Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

removing cherchi.biz


  • Please log in to reply
9 replies to this topic

#1 ernemmer

ernemmer

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:49 PM

Posted 31 July 2013 - 08:19 PM

Hello I am not sure if this is the correct spot for this question however I need help in removing

 

cherchi.biz I don't know where it came from and cannot find it on my computer to uninstall can you help me with this?

 

Thank you



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 PM

Posted 31 July 2013 - 09:48 PM

Hello I split you to your own topic here.

Lets start here.. What browser do you use?

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ernemmer

ernemmer
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:49 PM

Posted 01 August 2013 - 04:52 PM

Thank you...so far this is what I have

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Nesto (administrator) on 01-08-2013 at 17:46:39
Running from "C:\Users\Nesto\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom 4313 802.11b/g/n = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?6 subinterface=ethernet_9 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Nesto-HP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : E0-2A-82-3A-26-61
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom 4313 802.11b/g/n
   Physical Address. . . . . . . . . : E0-2A-82-3A-26-61
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::54ec:e242:e10a:afaf%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.13(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, August 01, 2013 5:31:08 PM
   Lease Expires . . . . . . . . . . : Thursday, August 01, 2013 6:31:08 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 367012482
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-8B-CA-69-3C-4A-92-C7-29-4E
   DNS Servers . . . . . . . . . . . : 64.233.217.2
                                       64.233.217.3
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : E0-2A-82-04-A8-82
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1A1ABD4B-A71B-45F6-A037-C9B62F0D6A5F}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D9B1BB64-57BB-4412-BEF9-F27D0E4F221B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:38e3:2d49:3f57:fff2(Preferred)
   Link-local IPv6 Address . . . . . : fe80::38e3:2d49:3f57:fff2%34(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{C34EA80B-5663-4116-97FD-E81363AB9043}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C94CCAA1-E342-41CC-BF77-6A4494C86502}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  try11-dns1.try.wideopenwest.com
Address:  64.233.217.2

Name:    google.com
Addresses:  2607:f8b0:4006:801::1005
      74.125.226.233
      74.125.226.225
      74.125.226.228
      74.125.226.229
      74.125.226.226
      74.125.226.232
      74.125.226.230
      74.125.226.231
      74.125.226.238
      74.125.226.227
      74.125.226.224


Pinging google.com [74.125.226.228] with 32 bytes of data:
Reply from 74.125.226.228: bytes=32 time=29ms TTL=57
Reply from 74.125.226.228: bytes=32 time=31ms TTL=57

Ping statistics for 74.125.226.228:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 29ms, Maximum = 31ms, Average = 30ms
Server:  try11-dns1.try.wideopenwest.com
Address:  64.233.217.2

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=81ms TTL=52
Reply from 98.138.253.109: bytes=32 time=120ms TTL=52

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 81ms, Maximum = 120ms, Average = 100ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=8ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 8ms, Average = 6ms
===========================================================================
Interface List
 19...e0 2a 82 3a 26 61 ......Microsoft Virtual WiFi Miniport Adapter
 13...e0 2a 82 3a 26 61 ......Broadcom 4313 802.11b/g/n
 11...e0 2a 82 04 a8 82 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
 47...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
 17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
 27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 34...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.13     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.13    281
     192.168.0.13  255.255.255.255         On-link      192.168.0.13    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.13    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.13    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.13    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 34     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 34     58 2001::/32                On-link
 34    306 2001:0:9d38:6ab8:38e3:2d49:3f57:fff2/128
                                    On-link
 13    281 fe80::/64                On-link
 34    306 fe80::/64                On-link
 34    306 fe80::38e3:2d49:3f57:fff2/128
                                    On-link
 13    281 fe80::54ec:e242:e10a:afaf/128
                                    On-link
  1    306 ff00::/8                 On-link
 34    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/29/2013 06:31:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6708

Error: (07/29/2013 06:31:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6708

Error: (07/29/2013 06:31:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/29/2013 06:31:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5553

Error: (07/29/2013 06:31:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5553

Error: (07/29/2013 06:31:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/29/2013 06:31:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4461

Error: (07/29/2013 06:31:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4461

Error: (07/29/2013 06:31:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/29/2013 06:31:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3416


System errors:
=============
Error: (08/01/2013 05:33:15 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (07/31/2013 09:22:46 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (07/31/2013 08:48:01 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (07/31/2013 01:38:14 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (07/31/2013 08:42:16 AM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (07/30/2013 10:05:52 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (07/30/2013 05:59:55 AM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (07/30/2013 05:04:02 AM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (07/29/2013 05:27:13 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2

Error: (07/28/2013 10:23:54 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (07/29/2013 06:31:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6708

Error: (07/29/2013 06:31:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6708

Error: (07/29/2013 06:31:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/29/2013 06:31:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5553

Error: (07/29/2013 06:31:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5553

Error: (07/29/2013 06:31:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/29/2013 06:31:31 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4461

Error: (07/29/2013 06:31:31 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4461

Error: (07/29/2013 06:31:31 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/29/2013 06:31:30 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3416


CodeIntegrity Errors:
===================================
  Date: 2011-02-24 12:32:27.217
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Protector Plus\PPEMSCAN.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-02-24 12:32:27.164
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Protector Plus\PPEMSCAN.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-02-23 19:23:21.406
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Protector Plus\PPEMSCAN.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-02-23 19:23:21.389
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Protector Plus\PPEMSCAN.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-02-23 19:19:16.562
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Protector Plus\PPDRV.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-02-23 19:19:16.513
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Protector Plus\PPDRV.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

4500_G510nz_Help (Version: 000.0.439.000)
4500G510nz (Version: 000.0.439.000)
4500G510nz_Software_Min (Version: 000.0.423.000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Acrobat.com (Version: 1.6.65)
Adobe Acrobat XI Pro (Version: 11.0.03)
Adobe AIR (Version: 2.5.1.17730)
Adobe Download Assistant (Version: 1.2.5)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Angry Birds Rio (Version: 1.2.2)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ARO 2011 (Version: 7.0)
Battlelog Web Plugins (Version: 2.1.2)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Belarc Advisor 8.2 (Version: 8.2.7.7)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Broadcom 2070 Bluetooth 3.0 (Version: 6.3.0.5600)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
BufferChm (Version: 130.0.331.000)
Build-a-lot 2 (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
Cisco Connect (Version: 1.4.12005.2)
CyberLink DVD Suite (Version: 7.0.3003)
CyberLink MediaShow (Version: 5.0.1616)
CyberLink PowerDVD 9 (Version: 9.0.1.4217)
CyberLink YouCam (Version: 3.0.2511)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DocMgr (Version: 130.0.000.000)
DocProc (Version: 13.0.0.0)
Dora's Carnival Adventure (Version: 2.2.0.95)
Emsisoft Anti-Malware (Version: 6.0)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
ESU for Microsoft Windows 7 (Version: 1.0.0)
FATE (Version: 2.2.0.95)
Fax (Version: 130.0.418.000)
Final Drive Nitro (Version: 2.2.0.95)
GPBaseService2 (Version: 130.0.371.000)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet 1050 J410 series Basic Device Software (Version: 28.0.1313.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
HP Deskjet 1050 J410 series Product Improvement Study (Version: 28.0.1313.0)
HP Document Manager 2.0 (Version: 2.0)
HP Documentation (Version: 1.1.0.0)
HP Games (Version: 1.0.1.3)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP Officejet 4500 G510n-z (Version: 13.0)
HP Photo Creations (Version: 1.0.0.3611)
HP Power Manager (Version: 1.2.3)
HP Product Detection (Version: 11.14.0001)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.1.4186.3400)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Software Framework (Version: 4.1.6.1)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.003.001)
HP Wireless Assistant (Version: 4.0.9.0)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
iCloud (Version: 2.1.2.8)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2131)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
iTunes (Version: 11.0.4.4)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 33 (Version: 6.0.330)
Java™ 7 (64-bit) (Version: 7.0.0)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2907)
LG United Mobile Drivers (Version: 3.4.0.0)
LightScribe System Software (Version: 1.18.15.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Store Download Manager (Version: 2.6.3411.2)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 130.0.374.000)
Network64 (Version: 140.0.221.000)
O&O Defrag Free Edition (Version: 14.1.431)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
Protector Plus for Windows
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6066)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30105)
RealUpgrade 1.1 (Version: 1.1.0)
Recovery Manager (Version: 5.5.3023)
Rosetta Stone Version 3 (Version: 3.4.5.0)
Roxio CinemaNow 2.0 (Version: 1.0.278)
RtVOsd (Version: 1.0.3)
Scan (Version: 13.0.0.0)
Search Protect by conduit (Version: 1.5.0.71)
Shop for HP Supplies (Version: 13.0)
SiteSpinner Web Design Studio Pro (Version: 2.91.9)
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.373.000)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.0.17.4)
System Requirements Lab for Intel (Version: 4.5.11.0)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Web CEO 10.0 (Version: 10.0)
WebReg (Version: 130.0.132.017)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.36)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 3893.86 MB
Available physical RAM: 2362.63 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 6042.66 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.04 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:280.69 GB) (Free:196.7 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:17.1 GB) (Free:2.47 GB) NTFS

========================= Users: ========================================

User accounts for \\NESTO-HP

Administrator            Guest                    Nesto                    


**** End of log ****
 



#4 ernemmer

ernemmer
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:49 PM

Posted 01 August 2013 - 05:02 PM

This is the AswCleaner I only did a  search because I'm not sure what I should delete and it didn't give me that option....Thank you

 

# AdwCleaner v2.306 - Logfile created 08/01/2013 at 17:57:02
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Nesto - NESTO-HP
# Boot Mode : Normal
# Running from : C:\Users\Nesto\Downloads\AdwCleaner(2).exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Users\Nesto\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\vi2vns9g.default-1367698570289\searchplugins\delta.xml
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\ProgramData\APN
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Users\Nesto\AppData\Local\Conduit
Folder Found : C:\Users\Nesto\AppData\Local\SwvUpdater
Folder Found : C:\Users\Nesto\AppData\Local\Temp\CT3289847
Folder Found : C:\Users\Nesto\AppData\LocalLow\Conduit
Folder Found : C:\Users\Nesto\AppData\Roaming\Babylon
Folder Found : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\vi2vns9g.default-1367698570289\CT3289847
Folder Found : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\vi2vns9g.default-1367698570289\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Found : C:\Users\Nesto\AppData\Roaming\SearchProtect

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\SearchProtect
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\systweak
Key Found : HKLM\SOFTWARE\Wow6432Node\5953dfd9bd6aee40
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKU\S-1-5-21-30895430-1434121492-3727821452-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN12276165711321626&UM=2&UP=SP053707BA-8EE9-4B56-96D6-8509CCAC473E

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\o9zht9t3.default\prefs.js

[OK] File is clean.

File : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\vi2vns9g.default-1367698570289\prefs.js

Found : user_pref("CT3289847.FF19Solved", "true");
Found : user_pref("CT3289847.UserID", "UN39122474782702221");
Found : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");
Found : user_pref("CT3289847.fullUserID", "UN39122474782702221.IN.20130703162850");
Found : user_pref("CT3289847.installDate", "03/07/2013 16:28:50");
Found : user_pref("CT3289847.installSessionId", "{8D0931A2-CB81-4AAE-A287-A6AE46123490}");
Found : user_pref("CT3289847.installSp", "false");
Found : user_pref("CT3289847.keyword", "true");
Found : user_pref("CT3289847.originalHomepage", "hxxp://www.google.com/");
Found : user_pref("CT3289847.originalSearchAddressUrl", "");
Found : user_pref("CT3289847.originalSearchEngine", "");
Found : user_pref("CT3289847.searchRevert", "true");
Found : user_pref("CT3289847.searchUserMode", "2");
Found : user_pref("CT3289847.smartbar.homepage", "true");
Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN39122474[...]
Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI[...]
Found : user_pref("extensions.delta.admin", false);
Found : user_pref("extensions.delta.aflt", "babsst");
Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Found : user_pref("extensions.delta.autoRvrt", "false");
Found : user_pref("extensions.delta.dfltLng", "en");
Found : user_pref("extensions.delta.excTlbr", false);
Found : user_pref("extensions.delta.ffxUnstlRst", true);
Found : user_pref("extensions.delta.id", "2e109f21000000000000e02a823a2661");
Found : user_pref("extensions.delta.instlDay", "15863");
Found : user_pref("extensions.delta.instlRef", "sst");
Found : user_pref("extensions.delta.newTab", false);
Found : user_pref("extensions.delta.prdct", "delta");
Found : user_pref("extensions.delta.prtnrId", "delta");
Found : user_pref("extensions.delta.rvrt", "false");
Found : user_pref("extensions.delta.smplGrp", "none");
Found : user_pref("extensions.delta.tlbrId", "base");
Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Found : user_pref("extensions.delta.vrsn", "1.8.21.5");
Found : user_pref("extensions.delta.vrsnTs", "1.8.21.516:54:14");
Found : user_pref("extensions.delta.vrsni", "1.8.21.5");
Found : user_pref("extensions.delta_i.babExt", "");
Found : user_pref("extensions.delta_i.babTrack", "affID=122786");
Found : user_pref("extensions.delta_i.srcExt", "ss");
Found : user_pref("smartbar.addressBarOwnerCTID", "CT3289847");
Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN391224747[...]
Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847");
Found : user_pref("smartbar.homePageOwnerCTID", "CT3289847");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Nesto\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.1] : urls_to_restore_on_startup ={"backup":{"_signature":"QG4oVnYZfJmp33VmKSN+/WT3fdSnZFWXQHC/x8LpeVU=","_version":4,"browser":{"show_home_button":true},"extensions":{"ids":["ahfgeienlihckogmohjhadlkjgocpleb","blpcfgokakmgnkcojhhkbfbldkacnbeo","coobgpohoikkiipiblmjeljniedjpjpf","idhngdhcfkoamngbedgpaokgjbnpdiji","pjkljhegncpnkpknbcohdijeoejaedia"]},"homepage":"hxxp://www.google.com/","homepage_is_newtabpage":false,"session":{"restore_on_startup":4,["hxxp://www.google.com/"]}},"browser":{"last_known_google_url":"hxxp://www.google.com/","last_prompted_google_url":"hxxp://www.google.com/","show_home_button":true,"window_placement":{"bottom":850,"left":10,"maximized":false,"right":1060,"top":10,"work_area_bottom":860,"work_area_left":0,"work_area_right":1600,"work_area_top":0}},"countryid_at_install":21843,"default_apps":"install","default_apps_install_state":1,"distribution":{"alternate_shortcut_text":false,"chrome_shortcut_icon_index":0,"create_all_shortcuts":true,"do_not_launch_chrome":true,"import_history":false,"import_home_page":false,"import_search_engine":false,"make_chrome_default":true,"show_welcome_page":true,"skip_first_run_ui":true,"verbose_logging":false},"dns_prefetching":{"host_referral_list":[2,["hxxp://www.google.com/",["hxxp://ssl.gstatic.com/",2.27338020,"hxxp://www.google.com/",5.246261999999999]],["hxxps://2542116.fls.doubleclick.net/",["hxxps://ad.yieldmanager.com/",3.924981199999999,"hxxps://cm.g.doubleclick.net/",2.60370040,"hxxps://cookex.amp.yahoo.com/",2.60370040,"hxxps://g-pixel.invitemedia.com/",2.60370040,"hxxps://googleads.g.doubleclick.net/",3.264340799999999,"hxxps://segment-pixel.invitemedia.com/",2.60370040,"hxxps://www.google.com/",2.60370040,"hxxps://www.googleadservices.com/",3.594660999999999]],["hxxps://plusone.google.com/",["hxxps://plusone.google.com/",2.60370040,"hxxps://ssl.gstatic.com/",2.27338020]],["hxxps://www.google.com/",["hxxps://2542116.fls.doubleclick.net/",2.60370040,"hxxps://apis.google.com/",2.60370040,"hxxps://fls.doubleclick.net/",3.264340799999999,"hxxps://fonts.googleapis.com/",2.27338020,"hxxps://plusone.google.com/",2.60370040,"hxxps://ssl.google-analytics.com/",2.60370040,"hxxps://ssl.gstatic.com/",2.27338020,"hxxps://themes.googleusercontent.com/",3.264340799999999,"hxxps://tools.google.com/",2.27338020,"hxxps://www.google.com/",5.906902399999998]]],"startup_list":[1,"hxxp://ssl.gstatic.com/","hxxp://tools.google.com/","hxxp://www.google.com/","hxxps://apis.google.com/","hxxps://fls.doubleclick.net/","hxxps://fonts.googleapis.com/","hxxps://ssl.google-analytics.com/","hxxps://ssl.gstatic.com/","hxxps://themes.googleusercontent.com/","hxxps://www.google.com/"]},"download":{"directory_upgrade":true},"extensions":{"autoupdate":{"next_check":"13003489508631072"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"app_launcher_ordinal":"n","page_ordinal":"n"},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_permissions":{"api":["appNotifications"]},"app_launcher_ordinal":"t","events":["runtime.onInstalled"],"from_bookmark":true,"from_webstore":true,"install_time":"13003471365439489","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"en_US","default_locale":"en","description":"The world's most popular online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","name":"YouTube","permissions":["appNotifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.5"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.5_0","state":1},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"app_launcher_ordinal":"w","events":["runtime.onInstalled"],"from_bookmark":true,"from_webstore":true,"install_time":"13003471366341489","location":2,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"en_US","default_locale":"en","description":"The fastest way to search the web.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","name":"Google Search","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"0.0.0.19"},"page_ordinal":"n","path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.19_0","state":1},"idhngdhcfkoamngbedgpaokgjbnpdiji":{"active_permissions":{"api":["tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"events":["runtime.onInstalled"],"from_bookmark":false,"from_webstore":false,"install_time":"13003471359201489","location":3,"manifest":{"background_page":"background.html","content_scripts":[{"all_frames":true,"js":["contentscript.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_idle"}],"description":"Detects all recordable content on the browser","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIwlyxIOu0hwMoAcBARugBpVhj7EGgYOAP2Fl/1dfiz6Z250yRI76IyXJvgOTbPYkbWguSD7kAcxsj25UMDyPs97CSQdqNFfqo212NRd7QWCV4hdqE2VR2KBLB5Ns4quB1GmCVzqNR83CCRu8RcONuamJ0FHQwmPSNbcDLkhuvuwIDAQAB","name":"RealDownloader","permissions":["tabs","hxxp://*/*","hxxps://*/*"],"version":"1.3.0"},"path":"idhngdhcfkoamngbedgpaokgjbnpdiji\\1.3.0_0","state":1},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"]},"app_launcher_ordinal":"x","events":["runtime.onInstalled"],"from_bookmark":false,"from_webstore":true,"install_time":"13003471367305489","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxps://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"en_US","default_locale":"en","description":"Fast, searchable email with less spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Gmail","options_page":"hxxps://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"7"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\7_0","state":1}}},"first_run_tabs":["hxxp://www.google.com/","hxxp://welcome_page"],"homepage":"hxxp://www.google.com/","homepage_is_newtabpage":false,"ntp":{"promo_resource_cache_update":"1358997759.509489"},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"migrated_to_pepper_flash":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"pref_version":1},"exited_cleanly":true,"name":"First user"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,["hxxp://www.google.com/"]},"sync_promo":{"show_on_first_run_allowed":false}}

*************************

AdwCleaner[R1].txt - [14918 octets] - [01/08/2013 17:57:02]
AdwCleaner[S1].txt - [2135 octets] - [21/01/2013 17:30:18]

########## EOF - C:\AdwCleaner[R1].txt - [15039 octets] ##########
 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 PM

Posted 01 August 2013 - 06:57 PM

OK, they all can go
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Then in control panel Uninstall these,they areoutdaed and exploitable.

Java™ 6 Update 33 (Version: 6.0.330)
Java™ 7 (64-bit) (Version: 7.0.0)

Reboot
Install Version 7 Update 25
 
 
Run ESET online scanner ....
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 ernemmer

ernemmer
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:49 PM

Posted 02 August 2013 - 11:31 AM

Hello   here is the AdwCleaner log file.... I started the online scanner but had to stop it - working afternoons today... will get it to you later.  Thank you

 

 

 

# AdwCleaner v2.306 - Logfile created 08/02/2013 at 11:25:39
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Nesto - NESTO-HP
# Boot Mode : Normal
# Running from : C:\Users\Nesto\Downloads\AdwCleaner(2).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\Nesto\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\vi2vns9g.default-1367698570289\searchplugins\delta.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Nesto\AppData\Local\Conduit
Folder Deleted : C:\Users\Nesto\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Nesto\AppData\Local\Temp\CT3289847
Folder Deleted : C:\Users\Nesto\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Nesto\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\vi2vns9g.default-1367698570289\CT3289847
Folder Deleted : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\vi2vns9g.default-1367698570289\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Deleted : C:\Users\Nesto\AppData\Roaming\SearchProtect

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Wow6432Node\5953dfd9bd6aee40
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN12276165711321626&UM=2&UP=SP053707BA-8EE9-4B56-96D6-8509CCAC473E --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\o9zht9t3.default\prefs.js

[OK] File is clean.

File : C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\vi2vns9g.default-1367698570289\prefs.js

C:\Users\Nesto\AppData\Roaming\Mozilla\Firefox\Profiles\vi2vns9g.default-1367698570289\user.js ... Deleted !

Deleted : user_pref("CT3289847.FF19Solved", "true");
Deleted : user_pref("CT3289847.UserID", "UN39122474782702221");
Deleted : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");
Deleted : user_pref("CT3289847.fullUserID", "UN39122474782702221.IN.20130703162850");
Deleted : user_pref("CT3289847.installDate", "03/07/2013 16:28:50");
Deleted : user_pref("CT3289847.installSessionId", "{8D0931A2-CB81-4AAE-A287-A6AE46123490}");
Deleted : user_pref("CT3289847.installSp", "false");
Deleted : user_pref("CT3289847.keyword", "true");
Deleted : user_pref("CT3289847.originalHomepage", "hxxp://www.google.com/");
Deleted : user_pref("CT3289847.originalSearchAddressUrl", "");
Deleted : user_pref("CT3289847.originalSearchEngine", "");
Deleted : user_pref("CT3289847.searchRevert", "true");
Deleted : user_pref("CT3289847.searchUserMode", "2");
Deleted : user_pref("CT3289847.smartbar.homepage", "true");
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN39122474[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI[...]
Deleted : user_pref("extensions.delta.admin", false);
Deleted : user_pref("extensions.delta.aflt", "babsst");
Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Deleted : user_pref("extensions.delta.autoRvrt", "false");
Deleted : user_pref("extensions.delta.dfltLng", "en");
Deleted : user_pref("extensions.delta.excTlbr", false);
Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Deleted : user_pref("extensions.delta.id", "2e109f21000000000000e02a823a2661");
Deleted : user_pref("extensions.delta.instlDay", "15863");
Deleted : user_pref("extensions.delta.instlRef", "sst");
Deleted : user_pref("extensions.delta.newTab", false);
Deleted : user_pref("extensions.delta.prdct", "delta");
Deleted : user_pref("extensions.delta.prtnrId", "delta");
Deleted : user_pref("extensions.delta.rvrt", "false");
Deleted : user_pref("extensions.delta.smplGrp", "none");
Deleted : user_pref("extensions.delta.tlbrId", "base");
Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.516:54:14");
Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Deleted : user_pref("extensions.delta_i.babExt", "");
Deleted : user_pref("extensions.delta_i.babTrack", "affID=122786");
Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3289847");
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN391224747[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847");
Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3289847");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Nesto\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : urls_to_restore_on_startup ={"backup":{"_signature":"QG4oVnYZfJmp33VmKSN+/WT3fdSnZFWXQHC/x8LpeVU=","_version":4,"browser":{"show[...]

*************************

AdwCleaner[R1].txt - [15101 octets] - [01/08/2013 17:57:02]
AdwCleaner[S1].txt - [2135 octets] - [21/01/2013 17:30:18]
AdwCleaner[S2].txt - [7968 octets] - [02/08/2013 11:25:39]

########## EOF - C:\AdwCleaner[S2].txt - [8028 octets] ##########
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 PM

Posted 02 August 2013 - 07:12 PM

Good, lets see how it is after ESET.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 ernemmer

ernemmer
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:49 PM

Posted 04 August 2013 - 10:51 PM

Thank you for your patience.....I completed the scan and have the results below......I did not see the cherchi.biz  and it is still appearing in my browser.  Thank you

 

 

 

 

 

 

 

C:\Users\Nesto\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RV6OI4JI\installer-silent[1].exe    a variant of Win32/Adware.CouponAmazing.A application  cleaned by deleting - quarantined

C:\Users\Nesto\AppData\Local\Temp\getsavin-1360876817.exe   a variant of Win32/Adware.CouponAmazing.A application  cleaned by deleting - quarantined

C:\Users\Nesto\Downloads\FlashVideoPlayer(1).exe      a variant of Win32/Adware.iBryte.G application cleaned by deleting - quarantined

C:\Users\Nesto\Downloads\FlashVideoPlayer.exe   a variant of Win32/Adware.iBryte.G application cleaned by deleting - quarantined



#9 ernemmer

ernemmer
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:49 PM

Posted 04 August 2013 - 10:55 PM

Also ....for Java

8/4/13 11:54 PM: Java(TM) 6 Update 33 wasn't uninstalled because of the following error: This action is only valid for products that are currently installed. (error code is 1605)
8/4/13 11:54 PM: Java(TM) 7 (64-bit) was uninstalled successfully


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 PM

Posted 04 August 2013 - 11:04 PM

Ok, appears we need to get a deeper look to see what is holding it. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users