Good Morning...I had a client who had her Outlook files disappear. Luckily she had everything backed up so I was able to retrieve it. I thought it strange that most of her other folders had a modification date of 11/26 so I ran malware scans and my last 2 MBAM and SAS were clean. She then contacted me that all her other files were missing as well as her printer no longer worked.
The most alarming scan was the one I got from Rkill everything else seemed PUP related.
Rkill 2.6.3 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
Program started at: 11/27/2013 11:37:18 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Active Proxy Server Detected
* Proxy Disabled.
* ProxyOverride value deleted.
* ProxyServer value deleted.
* AutoConfigURL value deleted.
* Proxy settings were backed up to Registry file.
Checking Registry for malware related settings:
* No issues found in the Registry.
Backup Registry file created at:
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
edCommand was changed. It was reset to "%1" %*!
was changed. It was reset to "%1" %*!
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* WinDefend => %ProgramFiles(x86)%\Window
s Defender\mpsvc.dll [Incorrect ServiceDLL]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
Program finished at: 11/27/2013 11:39:07 AM
Execution time: 0 hours(s), 1 minute(s), and 48 seconds(s)
Attached are the other scans, Adobe Reader has been updated.
Her internet security is MSE with MBAM Pro, configured to work together. The only PUP I found listed in her programs was Browser SafeGuard.
I appreciate you taking a look and letting me know what, if anything, I need to do next.