Windows 10: Remove PUP application from DVD Drive (F:) CDROM

Page 6 of 14 FirstFirst ... 45678 ... LastLast

  1. Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter
       18 Aug 2016 #51

    I thought posting the url for the Kaspersky link can understand the Reimage download:

    Click image for larger version. 

Name:	ScreenHunter_15 Aug. 17 22.37.gif 
Views:	4 
Size:	21.9 KB 
ID:	96750

    https://adclick.g.doubleclick.net/pc...rl%253Dhttp://Online Computer Repair | Reimage PC Repair | Windows Repair | Reimageplus.com/includes/router_land.php?tracking=forum&lpx=slm

    I clicked on the "Download Here" right under Kaspersky. Stupid me...heavy sigh
      My ComputerSystem Spec


  2. Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3
       18 Aug 2016 #52

    Thanks - that's what I thought. An ad looked like it was part of the tutorial.
    Lots of people mistakenly click on an ad - it's not stupid, the advertisers are very clever.

    So how far did you get with the bleeping guide after my PM reply?

    There were three things to do
    1) Rkill
    2) ESET Poweliks Cleaner
    <!> skip running ESET online scanner
    3) HitmanPro
    <!> skip running Secunia PSI

    If you ran those, please post the following logs
    Desktop\ESETPoweliksCleaner.exe_<timestamp>.log
    HitmanPro log
    Last edited by Slartybart; 18 Aug 2016 at 01:55. Reason: add link to bleeping guide and skip Secunia PSI
      My ComputerSystem Spec


  3. Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter
       18 Aug 2016 #53

    Slartybart said: View Post
    So how far did you get with the bleeping guide after my PM reply?
    I wrote in my last post your link gave me a red flag of an infected site, so I googled RKill and went to Bleeping Computer's site and here is the snapshot:
    Click image for larger version. 

Name:	ScreenHunter_16 Aug. 18 08.48.gif 
Views:	1 
Size:	27.7 KB 
ID:	96803
    Before I click on anything, it is the first link on the upper left out of the four choices, correct?
      My ComputerSystem Spec


  4. Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter
       18 Aug 2016 #54

    So, this is good, right?

    RKill Download

    Click image for larger version. 

Name:	ScreenHunter_17 Aug. 18 09.12.gif 
Views:	2 
Size:	26.3 KB 
ID:	96814

    So, do I use the download at the top of the page, or one of the links shown here?
      My ComputerSystem Spec


  5. Posts : 11,209
    W10Prox64
       18 Aug 2016 #55

    Hi.
    Top-left corner one should be fine - it will be rkill.exe; save to your desktop. The other three are exactly the same thing, only renamed, so to allow it to run if some infection is preventing the normally-named executable to run.
      My ComputerSystem Spec


  6. Posts : 11,209
    W10Prox64
       18 Aug 2016 #56

    myrnsterMash said: View Post
    I thought posting the url for the Kaspersky link can understand the Reimage download:

    Click image for larger version. 

Name:	ScreenHunter_15 Aug. 17 22.37.gif 
Views:	4 
Size:	21.9 KB 
ID:	96750


    I clicked on the "Download Here" right under Kaspersky. Stupid me...heavy sigh

    I have circled here what is the only real clue that this is an ad - very difficult to notice...

    Click image for larger version. 

Name:	ad.PNG 
Views:	12 
Size:	31.2 KB 
ID:	96827
      My ComputerSystem Spec


  7. Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3
       18 Aug 2016 #57

    myrnsterMash said: View Post
    I wrote in my last post your link gave me a red flag of an infected site, so I googled RKill and went to Bleeping Computer's site and here is the snapshot:

    Before I click on anything, it is the first link on the upper left out of the four choices, correct?
    I'm glad you're asking these questions now - once bitten, twice shy and all that

    One comment ... if a member points you to a guide - follow the guide. Google results can often take you places you don't want to go.

    Sometimes, it just requires a bit of reading - from the guide:
    When at the download page, click on the Download Now button labeled iExplore.exe. When you are prompted where to save it, please save it on your desktop.

    Click image for larger version. 

Name:	x-ScreenHunter_16 Aug. 18 08.48.gif 
Views:	10 
Size:	30.7 KB 
ID:	96833

    ... and a little patience - wait for the download to begin without clicking anything else.
    The download should begin on a new page shortly after hitting the button

    I often just click on the link that says if your download doesn't automatically begin... - but that also might be cleverly obfuscated by an ad using similar language.
    Direct download of Rkill renamed as iExplore.exe

    It can get confusing, especially when tools protect themselves by a rename (Chameleon Mbam does a similar trick if malware prevents it from running).

    Bottom line - ask. It's never a problem to double check Before
      My ComputerSystem Spec


  8. Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3
       18 Aug 2016 #58

    Just read simrick's post again.

    I'm not contradicting her suggestion to download the standard Rkill.exe ... my post simply followed the guide where it said use the iExplore.exe download button.

    I agree that any of the four Rkill download buttons, or even any of the renames in the Related Rkill downloads shown at the bottom of in your screen shot, would be fine.

    Clear as mud?
      My ComputerSystem Spec


  9. Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter
       18 Aug 2016 #59

    For, whatever reason you are missing the most crucial point in the past couple posts. Your link is a BAD link for the "Powerliks Trojan (Removal Guide) url: How to remove the Poweliks Trojan (Removal Guide) with all the bells and whistles.

    Who is to say this is part of the Trojan doing its nastiness, but my anti-virus blocks me from this "infected site," and why I went to Bleeping Computer's site using Google to get to the actual authored program. I have to ask if you have used your link, lately, for the "How to remove the Poweliks Trojan (Removal Guide)?
    It might provide for some additional info. to help others with if a clean system allows for this "safe" download, but an infected system blocks it as "malicious," right? I am curious about this, as well, and why I ask if you have tried the link in the past few days.
      My ComputerSystem Spec


  10. Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter
       18 Aug 2016 #60

    Rkill 2.8.4 by Lawrence Abrams (Grinler)
    BleepingComputer.com - News, Reviews, and Technical Support
    Copyright 2008-2016 BleepingComputer.com
    More Information about Rkill can be found at this link:
    RKill - What it does and What it Doesnt - A brief introduction to the program - Anti-Virus, Anti-Malware, and Privacy Software

    Program started at: 08/18/2016 03:12:54 PM in x86 mode.
    Windows Version: Windows 10 Home

    Checking for Windows services to stop:

    * No malware services found to stop.

    Checking for processes to terminate:

    * C:\Users\MyrnaZ\AppData\Local\Temp\{7E6122F0-DB5E-430A-A6AE-6F73E75D1A32}\{BCCE466F-5194-418B-B7A4-55A77A6E62F6}.exe (PID: 16284) [T-HEUR]

    1 proccess terminated!

    Checking Registry for malware related settings:

    * No issues found in the Registry.

    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

    Performing miscellaneous checks:

    * Windows Defender Disabled

    [HKLM\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware" = dword:00000001

    Checking Windows Service Integrity:

    * b06bdrv [Missing Service]
    * ebdrv [Missing Service]
    * iaLPSSi_GPIO [Missing Service]
    * iaLPSSi_I2C [Missing Service]
    * ibbus [Missing Service]
    * ksthunk [Missing Service]
    * mlx4_bus [Missing Service]
    * ndfltr [Missing Service]
    * PerfHost [Missing Service]
    * vpci [Missing Service]
    * WinMad [Missing Service]
    * WinVerbs [Missing Service]

    * NetTcpPortSharing => %systemroot%\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [Incorrect ImagePath]

    * PrintNotify => C:\WINDOWS\system32\spool\drivers\W32X86\3\PrintConfig.dll [Incorrect ServiceDLL]

    Searching for Missing Digital Signatures:

    * No issues found.

    Checking HOSTS File:

    * No issues found.

    Program finished at: 08/18/2016 03:17:30 PM
    Execution time: 0 hours(s), 4 minute(s), and 35 seconds(s)
      My ComputerSystem Spec


 
Page 6 of 14 FirstFirst ... 45678 ... LastLast

Related Threads
So, a little context: We have five public gaming computers wich is free to use. The computers are running a 120 GB SSD (C:) with windows 10 and a 2 TB HDD (D:) wich is primaly used for installing games. They are set up with noe administrator user...
I just upgraded to windows 10. I am trying to copy DATA files and folders from a DVD. This is not music, movies, or anything like that, these are data files I was able to access in prior versions of Windows 10 that I placed them on the DVD myself....
Solved Do I need to remove other non OS drive? in Installation and Upgrade
Hi, I'm pretty sure I'll be upgrading my desktop this week while I'm on vacation. I've done my laptop with no problems at all, it's a Dell Latitude E6400 with Win7 Pro bought refurbished from Newegg. The laptop was a mid 2008 model and W10 works...
Hi there Thanks to topgundcp here's how to remove One Drive from File explorer after a reboot. OneDrive Integration in Windows 8.1 - Enable or Disable 1.Win+R->gpedit.msc 2.Navigate to: Computer Configuration\Administrative...
As the topic sad how can I remove recent use application like this ? :( http://i.imgur.com/QxSBzLY.jpg
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 18:33.
Find Us