Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Just hello, trying to solve browser hijack by www-search.net


  • Please log in to reply
5 replies to this topic

#1 burns334

burns334

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:03 PM

Posted 10 January 2014 - 10:58 AM

Just saying hello to Bleeping, I'm an IBM Thinkpad guy with many older T43's and T60's.  I'm looking for a solution to a browser hijack by www-search.net, chrome homepage jumps to a page that has Tuvaro plaster across the top with Bing next to a search bar.  I think it came bundled in Youtube downloader from what I have read.  Burns is a nickname as it rhymes with my real last name.  I'm running Xp professional at SP3, I've tried Super anti spyware, Junktool removal, malewarebytes, Hitman pro and read a lot on the web.
 
burns


Mod Edit, Moved from Intro's to Am I Infected ~~ boopme


Edited by burns334, 10 January 2014 - 11:32 AM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 PM

Posted 10 January 2014 - 12:12 PM

Step 1

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

Step 2

 

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3.

 

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and Remove Found Threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    •  
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESET Scan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Step 4.

 

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.


Edited by InadequateInfirmity, 10 January 2014 - 12:34 PM.


#3 burns334

burns334
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:03 PM

Posted 10 January 2014 - 10:32 PM

# AdwCleaner v3.016 - Report created 10/01/2014 at 21:04:07
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : user - USER01-71D7C4D2
# Running from : C:\Documents and Settings\user\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\22\prefs.js ]
 
 
[ File : C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\extensions\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R1].txt - [6949 octets] - [08/01/2014 21:10:40]
AdwCleaner[R2].txt - [1441 octets] - [10/01/2014 20:59:16]
AdwCleaner[R3].txt - [1486 octets] - [10/01/2014 21:03:14]
AdwCleaner[S1].txt - [7114 octets] - [08/01/2014 21:12:19]
AdwCleaner[S2].txt - [1409 octets] - [10/01/2014 21:04:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1469 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by user on Fri 01/10/2014 at 21:07:51.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/10/2014 at 21:12:32.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
C:\Documents and Settings\user\My Documents\Downloads\ccsetup409.exe Win32/Bundled.Toolbar.Google.D application cleaned by deleting - quarantined
C:\Documents and Settings\user\My Documents\Downloads\CodecPackage.exe Win32/InstallCore.BN application cleaned by deleting - quarantined
C:\Documents and Settings\user\My Documents\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D application cleaned by deleting - quarantined
C:\Documents and Settings\user\My Documents\Downloads\tb-free.exe a variant of Win32/TFTPD32.A application cleaned by deleting - quarantined
C:\Documents and Settings\user\My Documents\Downloads\VLC_Media_Player.exe a variant of Win32/Toolbar.Widdit.A application cleaned by deleting - quarantined
C:\Program Files\Common Files\Goobzo\GBUpdate\smci32.dll a variant of Win32/SBWatchman.A application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Common Files\Goobzo\GBUpdate\smfi32.dll a variant of Win32/SBWatchman.A application cleaned by deleting - quarantined
C:\Program Files\Common Files\Goobzo\GBUpdate\smi32.exe a variant of Win32/SBWatchman.A application cleaned by deleting - quarantined
C:\Program Files\EaseUS\Todo Backup\bin\PxeServer.dll a variant of Win32/TFTPD32.A application cleaned by deleting - quarantined
C:\Program Files\Uninstaller\Uninstall.exe MSIL/DomaIQ.A application cleaned by deleting - quarantined
C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D application cleaned by deleting - quarantined
Operating memory a variant of Win32/SBWatchman.A application contained infected files
 
MiniToolBox by Farbar  Version: 18-12-2013
Ran by user (administrator) on 10-01-2014 at 22:32:01
Running from "C:\Documents and Settings\user\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Intel® PRO/1000 PL Network Connection = Local Area Connection (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : user01-71d7c4d2
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Hybrid
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : home
 
 
 
Ethernet adapter Wireless Network Connection:
 
 
 
        Connection-specific DNS Suffix  . : home
 
        Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
 
        Physical Address. . . . . . . . . : 00-18-DE-C9-B3-1D
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.1.2
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.1.1
 
        DHCP Server . . . . . . . . . . . : 192.168.1.1
 
        DNS Servers . . . . . . . . . . . : 192.168.1.1
 
        Lease Obtained. . . . . . . . . . : Friday, January 10, 2014 9:05:27 PM
 
        Lease Expires . . . . . . . . . . : Saturday, January 11, 2014 9:05:27 PM
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Intel® PRO/1000 PL Network Connection
 
        Physical Address. . . . . . . . . : 00-16-41-E0-1A-22
 
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1
 
Name:    google.com
Addresses:  173.194.43.8, 173.194.43.7, 173.194.43.4, 173.194.43.5
 173.194.43.3, 173.194.43.9, 173.194.43.2, 173.194.43.14, 173.194.43.6
 173.194.43.0, 173.194.43.1
 
 
 
Pinging google.com [173.194.43.5] with 32 bytes of data:
 
 
 
Reply from 173.194.43.5: bytes=32 time=21ms TTL=250
 
Reply from 173.194.43.5: bytes=32 time=23ms TTL=250
 
 
 
Ping statistics for 173.194.43.5:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 21ms, Maximum = 23ms, Average = 22ms
 
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109
 
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
 
 
 
Reply from 98.139.183.24: bytes=32 time=27ms TTL=251
 
Reply from 98.139.183.24: bytes=32 time=28ms TTL=251
 
 
 
Ping statistics for 98.139.183.24:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 27ms, Maximum = 28ms, Average = 27ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 18 de c9 b3 1d ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
0x3 ...00 16 41 e0 1a 22 ...... Intel® PRO/1000 PL Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.2  25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      169.254.0.0      255.255.0.0      192.168.1.2     192.168.1.2  20
      192.168.1.0    255.255.255.0      192.168.1.2     192.168.1.2  25
      192.168.1.2  255.255.255.255        127.0.0.1       127.0.0.1  25
    192.168.1.255  255.255.255.255      192.168.1.2     192.168.1.2  25
        224.0.0.0        240.0.0.0      192.168.1.2     192.168.1.2  25
  255.255.255.255  255.255.255.255      192.168.1.2     192.168.1.2  1
  255.255.255.255  255.255.255.255      192.168.1.2               3  1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/10/2014 08:53:26 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.4.304.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
 
Error: (01/10/2014 09:35:39 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
 
Error: (01/10/2014 09:35:39 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
 
Error: (01/10/2014 09:35:39 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
 
Error: (01/10/2014 09:35:39 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
 
System errors:
=============
Error: (01/10/2014 10:01:00 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error: 
%%2147942403
 
Error: (01/10/2014 09:01:00 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error: 
%%2147942403
 
Error: (01/10/2014 06:01:00 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error: 
%%2147942403
 
Error: (01/10/2014 05:53:21 PM) (Source: Dhcp) (User: )
Description: The IP address lease 0.0.0.0 for the Network Card with network address 0018DEC9B31D has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
 
Error: (01/10/2014 05:50:25 PM) (Source: Dhcp) (User: )
Description: The IP address lease 0.0.0.0 for the Network Card with network address 0018DEC9B31D has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
 
Error: (01/10/2014 05:46:49 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
 
Error: (01/10/2014 05:46:49 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
 
Error: (01/10/2014 05:35:46 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 15 minutes.
NtpClient has no source of accurate time.
 
Error: (01/10/2014 05:35:46 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
 
Error: (01/10/2014 05:35:23 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
 
 
Microsoft Office Sessions:
=========================
Error: (01/10/2014 08:53:26 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.4.304.0unspecifiedunspecifiedunspecifiedNILNILNIL
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32)(User: )
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32)(User: )
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32)(User: )
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32)(User: )
 
Error: (01/10/2014 09:35:42 AM) (Source: crypt32)(User: )
 
Error: (01/10/2014 09:35:39 AM) (Source: crypt32)(User: )
 
Error: (01/10/2014 09:35:39 AM) (Source: crypt32)(User: )
 
Error: (01/10/2014 09:35:39 AM) (Source: crypt32)(User: )
 
Error: (01/10/2014 09:35:39 AM) (Source: crypt32)(User: )
 
 
=========================== Installed Programs ============================
 
Access Help (Version: 2.00)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Reader X (10.1.8) (Version: 10.1.8)
Adobe Shockwave Player 12.0 (Version: 12.0.4.144)
AOMEI Partition Assistant Home Edition 5.1.2
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ATI - Software Uninstall Utility (Version: 6.14.10.1022)
ATI Catalyst Control Center (Version: 2.009.0929.1442)
ATI Display Driver (Version: 8.593.100.7-090929a-090748C-Lenovo)
Belarc Advisor 8.3 (Version: 8.3.0.0)
Bonjour (Version: 3.0.0.10)
BorgataPoker
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0929.1443.24574)
Catalyst Control Center Graphics Full Existing (Version: 2009.0929.1443.24574)
Catalyst Control Center Graphics Full New (Version: 2009.0929.1443.24574)
Catalyst Control Center Graphics Light (Version: 2009.0929.1443.24574)
Catalyst Control Center Localization All (Version: 2009.0929.1443.24574)
CCC Help Chinese Standard (Version: 2009.0929.1442.24574)
CCC Help Chinese Traditional (Version: 2009.0929.1442.24574)
CCC Help Dutch (Version: 2009.0929.1442.24574)
CCC Help English (Version: 2009.0929.1442.24574)
CCC Help French (Version: 2009.0929.1442.24574)
CCC Help German (Version: 2009.0929.1442.24574)
CCC Help Italian (Version: 2009.0929.1442.24574)
CCC Help Japanese (Version: 2009.0929.1442.24574)
CCC Help Korean (Version: 2009.0929.1442.24574)
CCC Help Portuguese (Version: 2009.0929.1442.24574)
CCC Help Spanish (Version: 2009.0929.1442.24574)
CCC Help Swedish (Version: 2009.0929.1442.24574)
ccc-core-preinstall (Version: 2009.0929.1443.24574)
ccc-core-static (Version: 2009.0929.1443.24574)
ccc-utility (Version: 2009.0929.1443.24574)
CCleaner (Version: 4.09)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CPUID CPU-Z 1.63.0
DivX Setup (Version: 2.6.1.87)
DMUninstaller
EaseUS Todo Backup Free 6.0 (Version: 6.0)
ESET Online Scanner v3
Full Tilt Poker (Version: 4.65.0.WIN.FullTilt.COM)
GenoPro 2.5.4.1
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
HitmanPro 3.7 (Version: 3.7.8.208)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
iTunes (Version: 11.1.2.32)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Lenovo Patch Utility (Version: 1.3.0.9)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB925673) (Version: 6.00.3888.0)
OpenOffice.org 3.1 (Version: 3.1.9399)
OpenSource Flash Video Splitter 1.0.0.5 (Version: 1.0.0.5)
Power Manager (Version: 5.13)
PowerDVD
Revo Uninstaller 1.94 (Version: 1.94)
Riva FLV Player (Version: 1.0.0000)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
SimpleOCR 3.1
Skins (Version: 2009.0929.1443.24574)
SUPERAntiSpyware (Version: 5.6.1020)
swMSM (Version: 12.0.0.1)
ThinkPad Keyboard Customizer Utility (Version: 1.3.53.0)
ThinkPad Power Management Driver (Version: 1.43)
ThinkPad UltraNav Driver (Version: 15.0.18.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows XP Service Pack 3 (Version: 20080414.031525)
XML Paper Specification Shared Components Pack 1.0
 
========================= Devices: ================================
 
Name: Biometric Coprocessor
Description: Biometric Coprocessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 28%
Total physical RAM: 3070.36 MB
Available physical RAM: 2201.8 MB
Total Pagefile: 2908.76 MB
Available Pagefile: 2226.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.03 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:74.53 GB) (Free:54.8 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\USER01-71D7C4D2
 
Administrator            ASPNET                   Guest                    
HelpAssistant            SUPPORT_388945a0         user                     
 
 
**** End of log ****
 


#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 PM

Posted 10 January 2014 - 11:15 PM

How is the machine now?



#5 burns334

burns334
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:03 PM

Posted 11 January 2014 - 08:29 AM

Gosh, it seems good, I opened lots of windows and no hijack, which program took care of the problem?  ESET or the mini toolbox?  Thanks guys for the quick help



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 PM

Posted 11 January 2014 - 01:08 PM

Eset it would seem.

 

 

 
Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
Now click on "Run" button.
Allow the program to complete its work.
All the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users