Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Two browsers popping up when getting online


  • Please log in to reply
13 replies to this topic

#1 givemekiss

givemekiss

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington State
  • Local time:05:12 PM

Posted 06 May 2014 - 12:47 AM

I have an emachine, Windows 7 64-bit desktop. I use Mozilla Firefox as my web browser. The other day I noticed it looked a little different when I got online, but thought that maybe it was just an updated web browser.  Today when I clicked on it, two windows popped up, one being the yahoo page I have as my home page, and the other was a "No Scripts" ad-ware page. Because that second page popped up, I suspect I have a virus. I have run Microsoft Security Essentials to see if it could find anything, and it came back clean. I normally try to figure this stuff out myself, but because I'm going to school full time, my brain is fried by the time I get home and I need some help. I appreciate any assistance that anyone can give me.

 

Thank you,

Alysa



BC AdBot (Login to Remove)

 


#2 NextHopRouter

NextHopRouter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central United States
  • Local time:06:12 PM

Posted 06 May 2014 - 01:06 AM

I don't think you have a virus, per se. It seems likely that you may have some sort of browser tool-bar or add-on that got installed. You might try something like Adaware.



#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:12 AM

Posted 06 May 2014 - 01:25 AM

Thank you NextHop, but that is what the person means, and would like help with -

 

Hello (can I call you Alysa, rather than your login name) -

 

Please follow these directions, and we will try to remove the problem ....

 

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

Next -

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
Click Go and copy / paste the result (Result.txt).

 

 

Now for a quick clean-up -

Please download and run RKill by Grinler.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

Please post the small log produced -

 

Important: Do not reboot your computer until you complete the next step.

 

 

Now:

Please download AdwCleaner by Xplode and save to your Desktop.
NOTE : Please close or save all work, as the computer will be Rebooted
Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button. (only once)
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. 
If you see any which you do not want removed, remove the check mark next to it. 
Next: Click on the Clean button (only once) to remove the selected items. 
You will receive a message telling you that all programs will be close so that the infections can be removed. 
Click on OK, and then OK again to confirm the reboot.
When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop. 
Please copy and the paste this log in your next post.

 

A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

Run Junkware Removal Tool -

Shut down your protection software now to avoid potential conflicts.
* How To Temporarily Disable Your Anti-virus
* Please download Junkware Removal Tool by Thisisu to your desktop.
* Run the tool by double-clicking it.
* If you are using Windows Vista, 7, or 8, right click JRT.exe and select "Run as Administrator".
* The tool will open and start scanning your system.
* Please be patient as this can take a while to complete depending on your system's specifications.
* On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
* Post the contents of JRT.txt into your next message.

 

Last -

Download TFC by OldTimer to your desktop
 • Close any open windows, as Temp File Cleaner will close them to work -
• Double click the TFC icon to run the program
• TFC will close all open programs itself in order to run,
• Click the Start button to begin the process.

• Allow TFC to run uninterrupted.
• The program should not take long to finish it's job
• Once its finished it should automatically reboot your machine,
• if it doesn't, please manually reboot to ensure a complete clean

 

When finished, please post the logs and a report on how your computer is running



#4 givemekiss

givemekiss
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington State
  • Local time:05:12 PM

Posted 07 May 2014 - 01:15 AM

Hi noknojon,

Thank you for your response/help! Two things; 1: yes, please feel free to call me by my name and not my screen name, and 2: I am starting the process that you have listed above for me to run, but because I'm in school from 8am to nearly 10pm Monday through Friday, I'm gone a lot (only for 5 more months though)...so please be patient with me with getting you the logs. Once again, thank you for all of your assistance with my oh so exciting computer system.

 

Sincerely,

Alysa



#5 givemekiss

givemekiss
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington State
  • Local time:05:12 PM

Posted 07 May 2014 - 01:22 AM

 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 45  
 Java version out of Date!
 Adobe Flash Player 13.0.0.206  
 Mozilla Firefox (29.0)
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 



#6 givemekiss

givemekiss
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington State
  • Local time:05:12 PM

Posted 07 May 2014 - 01:24 AM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Alysa (administrator) on 06-05-2014 at 23:24:02
Running from "C:\Users\Alysa\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost


========================= Event log errors: ===============================

Application errors:
==================
Error: (05/06/2014 10:14:39 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 9.1.168.192.in-addr.arpa. PTR Alysa-PC.local.

Error: (05/06/2014 10:14:39 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353   18 9.1.168.192.in-addr.arpa. PTR Alysa-PC-2.local.

Error: (05/06/2014 10:14:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35537

Error: (05/06/2014 10:14:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 35537

Error: (05/06/2014 10:14:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/06/2014 09:53:23 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 9.1.168.192.in-addr.arpa. PTR Alysa-PC.local.

Error: (05/06/2014 09:53:23 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353   18 9.1.168.192.in-addr.arpa. PTR Alysa-PC-2.local.

Error: (05/06/2014 08:44:34 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 9.1.168.192.in-addr.arpa. PTR Alysa-PC.local.

Error: (05/06/2014 08:44:34 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353   18 9.1.168.192.in-addr.arpa. PTR Alysa-PC-2.local.

Error: (05/06/2014 03:12:46 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 9.1.168.192.in-addr.arpa. PTR Alysa-PC.local.


System errors:
=============
Error: (05/05/2014 11:19:58 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/05/2014 10:05:37 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (05/05/2014 09:29:36 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSWNDA3100 service.

Error: (05/05/2014 08:32:48 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (05/05/2014 04:17:57 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (05/04/2014 10:28:16 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (05/04/2014 05:21:26 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (05/03/2014 03:16:35 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/03/2014 03:00:12 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (05/02/2014 08:06:22 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.


Microsoft Office Sessions:
=========================
Error: (05/06/2014 10:14:39 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 9.1.168.192.in-addr.arpa. PTR Alysa-PC.local.

Error: (05/06/2014 10:14:39 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353   18 9.1.168.192.in-addr.arpa. PTR Alysa-PC-2.local.

Error: (05/06/2014 10:14:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35537

Error: (05/06/2014 10:14:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 35537

Error: (05/06/2014 10:14:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/06/2014 09:53:23 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 9.1.168.192.in-addr.arpa. PTR Alysa-PC.local.

Error: (05/06/2014 09:53:23 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353   18 9.1.168.192.in-addr.arpa. PTR Alysa-PC-2.local.

Error: (05/06/2014 08:44:34 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 9.1.168.192.in-addr.arpa. PTR Alysa-PC.local.

Error: (05/06/2014 08:44:34 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353   18 9.1.168.192.in-addr.arpa. PTR Alysa-PC-2.local.

Error: (05/06/2014 03:12:46 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 9.1.168.192.in-addr.arpa. PTR Alysa-PC.local.


CodeIntegrity Errors:
===================================
  Date: 2013-12-29 14:05:54.671
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-12-29 14:05:54.249
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe AIR (Version: 3.9.0.1380)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Agatha Christie - Death on the Nile (Version: 2.2.0.98)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0328.2218.38225)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
AMD Steady Video Plug-In  (Version: 2.06.0000)
AMD VISION Engine Control Center (Version: 2013.0328.2218.38225)
ATI AVIVO64 Codecs (Version: 11.6.0.10524)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Build-a-lot 4 - Power Source (Version: 2.2.0.97)
Bullzip PDF Printer 9.8.0.1599 (Version: 9.8.0.1599)
Canon Inkjet Printer Driver Add-On Module
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225)
CCC Help Czech (Version: 2013.0328.2217.38225)
CCC Help Danish (Version: 2013.0328.2217.38225)
CCC Help Dutch (Version: 2013.0328.2217.38225)
CCC Help English (Version: 2013.0328.2217.38225)
CCC Help Finnish (Version: 2013.0328.2217.38225)
CCC Help French (Version: 2013.0328.2217.38225)
CCC Help German (Version: 2013.0328.2217.38225)
CCC Help Greek (Version: 2013.0328.2217.38225)
CCC Help Hungarian (Version: 2013.0328.2217.38225)
CCC Help Italian (Version: 2013.0328.2217.38225)
CCC Help Japanese (Version: 2013.0328.2217.38225)
CCC Help Korean (Version: 2013.0328.2217.38225)
CCC Help Norwegian (Version: 2013.0328.2217.38225)
CCC Help Polish (Version: 2013.0328.2217.38225)
CCC Help Portuguese (Version: 2013.0328.2217.38225)
CCC Help Russian (Version: 2013.0328.2217.38225)
CCC Help Spanish (Version: 2013.0328.2217.38225)
CCC Help Swedish (Version: 2013.0328.2217.38225)
CCC Help Thai (Version: 2013.0328.2217.38225)
CCC Help Turkish (Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
Chronicles of Albian (Version: 2.2.0.95)
CloudReading (Version: 1.1.47.1220)
Cradle of Rome 2 (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
Dora's World Adventure (Version: 2.2.0.95)
eMachines Games (Version: 1.0.2.5)
eMachines Recovery Management (Version: 5.00.3502)
eMachines Registration (Version: 1.04.3503)
eMachines ScreenSaver (Version: 1.1.0221.2011)
eMachines Updater (Version: 1.02.3500)
eReg (Version: 1.20.138.34)
Etron USB3.0 Host Controller (Version: 0.96)
Evernote v. 5.1 (Version: 5.1.0.2217)
Final Drive: Nitro (Version: 2.2.0.95)
Foxit Reader (Version: 6.1.2.1224)
Galerie de photos (Version: 16.4.3508.0205)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.23.9)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hotkey Utility (Version: 2.05.3505)
Identity Card (Version: 1.00.3501)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Jewel Match 3 (Version: 2.2.0.97)
Junk Mail filter update (Version: 16.4.3508.0205)
LG USB Modem driver
Logitech Unifying Software 2.00 (Version: 2.00.43)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Security Client (Version: 4.5.0216.0)
Microsoft Security Essentials (Version: 4.5.216.0)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SkyDrive (Version: 17.0.2011.0627)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Motorola Device Manager (Version: 2.2.28)
Motorola Device Software Update (Version: 1.0.40)
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0)
Movie Maker (Version: 16.4.3508.0205)
Mozilla Firefox 29.0 (x86 en-US) (Version: 29.0)
Mozilla Maintenance Service (Version: 29.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Mystery of Mortlake Mansion (Version: 2.2.0.98)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
Netflix in Windows Media Center (Version: 3.3.101.0)
NETGEAR Genie (Version: 2.3.1.16)
NETGEAR Live Parental Controls Management Utility 2.1.6 (Version: 2.1.6)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (Version: 1.03.000)
NOOK for PC (Version: 2.5.6.9575)
Penguins! (Version: 2.2.0.95)
Photo Common (Version: 16.4.3508.0205)
Photo Gallery (Version: 16.4.3508.0205)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
QuickTime (Version: 7.74.80.86)
Realtek Ethernet Controller Driver (Version: 7.45.516.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6242)
ScorpionSaver (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Torchlight (Version: 2.2.0.97)
Unity Web Player (Version: )
Update Installer for WildTangent Games App
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
VLC media player 2.1.2 (Version: 2.1.2)
Welcome Center (Version: 1.02.3504)
WildTangent Games App (Version: 4.0.10.5)
Windows Live (Version: 16.4.3508.0205)
Windows Live Communications Platform (Version: 16.4.3508.0205)
Windows Live Essentials (Version: 16.4.3508.0205)
Windows Live Family Safety (Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3508.0205)
Windows Live Mail (Version: 16.4.3508.0205)
Windows Live Messenger (Version: 16.4.3508.0205)
Windows Live MIME IFilter (Version: 16.4.3508.0205)
Windows Live Photo Common (Version: 16.4.3508.0205)
Windows Live PIMT Platform (Version: 16.4.3508.0205)
Windows Live SOXE (Version: 16.4.3508.0205)
Windows Live SOXE Definitions (Version: 16.4.3508.0205)
Windows Live UX Platform (Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
Windows Live Writer (Version: 16.4.3508.0205)
Windows Live Writer Resources (Version: 16.4.3508.0205)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Zuma's Revenge (Version: 2.2.0.97)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3576.26 MB
Available physical RAM: 2119.27 MB
Total Pagefile: 7150.7 MB
Available Pagefile: 5183.35 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.25 MB

========================= Partitions: =====================================

1 Drive c: (eMachines) (Fixed) (Total:446.13 GB) (Free:376.31 GB) NTFS

========================= Users: ========================================

User accounts for \\ALYSA-PC

Administrator            Alysa                    Guest                    
Hot Tamale               


**** End of log ****
 



#7 givemekiss

givemekiss
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington State
  • Local time:05:12 PM

Posted 07 May 2014 - 01:43 AM

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/06/2014 11:36:03 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 05/06/2014 11:37:56 PM
Execution time: 0 hours(s), 1 minute(s), and 53 seconds(s)
 


# AdwCleaner v3.207 - Report created 06/05/2014 at 23:29:29
# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Alysa - ALYSA-PC
# Running from : C:\Users\Alysa\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0 (en-US)

[ File : C:\Users\Alysa\AppData\Roaming\Mozilla\Firefox\Profiles\4hfabhvx.default\prefs.js ]


[ File : C:\Users\Alysa\AppData\Roaming\Mozilla\Firefox\Profiles\pb2nv0do.default-1378188013787\prefs.js ]


[ File : C:\Users\Hot Tamale\AppData\Roaming\Mozilla\Firefox\Profiles\698regu8.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1041 octets] - [06/05/2014 23:27:52]
AdwCleaner[S0].txt - [962 octets] - [06/05/2014 23:29:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1021 octets] ##########
 



#8 givemekiss

givemekiss
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington State
  • Local time:05:12 PM

Posted 07 May 2014 - 02:11 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by Alysa on Tue 05/06/2014 at 23:46:10.91 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\Alysa\AppData\Roaming\mozilla\firefox\profiles\pb2nv0do.default-1378188013787\minidumps [10 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 05/07/2014 at 0:01:19.34 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#9 givemekiss

givemekiss
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington State
  • Local time:05:12 PM

Posted 07 May 2014 - 02:21 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Alysa on Tue 05/06/2014 at 23:46:10.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Alysa\AppData\Roaming\mozilla\firefox\profiles\pb2nv0do.default-1378188013787\minidumps [10 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/07/2014 at  0:01:19.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:12 AM

Posted 07 May 2014 - 04:14 AM

The idea is OK as we do not always get busy, and as long as you drop a line here every week I will keep watching it.

 

It is good that you removed LevelQualityWatcher in the first scan, as this can cause problems.

 

When you have time, please run this Online Scan from ESET -

It may take 2 or 3 hours, so please only do it when you have time to spare.

 

Scan with ESET Online Scan
1. Please go to HERE to run the online scannner from ESET.
2. Temporarily Disable Your Anti-virus while performing the online scan. This is much stronger than your Antivirus, so it is OK to disable your Antivirus.
3. Tick the box next to YES, I accept the Terms of Use.
4. Click Start
5. When asked, allow the ActiveX control to install
6. Click Start
7. Under scan settings, check "Scan Archives" and "Remove found threats"
8. Click on Advanced Settings and ensure these options are ticked:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

9, Click Scan
10. Wait for the scan to finish. This can take quite a while to download the program and then updates for a first scan.
11. If any threats were found, click the 'List of found threats' , then click Export to text file....
12. Save it to your desktop, then please copy and paste that log as a reply to this topic.



#11 givemekiss

givemekiss
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington State
  • Local time:05:12 PM

Posted 14 May 2014 - 11:41 PM

noknojon,

 

Sorry this took so long! I got busy with a project at school that was due today....this is the first I've had a chance to get onto my desktop. Here is the results of the scan though. Thank you for your patience!

 

 

 

C:\OEM\Preload\Autorun\APP\Nero 10 Essentials eMachines Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe    a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application    deleted - quarantined
C:\Users\Alysa\AppData\Roaming\.technic\modpacks\aether-plus-more\cache\aether-plus-more-1.0.zip    a variant of Win32/AdWare.iBryte.Q application    deleted - quarantined
C:\Users\Alysa\Downloads\ccsetup401.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\Alysa\Downloads\FoxitReader602.0413_enu_Setup.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
C:\Users\Alysa\Downloads\Virtual_Families.exe    a variant of Win32/InstallCore.AZ potentially unwanted application    deleted - quarantined
 

 

~Alysa



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:12 AM

Posted 15 May 2014 - 10:23 PM

Hello -

 

What is the computer doing now ?? Is it any better ??



#13 givemekiss

givemekiss
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington State
  • Local time:05:12 PM

Posted 20 May 2014 - 01:26 AM

Hi! Sorry, I was doing mid-terms in school, and this is actually the first time I was able to log on. Yes, it seems to be running without any issues though. Is there anything you suggest I do? ~Alysa

#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:12 AM

Posted 20 May 2014 - 05:12 AM

We need to remove Downloaded Temp files and help clean out remains.

FIRST : Empty Recycle bin, then go - Start > Programs > Accessories > System tools > Disk Cleanup, and run those.

 

NOW :

Please download Temp File Cleaner by Old Timer
Usage Instructions:

  • Download TFC from the download link above and save the file on your desktop.
  • Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
  • Double-click on the TFC icon.
  • When the program opens, click on the Start button. 
  • TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
  • When done, press EXIT, and reboot your computer to finish the cleanup.

 

Now run TFC and Reboot -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users