Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ran adwcleaner, now internet won't open


  • Please log in to reply
3 replies to this topic

#1 elgoldo

elgoldo

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:36 PM

Posted 30 December 2013 - 09:20 AM

CondoBloke,

Thanks for following up with me on previous post.

I tried your suggestion to enable 'run as administrator' and upon running the 2nd dos command was able to get internet connection.  Also just ran JRT and will post the log file when it's done scanning.

 

Thanks again!!



BC AdBot (Login to Remove)

 


#2 elgoldo

elgoldo
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:36 PM

Posted 30 December 2013 - 09:24 AM

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Abigail on Mon 12/30/2013 at  9:06:58.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0C848670-0462-4D4D-8330-97A4F95BAD7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5194D70F-3E1B-4369-BBD5-1CFED5E1FA29}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0C848670-0462-4D4D-8330-97A4F95BAD7E}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\social privacy"
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{04F87C2F-EE08-4FB6-B006-69D8C196CA68}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{1D1310E6-362D-4655-AE0C-A78611EBA0EB}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{2CCD22C0-E126-4074-9BCA-BA31E0EC2A9B}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{458D4A30-8521-48FA-A40B-675BFB5E5CB4}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{49C121CE-40E5-4ECD-A642-2F0BC8B43C6A}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{49F4F1E4-9076-4B46-B404-C0AF383EED10}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{4B373B40-CE3A-4D65-B4A5-61CA36EFB945}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{4C5E24F0-D107-40A2-AEB5-A8F227E97D9E}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{4F050F56-EEF9-47C6-AAA2-6E7A0A0258FE}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{5702A425-F0A2-4B06-9E61-18121F46C2BD}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{6B77775A-1B1C-4B7F-89D0-2599D5504857}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{86A481A4-90CC-4222-BFCD-26AE2B583C44}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{A2BFE790-05A9-4BFB-922C-63255B85F421}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{AE10239B-204E-4646-A055-7050EBD497CB}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{B1BCBE44-73D4-477D-811E-D6138F927E9C}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{DEA4ACA3-309B-4C46-BDB6-8FFA421E35EE}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{DFE359E1-CD42-4DE4-A4CE-D2B0A01A41C4}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{EA293F84-B8E0-422F-87E8-A313F2828264}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{EA55B087-754C-49DF-BCDB-679EAAA3621C}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{EF958A3A-96FF-4EA6-A1C4-1C515B218A83}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{F1D461DB-D1BA-46D8-804D-1F91A6462A49}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{F85CB977-F88F-4B7A-8119-0EC96B4063E3}
Successfully deleted: [Empty Folder] C:\Users\Abigail\appdata\local\{FFB8D345-FBB9-447E-A198-FB40EA9B8743}



~~~ FireFox

Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\ecyoivyyjrojzoyplneg@nrbkkafymvigofepbi.org"
Successfully deleted the following from C:\Users\Abigail\AppData\Roaming\mozilla\firefox\profiles\md5fagz9.default\prefs.js

user_pref("settings.premium.greatarcadehits.cl_addonData", "hxxp://tt.greatarcadehits.com/cljs?options=YTEyOTM0OTk0NzmuRX6bUHd4Jlym8ok28e84lwICRDeVul8QJ%2FlXp48vDuAtbTV9ejfStx
Emptied folder: C:\Users\Abigail\AppData\Roaming\mozilla\firefox\profiles\md5fagz9.default\minidumps [178 files]



~~~ Event Viewer Logs were cleared



#3 elgoldo

elgoldo
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:36 PM

Posted 30 December 2013 - 09:54 AM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.30.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Abigail :: ABIGAIL-HP [administrator]

12/30/2013 9:45:16 AM
mbam-log-2013-12-30 (09-45-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211958
Time elapsed: 4 minute(s), 59 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 4624 -> Delete on reboot.

Memory Modules Detected: 1
C:\Users\Abigail\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.

Registry Keys Detected: 23
HKLM\SYSTEM\CurrentControlSet\Services\Update Jump Flip (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{f325945d-dafe-4312-95d8-1913aeb1d810} (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKCR\Interface\{4318395F-DFF1-48AF-B5F0-958E93D16D56} (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DB9FDFE-B718-4962-BE0C-0A5FCE7F7F7B} (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKCR\TypeLib\{DCB1CD02-42FC-4447-B833-6405CE328D62} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKCR\Interface\{96B7C08E-01F0-491A-8509-9741CF47039F} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites (PUP.Optional.Updater) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WordOv (PUP.Optional.WordOV) -> Quarantined and deleted successfully.
HKCU\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE} (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKLM\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Abigail\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0H1L1J1L1S1R1N -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}|DisplayName (PUP.Optional.Adpeak) -> Data: Level Quality Watcher -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\Program Files (x86)\Jump Flip (PUP.Optional.JumpFlip.A) -> Delete on reboot.
C:\Users\Abigail\AppData\Roaming\DigitalSites\UpdateProc (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Local\WordOv (PUP.Optional.WordOV) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Delete on reboot.
C:\Users\Abigail\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.

Files Detected: 36
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Delete on reboot.
C:\Program Files (x86)\Jump Flip\JumpFlipBHO.dll (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1749582209-792498010-115850160-1001\$RF1EXO4.exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1749582209-792498010-115850160-1001\$RGVZ5P9.exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1749582209-792498010-115850160-1001\$RJVYHYH.exe (PUP.Optional.InstallCore) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1749582209-792498010-115850160-1001\$RRO3WTM.exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\temp\000.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\temp\ScorpionSaver.msi (Adware.Adpeak) -> Quarantined and deleted successfully.
C:\temp\t.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Local\Temp\is1590112554\1893071_stp\JumpFlipSetup.exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Users\Abigail\Downloads\FFSetup3.1.0-oc-jd.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Abigail\Downloads\Setup.exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Users\Abigail\Local Settings\Temporary Internet Files\Content.IE5\G1PI60BG\Setup[1].exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\77f5b75.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\Installer\a6b74.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\JumpFlip.ico (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\JumpFlipUninstall.exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\sqlite3.exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\updateJumpFlip.InstallState (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Roaming\DigitalSites\UpdateProc\config.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Roaming\DigitalSites\UpdateProc\prod.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Local\WordOv\eula.txt (PUP.Optional.WordOV) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Local\WordOv\.build (PUP.Optional.WordOV) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Local\WordOv\.user (PUP.Optional.WordOV) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Local\WordOv\temp.dat (PUP.Optional.WordOV) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Local\WordOv\uninst.exe (PUP.Optional.WordOV) -> Quarantined and deleted successfully.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\Temp\AdpeakProxy.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\Windows\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.
C:\Users\Abigail\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Abigail\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.

(end)



#4 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,049 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:36 AM

Posted 30 December 2013 - 06:01 PM

 
 

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

Then :: (This is a time consuming scan...2 Hours + is not unusual )

 

Please scan your computer with ESET Online Scanner
Disable active Antivirus and Antimalware programs How To Temporarily Disable Your Anti-virus
This scan is best performed with Internet Explorer, as it uses ActiveX
If you will not use Internet Explorer, then please read item 3 in this post
1 - Open Internet Explorer and hold down Control (Ctrl) key and click on This Link  to open ESET OnlineScan in a new window.
2 - Click the ESET Online Scanner button.
3 - For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
a - Click on eset.exe  to download the ESET Smart Installer. Save it to your desktop.
b - Double click on the  icon on your desktop.
4 - Check "YES, I accept the Terms of Use."
5 - Click the Start button.
6 - Accept any security warnings from your browser.
7 - Under scan settings, check "Scan Archives" and "Remove found threats"
8 - Click Advanced settings and select the following:
* Scan potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth technology
9 - ESET will then download updates for itself, install itself, and begin scanning your computer.
10 - Please be patient as this will take some time (first time scans are always longer).
11 - When the scan completes, click List Threats
12 - Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
13 - Click the Back button and then Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
If you lose the log it can be found at C:\Program Files\ESET\EsetOnlineScanner\log.txt
If no infections are found then please tell me -
You can ignore any ESET detection of AdwCleaner...it is a false positive detection.

 

Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users