Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Audio ads on every web page & upload chrome crashes


  • This topic is locked This topic is locked
35 replies to this topic

#1 Imberpr

Imberpr

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 06 March 2014 - 12:11 AM

Hi, I have two issues that I've attempted to fix from your current customer threads but they're not working.
#1 I am seeing audio ads that are playing in videos looping constantly with no option to pause/delete. Sometimes I can't see a video ad but can hear it. I tried the malware download but it's not fixing the issue.
#2 I cannot upload on Google chrome. I don't have norton antivirus and installed microsoft security essentials but it's not solved the issue.
 
Look forward to hearing :)

Edit: Moved topic from Windows Vista to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:44 PM

Posted 06 March 2014 - 06:32 AM

Hello Imberpr  and Welcome -

 

First Uninstall Google Chrome and use Internet Explorer for this (directions below)

We can re-install Chrome later, once this is checked (if you wish)

 

Windows Vista/ Windows 7/ Windows 8
1.Close all Chrome windows and tabs.
2.Go to the Start menu > Control Panel.
3.Click Programs and Features.
4.Double-click Google Chrome.
5.Click Uninstall from the confirmation dialog.
If you want to delete your user profile information, like your browser preferences, bookmarks, and history, select the "Also delete your browsing data" checkbox.

 

You should have Internet Explorer 9 or 10 installed  on your system

 

 

Now -
Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

Next -
Download MiniToolBox, Save it to your desktop to run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
Click Go and copy / paste the result (Result.txt) from your desktop

 

 

Next -
Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them.
You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE.-  rKill.txt log will also be present on your desktop.

 

 

Next -

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan (only once)
  • Review the list of items that will be removed
  • Next : Click on Clean (only once) to remove the list of infections
  • Confirm each time with OK, then OK
  • NOTE :Your computer will be rebooted. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[S0].txt as well.

 

Next -

Download Malwarebytes' Anti-Malware Free (aka MBAM)
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Full Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* NOTE : Be sure that everything found is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
Be sure to reboot the computer if required after you post the log.
The latest version of the program now scans archive files which were previously not scanned.



#3 Imberpr

Imberpr
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 06 March 2014 - 12:41 PM

Ok, i'll do this today and update you. Quick question, by unstalling Chrome, won't that remove/delete my bookmarks? I backed it up as an html but just double checking at your end. If you could let me know. Thanks!

#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:44 PM

Posted 06 March 2014 - 05:29 PM

According to Google Chrome forum -

If you want to delete your user profile information, like your browser preferences, bookmarks, and history, select the "Also delete your browsing data" checkbox.

Otherwise your Bookmarks / Favorites will remain -

 

I was going to post on removal of all Extensions / Add-ons / Etc, but a clean install of the program is better.



#5 Imberpr

Imberpr
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 06 March 2014 - 06:02 PM

This is from Security Check

 

 Results of screen317's Security Check version 0.99.80 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
AntiVir Desktop                
 Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner    
 Java™ 6 Update 26 
 Java™ SE Runtime Environment 6
 Java version out of Date!
 Adobe Flash Player  12.0.0.70 
 Adobe Reader 8 Adobe Reader out of Date!
 Adobe Reader 10.1.9 Adobe Reader out of Date! 
 Mozilla Firefox (27.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1 %
````````````````````End of Log``````````````````````
 

 

Working on the others now



#6 Imberpr

Imberpr
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 06 March 2014 - 06:05 PM

This is from Mini Tool Box

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Imberpr (administrator) on 06-03-2014 at 15:04:00
Running from "C:\Users\Imberpr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0P0DPE7U"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/06/2014 02:51:10 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: b44
Start Time: 01cf390f128fc0dd
Termination Time: 0

Error: (03/06/2014 02:42:44 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\IMBERPR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\696ADPY4.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/06/2014 02:42:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\IMBERPR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\696ADPY4.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/06/2014 02:42:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\IMBERPR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\696ADPY4.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/06/2014 02:42:29 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\IMBERPR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\696ADPY4.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/06/2014 02:42:24 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\IMBERPR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\696ADPY4.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/06/2014 02:42:22 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\IMBERPR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\696ADPY4.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/06/2014 01:28:51 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\IMBERPR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\696ADPY4.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/06/2014 01:28:50 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\IMBERPR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\696ADPY4.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (03/06/2014 01:28:49 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\IMBERPR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\696ADPY4.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

System errors:
=============
Error: (03/06/2014 01:44:50 AM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.2 for the Network Card with network address 001AA0FEC03D has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/06/2014 01:44:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 0.0.0.0

 Update Source: %NT AUTHORITY51

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (03/06/2014 01:44:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.167.1218.0

 Update Source: %NT AUTHORITY51

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (03/06/2014 01:44:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.167.1218.0

 Update Source: %NT AUTHORITY51

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (03/06/2014 01:44:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.167.1218.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (03/06/2014 00:45:45 AM) (Source: DCOM) (User: )
Description: {F79A1568-D6C5-4C69-A086-936CF52DBBE3}

Error: (03/06/2014 00:30:10 AM) (Source: Service Control Manager) (User: )
Description: Crypkey License1

Error: (03/06/2014 00:30:03 AM) (Source: Service Control Manager) (User: )
Description: Dell Wireless WLAN Tray Service1

Error: (03/05/2014 11:45:21 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (03/05/2014 11:40:36 PM) (Source: Service Control Manager) (User: )
Description: avipbb
vsdatant

Microsoft Office Sessions:
=========================
Error: (03/04/2014 10:46:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 436977 seconds with 28680 seconds of active time.  This session ended with a crash.

Error: (11/21/2013 07:31:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 188 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (11/21/2013 07:28:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 292 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (11/21/2013 07:22:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 296331 seconds with 36360 seconds of active time.  This session ended with a crash.

Error: (10/09/2013 06:38:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 94 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (03/17/2013 08:49:37 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 168 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (03/17/2013 08:46:36 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 244849 seconds with 9120 seconds of active time.  This session ended with a crash.

Error: (02/14/2013 08:29:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1000 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/14/2013 08:12:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 36913 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (01/30/2013 06:00:32 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 151142 seconds with 14160 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2013-04-11 14:52:06.801
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Seagate Backup\HEDDICUNDLE\D\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-11 14:52:06.208
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Seagate Backup\HEDDICUNDLE\D\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-11 14:52:05.706
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Seagate Backup\HEDDICUNDLE\D\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-11 14:52:05.288
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Seagate Backup\HEDDICUNDLE\D\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-11 14:51:52.205
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Seagate Backup\HEDDICUNDLE\D\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-11 14:51:51.451
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Seagate Backup\HEDDICUNDLE\D\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-11 14:51:50.875
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Seagate Backup\HEDDICUNDLE\D\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-11 14:51:50.422
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Seagate Backup\HEDDICUNDLE\D\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-11 14:48:20.518
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-11 14:48:20.107
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 2.1.5)
7-Zip 4.65
Access Drivers (Version: 2.8)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Download Manager 2.0 (Remove Only) (Version: 2.0)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.70)
Adobe Flash Player 12 Plugin (Version: 12.0.0.70)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.9) (Version: 10.1.9)
Adobe® Photoshop® Album Starter Edition 3.0 (Version: 3.00.000)
Adolix Split and Merge PDF v2.1
Advanced Audio FX Engine
Advanced Video FX Engine
Akamai NetSession Interface Service
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20030807.3)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AutoUpdate (Version: 1.1)
AVG 2012 (Version: 12.0.2082)
Banctec Service Agreement (Version: 1.00.00)
Banctec Service Agreement (Version: 1.10.0000)
Bonjour (Version: 3.0.0.10)
Broadcom Management Programs (Version: 10.15.01)
Browser Address Error Redirector (Version: 1.00.0000)
BTOffer (Version: 1.00.0000)
BufferChm (Version: 100.0.170.000)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
CCleaner (Version: 3.22)
CDDRV_Installer (Version: 4.24.15)
Citrix Online Launcher (Version: 1.0.162)
Conexant HDA D330 MDC V.92 Modem
Copy (Version: 100.0.170.000)
CustomerResearchQFolder (Version: 1.00.0000)
Deal Info (Version: 2005.2.118.0)
Dell DataSafe Online (Version: 1.0.15)
Dell Digital Jukebox Driver
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Networking Guide (Version: 1.00.0001)
Dell Solution Center (Version: 1.00.0000)
Dell Support Center (Version: 1.0.07192)
Dell System Customization Wizard (Version: 1.00.0000)
Dell System Restore (Version: 2.00.0000)
Dell Touchpad (Version: 7.1.101.8)
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card (Version: 4.102.15.61)
DellSupport (Version: 6.0.3075)
deskPDF 2.5 Standard Edition
deskUNPDF 2
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 110.0.180.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Camera Driver
Digital Line Detect (Version: 1.21)
DivX Content Uploader (Version: 1.1.0)
DJ_AIO_03_F2200_ProductContext (Version: 100.0.215.000)
DJ_AIO_03_F2200_Software (Version: 100.0.206.000)
DJ_AIO_03_F2200_Software_Min (Version: 100.0.213.000)
Docudesk GPL Ghostscript 8.15
EarthLink Accelerator (Version: 5.0.1.1054)
EarthLink FastLane (Version: 5.5.100.115)
EarthLink MailBox (Version: 2005.2.108.0)
EarthLink Setup Files (Version: 2003.3.84.0)
EarthLink Software (Version: 2005.2.118.0)
EarthLink Toolbar (Version: 2.2.59.0)
EarthLink Wireless High Speed (Version: 1.4.1221)
eFax Messenger 4.3 (Version: 4.3)
EPSON Scan
EPSON Stylus SX100_TX100 Manual
EPSON SX100 Series Printer Uninstall
eSupportQFolder (Version: 1.00.0000)
F2200 (Version: 100.0.206.000)
F2200_Help (Version: 100.0.206.000)
Feedback Tool (Version: 1.1.0)
FriendBackup
Games, Music, & Photos Launcher (Version: 1.00.0000)
Google Calendar Sync
Google Drive (Version: 1.14.6059.644)
Google Talk Plugin (Version: 5.1.4.17398)
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer (Version: 4.0.0.002)
Google Update Helper (Version: 1.3.22.5)
Google Updater (Version: 2.4.2432.1652)
GoToAssist Corporate (Version: 9.1.0.615)
GoToMeeting 6.0.0.1259 (Version: 6.0.0.1259)
GPBaseService (Version: 100.0.187.000)
GPBaseService2 (Version: 130.0.371.000)
Help and Support Customization (Version: 1.00.0000)
HitmanPro 3.7 (Version: 3.7.9.212)
HP Customer Participation Program 10.0 (Version: 10.0)
hp deskjet 5100 series
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 (Version: 10.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
hp print screen utility
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.002.005.003)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 100.0.170.000)
HyperCam 2 (Version: 2.27.00)
Infuzer
Intel® 537EP V9x DF PCI Modem
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Internet Explorer Default Page (Version: 1.00.03)
InterVideo MediaOne Gallery
iTunes (Version: 11.0.4.4)
J2SE Runtime Environment 5.0 (Version: 1.5.0)
Jasc Paint Shop Photo Album (Version: 4.0.3)
Jasc Paint Shop Pro 8 Dell Edition (Version: 8.10.0000)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
KhalInstallWrapper (Version: 2.00.0000)
KhalInstallWrapper (Version: 4.24.99)
Lagarith lossless video codec (Remove Only)
Laptop Integrated Webcam Driver (1.03.02.0719) 
Learn2 Player (Uninstall Only)
Licensing Resources
Live! Cam Avatar Creator (Version: 4.5.3104.1)
Live! Cam Avatar v1.0 (Version: 1.0)
LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 100.0.170.000)
MaxBulk Mailer 8.1.1
MediaDirect (Version: 4.7)
MediaWidget 6.0
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2003 (Version: 11.0.8305.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XML Parser (Version: 8.20.8730.4)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.0.0)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.4.0)
Modem Diagnostic Tool (Version: 1.0.20.0)
Modem Event Monitor
Modem Helper (Version: 2.25)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Device Manager (Version: 2.3.4)
Motorola Device Software Update (Version: 12.10.3002)
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0)
Move Networks Media Player for Internet Explorer
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1)
Mozilla Maintenance Service (Version: 27.0.1)
MSVCSetup (Version: 1.00.0000)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NetWaiting (Version: 2.5.44)
NVIDIA Drivers
Octoshape Streaming Services
ODIR
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OutlookAddinSetup (Version: 1.0.0)
PCmover (Version: 3.00.590.0)
Picasa 3 (Version: 3.9)
Pidgin (Version: 2.10.0)
Pocket RAR documentation
Product Documentation Launcher (Version: 1.00.0000)
PSSWCORE (Version: 2.02.0000)
QuickSet (Version: 8.2.14)
QuickTime (Version: 7.74.80.86)
Redistributed Files (Version: 2.0.46.0)
Revo Uninstaller Pro 2.5.5 (Version: 2.5.5)
Rosetta Stone Version 3 (Version: 3.4.3.0)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio Media Manager (Version: 9.4.042)
Roxio Update Manager (Version: 6.0.0)
SalesVoice 6.0 (Shared Components) (Version: 2.70.0)
Scan (Version: 10.0.0.0)
Seagate Manager Installer (Version: 2.01.0076)
Seagate Manager Installer (Version: 2.01.0600)
Seesmic for Windows (Version: 0.6.1.40)
SendSpace Wizard (Version: 1.1.44 beta)
SideStep
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.14 (Version: 6.14.104)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Sonic Activation Module (Version: 1.0)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Spotify (Version: 0.8.4.124.ga3559d86)
Status (Version: 110.0.180.000)
SymNet (Version: 8.0.2.6)
Toolbox (Version: 100.0.170.000)
TotalAccess Core Applications (Version: 2005.2.118.0)
TrayApp (Version: 110.0.180.000)
TweetDeck (Version: 0.21.5)
UnloadSupport (Version: 10.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Windows XP (KB835409) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB908531) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
User's Guides
VideoToolkit01 (Version: 100.0.128.000)
Visual C++ 8.0 ATL (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
WebEx
WebFldrs XP (Version: 9.50.6513)
WebReg (Version: 100.0.170.000)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Media Format Runtime
Windows XP Hotfix - KB817611 (Version: 20030716.082127)
Windows XP Hotfix - KB823182 (Version: 20030724.164017)
Windows XP Hotfix - KB825119 (Version: 20030828.113916)
Windows XP Hotfix - KB826939 (Version: 20030902.222348)
Windows XP Hotfix - KB826942 (Version: 20031007.111255)
Windows XP Hotfix - KB826959 (Version: 20030813.115729)
Windows XP Hotfix - KB828035 (Version: 20031021.165228)
Windows XP Hotfix - KB828741 (Version: 20040305.182309)
Windows XP Hotfix - KB835732 (Version: 20040329.175541)
Windows XP Hotfix - KB837001 (Version: 20040317.230926)
Windows XP Hotfix - KB842773 (Version: 20040805.140010)
Windows XP Hotfix - KB873339 (Version: 20041117.094106)
Windows XP Hotfix - KB885835 (Version: 20041027.181751)
Windows XP Hotfix - KB885836 (Version: 20041028.161024)
Windows XP Hotfix - KB888302 (Version: 20041207.112156)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.171604)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
Xobni Core (Version: 1.0.0)
Yahoo! Music Jukebox (Version: 2.1.1.013)
YouSendIt Express (Version: 2.11.2)
Zoom (Version: 2.0)

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 2045.45 MB
Available physical RAM: 538.48 MB
Total Pagefile: 4980.73 MB
Available Pagefile: 2812.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.06 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:136.47 GB) (Free:51.71 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.16 GB) NTFS
4 Drive f: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:25.88 GB) NTFS

========================= Users: ========================================

User accounts for \\HEDDICUNDLE

Administrator            ASPNET                   Guest                   
HelpAssistant            Imberpr                  SUPPORT_388945a0        
SUPPORT_3f151ab9        

**** End of log ****



#7 Imberpr

Imberpr
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 06 March 2014 - 06:08 PM

This is from RKill

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/06/2014 03:05:27 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * C:\Windows\System32\clipsrv.exe : 30,720 : 08/29/2002 02:00 AM : 08ebc742345ab7ef2ec29bc92d6d33dd [NoSig]
 +-> C:\Windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\clipsrv.exe : 33,280 : 08/03/2004 11:56 PM : c8dec22c4137d7a90f8bdf41ca4b82ae [Pos Repl]

 * C:\Windows\System32\eventlog.dll : 49,152 : 08/29/2002 02:00 AM : bf3c8cf53c77b48206b39910b6d6cbcc [NoSig]
 +-> C:\Windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\eventlog.dll : 55,808 : 08/03/2004 11:56 PM : 82b24cb70e5944e6e34662205a2a5b78 [Pos Repl]

 * C:\Windows\System32\msgsvc.dll : 32,256 : 10/21/2003 02:06 PM : 41c5f3b926942ebdd35c6bf4154fe5f8 [NoSig]
 +-> C:\Windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msgsvc.dll : 33,792 : 08/03/2004 11:56 PM : 95fd808e4ac22aba025a7b3eac0375d2 [Pos Repl]

 * C:\Windows\System32\mspmsnsv.dll : 25,088 : 08/11/2004 00:45 AM : a477391b7a8b0a0daabadb17cf533a4b [NoSig]
 +-> C:\Windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll : 25,088 : 08/11/2004 00:45 AM : a477391b7a8b0a0daabadb17cf533a4b [Pos Repl]
 +-> C:\Windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll : 52,224 : 11/26/2002 04:03 PM : 36678803a8030ee9a771935cfc1848bd [Pos Repl]
 +-> C:\Windows\RegisteredPackages\{A0000BA0-97AD-43FB-8A05-3542C3AB99CD}\mspmsnsv.dll : 52,224 : 11/26/2002 04:03 PM : 36678803a8030ee9a771935cfc1848bd [Pos Repl]
 +-> C:\Windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mspmsnsv.dll : 52,224 : 08/03/2004 11:56 PM : c086483e3dba8c1c0a687ec8d5b3d4c1 [Pos Repl]

 * C:\Windows\System32\ntmssvc.dll : 392,704 : 08/29/2002 02:00 AM : aac49ef5c84a2ebd7409a51a1b65c542 [NoSig]
 +-> C:\Windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ntmssvc.dll : 435,200 : 08/03/2004 11:56 PM : b62f29c00ac55a761b2e45877d85ea0f [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6000.16386_none_0c076ff411279f33\ntmssvc.dll : 460,288 : 11/02/2006 04:36 AM : 957cc0f372bb5d79c477363952276859 [Pos Repl]
 +-> C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmssvc.dll : 460,288 : 01/18/2008 11:35 PM : a7dff9642d510be1eec6664cd0369953 [Pos Repl]

 * C:\Windows\System32\oakley.dll : 257,536 : 05/14/2006 01:13 AM : 7a08bb7c529b62bb8d912e59a17d97d5 [NoSig]
 +-> C:\Windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\oakley.dll : 266,752 : 08/03/2004 11:56 PM : a76128be63eea6a3af521a0576d3ebf7 [Pos Repl]
 +-> C:\Windows\System32\DLLCACHE\oakley.dll : 257,536 : 05/14/2006 01:13 AM : 7a08bb7c529b62bb8d912e59a17d97d5 [Pos Repl]

 * C:\Windows\System32\sfcfiles.dll : 1,157,632 : 08/29/2002 02:00 AM : 2564949dbe5f643f50913bbe45d346e2 [NoSig]
 +-> C:\Windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sfcfiles.dll : 1,580,544 : 08/03/2004 11:56 PM : 30a609e00bd1d4ffc49d6b5a432be7f2 [Pos Repl]

 * C:\Windows\System32\srsvc.dll : 158,720 : 08/29/2002 02:00 AM : 38e9cfac7881435764051fd7b1f010fb [NoSig]
 +-> C:\Windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\srsvc.dll : 170,496 : 08/03/2004 11:56 PM : 92bdf74f12d6cbec43c94d4b7f804838 [Pos Repl]

Checking HOSTS File:

 * No issues found.

Program finished at: 03/06/2014 03:07:30 PM
Execution time: 0 hours(s), 2 minute(s), and 2 seconds(s)



#8 Imberpr

Imberpr
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 06 March 2014 - 06:17 PM

This is from AdwCleaner

 

# AdwCleaner v3.020 - Report created 06/03/2014 at 15:10:23
# Updated 27/02/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Imberpr - HEDDICUNDLE
# Running from : C:\Users\Imberpr\Desktop\AntiVirus\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Windows\System32\Tasks\NCH Software

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Imberpr\AppData\Roaming\Mozilla\Firefox\Profiles\696adpy4.default\prefs.js ]

[ File : C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\9yq6k1l8.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Imberpr\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [69430 octets] - [04/03/2014 12:55:22]
AdwCleaner[R1].txt - [1225 octets] - [06/03/2014 15:09:12]
AdwCleaner[S0].txt - [70411 octets] - [04/03/2014 12:57:04]
AdwCleaner[S1].txt - [1152 octets] - [06/03/2014 15:10:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1212 octets] ##########



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:44 PM

Posted 06 March 2014 - 07:27 PM

Please uninstall one of these, as 2 Antivirus prograns will cause problems (ask if you need help)
Microsoft Security Essentials 
I would think that AntiVir is the problem if one needs to be removed.
AntiVir Desktop  Antivirus out of date! (On Access scanning disabled!)

 

 

Java™ 6 Update 26
Java™ SE Runtime Environment 6 Java version out of Date!
Delete both of these old versions of Java, and if you do want to update here is the current version.
Version 7 Update 51 is current at this time
Do not accept any Add-ons or offers with the download, as these are just advertising.

 

 

Update Adobe Reader Here and delete any old versions from Programs and Features -
Again, untick the offer for Chrome install at this time, as it is only an Advertising version.

 

 

You may also have corrupted files.  You use the System File Checker tool (SFC.exe) to check and fix system corrupted files.  To do this, follow these steps:

1. Open an elevated command prompt. To do this, click Start Orb > All Programs > Accessories > Find and Right-click Command Prompt, and then click Run as administrator (Important). If you are prompted for an administrator password or for a confirmation, type the password, or click Allow.
2. Type the following command, sfc /scannow and then press ENTER:
Note the space between c and / as it must be there.
The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions.
This should take (on average) 20 minutes at most to run a scan unless it finds problems.
If this is a laptop, make sure it is connected to a reliable power source.
Please run this program Twice with a Reboot between each run.

Make a note if errors are found (mainly in the first run)

 

 

I will post more later -



#10 Imberpr

Imberpr
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 06 March 2014 - 07:48 PM

Great! I'm still waiting for Malwarebyte to complete - it's found 4 objects so far. Asap it's completed and I've sent you the update, I'll work on the above. Really appreciate this :)



#11 Imberpr

Imberpr
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 07 March 2014 - 12:44 PM

This is from MBam - took around 15 hours to do. Working on the 2nd part now

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.06.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Imberpr :: HEDDICUNDLE [administrator]

3/6/2014 3:30:22 PM
mbam-log-2014-03-06 (15-30-22).txt

Scan type: Full scan (C:\|D:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 1329426
Time elapsed: 17 hour(s), 58 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 26
C:\Program Files\Shop to Win 36 (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\common (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\common\proppage (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\widgets (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\msgboxplugin (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\css (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\widgets (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\searchcomponent (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\weatherplugin (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\weatherplugin\proppage (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\util (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.

Files Detected: 208
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\ExtensionUpdaterService.exe.vir (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Uninstall Information\ib_uninst_538\uninstall.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files\Uninstall Information\ib_uninst_566\uninstall.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Users\Imberpr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\94X5W510\sdpupdater[1].exe (PUP.Optional.FilesFrog.A) -> Quarantined and deleted successfully.
C:\Users\Imberpr\AppData\Local\Temp\sdpupdater.exe (PUP.Optional.FilesFrog.A) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\C\Program Files\Uninstall Information\ib_uninst_538\uninstall.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\C\Program Files\Uninstall Information\ib_uninst_566\uninstall.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\C\Users\Imberpr\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 (PUP.Optional.Installex) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\rlls.dll (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\rlls.dl_ (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\rlls64.dll (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\rlph.dll (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\rlservice.exe (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\rlservice.ex_ (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\rlvknlg.exe (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\rlvknlg64.exe (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\rlxf.dll (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\components\rlxg.dll (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\RelevantKnowledge\firefox\rlnx.dll (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\Updater By Smilebox\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\Web Assistant\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Program Files\Web Assistant\is-6QISP.tmp (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.332.1_0\plugins\rlcm.dll (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 (PUP.Optional.Installex) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\AppData\Roaming\Smilebox\sbtb_install.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\facebook_com_orcacommunications.zip.crdownload (Trojan.Pirminay) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\TVSetup.exe (PUP.Optional.Inbox) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\CoolAVIToWAVConverterSetup.exe (PUP.Adware.RKN) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\DownloadManager.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\HC2Setup(1).exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\HC2Setup(2).exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\HC2Setup.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\iLividSetupV1(1).exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\iLividSetupV1.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level2\C\Users\Imberpr\Downloads\setup.exe (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level3\C\Program Files\RelevantKnowledge\rlls.dll (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level3\C\Program Files\RelevantKnowledge\rlservice.exe (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level3\C\Program Files\RelevantKnowledge\rlvknlg.exe (PUP.Optional.RelevantKnowledge) -> Quarantined and deleted successfully.
F:\Seagate Backup\HEDDICUNDLE\History\Level3\C\Program Files\Web Assistant\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\bookmarksplugin.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\emailchecker.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\msgboxplugin.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\radioplugin.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\rssreader.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\searchcomponent.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\weatherplugin.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\drag-drop-folder-tree.css (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\drag-drop-folder-tree.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\dummy.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\editDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\importDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\labelDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\manageDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\menuarrow.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\removeDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\bookmark_on.bmp (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\context-menu-gradient.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\dhtmlgoodies_folder.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\dhtmlgoodies_minus.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\dhtmlgoodies_plus.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\dhtmlgoodies_sheet.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\dragDrop_ind1.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\dragDrop_ind2.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\folder_close.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\folder_dots.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\folder_folder.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\folder_lastsub.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\folder_open.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\bookmarksplugin\proppage\images\folder_sub.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\common\proppage\container.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\common\proppage\loading.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\accountDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\configure.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\pwdDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\widgets\jscompatibilitylib.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\widgets\jsgeneral.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\widgets\jsimage.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\widgets\jslabel.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\widgets\jslistview.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\widgets\jslistviewitem.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\widgets\jsstyle.css (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\emailchecker\proppage\widgets\jstranslation.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\msgboxplugin\bubble.xsl (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\msgboxplugin\popup.xsl (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\ui-vol.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\ui.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\css\boxsizing.htc (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\css\winclassic.css (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_stop_over.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\audio.bmp (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_dropdwn_down.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_dropdwn_over.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_dropdwn_up.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_max_down.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_max_over.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_max_up.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_min_down.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_min_over.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_min_up.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_pause_down.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_pause_over.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_pause_up.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_playcntrl_over.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_playcntrl_up.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_play_down.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_play_over.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_play_up.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_stop_down.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_stop_up.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_volcntrl_over.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\btn_volcntrl_up.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\efolder.bmp (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\equalizer.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\equalizer_loading.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\folder.bmp (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\podcast.bmp (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\radio.bmp (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\radio.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\radio_minimalized.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\radio_minimalized_old.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\radio_old.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\volslide_bg.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\vol_01.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\vol_02.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\images\vol_03.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\js\range.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\js\slider.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\js\timer.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\drag-drop-folder-tree.css (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\drag-drop-folder-tree.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\folderDeleteDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\folderEditDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\mediaAddDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\mediaEditDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\mediaSearchDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\optionsDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\tabctrl.css (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\tabctrl.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\context-menu-gradient.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\dhtmlgoodies_folder.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\dhtmlgoodies_minus.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\dhtmlgoodies_plus.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\dhtmlgoodies_sheet.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\dragDrop_ind1.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\dragDrop_ind2.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\dummy.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\folder.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\folder_close.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\folder_dots.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\folder_folder.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\folder_lastsub.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\folder_open.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\folder_sub.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\itemAudio.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\itemPodcast.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\images\itemRadio.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\widgets\jscompatibilitylib.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\widgets\jsgeneral.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\widgets\jsimage.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\widgets\jslabel.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\widgets\jslistview.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\widgets\jslistviewitem.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\widgets\jsstyle.css (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\radioplugin\proppage\widgets\jstranslation.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\atom2rss.xsl (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\rdf2rss.xsl (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\transform.xsl (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\channelEditDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\configureDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\drag-drop-folder-tree.css (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\drag-drop-folder-tree.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\folderDeleteDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\folderEditDlg.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\context-menu-gradient.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\dhtmlgoodies_folder.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\dhtmlgoodies_minus.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\dhtmlgoodies_plus.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\dhtmlgoodies_sheet.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\dragDrop_ind1.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\dragDrop_ind2.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\feed.bmp (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\folder.bmp (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\folder_close.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\folder_dots.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\folder_folder.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\folder_lastsub.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\folder_open.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\rssreader\proppage\images\folder_sub.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\searchcomponent\defsearch.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\searchcomponent\droparrow.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\searchcomponent\droparrow_over.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\searchcomponent\logoyahoo.bmp (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\searchcomponent\menuarrow.gif (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\searchcomponent\transform.xsl (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\searchcomponent\ui-ac.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\searchcomponent\ui.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\weatherplugin\bubble.xsl (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\weatherplugin\dummy.png (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\weatherplugin\proppage\search_location.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\res\weatherplugin\proppage\settings.html (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\util\commalist.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\util\commands.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\util\consts.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\util\dialogs.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\util\json.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.
C:\Program Files\Shop to Win 36\js_components\util\utils.js (PUP.Optional.ShopToWin.A) -> Quarantined and deleted successfully.

(end)



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:44 PM

Posted 07 March 2014 - 03:21 PM

This is why the MBAM scan took so long.

Files Detected: 208
Folders Detected: 26
Registry Keys Detected: 1

 

You (or someone) tends to click on many of the advertising links, and get caught in a loop with advertising and tracking programs constantly infesting your computer.
These may have been there for quite a while now, as the dates are never listed.

 

"ShopToWin.A" is just another advertising group that track your key strokes to find what you do online.

Once you are infested with over 200 instances of these programs it is time to stop your actions.

 

Even the best Antivirus programs will not stop them, so you must try and clean them up.

From now on, you MUST Update and Run this program at least once every week.
The tracking companies know your every move, and feed you pop-up advertising even if you have not noticed it.

 

Now :Open AdwCleaner program, but this time hit the Uninstall button to remove the program.
This also removes any items in the quarantine area of the program -
Note : This is a use once and Dispose tool, as it can not be updated, just reinstalled.

 

 

Check that installed System Files are intact.

Run System File Check from an Elevated Command Prompt
1 Open Elevated Command Prompt as per directions
2 Type sfc /scannow and press Enter (note the space between c and / it must be there)
3 This should not take longer than 20 minutes to finish
4 NOTE : Do not touch the keyboard while this is running.

If this is a laptop, make sure it is plugged into a reliable power source.

Make a note if the program stalls for more than 5 minutes or lists problems at the end.



#13 Imberpr

Imberpr
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 07 March 2014 - 03:25 PM

Hi, so i'm still at stage 3 trying to unistall Java etc. Once I've done the 3rd step, I'll do the new run through you just posted. I never touch ads at all - but I think i got a virus that caused these ads to run...so the past 4 days I've been clicking the ads to remove them. That's caused the error. Prior to this, I never touched ads.I'll keep you posted when I've done step 3 (the java etc message) and step 4 (the new one). Still trying to uninstall Java - taking time. Thank you and update you shortly!!



#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:44 PM

Posted 08 March 2014 - 06:37 PM

Take your time -

 

I will check back every few days .........



#15 Imberpr

Imberpr
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 08 March 2014 - 06:41 PM

Genius - I'm at the 'install java' stage which is taking time - took a whole day for java x 2 versions to be removed. Update you shortly. Thank you!!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users