Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Help with Panda Cloud Cleaner scan results

12 Dec 2014   #1
tjs999

Windows 7 Home Premium 64 bit
 
 
Help with Panda Cloud Cleaner scan results

I recently installed Panda Free Antivirus. When it was offered, I ran the Panda Cloud Cleaner and it found a few items. I was surprised as I had just scanned with the Panda Free, Eset Online, Malwarebytes and Comodo Cleaning Essentials and they found no threats. I posted the log on the Panda Forums, but they do not seem to be very active.

Here is the log:

FILE: C:\PROGRAMDATA\INSTALLMATE\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}\SETUP.EXE to be deleted..

FILE: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\Uninstall WinPatrol.lnk to be deleted.Suspicious Policy.

POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[SHOWSUPERHIDDEN] to be changed to: 0Suspicious Policy.

POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[SHOWSUPERHIDDEN] to be changed to: 0Suspicious Policy.

POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[SUPERHIDDEN] to be changed to: 0Suspicious Policy.

POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[SUPERHIDDEN] to be changed to: 0.

REGKEY: HKLM\SOFTWARE\SPYWARE TERMINATOR. Key to be deleted.Malware.

REGKEY: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER[NOFOLDEROPTIONS]. Value: NOFOLDEROPTIONS To be deleted.Malware.

REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER[NOFOLDEROPTIONS]. Value: NOFOLDEROPTIONS To be deleted.Malware.

REGKEY: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]. Value: DISABLEREGISTRYTOOLS To be deleted.Malware.

REGKEY: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]. Value: DISABLETASKMGR To be deleted.Malware.

REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]. Value: DISABLEREGISTRYTOOLS To be deleted.Malware.

REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]. Value: DISABLETASKMGR To be deleted..

FOLDER: C:\PROGRAMDATA\SPYWARE TERMINATOR to be deleted

Can any of you tell me if these are things I should be concerned about? I did not have the Cloud Cleaner clean them at the conclusion of the scan.


My System SpecsSystem Spec
.
12 Dec 2014   #2
Gator

Dual Boot: Windows 8.1 & Server 2012r2 VMs: Kali Linux, Backbox, Matriux, Windows 8.1
 
 

You can go ahead and remove that. Panda will remove what is bad and reset what needs to be reset in your registry. I would perform a more thorough clean.

In addition to what is already run, try the following:
Make sure you run Malwarebytes with a custom, FULL scan. Checking the box for RootKits.
Malwarebytes Anti-Malware Free

Run AdwCleaner: AdwCleaner Download
Run Superantispyware (link will start download instantly): SUPERAntiSpyware - Downloading File

Run those programs and post the results here. You can simply attach the log file created after these finish.
My System SpecsSystem Spec
12 Dec 2014   #3
tjs999

Windows 7 Home Premium 64 bit
 
 

Sorry for the delay in getting back to you. I forgot this forum does not notify you of replies as they are received.

I ran the Panda Cloud Cleaner again and allowed it to clean the items that it selected.

The Malwarebytes scan was a custom scan of the C drive with the scan for rootkits checked. It took a bit longer than I anticipated.

I ran AdwCleaner yesterday and it found 1 item. I cleaned it. However, after the reboot I had several hidden files showing on my desktop, as well as all drives appeared in the computer folder in Windows Explorer. I did a system restore, but still had to go into folder options to hide the files and get rid of the drive letters. The AdwCleaner scan done at your request shows the same item. I did not clean it.

Attached are the logs you requested. I can provide a more detailed version of the Malwarebytes scan if you would like.


Attached Files
File Type: txt AdwCleaner[R2].txt (967 Bytes, 2 views)
File Type: txt MBAM log.txt (192 Bytes, 3 views)
File Type: txt SAS log.txt (582 Bytes, 3 views)
My System SpecsSystem Spec
.

12 Dec 2014   #4
Gator

Dual Boot: Windows 8.1 & Server 2012r2 VMs: Kali Linux, Backbox, Matriux, Windows 8.1
 
 

Quote   Quote: Originally Posted by tjs999 View Post
Sorry for the delay in getting back to you. I forgot this forum does not notify you of replies as they are received.

I ran the Panda Cloud Cleaner again and allowed it to clean the items that it selected.

The Malwarebytes scan was a custom scan of the C drive with the scan for rootkits checked. It took a bit longer than I anticipated.

I ran AdwCleaner yesterday and it found 1 item. I cleaned it. However, after the reboot I had several hidden files showing on my desktop, as well as all drives appeared in the computer folder in Windows Explorer. I did a system restore, but still had to go into folder options to hide the files and get rid of the drive letters. The AdwCleaner scan done at your request shows the same item. I did not clean it.

Attached are the logs you requested. I can provide a more detailed version of the Malwarebytes scan if you would like.
Everything looks good. Can you explain your other problem a little more? I've never had any experience with Adwcleaner making hidden files on the desktop. Can you upload a picture of it?

Use the snipping tool
How to Use the Snipping Tool in Vista
Then post it here in your next post
Screenshots and Files - Upload and Post in Seven Forums

Now lets make sure whatever you had previously is completely removed.
Download Autoruns from here:
Autoruns for Windows

Unzip the folder > Extract autoruns.exe to the desktop > Right-click > Run as administrator

Delete all entries that are yellow. If you have red entries, please post the name of them in your next post
My System SpecsSystem Spec
12 Dec 2014   #5
tjs999

Windows 7 Home Premium 64 bit
 
 

There are entries that are more a pink color than red. Are these the ones you want the names of or am I looking for a bright red color?
My System SpecsSystem Spec
12 Dec 2014   #6
Gator

Dual Boot: Windows 8.1 & Server 2012r2 VMs: Kali Linux, Backbox, Matriux, Windows 8.1
 
 

Quote   Quote: Originally Posted by tjs999 View Post
There are entries that are more a pink color than red. Are these the ones you want the names of or am I looking for a bright red color?
Yes sorry, pinkish red. Shouldn't be very many.
My System SpecsSystem Spec
12 Dec 2014   #7
tjs999

Windows 7 Home Premium 64 bit
 
 

I ran AdwCleaner again and found the same item. This time I had AdwCleaner clean it. When the re-boot was completed there were no hidden files on the desktop and only the installed drives were listed.

Attached is the log of red/pink autorun entries. I counted 24.

What did I have that you fixed?


Attached Files
File Type: txt autoruns pink entries.txt (3.6 KB, 2 views)
My System SpecsSystem Spec
12 Dec 2014   #8
Gator

Dual Boot: Windows 8.1 & Server 2012r2 VMs: Kali Linux, Backbox, Matriux, Windows 8.1
 
 

OK everything looks good. You have a lot more unverified (what pink-red means) files than normal but they are all ok.

Do you have any other problems?
My System SpecsSystem Spec
12 Dec 2014   #9
tjs999

Windows 7 Home Premium 64 bit
 
 

Not a problem, but I was wondering if some of the pink-red entries could be deleted? I use the 7Zip, mp3 tag and Bullzip, but I don't remember using the HP programs. It is probably bloatware that came with the computer. The Canon language entry is probably left over from when I had a Canon printer. I don't know what the Windows sidebar gadget is.

Did I have malware?
My System SpecsSystem Spec
12 Dec 2014   #10
Gator

Dual Boot: Windows 8.1 & Server 2012r2 VMs: Kali Linux, Backbox, Matriux, Windows 8.1
 
 

Quote   Quote: Originally Posted by tjs999 View Post
Not a problem, but I was wondering if some of the pink-red entries could be deleted? I use the 7Zip, mp3 tag and Bullzip, but I don't remember using the HP programs. It is probably bloatware that came with the computer. The Canon language entry is probably left over from when I had a Canon printer. I don't know what the Windows sidebar gadget is.

Did I have malware?
You may have had some type of PUP (Potentially unwanted program) that may have changed some settings but I didn't see any malware.

As far as those entries in Autoruns, they are harmless and you could possibly do more harm than good.

If you really want to get rid of bloatware, make sure you Google the program first and make sure its not essential to Windows.

If its not, feel free to uninstall it with Revo Uninstaller
Download Revo Uninstaller Freeware - Free and Full Download - Uninstall software, remove programs, solve uninstall problems

Make sure you change it to Advanced and delete all files and registry values when asked.

After you remove the program, then run Autoruns and you can proceed to remove the entry. At this point however, it may have turned Yellow if revo removed the file linked to autoruns.
My System SpecsSystem Spec
Reply

 Help with Panda Cloud Cleaner scan results




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Free Panda Cloud AV
I have been becoming less and less enthralled with Avast Free AV. Panda Cloud seems attractive but I was wondering how much bandwidth does it use?
System Security
Funny or ironic, Panda Cloud Cleaner detects it own pup toolbar...
I put this chillout room because this is not a problem or a solution. Funny or ironic, Panda Cloud Cleaner detects it's own pup toolbar program. It also has some false positives for windows 7. It shows a link to my computer. At least I knew not to clean those.
Chillout Room
Panda Cloud Antivirus
Hello, I posted a while back about Panda Cloud antivirus. I just watched a video on You tube where a man tested it. Zero day trojans etc. blew right past Panda. Needless to say, I'm back with MSE on both my computers. I think it will be good some day, but not quite yet. Thanks for listening,...
System Security
Panda Cloud Anyone?
Hello, all wise ones Have any of you tried Panda Cloud Antivirus? I am trying it out now and think I have gained a little speed back by using less resources. Just wondered if anyone has had any good or bad results with this. Thanks, John
System Security
Panda Cloud AV - Free
Worth a look. Excellent detection rate, small footprint, fast and free... Panda Cloud Antivirus - Free Edition 1.0 - Full Review - Reviews by PC Magazine
System Security
Panda Cloud AntiVirus
Today i came across the new Panda Cloud Antivirus from Panda Lab. It supports Windows 7 (both 32 and 64 bit). The main window. Very neat and simple. Nothing's there in the settings tab. May be because its still in beta phase.
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:13.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App