Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

friends checker


  • Please log in to reply
11 replies to this topic

#1 kjbarry

kjbarry

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 05 May 2014 - 08:29 AM

how do I get rid of friendschecker :bounce:


sorry internet explore 9 and windows 7



BC AdBot (Login to Remove)

 


#2 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:09 PM

Posted 05 May 2014 - 08:43 AM

Hallo kjbarry!

Would you do the following:

Download Screen317 Security Check HERE and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do so

Please download MiniToolBox HERE to your desktop to run it.
Checkmark the following boxes:
* List content of Hosts
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and Copy / Paste the result. (result.txt)

 

Thank you!



#3 kjbarry

kjbarry
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 05 May 2014 - 12:23 PM

 Results of screen317's Security Check version 0.99.82 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 55 
 Adobe Flash Player 13.0.0.206 
 Adobe Reader 10.1.9 Adobe Reader out of Date! 
 Mozilla Firefox (29.0)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Administrator (administrator) on 05-05-2014 at 12:18:25
Running from "C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLELA7YT"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/05/2014 01:30:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6833

Error: (05/05/2014 01:30:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6833

Error: (05/05/2014 01:30:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/05/2014 01:30:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5788

Error: (05/05/2014 01:30:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5788

Error: (05/05/2014 01:30:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/05/2014 01:30:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4743

Error: (05/05/2014 01:30:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4743

Error: (05/05/2014 01:30:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/05/2014 01:30:20 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3729

System errors:
=============
Error: (05/05/2014 07:27:16 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (05/05/2014 07:27:16 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/05/2014 07:27:16 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (05/05/2014 07:27:16 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/05/2014 07:27:16 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (05/05/2014 07:27:16 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/05/2014 07:27:14 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (05/05/2014 07:27:14 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/05/2014 07:27:04 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (05/05/2014 07:27:04 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Microsoft Office Sessions:
=========================
Error: (05/05/2014 01:30:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6833

Error: (05/05/2014 01:30:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6833

Error: (05/05/2014 01:30:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/05/2014 01:30:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5788

Error: (05/05/2014 01:30:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5788

Error: (05/05/2014 01:30:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/05/2014 01:30:21 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4743

Error: (05/05/2014 01:30:21 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4743

Error: (05/05/2014 01:30:21 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/05/2014 01:30:20 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3729

=========================== Installed Programs ============================

Adobe Flash Player 13 ActiveX (Version: 13.0.0.182)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Adobe Reader X (10.1.9) (Version: 10.1.9)
Apple Software Update (Version: 2.1.3.127)
Bing Maps 3D (Version: 4.0.903.16005)
Bonjour (Version: 3.0.0.10)
Configuration Manager Client (Version: 4.00.6487.2000)
Cradle of Rome
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
HP Deskjet 1050 J410 series Basic Device Software (Version: 28.0.1313.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
HP Deskjet 1050 J410 series Product Improvement Study (Version: 28.0.1313.0)
HP Photo Creations (Version: 1.0.0.12992)
HP Update (Version: 5.005.000.002)
iCloud (Version: 3.1.0.40)
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
Jewel Quest Help (Version: 2.6.77)
KeyDownload1 (Version: 1.31.153.3)
LG USB Modem driver
Mahjong Mysteries of the Past
Mahjong: Mysteries of the Past Bundle by SweetPacks (Version: 1.0.0.0)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.5.0216.0)
Microsoft Security Essentials (Version: 4.5.216.0)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 29.0 (x86 en-US) (Version: 29.0)
Mozilla Maintenance Service (Version: 29.0)
NETGEAR WNA3100 wireless USB 2.0 adapter (Version: 1.01.206)
OverDrive Media Console (Version: 3.3.0)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.6257)
Sansa Updater (Version: 1.313)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SUPERAntiSpyware (Version: 5.7.1018)
The Weather Channel App
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Video Downloader v2013 (Version: 2013)
Windows Media Player 64-bit Plug-in Fix
Windows Media Player Plus! 2.6 (Version: 2.6)
Yahoo! Axis
Yahoo! Install Manager
Yahoo! Software Update
Yahoo! Toolbar

========================= Devices: ================================

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

========================= Memory info: ===================================

Percentage of memory in use: 67%
Total physical RAM: 3028.53 MB
Available physical RAM: 986.21 MB
Total Pagefile: 6055.24 MB
Available Pagefile: 3443.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.89 MB

========================= Partitions: =====================================

1 Drive c: (OSDisk) (Fixed) (Total:148.55 GB) (Free:104.87 GB) NTFS

========================= Users: ========================================

User accounts for \\PC

Administrator            Guest                   

 

 

Thanks for the help so far let me know the next step
 



#4 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:09 PM

Posted 05 May 2014 - 01:03 PM

Hallo kjbarry!

Uninstall standard way from Programs and Features - KeyDownload1
Do you have automated logins in browsers?If you have your passwords near at hand do the following:
1.Open Internet Explorer, click on the gear icon at the top (far right), then click again on Internet Options.
2.In the Internet Options dialog box, click on the Advanced tab, then click on the Reset button.
3.In the Reset Internet Explorer settings section, check the Delete personal settings box, then click on Reset.
4.When Internet Explorer finishes resetting, click Close in the confirmation dialogue box and then click OK.
5.Close and open Internet Explorer.

1.At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu, and select Troubleshooting Information.
2.Click the Reset Firefox button in the upper-right corner of the Troubleshooting Information page.
3.To continue, click Reset Firefox in the confirmation window that opens.
4.Firefox will close and be reset. When it’s done, a window will list the information that was imported. Click Finish

After that:

Please download AdwCleaner by Xplode HERE onto your desktop.

    Close all open programs and internet browsers.
    Double click on AdwCleaner.exe to run the tool.
    Click on Scan.
    After the scan is complete click on "Clean"
    Confirm each time with Ok.
    Your computer will be rebooted automatically. A text file will open after the restart.
    Please post the content of that logfile with your next answer.
    You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

Thank you!



#5 kjbarry

kjbarry
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 05 May 2014 - 04:27 PM

# AdwCleaner v3.207 - Report created 05/05/2014 at 16:16:29
# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Administrator - PC
# Running from : C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GJHCBRZ\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\BasicSeek
Folder Deleted : C:\ProgramData\Free Ride Games
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\BasicSeek
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\GamesBar
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Administrator\AppData\Local\Conduit
Folder Deleted : C:\Users\Administrator\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Administrator\AppData\Local\visi_coupon
Folder Deleted : C:\Users\ADMINI~1\AppData\Local\Temp\NativeMessaging
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\SocialBit
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\BasicSeek
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video downloader

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16866

-\\ Mozilla Firefox v29.0 (en-US)

[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\prefs.js ]

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [6485 octets] - [05/05/2014 16:13:57]
AdwCleaner[S0].txt - [6069 octets] - [05/05/2014 16:16:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6129 octets] ##########

 

next step

 



#6 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:09 PM

Posted 05 May 2014 - 05:03 PM

Please download Junkware Removal Tool HERE to your desktop.

    Shut down your protection software now to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message.

 

Thank you!



#7 kjbarry

kjbarry
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 05 May 2014 - 05:27 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Administrator on Mon 05/05/2014 at 17:18:24.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnpip_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnpip_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 05/05/2014 at 17:25:16.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Thanks again what next



#8 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:09 PM

Posted 05 May 2014 - 05:33 PM

Do you need this - Video Downloader v2013

Start AdwCleaner and click Uninstall button and it will disappear.JRT just delete.

  Download Malwarebytes' Anti-Malware Free 2.0.0.1000 HERE to your desktop.
    - Do not accept the Free Trial Version at this time -
    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform quick scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

 

Thank you!


Edited by Alex&Vanko, 05 May 2014 - 05:44 PM.


#9 kjbarry

kjbarry
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 05 May 2014 - 08:06 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/5/2014
Scan Time: 7:40:45 PM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.05.13
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Administrator

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 257816
Time Elapsed: 9 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

I may be hit or miss for the next couple of days due to work I will check back as soon as I can



#10 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:09 PM

Posted 05 May 2014 - 09:12 PM

Ok see you later!

Here is the last one operation:

Download HitmanPro x64 HERE from onto your desktop.

Double-click on the file named HitmanPro.exe.It will be updated.When the program starts you will be presented with the start screen.Click on the Next button.Accept to store a copy of the program to your computer and click Next and it will start to scan.
When it has finished it will display a list of all the malware that the program found.Below next to button buy now is option Save log.Save it to your desktop and paste it here.

 

Thank you!



#11 kjbarry

kjbarry
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 10 May 2014 - 04:44 PM

sorry for the delay

 

HitmanPro 3.7.9.216
www.hitmanpro.com
   Computer name . . . . : PC
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : PC\Administrator
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Free
   Scan date . . . . . . : 2014-05-10 16:36:16
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 46s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 1
   Traces  . . . . . . . : 57
   Objects scanned . . . : 1,501,921
   Files scanned . . . . : 50,720
   Remnants scanned  . . : 378,364 files / 1,072,837 keys
Malware _____________________________________________________________________
   C:\ProgramData\ZalmanInstaller_VideoDownloader\ExecComponent2.exe
      Size . . . . . . . : 293,407 bytes
      Age  . . . . . . . : 131.6 days (2013-12-30 02:30:40)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 4EAC93C5CA1D6107B2647D3372850CDCEE951C49137B0AA1FFF3DD5F3F5207A0
      Description
      Version  . . . . . : 1.11222.11306.10555
      Copyright  . . . . : (C) 122213060555
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.Agent.avvk
      Fuzzy  . . . . . . : 109.0

Potential Unwanted Programs _________________________________________________
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TBNotifier_RASAPI32\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TBNotifier_RASMANCS\ (AskBar)
Cookies _____________________________________________________________________
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\0980YILZ.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\339O3O0D.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\5U8RI7FC.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\91W1FNER.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\DAOF6GIG.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\J86EQFKL.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\NF5E0UDW.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\NV968RVA.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\TXLKJL52.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\U6RAHT0Z.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\Y3SBAJIW.txt
   C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\YHC1UYC5.txt
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ad.360yield.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ad.yabuka.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.al.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.autoaffiliatenetwork.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.cleveland.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.creative-serving.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.masslive.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.mlive.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.nj.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.nola.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.oregonlive.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.p161.net
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.pennlive.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.pointroll.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.pubmatic.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.stickyadstv.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.syracuse.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.undertone.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.videohub.tv
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ads.yahoo.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:adserving.autotrader.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:adtechus.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:advertising.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ar.atwola.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:at.atwola.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:atdmt.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:atwola.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:burstnet.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:casalemedia.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:classifiedventures1.112.2o7.net
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:doubleclick.net
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:emjcd.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:interclick.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:mediaplex.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:pointroll.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:questionmarket.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:revsci.net
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:serving-sys.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:smartadserver.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:ww251.smartadserver.com
   C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tybzg7pq.default-1399324339191\cookies.sqlite:zedo.com


#12 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:09 PM

Posted 11 May 2014 - 07:03 AM

Hallo kjbarry!

I suggest to uninstall this Video Downloader from Programs and Features.

After that click Next to remove threads.You may need to activate trial version in order to remove threads.

 

Please download the ESET Online Scanner HERE and save it to your Desktop.
Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
    Start esetsmartinstaller_enu.exe with administartor privileges.
    Select the option Yes, I accept the Terms of Use and click on Start.
    Make sure that the option Remove found threats is checked, and the option Scan archives is checked.
    Now click on Advanced Settings and select the following:
        Scan for potentially unwanted applications
        Scan for potentially unsafe applications
        Enable Anti-Stealth Technology
    Click on Start. The virus signature database will begin to download. This may take some time.
    When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
    When completed select Uninstall application on close if you so wish
    Now click on Finish!

 

Thereafter say if you have still problem.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users