Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mixmeister tool bar & search page instead of Mozilla


  • This topic is locked This topic is locked
22 replies to this topic

#1 bigguy3

bigguy3

  • Members
  • 300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brandon, Mississippi
  • Local time:05:14 PM

Posted 06 February 2013 - 09:05 PM

I downloaded mixmeister, from CNET, which is usually safe. After removing the program, I get the mixmeister dj search engine instead of Firefox.
The following is in the address box:
http://search.conduit.com/?ctid=CT3272718&SearchSource=13&CUI=UN29581770159151451
Need help, please.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 06 February 2013 - 09:13 PM

Hello please run these..

Can you open the addons in Firefox and disable a Mixmeister tool bar


How to disable extensions and plugins

Keeping your third-party plugins up to date


Next run..
MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>>

Junkware Removal Tool
Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 bigguy3

bigguy3
  • Topic Starter

  • Members
  • 300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brandon, Mississippi
  • Local time:05:14 PM

Posted 06 February 2013 - 09:30 PM

MiniToolBox by Farbar Version:10-01-2013
Ran by Administrator (administrator) on 06-02-2013 at 20:29:16
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : rontom-d6vn6dqs

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : netgear.com



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : netgear.com

Description . . . . . . . . . . . : Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4)

Physical Address. . . . . . . . . : 00-04-5A-77-AA-47

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.104

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Wednesday, February 06, 2013 7:00:44 PM

Lease Expires . . . . . . . . . . : Thursday, February 07, 2013 7:00:44 PM

Server: dslrouter.netgear.com
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.134.113, 74.125.134.138, 74.125.134.139, 74.125.134.100
74.125.134.101, 74.125.134.102



Pinging google.com [74.125.134.102] with 32 bytes of data:



Reply from 74.125.134.102: bytes=32 time=30ms TTL=43

Reply from 74.125.134.102: bytes=32 time=31ms TTL=43



Ping statistics for 74.125.134.102:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 30ms, Maximum = 31ms, Average = 30ms

Server: dslrouter.netgear.com
Address: 192.168.1.254

Name: yahoo.com
Addresses: 206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=226ms TTL=43

Reply from 98.139.183.24: bytes=32 time=138ms TTL=43



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 138ms, Maximum = 226ms, Average = 182ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 04 5a 77 aa 47 ...... Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4) - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.104 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.104 192.168.0.104 20
192.168.0.0 255.255.255.0 192.168.0.104 192.168.0.104 20
192.168.0.104 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.104 192.168.0.104 20
224.0.0.0 240.0.0.0 192.168.0.104 192.168.0.104 20
255.255.255.255 255.255.255.255 192.168.0.104 192.168.0.104 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/24/2013 04:45:56 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x676c7e23.
Processing media-specific event for [explorer.exe!ws!]

Error: (01/22/2013 08:15:49 PM) (Source: Application Error) (User: )
Description: Faulting application itunes.exe, version 11.0.1.12, faulting module d3d9.dll, version 5.3.2600.5512, fault address 0x000a75be.
Processing media-specific event for [itunes.exe!ws!]

Error: (12/30/2012 07:43:12 AM) (Source: Application Hang) (User: )
Description: Hanging application iTunes.exe, version 11.0.1.12, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/29/2012 01:09:49 PM) (Source: Application Hang) (User: )
Description: Hanging application nero.exe, version 7.5.1.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/29/2012 00:59:16 PM) (Source: Application Error) (User: )
Description: Faulting application nero.exe, version 7.5.1.1, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00010cce.
Processing media-specific event for [nero.exe!ws!]

Error: (12/18/2012 10:31:33 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/18/2012 09:50:52 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/16/2012 07:43:56 AM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x676c7e23.
Processing media-specific event for [explorer.exe!ws!]

Error: (12/15/2012 06:36:22 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x676c7e23.
Processing media-specific event for [explorer.exe!ws!]

Error: (12/15/2012 10:44:21 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (02/06/2013 07:01:18 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX

Error: (02/06/2013 07:01:17 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%1068

Error: (02/06/2013 07:01:17 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSDriver service depends on the AVGIDSFilter service which failed to start because of the following error:
%%1068

Error: (02/06/2013 07:01:17 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSFilter service depends on the AVGIDSShim service which failed to start because of the following error:
%%2

Error: (02/06/2013 07:01:17 AM) (Source: Service Control Manager) (User: )
Description: The Webroot Spy Sweeper Engine service failed to start due to the following error:
%%3

Error: (02/06/2013 07:01:17 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSShim service failed to start due to the following error:
%%2

Error: (02/06/2013 07:01:17 AM) (Source: Service Control Manager) (User: )
Description: The Webroot Client Service service failed to start due to the following error:
%%3

Error: (02/03/2013 07:00:55 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX

Error: (02/03/2013 07:00:43 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%1068

Error: (02/03/2013 07:00:43 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSDriver service depends on the AVGIDSFilter service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/24/2013 04:45:56 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512unknown0.0.0.0676c7e23

Error: (01/22/2013 08:15:49 PM) (Source: Application Error)(User: )
Description: itunes.exe11.0.1.12d3d9.dll5.3.2600.5512000a75be

Error: (12/30/2012 07:43:12 AM) (Source: Application Hang)(User: )
Description: iTunes.exe11.0.1.12hungapp0.0.0.000000000

Error: (12/29/2012 01:09:49 PM) (Source: Application Hang)(User: )
Description: nero.exe7.5.1.1hungapp0.0.0.000000000

Error: (12/29/2012 00:59:16 PM) (Source: Application Error)(User: )
Description: nero.exe7.5.1.1ntdll.dll5.1.2600.605500010cce

Error: (12/18/2012 10:31:33 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (12/18/2012 09:50:52 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (12/16/2012 07:43:56 AM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512unknown0.0.0.0676c7e23

Error: (12/15/2012 06:36:22 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512unknown0.0.0.0676c7e23

Error: (12/15/2012 10:44:21 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

3ivx MPEG-4 5.0.1 Decoder (remove only) (Version: 5.0.1)
Ace Utilities
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Acronis True Image Home 2012 (Version: 15.0.6131)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader 9.5.1 (Version: 9.5.1)
Any Video Converter 3.0.1
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoStudio 6 (Version: 6.0.1.148)
Audacity 1.2.6
Auslogics System Information (Version: version 1.5)
Avanquest update (Version: 1.22)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2639)
AVG 2012 (Version: 2012.0.2221)
AVG Security Toolbar (Version: 14.0.2.14)
Bing Bar (Version: 6.3.2291.0)
Bing Bar Platform (Version: 6.3.2291.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Camera Window DS (Version: 5.1)
Camera Window DVC (Version: 5.1)
Camera Window MC (Version: 5.1)
Canon Camera Support Core Library (Version: 7.2.0.4)
Canon Camera WIA Driver (Version: 5.6)
Canon Camera Window DS for ZoomBrowser EX (Version: 5.1)
Canon Camera Window DVC for ZoomBrowser EX (Version: 5.1)
Canon Camera Window for ZoomBrowser EX (Version: 5.1)
Canon CanoScan 9000F User Registration
Canon EOS Kiss_N REBEL_XT 350D WIA Driver (Version: 5.6)
Canon MP Navigator EX 3.1
Canon PhotoRecord (Version: 02.02.01000)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.0)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.1)
Canon Utilities Digital Photo Professional 1.6.1 (Version: 1.6.1)
Canon Utilities EOS Capture 1.3 (Version: 1.3)
Canon Utilities PhotoStitch 3.1 (Version: 3.1.14)
Canon Utilities Solution Menu
Canon ZoomBrowser EX (Version: 5.00.0000)
CanoScan 9000F Scanner Driver
CCleaner (Version: 3.02)
Christmas Lights Planner 3 (Version: 3.01.0000)
Cisco Connect (Version: 1.2.10260.0)
Cisco Network Magic (Version: 5.1.9027.0)
Command & Conquer The First Decade (Version: 1.00.0000)
Complete Landscape Designer
ConvertHelper 2.2
Creative Audio Console
DVD Shrink 3.2
ERUNT 1.1j
Files Compare Tool
FormatFactory 1.70 (Version: 1.70)
Forté Agent (Version: 4.2)
H&R Block Deluxe + Efile + State 2011 (Version: 11.05.7102)
H&R Block Mississippi 2009 (Version: 1.09.2901)
H&R Block Mississippi 2010 (Version: 1.10.1901)
H&R Block Mississippi 2011 (Version: 1.11.3601)
H&R Block Premium + Efile + State 2009 (Version: 09.06.6901)
H&R Block Premium + Efile + State 2010 (Version: 10.06.6402)
HijackThis 2.0.2 (Version: 2.0.2)
Holiday Lights Designer 4 - Release 4.0.1.5 (Version: 4.01.5000)
Holiday Lights Designer 4 Trial - Release 4.0.1.5 (Version: 4.01.5000)
HP FWUpdateEDO2 (Version: 1.2.0.0)
HP Memories Disc (Version: 1.0.4.805)
HP Officejet Pro 8600 Basic Device Software (Version: 25.0.619.0)
HP Officejet Pro 8600 Help (Version: 140.0.2.2)
HP Officejet Pro 8600 Product Improvement Study (Version: 25.0.619.0)
HP Photo and Imaging 2.2 - Scanjet 3970 Series (Version: 2.2.0000)
HP Smart Web Printing (Version: 111.0.19071)
HP Update (Version: 5.003.001.001)
I.R.I.S. OCR (Version: 12.3.4.0)
Intel® Extreme Graphics 2 Driver
iTunes (Version: 11.0.1.12)
Light-O-Rama (Version: 2.8.10)
Light-O-Rama Demo
magicJack (Version: 2.0.6073.4413)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Professional (Version: 9.00.3821)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Motorola Driver Installation 3.4.0 (Version: 3.4.0)
Motorola Phone Tools (Version: 4.30)
Motorola Phone Tools (Version: 5.0.7a 4/01/2008)
Motorola Phone Tools (Version: 5.00)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
muvee Plugin 1.0 (Version: 1.01.100)
n-Track Studio
Nero 7 Premium (Version: 7.01.9436)
Network Magic (Version: 5.1.9027.0)
Pawsoft Fass
PhotoStitch (Version: 3.1.14)
Picasa 3 (Version: 3.8)
Plus Pack for Acronis True Image Home 2012 (Version: 15.0.6131)
Pure Networks Platform (Version: 11.1.8350.0)
QuickTime (Version: 7.73.80.64)
QuickTime 3.0
RAW Image Task 2.0 (Version: 2.0)
RemoteCapture Task 1.1 (Version: 1.1)
Revo Uninstaller 1.88 (Version: 1.88)
Scancat-Lite-Plus 1.4.5.4
Sonic Foundry Noise Reduction Plug-In 2.0a
Sonic Foundry Sound Forge 6.0b (Version: 6.0.185)
Spy Sweeper (Version: 6.1)
Spy Sweeper Core (Version: 4.4.0.85)
Spybot - Search & Destroy (Version: 1.6.0)
SpywareBlaster v3.5.1 (Version: 3.5.1)
SUPERAntiSpyware Free Edition (Version: 4.21.0.1004)
TaxCut Mississippi 2008 (Version: 1.08.3201)
TEFView 2.69
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebEx Support Manager for Internet Explorer (Version: 6.5.47)
WebFldrs XP (Version: 9.50.6513)
Winamp (Version: 5.551 )
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol 2009 (Version: 16.0.2009.6)
Xilisoft DVD Audio Ripper (Version: 4.0.77.0601)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 1022.98 MB
Available physical RAM: 498.81 MB
Total Pagefile: 2459.96 MB
Available Pagefile: 1929.26 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.09 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.05 GB) (Free:49.11 GB) NTFS

========================= Users: ========================================

User accounts for \\RONTOM-D6VN6DQS

Administrator Guest HelpAssistant
SUPPORT_388945a0


**** End of log ****

#4 bigguy3

bigguy3
  • Topic Starter

  • Members
  • 300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brandon, Mississippi
  • Local time:05:14 PM

Posted 06 February 2013 - 09:49 PM

Question:
How do I rename MBAM before I download?
Thanks,
Tom

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Microsoft Windows XP x86
Ran by Administrator on Wed 02/06/2013 at 20:34:20.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1715567821-839522115-1642365096-500\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\abouturls\\Tabs



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\igearsettings
Successfully deleted: [Registry Key] hkey_current_user\software\smallfrogs studio
Successfully deleted: [Registry Key] hkey_current_user\software\smartbar
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\scripthelper.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\viprotocol.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\s
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3272718
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{171debeb-c3d4-40b7-ac73-056a5eba4a7e}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduit"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\4rkly1cl.default\user.js
Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\4rkly1cl.default\invalidprefs.js
Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\4rkly1cl.default\searchplugins\conduit.xml
Successfully deleted: [Folder] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\4rkly1cl.default\smartbar
Successfully deleted the following from C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\4rkly1cl.default\prefs.js

user_pref("CT3272718.1000082.isPlayDisplay", "true");
user_pref("CT3272718.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.
user_pref("CT3272718.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3272718.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3272718.FirstTime", "true");
user_pref("CT3272718.FirstTimeFF3", "true");
user_pref("CT3272718.LoginRevertSettingsEnabled", true);
user_pref("CT3272718.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT3272718.PG_ENABLE.enc", "dHJ1ZQ==");
user_pref("CT3272718.RevertSettingsEnabled", true);
user_pref("CT3272718.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272718&SearchSource=2&CUI=UN29581770159151451&q=");
user_pref("CT3272718.TopHitsConfig.enc", "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL2NhcDEuY29uZHVpdC1hcHBzLmNvbS9BcHBzL1RvcEhpdHNMeXJpY3MvY29uZmlncy9VUy1HQi1ERS1FUy1JVC9zcHJpdGUuc
user_pref("CT3272718.UserID", "UN29581770159151451");
user_pref("CT3272718.YTbyClickFavorites.enc", "W10=");
user_pref("CT3272718.YTbyClickRecent.enc", "W10=");
user_pref("CT3272718.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3272718.autoDisableScopes", -1);
user_pref("CT3272718.browser.search.defaultthis.engineName", "true");
user_pref("CT3272718.cbfirsttime.enc", "V2VkIEZlYiAwNiAyMDEzIDIwOjAxOjQxIEdNVC0wNjAwIChDZW50cmFsIFN0YW5kYXJkIFRpbWUp");
user_pref("CT3272718.defaultSearch", "true");
user_pref("CT3272718.embeddedsData", "[{\"appId\":\"130004885110157816\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT3272718.enableAlerts", "always");
user_pref("CT3272718.enableFix404ByUser", "FALSE");
user_pref("CT3272718.enableSearchFromAddressBar", "true");
user_pref("CT3272718.firstTimeDialogOpened", "true");
user_pref("CT3272718.fixPageNotFoundError", "true");
user_pref("CT3272718.fixPageNotFoundErrorByUser", "true");
user_pref("CT3272718.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3272718.fixUrls", true);
user_pref("CT3272718.installDate", "6/2/2013 16:44:53");
user_pref("CT3272718.installId", "aaa_cid128");
user_pref("CT3272718.installType", "conduitnsisintegration");
user_pref("CT3272718.isCheckedStartAsHidden", true);
user_pref("CT3272718.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3272718.isFirstTimeToolbarLoading", "false");
user_pref("CT3272718.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3272718.keyword", "true");
user_pref("CT3272718.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3272718&octid=CT3272718&SearchSource=15&CUI=UN295817701591514
user_pref("CT3272718.lastVersion", "10.14.42.7");
user_pref("CT3272718.mam_gk_CouponBuddy_appState.enc", "b24=");
user_pref("CT3272718.mam_gk_PriceGong_appState.enc", "b24=");
user_pref("CT3272718.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvcGcvcGcuaHRtbCIsIm9wdGlvbnN
user_pref("CT3272718.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT3272718.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImNyaXRlcmlhcyI6W3siY3JpdGVyaWFJZCI6IjNhNDcwNWJjLWI3YjYtNGZhNy04NWJmLTg5OGM4MD
user_pref("CT3272718.mam_gk_currentVersion.enc", "MS4yLjAuMTI=");
user_pref("CT3272718.mam_gk_eventsCache.enc", "eyIyMzM1OTZjYi1lYzM3LTQ3OTQtOWExNi1kZGZiNTMwYjM5ZTgiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjpbIldlbGNvbWUiLCJWaWV3Il0sInVuaXF1ZUlk
user_pref("CT3272718.mam_gk_first_time.enc", "MQ==");
user_pref("CT3272718.mam_gk_gadgetOpen.enc", "MQ==");
user_pref("CT3272718.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
user_pref("CT3272718.mam_gk_lastLoginTime.enc", "MTM2MDIwMDE4MDYxOA==");
user_pref("CT3272718.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHM
user_pref("CT3272718.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT3272718.mam_gk_settings1.2.0.12.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMTIyXzAiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWV
user_pref("CT3272718.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
user_pref("CT3272718.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT3272718.mam_gk_userId.enc", "YmZjYzY5OTctN2VjNS00ZGEwLWE3ZDktNGYxODFhOTUyNjE2");
user_pref("CT3272718.mam_gk_user_apps_selection.enc", "");
user_pref("CT3272718.migrateAppsAndComponents", true);
user_pref("CT3272718.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://MixiDJToolbar
user_pref("CT3272718.openThankYouPage", "false");
user_pref("CT3272718.openUninstallPage", "true");
user_pref("CT3272718.price-gong.isManagedApp", "true");
user_pref("CT3272718.revertSettingsEnabled", "false");
user_pref("CT3272718.search.searchAppId", "130004885110157816");
user_pref("CT3272718.search.searchCount", "0");
user_pref("CT3272718.searchInNewTabEnabledByUser", "true");
user_pref("CT3272718.searchInNewTabEnabledInHidden", "true");
user_pref("CT3272718.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3272718.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3272718.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3272718.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3272718\"}");
user_pref("CT3272718.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://MixiDJToolbar.OurToolbar.com//xpi\"}");
user_pref("CT3272718.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"MixiDJ\"}");
user_pref("CT3272718.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3272718.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1360200161329");
user_pref("CT3272718.serviceLayer_services_appsMetadata_lastUpdate", "1360200161433");
user_pref("CT3272718.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1360200161035");
user_pref("CT3272718.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360200163808");
user_pref("CT3272718.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1360200161666");
user_pref("CT3272718.serviceLayer_services_searchAPI_lastUpdate", "1360200154506");
user_pref("CT3272718.serviceLayer_services_serviceMap_lastUpdate", "1360200153313");
user_pref("CT3272718.serviceLayer_services_toolbarContextMenu_lastUpdate", "1360200161451");
user_pref("CT3272718.serviceLayer_services_toolbarSettings_lastUpdate", "1360200154003");
user_pref("CT3272718.serviceLayer_services_translation_lastUpdate", "1360200161395");
user_pref("CT3272718.settingsINI", true);
user_pref("CT3272718.shouldFirstTimeDialog", "false");
user_pref("CT3272718.smartbar.CTID", "CT3272718");
user_pref("CT3272718.smartbar.Uninstall", "0");
user_pref("CT3272718.smartbar.homepage", "true");
user_pref("CT3272718.smartbar.toolbarName", "MixiDJ ");
user_pref("CT3272718.startPage", "true");
user_pref("CT3272718.toolbarBornServerTime", "7-2-2013");
user_pref("CT3272718.toolbarCurrentServerTime", "7-2-2013");
user_pref("CT3272718.toolbarDisabled", "true");
user_pref("CT3272718.url_history0001.enc", "aHR0cDovL3d3dy5ibGVlcGluZ2NvbXB1dGVyLmNvbS9mb3J1bXMvZm9ydW0xMDMuaHRtbDo6OmNsaWNraGFuZGxlcjo6OjEzNjAyMDI2MTM3MTIsLCxodHRwOi8vd3d3LmJ
user_pref("CT3272718_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1360203555550,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272718&SearchSource=13&CUI=UN29581770159151451");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxps://isearch.avg.com/search?cid=%7B46406424-97bc-4d64-b17f-e840856c6a40%7D&mid=15495726d91cc614c74e1b4a7dca15c9-6757d02b
user_pref("Smartbar.keywordURLSelectedCTID", "CT3272718");
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultthis.engineName", "MixiDJ Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272718&SearchSource=3&q={searchTerms}&CUI=UN29581770159151451");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272718&SearchSource=13&CUI=UN29581770159151451");
user_pref("ct3272718.UserID", "UN29581770159151451");
user_pref("keyword.URL", "hxxp://isearch.avg.com/search?pid=avg&sg=&cid=%7B46406424-97bc-4d64-b17f-e840856c6a40%7D&mid=15495726d91cc614c74e1b4a7dca15c9-6757d02be948c45dd48c31d
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3272718&SearchSource=13&CUI=UN29581770159151451");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272718&SearchSource=2&CUI=UN29581770159151451&q=");
user_pref("smartbar.machineId", "QB1F27WUWWZ8ZJC6W4BLSZOZC4B/MHOE3UTOGRNSP8MOHKSLFJBUOGGQS3D7P5/II9NYSLPLEL9RWTTQFDLXLW");
user_pref("smartbar.originalHomepage", "hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official|hxxp://support.mozilla.com/en-US/kb/Options%20window%20-%
user_pref("smartbar.originalSearchAddressUrl", "hxxps://isearch.avg.com/search?cid=%7B46406424-97bc-4d64-b17f-e840856c6a40%7D&mid=15495726d91cc614c74e1b4a7dca15c9-6757d02be948
user_pref("smartbar.originalSearchEngine", "");
Emptied folder: C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\4rkly1cl.default\minidumps [51 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/06/2013 at 20:52:07.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by bigguy3, 06 February 2013 - 09:54 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 07 February 2013 - 09:57 PM

Ok,

Sorry I am rusty on this XP step/

download to your desktop

LOOK ->>>  http://solutionfile.trendmicro.com/solutionfile/Titanium3/desktopxp.html

In step 2

Erase the File Name shown and use 123abc.exe

Click Save


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 bigguy3

bigguy3
  • Topic Starter

  • Members
  • 300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brandon, Mississippi
  • Local time:05:14 PM

Posted 08 February 2013 - 10:29 AM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.08.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: RONTOM-D6VN6DQS [administrator]

2/8/2013 9:19:10 AM
mbam-log-2013-02-08 (09-19-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209253
Time elapsed: 8 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 08 February 2013 - 11:21 AM

Do you see it any more?

 

SpywareBlaster 4.6 has been released

http://www.javacoolsoftware.com/spywareblaster.html

 

Also remove this.. Adobe Reader 9.5.1

Install Adobe Reader XI

http://www.adobe.com/products/reader.html


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 bigguy3

bigguy3
  • Topic Starter

  • Members
  • 300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brandon, Mississippi
  • Local time:05:14 PM

Posted 09 February 2013 - 09:33 AM

Thank you, Boopme ... the problems disappeared after running minitoolbox and JRT ... machine seems a little slow, but it's old and that may account for it.

 

Question: What is your advice about running JRT on a regular basis

and

what do you think about spybot? I used to run it a long time back but it got "clunky" and I ditched it ... I understand that it's much better, now.

 

Thank you for your time and trouble ... you're good folks.

Tom



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 09 February 2013 - 09:26 PM

You're welcome.

I'd like to run one more tool. It's pretty quick..

 

ADW Cleaner

 

Please download [URL="http://www.bleepingcomputer.com/download/adwcleaner/dl/125/"]AdwCleaner[/URL][/B] by Xplode onto your desktop.
[LIST]
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Search.
[*]A logfile will automatically open after the scan has finished.
[*]Please post the contents of that logfile with your next reply.
[*]You can find the logfile at [b]C:\AdwCleaner[R1].txt
as well.
[/LIST

 

 

I would keep MBAM,adwcleaner amd JRT. Run them once a week.  MBAM needs to be updated the others downloaded new each time for the latest version.

Up to you but you can buy a lifetime MBAM license thismonth for $18USD

 

 

There is sometime some slowness after cleaning as the temp files and others were removed and need repopulating as you browse your usual haunts.


Edited by boopme, 09 February 2013 - 09:29 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 bigguy3

bigguy3
  • Topic Starter

  • Members
  • 300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brandon, Mississippi
  • Local time:05:14 PM

Posted 09 February 2013 - 10:50 PM

# AdwCleaner v2.111 - Logfile created 02/09/2013 at 21:51:36
# Updated 05/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - RONTOM-D6VN6DQS
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Found : C:\Documents and Settings\Administrator\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4rkly1cl.default\CT3272718
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4rkly1cl.default\extensions\{c0c2693d-2ee8-47b4-9df7-b67a0ee31988}
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search

***** [Registry] *****

Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4rkly1cl.default\prefs.js

Found : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AV[...]

*************************

AdwCleaner[R1].txt - [4487 octets] - [09/02/2013 21:51:36]

########## EOF - C:\AdwCleaner[R1].txt - [4547 octets] ##########
 



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 09 February 2013 - 11:09 PM

i meant to add earlier keep those and remove Spybot..

 

Hmm ...now I think we should still run ESET.. It may need a couple hours.

 

 

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your

    next reply.

  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 bigguy3

bigguy3
  • Topic Starter

  • Members
  • 300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brandon, Mississippi
  • Local time:05:14 PM

Posted 10 February 2013 - 10:52 AM

Results of ESET scan:

 

C:\Documents and Settings\Administrator\Desktop\TOOL BOX\asc-setup.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Desktop\TOOL BOX\haxfix.exe    multiple threats    cleaned by deleting - quarantined
C:\System Volume Information\_restore{5A43CB3D-AF1E-4273-972C-6AA5FDAA12BD}\RP420\A0044075.exe    Win32/DownloadAdmin.G application    cleaned by deleting - quarantined
 

interesting notice from AVG during scan ... threat found ... moved to virus vault or quarentined ... can't recall

Tom



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 10 February 2013 - 03:48 PM

Ok, looks clean. Any issues?

Did you recently install Iobit?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 bigguy3

bigguy3
  • Topic Starter

  • Members
  • 300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brandon, Mississippi
  • Local time:05:14 PM

Posted 10 February 2013 - 05:22 PM

Did you recently install Iobit?

Not to my knowledge

 

What's up with the ESET "threats found"?



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 10 February 2013 - 06:45 PM

Well asc-setup.exe is the IOBit toolbar or app. I am tryig to see if it is somethng else like mixmeister.. I take it it is still there.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users