Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows live mail 2012 and hotmail will not synch, errors, and more problems


  • Please log in to reply
14 replies to this topic

#1 LulcyD

LulcyD

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 26 December 2013 - 06:34 PM

Mod Edit: Moved to Am I Infected ~~ boopme

I have Windows 7 64 bit, WLM 2012.
 
Received this message on WLM:
Server Error: 4402
Server: 'http://mail.services.live.com/DeltaSync_v2.0.0/Sync.aspx'
Windows Live Mail Error ID: 0x8DE00002 
 
Tried control panel solution to repair Windows Essentials components- no changes, still did not receive or send.
Added another account - now I have two or three of everything and none of the accounts receive or send.
Tried unistall, reinstall WLM - no changes. still did not receive or send
Tried uninstall, reinstall Windows Essentials - no changes still did not receive or send
deleted duplicate accounts - still did not receive or send.
 
Deleted WLM account, did a system restore, then reinstalled WLM, and added my account again and now have two of everything, plus lost some folders and all contacts. 
 
I can send and receive on Hotmail on line, however the email folders will not sync between on line Outlook and WLM, nor will the contacts.
 
Did an "SFC /SCANNOW and no problems were found. 
 
when I click on help (?) in WLM, it brings me to Windows Movie Maker q and a on the web.
 
tried regedit solution given to similar problem (delete key "ssl.live.com_MBI_SSL) - howerver, there is no such key on my computer in "Computer\HKEY_CURRENT_USER\Software\Microsofwindows Live\Communications Cl9ients\Shared\Policies"
 
sfc /scannow found no problems
malwarebytes anti-malware detected 24 registry keys and log stated 'no action taken'.
 
Windows hotmail on line and WLM  always opens up twice - hard to explain, but when open hotmail, one has to wait until it reloads itself to open anything or delete anything - or it just ignores anything one does.  After it reloads itself, it will work sometimes.
 
have posted this on Dec 22 to Microsoft forum, but have not had any replies.
 
Please help.
 
Please advise.  I have many emails that are important to my work.   thank you.  Lu


Edited by boopme, 26 December 2013 - 06:50 PM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:55 AM

Posted 26 December 2013 - 06:37 PM

Please post the Malwarebytes Log.

Then perform the following.

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.

  •     Click on Change Parameters and click Detect TDLFS File System.
  •     Click the Start Scan button.
  •     Do not use the computer during the scan
  •     If the scan completes with nothing found, click Close to exit.
  •     If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  •     Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  •     Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  •     A TDSSKiller text file would be saved in Local Disk C.
  •     Copy and paste the contents of that file in your next reply.
ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#3 LulcyD

LulcyD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 26 December 2013 - 06:53 PM

Dear Cryptodan

Here is the log.   Question, do I do all of the suggestions or pick one?  thanks.  :)

 

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.26.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Lucy :: LUCY-PC [administrator]

Protection: Enabled

26/12/2013 3:48:02 PM
mbam-log-2013-12-26 (15-48-02).txt

Scan type: Custom scan (log|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra
Objects scanned: 0
Time elapsed: 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)



#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:55 AM

Posted 26 December 2013 - 06:58 PM

Perform them all. Rerun Malwarebytes and perform a full scan after completion of the above.

#5 LulcyD

LulcyD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 27 December 2013 - 12:24 AM

Thanks again for all your advice.  Have completed "Detect TDLFS File System" and results were:  0 threats found.

Have completed adwcleaner.exe and results are below.  Will complete others tomorrow.

# AdwCleaner v3.016 - Report created 26/12/2013 at 21:15:01
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lucy - LUCY-PC
# Running from : C:\Users\Lucy\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\w3i
Folder Deleted : C:\Program Files (x86)\w3i
Folder Deleted : C:\Users\Lucy\AppData\Local\Conduit
Folder Deleted : C:\Users\Lucy\AppData\Local\Giant Savings
Folder Deleted : C:\Users\Lucy\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Lucy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Lucy\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Lucy\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Lucy\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Lucy\AppData\Roaming\Searchprotect
File Deleted : C:\END
File Deleted : C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\xi1h59dg.default-1369677764974\invalidprefs.js
File Deleted : C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\xi1h59dg.default-1369677764974\searchplugins\bingp.xml
File Deleted : C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\xi1h59dg.default-1369677764974\searchplugins\conduit-search.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100311.FCTB000100311Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100311.FCTB000100311Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100311.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100311.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100311.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100311.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Giant Savings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16750

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\xi1h59dg.default-1369677764974\prefs.js ]

-\\ Google Chrome v32.0.1700.41

[ File : C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [7941 octets] - [26/12/2013 21:14:12]
AdwCleaner[S0].txt - [7825 octets] - [26/12/2013 21:15:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7885 octets] ##########



#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:55 AM

Posted 27 December 2013 - 04:50 PM

How is the PC now?

#7 LulcyD

LulcyD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 27 December 2013 - 05:13 PM

It seems a bit faster and the WLM is now sending and receiving, although still has duplicates and no contact list. the online hotmail still opening twice.  the windows essentials, by the way, is now operating automatically - previously I had to manually start it most time.

Here are the results of the jrt log.   will now proceed to Farbar.  :)  thanks again.  :) 

 

~~~ Folders

Successfully deleted: [Folder] C:\Users\Lucy\AppData\LocalLow\FCTB000100311
Successfully deleted: [Folder] "C:\Users\Lucy\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\wiseconvert"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Lucy\appdata\local\{3789D637-97DD-464B-AD28-43D8C68FDE40}
Successfully deleted: [Empty Folder] C:\Users\Lucy\appdata\local\{6995CA2E-BF7D-4758-BDC7-9472338E802B}

 

~~~ FireFox

Emptied folder: C:\Users\Lucy\AppData\Roaming\mozilla\firefox\profiles\xi1h59dg.default-1369677764974\minidumps [98 files]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/12/2013 at 13:32:44.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#8 LulcyD

LulcyD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 27 December 2013 - 05:19 PM

FSS log

 

============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****



#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:55 AM

Posted 27 December 2013 - 05:27 PM

Can you rerun Malwarebytes with a full scan now?

Can you take a screenshot or picture of the hotmail online thing?

#10 LulcyD

LulcyD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 27 December 2013 - 07:51 PM

Hi, here is full scan of Malware.  Do I delete all the quarantined items?   Thanks much!

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.27.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Lucy :: LUCY-PC [administrator]

Protection: Enabled

27/12/2013 2:48:40 PM
MBAM-log-2013-12-27 (16-39-34).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 521053
Time elapsed: 1 hour(s), 32 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Lucy\AppData\Local\Temp\CT3318857 (PUP.Optional.Conduit.A) -> No action taken.

Files Detected: 12
C:\Qoobox\Quarantine\C\Users\Lucy\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir (PUP.Optional.DefaultTab) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Lucy\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe.vir (PUP.Optional.DefaultTab) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Lucy\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe.vir (PUP.Optional.DefaultTab) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Lucy\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll.vir (PUP.Optional.DefaultTab) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Lucy\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll.vir (PUP.Optional.DefaultTab) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Lucy\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe.vir (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Lucy\My Documents as of Oct 15 2012\Downloads\installfreefileopener_553.exe (PUP.Optional.InstallIQ.A) -> No action taken.
C:\Users\Lucy\My Documents as of Oct 15 2012\Downloads\bytewdownload\installmanager.exe (PUP.Adware.Agent) -> No action taken.
C:\Users\Lucy\My Documents as of Oct 15 2012\Email conversions docs\Downloads\7Zip_Setup.exe (Adware.IBryte) -> No action taken.
C:\Users\Lucy\Old files from small verbatim May 28 2013\Backup\My Documents\Downloads\7Zip_Setup.exe (Adware.IBryte) -> No action taken.
C:\Users\Lucy\Old files from small verbatim May 28 2013\Backup\My Documents\Downloads\bytewdownload\installmanager.exe (PUP.Adware.Agent) -> No action taken.
C:\Users\Lucy\AppData\Local\Temp\CT3318857\ddt.csf (PUP.Optional.Conduit.A) -> No action taken.

(end)



#11 LulcyD

LulcyD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 27 December 2013 - 08:10 PM

This is the first screen when open hotmail, below is the screen 2 seconds later - notice the check mark has been deleted when it refreshed?  itself. If I had tried to delete anything, hotmail would have ignored it until it "refreshed", cleared all and restarted.   Thanks. Lu

 

I can't seem to copy and paste the screen shot.  Nor do I see a way to insert a file on this reply.  Below is all that happens when I copy the screen shot from Word.   Sorry.

 

I downloaded a KLS email backup software for WLM, however the software says there is nothing to back up, no plug ins.  :(
 

 



#12 LulcyD

LulcyD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 01 January 2014 - 04:13 PM

Update January 1, 2014 [Happy New Year]

I tried to import saved emails to new WLM account.  The folders that imported are empty.  Other folders did not import. However, if I try to move a message, all the missing folders appear in the menu. WLM and Outlook on line will not sync.   Have not received any answer from Microsoft help forum.  KLS email backup says there is not WLM to back up, no plug in, freezes and crashes the computer.    Delete Duplicates software says there are no WLM folders.

Yet, WLM will send and receive most of the time - although still has times when it cannot send or receive.

Also, when on line, click to go to a website, the page opens, then closes, then opens.  

This also happens when I boot up the computer.  All the icons appear blank, then fill in, then go blank, then fill in.   If you click on the icon the first time it appears, nothing happens.   I think a gremlin lives in my computer.

Any further help would be very much appreciated.  Thank you.  Lu



#13 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:55 AM

Posted 01 January 2014 - 06:50 PM

Can you rerun Malwarebytes and remove the detections?

#14 LulcyD

LulcyD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 01 January 2014 - 11:16 PM

thank you for your patience! 

I ran a full malware and it detected nothing as you can see.   I deleted all the ones in quarantine from the previous scan.

I guess I'll have to take my laptop in unless there is something else we can try?  Lu

 

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.01.01.03

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16750

Lucy :: LUCY-PC [administrator]

 

Protection: Enabled

 

01/01/2014 6:16:23 PM

mbam-log-2014-01-01 (18-16-23).txt

 

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 524878

Time elapsed: 1 hour(s), 9 minute(s), 41 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)



#15 LulcyD

LulcyD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 05 January 2014 - 08:55 AM

A big thank you to all who tried to help.  I have tried all the suggestions and ended up bringing in the computer to a local repair shop. The end result is that I have removed Windows Essentials and Windows Live Mail from the computer and closed the Hotmail account.

Not a true 'fix', but it has resolved the problems.  :)  :)  :)  Take care.  Great site.  I learned a lot.  Lu






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users