If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#31
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
I understand that Microsoft Security Essentials is not a replacement for Malwarebytes. I did not know Microsoft Security Essentials conflicted with Avast so I will uninstall it. My question was is this link ok to download and install Malwarebtyes: http://www.malwarebytes.org/ In addition, is there any third party disc software that you could recommend to check for malware? Thanks, Robert |
Ads |
#32
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
On Sat, 11 Jan 2014 01:43:38 -0500, Nil
wrote: On 10 Jan 2014, "Ken Blake, MVP" wrote in microsoft.public.windowsxp.general: I agree with everything you say in this message, except for that sentence. Microsoft Security Essentials is not *comparable to Norton or McAfee; it is *much* better than either. Wellll... they are comarable in that you can compare them. OK, if that's what you mean, but you use the word differently than I do. |
#34
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
On 1/11/2014 5:05 AM, wrote:
snip In addition, is there any third party disc software that you could recommend to check for malware? Thanks, Robert Kaspersky Rescue CD. (Boot the computer with it.) http://support.kaspersky.com/8092 Adwcleaner. (Runs within Windows, for Adware/Toolbars) http://www.bleepingcomputer.com/download/adwcleaner/ Malwarebytes Free One-Time Scanner (not the paid version) (Runs within Windows - covers some of the same stuff as Kaspersky) http://www.malwarebytes.org/ Those are some examples. If you run into any you're "interested" in, post a link here for comments. Rather than randomly downloading them from some malware site, and ending up in yet more trouble. HTH, Paul |
#35
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
Hello Paul,
Here's what I've done; I uninstalled Microsoft Security Essentials and installed the free version of Malwarebytes and when I ran it for the first time it came up with (1) Pup malware but I was able to delete it. However it set me to thinking that I'm still infected with malware. I ran another scan afterwards and it came up clean. I decided to try a System image restore but when I checked my external HD and expected to see several system images but there's only one dated 1-8-14. I know I've made system images at least once a month but I could not find them. In any case, I started the process which took me to a screen much like Safe Mode looks and decided to cancel it because I didn't want to make things worst than they already are and felt that if this is the latest version then it will be infected too. I still don't understand what happened to all the other system images I made unless it writes over them? That would be pretty useless if I needed an earlier version (which I do). I downloaded/installed the Kapersky Rescue Disk 10 on a 32GB Cruzer Glide flash drive however I was unable to bring up the Bios for some reason and I tried several times. When I attemped to download and install Adwcleaner it installed Slow PC fighter, Arcade Palor (which is where I traced one of my infected Pup malware files previously), Yahoo Toolbar and changed my homepage from Firefox to Yahoo. Other programs that show today's date are 7-Zip, CWA Reminder by We-Care.com, File Association Manager, and Winferno Registry Power Cleaner and Adwcleaner never did install. My computer is once again infected with malware with (30) objects found from Arcade Palor, 7-Zip, We Care Reminder, Registry Key HKCR. Just like I was infected from Optimizer Pro which came with CcCleaner I deleted Arcade Palor, Yahoo Toolbar, and Slow PC Fighter but can I delete the rest of these programs as well since they seem to be infected. Here are the results of the scan: Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 401202 Time elapsed: 32 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 11 HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\IEHelperv250.WeCareReminder.1 (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\IEHelperv250.WeCareReminder (PUP.Optional.WeCare.A) - Delete on reboot. |
#36
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
Hello Paul,
Here's what I've done; I uninstalled Microsoft Security Essentials and installed the free version of Malwarebytes and when I ran it for the first time it came up with (1) Pup malware but I was able to delete it. However it set me to thinking that I'm still infected with malware. I ran another scan afterwards and it came up clean. I decided to try a System image restore but when I checked my external HD and expected to see several system images but there's only one dated 1-8-14. I know I've made system images at least once a month but I could not find them. In any case, I started the process which took me to a screen much like Safe Mode looks and decided to cancel it because I didn't want to make things worst than they already are and felt that if this is the latest version then it will be infected too. I still don't understand what happened to all the other system images I made unless it writes over them? That would be pretty useless if I needed an earlier version (which I do). I downloaded/installed the Kapersky Rescue Disk 10 on a 32GB Cruzer Glide flash drive however I was unable to bring up the Bios for some reason and I tried several times. When I attemped to download and install Adwcleaner it installed Slow PC fighter, Arcade Palor (which is where I traced one of my infected Pup malware files previously), Yahoo Toolbar and changed my homepage from Firefox to Yahoo. Other programs that show today's date are 7-Zip, CWA Reminder by We-Care.com, File Association Manager, and Winferno Registry Power Cleaner and Adwcleaner never did install. My computer is once again infected with malware with (30) objects found from Arcade Palor, 7-Zip, We Care Reminder, Registry Key HKCR. Just like I was infected from Optimizer Pro which came with CcCleaner I deleted Arcade Palor, Yahoo Toolbar, and Slow PC Fighter but can I delete the rest of these programs as well since they seem to be infected. Here are the results of the scan: Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 401202 Time elapsed: 32 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 11 HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\IEHelperv250.WeCareReminder.1 (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\IEHelperv250.WeCareReminder (PUP.Optional.WeCare.A) - Delete on reboot. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\CLSID\{6ED0A312-78F5-493C-A90C-5DAF321D0BF8} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\TypeLib\{B3201ABA-7CDE-4C8D-A28D-4316427BD6D1} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\Interface\{B60591CD-AA25-4261-B05A-77826471C0A3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\CLSID\{B60591CD-AA25-4261-B05A-77826471C0A3} (PUP.Optional.WeCare.A) - Delete on reboot. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 2 C:\ProgramData\WeCareReminder (PUP.Optional.WeCare.A) - Delete on reboot. C:\Users\Rob\AppData\Local\ArcadeParlor (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. Files Detected: 17 C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\ReminderHelper.exe (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\WCAutoUpdate.exe (PUP.Optional.WeCare.A) - Delete on reboot. C:\Users\Rob\Downloads\7zip_bimo.exe (PUP.Optional.SecureInstaller.A) - Quarantined and deleted successfully. C:\Windows\Installer\23bed.msi (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\MerchantHash.json (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\cleanwateraction.bmp (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEHelperv2.5.0PS.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEMenuItem.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEMenuItemPS.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEToolMenuDisable.ex e (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\wecarereminderro.crx (PUP.Optional.WeCare.A) - Delete on reboot. C:\Users\Rob\AppData\Local\ArcadeParlor\ap.config (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. C:\Users\Rob\AppData\Local\ArcadeParlor\Arcadeparl or.dll (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. C:\Users\Rob\AppData\Local\ArcadeParlor\broker.exe (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. C:\Users\Rob\AppData\Local\ArcadeParlor\removal.ex e (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. C:\Users\Rob\AppData\Local\ArcadeParlor\versionche ck.exe (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. (end) I ran Malwarebytes again and it came up with (7) objects detected. In passing, I also installed the free version of Malwarebytes on the 8200 and it remains clean as far as the scans are concerned. I hope this doesn't prevent me from posting to this site again. That's what happened last time and it took 3 weeks before I could post again. Thoughts/suggestions? Robert |
#37
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
Hello Paul,
Here's what I've done; I uninstalled Microsoft Security Essentials and installed the free version of Malwarebytes and when I ran it for the first time it came up with (1) Pup malware but I was able to delete it. However it set me to thinking that I'm still infected with malware. I ran another scan afterwards and it came up clean. I decided to try a System image restore but when I checked my external HD and expected to see several system images but there's only one dated 1-8-14. I know I've made system images at least once a month but I could not find them. In any case, I started the process which took me to a screen much like Safe Mode looks and decided to cancel it because I didn't want to make things worst than they already are and felt that if this is the latest version then it will be infected too. I still don't understand what happened to all the other system images I made unless it writes over them? That would be pretty useless if I needed an earlier version (which I do). I downloaded/installed the Kapersky Rescue Disk 10 on a 32GB Cruzer Glide flash drive however I was unable to bring up the Bios for some reason and I tried several times. When I attemped to download and install Adwcleaner it installed Slow PC fighter, Arcade Palor (which is where I traced one of my infected Pup malware files previously), Yahoo Toolbar and changed my homepage from Firefox to Yahoo. Other programs that show today's date are 7-Zip, CWA Reminder by We-Care.com, File Association Manager, and Winferno Registry Power Cleaner and Adwcleaner never did install. My computer is once again infected with malware with (30) objects found from Arcade Palor, 7-Zip, We Care Reminder, Registry Key HKCR. Just like I was infected from Optimizer Pro which came with CcCleaner I deleted Arcade Palor, Yahoo Toolbar, and Slow PC Fighter but can I delete the rest of these programs as well since they seem to be infected. Here are the results of the scan: Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 401202 Time elapsed: 32 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 11 HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\IEHelperv250.WeCareReminder.1 (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\IEHelperv250.WeCareReminder (PUP.Optional.WeCare.A) - Delete on reboot. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\CLSID\{6ED0A312-78F5-493C-A90C-5DAF321D0BF8} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\TypeLib\{B3201ABA-7CDE-4C8D-A28D-4316427BD6D1} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\Interface\{B60591CD-AA25-4261-B05A-77826471C0A3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\CLSID\{B60591CD-AA25-4261-B05A-77826471C0A3} (PUP.Optional.WeCare.A) - Delete on reboot. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 2 C:\ProgramData\WeCareReminder (PUP.Optional.WeCare.A) - Delete on reboot. C:\Users\Rob\AppData\Local\ArcadeParlor (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. Files Detected: 17 C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\ReminderHelper.exe (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\WCAutoUpdate.exe (PUP.Optional.WeCare.A) - Delete on reboot. C:\Users\Rob\Downloads\7zip_bimo.exe (PUP.Optional.SecureInstaller.A) - Quarantined and deleted successfully. C:\Windows\Installer\23bed.msi (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\MerchantHash.json (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\cleanwateraction.bmp (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEHelperv2.5.0PS.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEMenuItem.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEMenuItemPS.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEToolMenuDisable.ex e (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\wecarereminderro.crx (PUP.Optional.WeCare.A) - Delete on reboot. C:\Users\Rob\AppData\Local\ArcadeParlor\ap.config (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. C:\Users\Rob\AppData\Local\ArcadeParlor\Arcadeparl or.dll (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. C:\Users\Rob\AppData\Local\ArcadeParlor\broker.exe (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. C:\Users\Rob\AppData\Local\ArcadeParlor\removal.ex e (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. C:\Users\Rob\AppData\Local\ArcadeParlor\versionche ck.exe (PUP.Optional.ArcadeParlor.A) - Quarantined and deleted successfully. (end) I ran Malwarebytes again and it came up with 7) objects detected. In passing, I also installed the free version of Malwarebytes on the 8200 and it remains clean as far as the scans are concerned. I hope this doesn't prevent me from posting to this site again. That's what happened last time and it took 3 weeks before I could post again. Thoughts/suggestions? Robert |
#38
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
Actually, the scan wasn't totally finished
when I wrote my previous message. The total number of objects found were (23). Here's the results of the scan: Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 400929 Time elapsed: 35 minute(s), 50 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 11 HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\IEHelperv250.WeCareReminder.1 (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\IEHelperv250.WeCareReminder (PUP.Optional.WeCare.A) - Delete on reboot. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\CLSID\{6ED0A312-78F5-493C-A90C-5DAF321D0BF8} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\TypeLib\{B3201ABA-7CDE-4C8D-A28D-4316427BD6D1} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\Interface\{B60591CD-AA25-4261-B05A-77826471C0A3} (PUP.Optional.WeCare.A) - Delete on reboot. HKCR\CLSID\{B60591CD-AA25-4261-B05A-77826471C0A3} (PUP.Optional.WeCare.A) - Delete on reboot. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 1 C:\ProgramData\WeCareReminder (PUP.Optional.WeCare.A) - Delete on reboot. Files Detected: 11 C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\ReminderHelper.exe (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\WCAutoUpdate.exe (PUP.Optional.WeCare.A) - Delete on reboot. C:\Windows\Installer\23bed.msi (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\MerchantHash.json (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\cleanwateraction.bmp (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEHelperv2.5.0PS.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEMenuItem.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEMenuItemPS.dll (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\IEToolMenuDisable.ex e (PUP.Optional.WeCare.A) - Delete on reboot. C:\ProgramData\WeCareReminder\wecarereminderro.crx (PUP.Optional.WeCare.A) - Delete on reboot. (end) I'll continue to run scans to see if I can delete them all but I suspect I need to delete the source programs. Thoughts/suggestions? Robert |
#39
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
Hello Paul,
I've run numerous Malwarebytes scans and keep coming up with (23) objects found and seems to point to CWA Reminder as the culprit. So I decided to uninstall it but when trying to do so I received this message: The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2318. I tried again and got the same message so I clicked repair and this is what it gave me: The Path "C:\Users\Rpbert\AppData\Local\Temp\qs_f930d200W3i SliderCWAv4.1.24.3_20131003.msi" cannot be found. Verify you have access to this location and try again, or try to find the installation package. "W3iSliderCWAv4.1.24.3_20131003.msi" in a folder from which you can install the product CWA Reminder by We-Care.com v4.1.23.3 So how am I suppose to uninstall it when it won't let me? Now my computer is worst off than before. Thoughts/suggestions? Robert |
#40
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
Ok Paul,
This has gotten really serious, I decided to go into my Administrators account to see if I could delete the CW Reminder from there versus the User Account (the computer lets me type in my Admin password so I don't have to go back and forth). However, after clicking on the Administrator Account and entering the password I got a black screen with the exception of two Windferno Registry Power Cleaner pop-ups that appeared. I closed them and nothing. So I pushed the power button to reset/restart the computer hoping it would take me back here. Now I can't even use my Administrator Account !! The screen is totally blacked out! I was able to remove Window Registry Cleaner on the User Side. I tried removing CWA Reminder by We-Care.com again but I got the same messages as before and could not remove it. What am I suppose to do now? Thoughts/Suggestions? Robert |
#41
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
On 1/12/2014 1:43 PM, wrote:
Hello Paul, I've run numerous Malwarebytes scans and keep coming up with (23) objects found and seems to point to CWA Reminder as the culprit. So I decided to uninstall it but when trying to do so I received this message: The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2318. I tried again and got the same message so I clicked repair and this is what it gave me: The Path "C:\Users\Rpbert\AppData\Local\Temp\qs_f930d200W3i SliderCWAv4.1.24.3_20131003.msi" cannot be found. Verify you have access to this location and try again, or try to find the installation package. "W3iSliderCWAv4.1.24.3_20131003.msi" in a folder from which you can install the product CWA Reminder by We-Care.com v4.1.23.3 So how am I suppose to uninstall it when it won't let me? Now my computer is worst off than before. Thoughts/suggestions? Robert What's weird, is I can find a reference to that file on Virustotal. But the analysis is clean. https://www.virustotal.com/en/file/9...710e/analysis/ The We-Care.com site tries to install stuff in your browser. I don't see why a .msi would be involved directly. There was one suggestion to try Revo Uninstaller. So that's a possibility, if all that is left is bits and pieces. Maybe some AV software on your machine (like MBAM), quarantined the .msi file. Apparently the we-care stuff, allows other programs to download. If the uninstaller worked, the piggy back programs get removed too. So all the references I can find to that, the Add/Remove or Programs and Features route to removal, worked. If the uninstaller isn't working, I don't know, maybe the Revo Uninstaller would work. Not really sure what to try next. The AdwCleaner might recognize it. Whatever is left of it. Paul |
#42
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
On 1/12/2014 2:02 PM, wrote:
Ok Paul, This has gotten really serious, I decided to go into my Administrators account to see if I could delete the CW Reminder from there versus the User Account (the computer lets me type in my Admin password so I don't have to go back and forth). However, after clicking on the Administrator Account and entering the password I got a black screen with the exception of two Windferno Registry Power Cleaner pop-ups that appeared. I closed them and nothing. So I pushed the power button to reset/restart the computer hoping it would take me back here. Now I can't even use my Administrator Account !! The screen is totally blacked out! I was able to remove Window Registry Cleaner on the User Side. I tried removing CWA Reminder by We-Care.com again but I got the same messages as before and could not remove it. What am I suppose to do now? Thoughts/Suggestions? Robert OMG :-) You're a fast worker. I found a copy of the msi file. But a fat lot of good it's going to do now. You save this, then upload to Virustotal.com and verify it's the same file. I.e. That it's clean. http://dl5.v24installer.com/lm/bundl...3_20131003.msi And when I test that one, it takes me back here. Since we can't trust a site like that, I recommend testing the downloaded file when you get it, and verify the Virustotal.com scan of it is clean. (Note - Virustotal was bought by Google, so it's actually run by Google now.) https://www.virustotal.com/en/file/9...710e/analysis/ So that would be a copy of the file, if you needed one. You would move it back to where ever the dialog box said it should be. W3iSliderCWAv4.1.24.3_20131003.msi 4,521,984 bytes Signed: ‎Thursday, ‎October ‎3, ‎2013 8:47:56 AM (Comodo) MD5SUM 514ab618b7806440a61f6a481a128b33 ******* If your user account is a member of the Administrators group, then you don't need an Administrator account as such. You should be able to do what's needed from the User account. If you're in Windows 7, and use System Image, it will overwrite the last copy. To stop that, when the System Image operation is completed, you *move* the System Image folder created, out of the way, rename the folder in a descriptive way. Then, the next System Image you make, won't be able to overwrite the renamed folder. That's basically how you keep multiple Windows 7 System Images alive. And if that remaining System Image is not damaged, you can restore that System Image and bring your Administrator account "back to life". I know you're a fast worker, and you can undoubtedly brick the machine before long, and all I can do on this end, is "pray for you" :-) Paul |
#43
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
Hello Paul,
Here's what I did: I was finally able to download and install AdwCleaner and ran all the scans. I tried to set up the Pup hosts under tools but it was all in French. After running all the scans and cleaning afterwards I then tried to delete CWA Reminder and this time I was successful! I then ran a full scan with Malwarebytes which came up with (2) objects found which were in AdwCleaner quarantine. So I uninstalled AdwCleaner which seemed to be the only way to clear the quarantine and the system is clean once more. Just to make sure, I tried to logon to the Administrator Account and it 'seems' everything is back to normal. Thoughts/suggestions, Robert |
#44
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
|
#45
|
|||
|
|||
O.T. - Temporary firewall problem at boot up:
The only System Image I have is the one dated 1-8-14 which is on the external HD. http://www.newegg.com/Product/Produc...82E16822178107 I'll create another just to make sure. I want to thank you and everyone else for helping get through all this. If I have any other questions or problems I'll start a new post. Thanks, Robert |
Thread Tools | |
Display Modes | |
|
|