 11:44:50 AM »
Okay. I am still having intermittent issues with my ADSL router but I will be on sometime this afternoon.

Steve

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: PC Cleaner Pro
« Reply #26 on: December 09, 2015, 04:03:42 PM »
08:39:40.0156 0x0fd8  d449d21c2eaaa3bf ( Rootkit.Win32.Necurs.gen ) - skipped by user
08:39:40.0156 0x0fd8  d449d21c2eaaa3bf ( Rootkit.Win32.Necurs.gen ) - User select action: Skip

This is why I needed to see the report.. You did not remove the rootkit.
Run TDSSKiller again and select deleted for necurs

Then run a fresh FRST scan please

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #27 on: December 09, 2015, 05:54:13 PM »
Ok, on the first instruction it said use Cure, if Cure is not available use skip but do not delete.

I will go again and use delete.

Thanks

Steve

Offline Jazzman4551

  • Jr. Member
  • **
  • Posts: 23
Re: PC Cleaner Pro
« Reply #28 on: December 09, 2015, 06:11:57 PM »
TDSS Killer re run and FRST scan results attached.

Thanks

Steve

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: PC Cleaner Pro
« Reply #29 on: December 09, 2015, 07:45:41 PM »
OK after this fix then install Avast :)

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 
Quote
CreateRestorePoint:
R1 tmtdi; C:\WINDOWS\System32\DRIVERS\tmtdi.sys [92112 2010-09-30] (Trend Micro Inc.)
2015-12-07 14:27 - 2015-11-02 11:40 - 00000000 ____D C:\Documents and Settings\s.jubb\Application Data\AVG
2015-12-07 14:27 - 2015-11-02 11:32 - 00000000 ____D C:\Documents and Settings\s.jubb\Local Settings\Application Data\Avg
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that