Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

remove AVG secure search page


  • Please log in to reply
14 replies to this topic

#1 xbill101

xbill101

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 January 2014 - 05:01 PM

when i open fire fox it opens to my home page,when i click a new tab it opens to AVG secure search page. i have tryd to remove it using uninstall programs,but it's not listed ,also not in f.f.addons,i am running avast, not AVG.i ran awd cleaner didn't find any thing.maybe malware or adware? thanks for info you can give me xbill101



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:04 PM

Posted 23 January 2014 - 05:14 PM

Hello xbill, I moved this to the Am I Infected forum to scan it.

These should get it.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 xbill101

xbill101
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 January 2014 - 05:23 PM

iniToolBox by Farbar  Version: 23-01-2014

Ran by bill (administrator) on 23-01-2014 at 17:21:59

Running from "C:\Users\bill\Desktop\tools"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ==============================

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global icmpredirects=enabled

 

popd

# End of IPv4 configuration

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : bill-PC

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : Home

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : Home

   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet

   Physical Address. . . . . . . . . : 84-2B-2B-BC-3B-B1

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::38b9:3054:7b31:862a%10(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.254.1(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : Thursday, January 23, 2014 5:10:18 PM

   Lease Expires . . . . . . . . . . : Friday, July 16, 2021 8:10:17 AM

   Default Gateway . . . . . . . . . : 192.168.254.254

   DHCP Server . . . . . . . . . . . : 192.168.254.254

   DHCPv6 IAID . . . . . . . . . . . : 243542827

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A4-86-38-84-2B-2B-BC-3B-B1

   DNS Servers . . . . . . . . . . . : 192.168.254.254

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Tunnel adapter isatap.Home:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft 6to4 Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

Server:  MyRouter.Home

Address:  192.168.254.254

Name:    google.com

Addresses:  2607:f8b0:4002:c06::71

   74.125.228.35

   74.125.228.36

   74.125.228.37

   74.125.228.38

   74.125.228.39

   74.125.228.40

   74.125.228.41

   74.125.228.46

   74.125.228.32

   74.125.228.33

   74.125.228.34

 

Pinging google.com [74.125.228.35] with 32 bytes of data:

Reply from 74.125.228.35: bytes=32 time=44ms TTL=51

Reply from 74.125.228.35: bytes=32 time=38ms TTL=51

 

Ping statistics for 74.125.228.35:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 38ms, Maximum = 44ms, Average = 41ms

Server:  MyRouter.Home

Address:  192.168.254.254

Name:    yahoo.com

Addresses:  98.138.253.109

   98.139.183.24

   206.190.36.45

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=62ms TTL=49

Reply from 98.138.253.109: bytes=32 time=70ms TTL=49

Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 62ms, Maximum = 70ms, Average = 66ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 3ms, Maximum = 5ms, Average = 4ms

===========================================================================

Interface List

10...84 2b 2b bc 3b b1 ......Broadcom NetLink ™ Gigabit Ethernet

  1...........................Software Loopback Interface 1

11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter

13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0  192.168.254.254    192.168.254.1     20

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

    192.168.254.0    255.255.255.0         On-link     192.168.254.1    276

    192.168.254.1  255.255.255.255         On-link     192.168.254.1    276

  192.168.254.255  255.255.255.255         On-link     192.168.254.1    276

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link     192.168.254.1    276

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link     192.168.254.1    276

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination      Gateway

  1    306 ::1/128                  On-link

10    276 fe80::/64                On-link

10    276 fe80::38b9:3054:7b31:862a/128

                                    On-link

  1    306 ff00::/8                 On-link

10    276 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)

x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)

x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

System errors:

=============

Error: (01/23/2014 05:11:31 PM) (Source: Service Control Manager) (User: )

Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (01/23/2014 05:10:33 PM) (Source: Service Control Manager) (User: )

Description: The SecureUpdate service failed to start due to the following error:

%%2

 

Error: (01/23/2014 02:54:41 PM) (Source: Service Control Manager) (User: )

Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/23/2014 02:53:41 PM) (Source: Service Control Manager) (User: )

Description: The SecureUpdate service failed to start due to the following error:

%%2

Error: (01/23/2014 11:45:28 AM) (Source: Service Control Manager) (User: )

Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (01/23/2014 11:44:54 AM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.

Error: (01/23/2014 11:44:28 AM) (Source: Service Control Manager) (User: )

Description: The SecureUpdate service failed to start due to the following error:

%%2

 

Microsoft Office Sessions:

=========================

CodeIntegrity Errors:

===================================

  Date: 2012-07-06 18:17:55.195

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2012-07-06 18:17:55.132

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-07-06 18:13:17.355

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2012-07-06 18:13:17.293

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-04-16 16:42:57.657

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2012-04-16 16:42:57.607

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-01-13 06:27:06.689

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2012-01-13 06:27:06.639

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-01-13 03:05:21.348

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2012-01-13 03:05:21.298

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

=========================== Installed Programs ============================

 

64 Bit HP CIO Components Installer (Version: 7.2.8)

7-Zip 9.21 (x64 edition) (Version: 9.21.00.0)

AC3Filter (remove only)

AccelerateTab (Version: 1.4)

Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)

Adobe Flash Player 12 Plugin (Version: 12.0.0.43)

Adobe Reader XI (11.0.02) (Version: 11.0.02)

Advanced SystemCare 7 (Version: 7.1.0)

AIO_CDA_ProductContext (Version: 130.0.365.000)

AIO_CDA_Software (Version: 130.0.365.000)

AIO_Scan (Version: 130.0.365.000)

Akamai NetSession Interface

avast! Free Antivirus (Version: 9.0.2011)

Avidemux 2.6 (Version: 2.6.1.8321)

BitTorrent (Version: 7.8.1.29989)

BufferChm (Version: 130.0.331.000)

BurnAware Free 6.9.1

C6100 (Version: 130.0.365.000)

c6100_Help (Version: 82.0.256.000)

CDBurnerXP (Version: 4.5.1.3868)

CNET TechTracker (Version: 2.0.3)

Consumer In-Home Service Agreement (Version: 2.0.0)

ConvertXtoDVD 4.1.10.348 (Version: 4.1.10.348)

Copy (Version: 130.0.428.000)

D3DX10 (Version: 15.4.2368.0902)

Defraggler (Version: 2.13)

Dell DataSafe Local Backup - Support Software (Version: 9.4.60)

Dell DataSafe Local Backup (Version: 9.4.60)

Dell DataSafe Online (Version: 2.1.19634)

Dell Dock (Version: 2.0)

Dell Edoc Viewer (Version: 1.0.0)

Dell Getting Started Guide (Version: 1.00.0000)

Destinations (Version: 130.0.0.0)

DeviceDiscovery (Version: 130.0.465.000)

DivX Setup (Version: 2.6.1.8)

DocProc (Version: 13.0.0.0)

Driver Booster (Version: 1.2)

ERUNT 1.1j

Fax (Version: 130.0.418.000)

File Type Assistant (Version: 2013.4.8.0)

Foxit Reader (Version: 4.3.1.323)

Free File Viewer 2012 (Version: 2012.10.9.0)

Free Window Registry Repair

Freemake Video Converter version 4.0.1 (Version: 4.0.1)

Gadwin PrintScreen (Version: 4.6)

Google Chrome (Version: 33.0.1750.46)

Google Earth (Version: 7.1.1.1888)

Google Update Helper (Version: 1.3.22.3)

GoToAssist 8.0.0.514

GPBaseService2 (Version: 130.0.371.000)

HP Customer Participation Program 13.0 (Version: 13.0)

HP Imaging Device Functions 13.0 (Version: 13.0)

HP Photosmart All-In-One Driver Software 13.0 Rel. A (Version: 13.0)

HP Photosmart Essential 3.5 (Version: 3.5)

HP Smart Web Printing 4.51 (Version: 4.51)

HP Solution Center 13.0 (Version: 13.0)

HP Update (Version: 4.000.011.006)

HPPhotoGadget (Version: 130.0.282.000)

HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)

HPPhotosmartEssential (Version: 2.04.0000)

HPProductAssistant (Version: 130.0.371.000)

HPSSupply (Version: 130.0.371.000)

Info Center 1.0.0.6 (Version: 1.0.0.6)

Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)

Internet Explorer (Version: 8)

Java 7 Update 21 (64-bit) (Version: 7.0.210)

Java 7 Update 25 (Version: 7.0.250)

Java Auto Updater (Version: 2.1.9.5)

Junk Mail filter update (Version: 15.4.3502.0922)

LittlePPT (Version: 1.0.0)

Mac Blu-ray Player (Version: 1.11.0.0728)

Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)

MarketResearch (Version: 130.0.374.000)

Mesh Runtime (Version: 15.4.5722.2)

Messenger Companion (Version: 15.4.3502.0922)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Office 2010 (Version: 14.0.4763.1000)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)

Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)

Mobipocket Reader 6.2 (Version: 6.2.608)

Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)

Mozilla Maintenance Service (Version: 26.0)

MPC-HC 1.6.4.6052 (64-bit) (Version: 1.6.4.6052)

MSVCRT (Version: 15.4.2862.0708)

MSVCRT_amd64 (Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

Multimedia Card Reader (Version: 1.6.915.87)

My Dell (Version: 3.4.6422.14)

Nero Burning ROM 10 (Version: 10.2.11000.12.100)

Nero Burning ROM 10 (Version: 10.5.10300)

Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)

Nero BurnRights 10 (Version: 4.2.10300.0.102)

Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)

Nero Control Center 10 (Version: 10.2.10600.0.6)

Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)

Nero Core Components 10 (Version: 2.0.17400.8.2)

Nero Update (Version: 1.0.0018)

Network64 (Version: 130.0.572.000)

Notepad++ (Version: 6.3.2)

NovaBench 3.0.4

OCR Software by I.R.I.S. 13.0 (Version: 13.0)

Radialpoint Security Advisor 2.5.15 (Version: 2.5.15)

Radialpoint Servicepoint Dashboard Extensions version 12.11.12.59890 (Version: 12.11.12.59890)

Realtek High Definition Audio Driver (Version: 6.0.1.7083)

Revo Uninstaller 1.95 (Version: 1.95)

Roxio Burn (Version: 1.01)

Scan (Version: 13.0.0.0)

Shop for HP Supplies (Version: 13.0)

Skype Toolbars (Version: 1.0.4051)

Skype™ 5.10 (Version: 5.10.116)

Smart Defrag 3 (Version: 3.0)

SmartWebPrinting (Version: 130.0.457.000)

SMPlayer 0.6.9 (Version: 0.6.9)

SolutionCenter (Version: 130.0.373.000)

Speccy (Version: 1.24)

Status (Version: 130.0.469.000)

Surfing Protection (Version: 1.0)

Toolbox (Version: 130.0.648.000)

TrayApp (Version: 130.0.422.000)

Trixie (Version: 1.0.3)

Uninstall Startup Inspector

UnloadSupport (Version: 11.0.0)

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)

VideoReDo TVSuite Version 4.20.7.635

VLC media player 2.1.2 (Version: 2.1.2)

WebReg (Version: 130.0.132.017)

Weeny Free Video Cutter 1.4

WildTangent Games (Version: 1.0.0.71)

Windows Live Communications Platform (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3502.0922)

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)

Windows Live Installer (Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3502.0922)

Windows Live Mail (Version: 15.4.3502.0922)

Windows Live Mesh (Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)

Windows Live Messenger (Version: 15.4.3502.0922)

Windows Live Messenger Companion Core (Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (Version: 15.4.3502.0922)

Windows Live Photo Common (Version: 15.4.3502.0922)

Windows Live Photo Gallery (Version: 15.4.3502.0922)

Windows Live PIMT Platform (Version: 15.4.3502.0922)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (Version: 15.4.3502.0922)

Windows Live SOXE Definitions (Version: 15.4.3502.0922)

Windows Live UX Platform (Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)

Windows Live Writer (Version: 15.4.3502.0922)

Windows Live Writer Resources (Version: 15.4.3502.0922)

Windstream Diagnostic Tools 3.0.21 (Version: 3.0.21)

Windstream Service Agent 4.1.15 (Version: 4.1.15)

WM Recorder 14

Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 44%

Total physical RAM: 3895.12 MB

Available physical RAM: 2161.02 MB

Total Pagefile: 7788.41 MB

Available Pagefile: 5789.54 MB

Total Virtual: 4095.88 MB

Available Virtual: 3970.95 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:685.79 GB) (Free:555.57 GB) NTFS

========================= Users: ========================================

User accounts for \\BILL-PC

Administrator            bill                     Guest                   

 

**** End of log ****

 



#4 technonymous

technonymous

  • Members
  • 2,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 PM

Posted 23 January 2014 - 07:23 PM

Looks like spyhunter program is causing more problems than it's worth. Being ran from volume3 partition. I would uninstall that or update it.



#5 xbill101

xbill101
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 January 2014 - 07:43 PM

unkware Removal Tool (JRT) by Thisisu

Version: 6.1.0 (01.07.2014:1)

OS: Windows 7 Home Premium x64

Ran by bill on Thu 01/23/2014 at 17:28:53.60

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\bill\appdata\local\filetypeassistant"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 01/23/2014 at 17:34:56.76

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 



#6 xbill101

xbill101
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 January 2014 - 07:53 PM

looked for spyhunter program,can't find it,ithought i uninstalled it a while back.now running ESET.it is  taking a long time to finish.has found 1,win32/adware,yootoo app


Edited by xbill101, 23 January 2014 - 08:02 PM.


#7 xbill101

xbill101
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 January 2014 - 08:03 PM

ran adw cleaner didn't find anything.



#8 xbill101

xbill101
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 January 2014 - 08:35 PM

:\AdwCleaner\Quarantine\C\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\ixr22cyp.default\Extensions\plugin@yontoo.com\content\overlay.js.vir Win32/Adware.Yontoo application cleaned by deleting - quarantined

 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:04 PM

Posted 23 January 2014 - 10:00 PM

In Control Panel Uninstall these

Java 7 Update 21 (64-bit) (Version: 7.0.210)

Java 7 Update 25 (Version: 7.0.250)

Java Auto Updater (Version: 2.1.9.5)

If you see Spyhunter there as I don't see it listed

Next  see How to remove AVG Toolbar, homepage and Secure Search from your browser

 

 

Reboot


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Shivang Goley

Shivang Goley

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:34 AM

Posted 24 January 2014 - 08:36 AM

You can remove it by typing regedit in run, then find avg secure search or try it like this. Then delete them one by one and reboot your computer. I hpoe this helps!!!!



#11 xbill101

xbill101
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 24 January 2014 - 03:47 PM

no avg in regedit.  wen;t to the r AVG page, i don't have the tool bar ,when i click a new tab it opens to AVG secure search page. click on manage search engines ,not listed



#12 xbill101

xbill101
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 24 January 2014 - 04:22 PM

had  an older ver.of f.f in stalled that,then up dated it. the AVG secure search page.is gone, hope it don't come back  .Thanks for all the help.you are a good grope !!



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:04 PM

Posted 24 January 2014 - 04:35 PM

AVG Security Toolbar and AVG Secure Search (created by the makers of AVG Anti-virus) are optional add-ons when installing their anti-virus product if you choose "Customized" install instead of "Express". Since most folks choose an Express install they usually are not aware these options are also being installed since they are pre-checked by default during installation. Some users have also reported that when AVG auto-updates, it will install the toolbar as a Firefox add-on without input from the user.

AVG Security Toolbar and AVG Secure Search are also commonly bundled as an option with other free software users may download and install. Many folks overlook that option since it is pre-checked by default and they unknowingly install it. For example, the toolbar is bundled with PDFCreator.

So even if you decline the option to use these add-ons when installing AVG anti-virus, you may still end up with them at some later date by unknowingly downloading and installing another program where they have been bundled. This also explains how those who never used AVG anti-virus also sometimes find AVG Secure Search and the Security Toolbar installed.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 xbill101

xbill101
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 24 January 2014 - 07:01 PM

Thanks for the  above info,and the reply.



#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:04 PM

Posted 24 January 2014 - 07:10 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users