It is, of course, your choice as to whether or not you remove the program from your machine. Thanks. 0 #3 saratogasteve Posted 11 September 2014 - 09:39 PM Thanks for any help.

Posted: Wed Jul 13, 2011 3:31 pm I've added this process to my list of FRST and Addition logs 0 #5 saratogasteve Posted 12 September 2014 - 11:37 AM OTL Fix Log All processes killed ========== COMMANDS

About every third scan from Webroot picks up some trojan virus and claims it is quarantined, but it comes right back. It found an MBR infection and fixed it. Then attach the below log: C:\MGlogs.zip MBRCheck log Make sure you tell me how things are working now! If you do not run Rkill you can not browse in your Firefox it takes you to different sites.

  1. File not foundO18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error.
  2. Joey Jiggles, Jun 22, 2011 #1 TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member First, please try to run this: TDSSkiller - How to run Then follow these instructions: READ
  3. OCR"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F9569D00-4576-46C8-B6C7-207A4FD39745}" = HP Officejet Pro
  5. AdwCleaner Log # AdwCleaner v3.310 - Report created 12/09/2014 at 13:24:26 # Updated 12/09/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) #
  6. C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IFYONN03\0W5UJY76.htm moved successfully.
  7. Does that mean the file's OK?
Rkill was run on 08/23/2011 at 22:24:12. Your computer will be rebooted automatically. Then once complete simple delete the file in control panel>uninstall/delete program files. Thanks in advance.

This program is important for the stable and secure running of your computer and should not be terminated. I did have a p2p program, but it has since been deleted from my system. phbl Step#3 - OTL Fix 1.

C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVQ48Q2N\cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully. By using our site you accept the terms of our Privacy Policy. The file that corresponds to this process is normally found in the directory "%SystemRoot%\system32\grpconv.exe" (where %systemroot% is usually C:\WINDOWS by default).

THANK YOU! Internet sites start popping up with strange looking ads, then some websites begin having trouble loading, them some programs have trouble loading. C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EIXU81TL\343002-rkill-keeps-finding-grpconv[1].htm moved successfully. Thanks for any help.

FAQ About us StoreNew! this contact form Rkill is saying this: C: \ WINDOWS\ system32\ grpconv.exe. C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIEP1Y88\ads[1].htm moved successfully. C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIEP1Y88\postmessageRelay[1].htm moved successfully.

I've read it can be a virus. If not, you will likely be back needing help with your machine again.

If any of the programs give you an error during the uninstall, notate it and move on to the next one. Thanks. this program is a part of MS Register a free account to unlock additional features at BleepingComputer.com

A malicious invasion could generate a specially compiled file to stuff the buffer and possibly implement arbitrary code on the system, upon the file being opened.

I am unsure where the virus is. Attached Files OTL.Txt 307.12KB 201 downloads 0 Advertisements #2 BrianDrab Posted 11 September 2014 - 06:40 AM When you ran the OTL tool, there

It's a valid windows process and Rkill is just doing its job which is to kill processes so that you may run other tools. Related : GrpConv.exe Check This Out Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.~BladeIn your next reply, please include the following:Malwarebytes Log Edited by Blade Zephon, 20 April 2011