Hotel Network?

7KxrxUcwoQNO8rqu1udn · Feb 25, 2016

My BitDefender found a few files that it has quarantined. Then a further scan showed that I have Traogan.VBS.UEP and W97M.Downloader.AVG. There was some odd behavior with my Lenovo service center software asking me to accept a certificate which I did not as I've had that software for over a year now.

Thank you ahead of time for your assistance!

Kestrel13! · Feb 25, 2016

Not seeing much to do here...

You have not uploaded the correct log from Malware Bytes, please check the instructions carefully and then upload what I need. Thanks.

Re run Hitman Pro, activate/enable the free trial, then have it remove all of the below:

Malware remnants ____________________________________________________________

HKLM\SOFTWARE\Classes\AppID\VisualDiscovery.exe\ (SuperFish)
HKLM\SOFTWARE\Classes\WOW6432Node\AppID\VisualDiscovery.exe\ (SuperFish)

Potential Unwanted Programs _________________________________________________

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}\ (MyStart)
HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}\ (MyStart)

Fix items using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab and locate this detection:

[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Partner -> Found

Place a checkmark next to each of these items, leave the others unchecked.
Now press the Delete button.

...same for these on the Files tab please...

[PUP][File] C:\Users\Clark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk [LNK@] C:\Users\Clark\AppData\Local\Pokki\Engine\HostAppService.exe /OPEN"f22abfeae27a67446927d078890381efc546d3e1" -> Found

[PUP][File] C:\ProgramData\Pokki\PC App Store.lnk [LNK@] C:\Users\Clark\AppData\Local\Pokki\Engine\HostAppService.exe /OPEN"f22abfeae27a67446927d078890381efc546d3e1" -> Found

When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)
Reboot the machine.

Download Cleano 1.31

Download it to your desktop, Right click the cleano.exe file and run as admin > and place check marks in the boxes as follows (click on link below to see image)

View attachment 148092
Click clean now and exit the program.

How are things running? Is Bitdefender detecting anything else?

7KxrxUcwoQNO8rqu1udn · Feb 25, 2016

Thank you. I'll complete the suggested actions and reply back. Please find what I hope to be the correct Malwarebytes log file.

Kestrel13! · Feb 25, 2016

7KxrxUcwoQNO8rqu1udn said: ↑

Thank you. I'll complete the suggested actions and reply back.
Click to expand...

You're welcome.

7KxrxUcwoQNO8rqu1udn · Feb 26, 2016

I have completed the new instructions and attached the RKreport file.

BitDefender & Malwarebytes claim clean and the performance is good.

Thanks again!.. unless the old Malwarebytes or the RKreport lead to more actions!

So site donations go to Super Malware Fighters?

Kestrel13! · Feb 26, 2016

7KxrxUcwoQNO8rqu1udn said: ↑

BitDefender & Malwarebytes claim clean and the performance is good.
Click to expand...

So pleased to hear that.

You are most welcome. I am seeing nothing else to do here. Donations go to the Majorgeeks website in general.

Log in or Sign up

Hotel Network?

7KxrxUcwoQNO8rqu1udn Private E-2

Attached Files:

HitmanPro_20160224_2232.log

MGlogsR.zip

rk.txt

mbam-log-2016-02-24 (20-30-22).txt

TDSSKiller.3.1.0.9_24.02.2016_21.27.12_log.txt

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

7KxrxUcwoQNO8rqu1udn Private E-2

Attached Files:

mbam-log-2016-02-24 (20-30-22).txt

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

7KxrxUcwoQNO8rqu1udn Private E-2

Attached Files:

RKreport.txt

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member