Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blastro popup, slow browser


  • Please log in to reply
6 replies to this topic

#1 rdbrewer

rdbrewer

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 25 July 2014 - 11:10 AM

Hi, I'm new.  I read in a closed topic that mentioned "Blastro" and popups how to use Malwarebytes and get a log.  But before I ran MWBs, I did a registry scan, and it cleaned up about 300 errors, the most I recall ever seeing.  Usually it's about 4.  Firefox is now running back up to speed on this Toshiba with Win7, but that popup appeared first thing. 

 

So MWB found one thing, "pup.optional.spigot.a".  That's it. 

 

Could somone take a look at my log, please, and tell me if I got the thing causing the Blastro popup? 

 

Let me add that "pup.optional.spigot.a" appears to be related to a Youtube downloader I used to use--like a year ago.  It's been gone that long.   So I guess "pup.optional.spigot.a" has been here all that time, even though I removed the program. 

 

One more thing: I clicked on the "MBAM log" under the  the History tab like that other thread instructed, and it doesn't appear to be the startup log you guys normally look at and comment on.  It's like a record of the scan.  Where can I find that?

 

Thanks, you guys.


Edited by hamluis, 25 July 2014 - 12:35 PM.
Moved from MRL to Am I Infected, no logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:08 AM

Posted 25 July 2014 - 01:10 PM

Hi rdbrewer and :welcome:

So Malwarebytes has found only pup.optional.spigot.a.

Check your installed programs and see if there is anything you don`t know.

 

Download Screen317 Security Check HERE and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do so

Please download MiniToolBox HERE to your desktop to run it.
Checkmark the following boxes:
* List content of Hosts
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and Copy / Paste the result. (result.txt)

The way about your question:

Open MalwareBytes Anti-Malware and then click on History.

On the left column, select Application Logs. Select the most recent log among the list, it is usually the one on the top (or sort by date) and open it.

Go to the bottom left corner to Export and select Text File (*.txt)

Save it to the desktop.

 

Thank you!



#3 rdbrewer

rdbrewer
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 25 July 2014 - 02:30 PM

Thank you. First, update: About five minutes after my registry scan, things got slow again, but I might have found part of the problem.  Tweetdeck seems to hog a lot of memory.  I noticed that when it's running other things slow down, and my FF cached web content figure goes up substantially.

 

Anyway, here are the results of those scans.  I hope I'm doing this right just putting them here and not doing it as attachments.

 

Thanks again for the help

 

***********************SecurityCheck****************

Results of screen317's Security Check version 0.99.86  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
Norton 360    
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File  
 Spybot - Search & Destroy
 Java 7 Update 65  
 Adobe Flash Player     14.0.0.145  
 Adobe Reader XI  
 Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled!
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 7%
````````````````````End of Log``````````````````````




***************malewarebytes log***************************


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/25/2014
Scan Time: 10:08:54 AM
Logfile: malwarebytes scan log 1.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.25.04
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: ZBREWER

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 319758
Time Elapsed: 18 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.Spigot.A, C:\ProgramData\YTD YouTube Downloader & Converter

\ytd_installer.exe, Quarantined, [b107c8dbb0cb4ee812896db924dc8f71],

Physical Sectors: 0
(No malicious items detected)


(end)

 

**************MiniToolBox results*************************

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by ZBREWER (administrator) on 25-07-2014 at 14:14:54
Running from "C:\Users\ZBREWER\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com

There are 15266 more lines starting with "127.0.0.1"


========================= Event log errors: ===============================

Application errors:
==================
Error: (07/25/2014 00:21:54 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 31.0.0.5310 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: bac

Start Time: 01cfa82a453287c9

Termination Time: 45

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 1e38683c-1420-11e4-93d2-001b3813a69b

Error: (07/25/2014 09:45:59 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (07/25/2014 09:45:59 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (07/25/2014 09:45:59 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (07/25/2014 09:45:43 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/25/2014 09:45:43 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=431}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/25/2014 09:45:43 AM) (Source: Windows Search Service) (User: )
Description: The gatherer is unable to read the registry Path.

Context:  Application, SystemIndex Catalog


Details:
    The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index.  (HRESULT : 0x80040d03) (0x80040d03)

Error: (07/25/2014 07:53:54 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 31.0.0.5310 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12b8

Start Time: 01cfa7fb73c6943e

Termination Time: 1481

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 9c3f713a-13fa-11e4-ba8b-001b3813a69b

Error: (07/24/2014 07:04:04 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 31.0.0.5310 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c54

Start Time: 01cfa6c50c5d2d6f

Termination Time: 14948

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 18af18ac-138f-11e4-9238-001b3813a69b

Error: (07/24/2014 07:00:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 31.0.0.5310, time stamp: 0x53c75e91
Faulting module name: NPSWF32_14_0_0_145.dll, version: 14.0.0.145, time stamp: 0x53aa1b9a
Exception code: 0x80000003
Fault offset: 0x0035128d
Faulting process id: 0xf4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3


System errors:
=============
Error: (07/25/2014 10:38:46 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (07/25/2014 10:38:47 AM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (07/25/2014 09:46:29 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (07/25/2014 09:45:59 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/25/2014 09:45:59 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218173.

Error: (07/25/2014 09:45:21 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (07/25/2014 09:45:21 AM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (07/25/2014 09:19:48 AM) (Source: Service Control Manager) (User: )
Description: The TOSHIBA Navi Support Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/25/2014 09:19:34 AM) (Source: Service Control Manager) (User: )
Description: The lxbx_device service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/25/2014 02:45:04 AM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2009-09-12 15:37:19.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2009-09-12 15:37:18.991
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2009-09-12 15:37:18.931
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2009-09-12 15:37:18.871
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2009-09-12 15:37:18.810
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2008-10-13 15:56:03.605
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2008-10-13 15:56:03.574
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2008-10-13 15:56:03.558
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2008-10-13 15:56:03.527
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2008-08-08 18:30:36.301
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL because the set of per-page image hashes could not be found on the system.



 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\Adobe Shockwave Player) (Version: 10.1.4.20 - Adobe Systems, Inc.)
AT&T Self Support Tool (HKLM\...\AT&T Self Support Tool) (Version:  - )
ATT-PRT22 (HKLM\...\ATT-PRT22) (Version:  - )
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.10(T) - TOSHIBA CORPORATION)
Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.140.0517 - Chicony Electronics Co.,Ltd.)
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.03 - TOSHIBA)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Dialer (HKLM\...\Desktop Dialer) (Version:  - )
DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.3 - Ulead Systems, Inc.)
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
GearDrvs (Version: 5.0.0.2 - Symantec Corporation) Hidden
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Matrix Storage Manager and Intel® Turbo Memory (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel® Turbo Memory (HKLM\...\{31423F74-36B2-4d24-B10D-CD00BFB7C118}) (Version:  - Intel Corporation)
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden
Lexmark 7100 Series (HKLM\...\Lexmark 7100 Series) (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Plus! for Windows XP (HKLM\...\{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}) (Version: 1.00.01.0732 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Store Download Manager (HKLM\...\{A3D88A98-506E-4CFC-B294-E256C679B0EE}) (Version: 2.5.2219.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Microsoft XML Parser (Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (HKLM\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PC Tools Registry Mechanic 11.0 (HKLM\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)
Protector Suite QL 5.8 (HKLM\...\{2CD82D77-8D1E-44FC-9A90-BBA95AC8D6B7}) (Version: 5.8.0.4024 - UPEK Inc.)
QuickTime (HKLM\...\{08CA9554-B5FE-4313-938F-D4A417B81175}) (Version: 7.50.61.0 - Apple Inc.)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.1.0 - Synaptics Incorporated)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}) (Version: 2.00.0002 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0001 - Texas Instruments Inc.) Hidden
TIPCI (Version: 2.00.0002 - Texas Instruments Inc.) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.02 - )
TOSHIBA ConfigFree (HKLM\...\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}) (Version: 7.00.29 - TOSHIBA)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.0.8 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.00.21 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.48.0.3C - TOSHIBA)
TOSHIBA Flash Cards Support Utility (Version: 1.48.0.3C - TOSHIBA) Hidden
TOSHIBA Game Console (HKLM\...\TOSHIBA Game Console) (Version:  - WildTangent)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.48.0.11C - TOSHIBA)
TOSHIBA Hardware Setup (Version: 1.48.0.11C - TOSHIBA) Hidden
TOSHIBA Media Center Game Console (HKLM\...\TOSHIBA Media Center Game Console) (Version:  - WildTangent)
TOSHIBA Music (HKLM\...\{0E9C4531-58C4-4349-AD2F-A4D999E451EC}) (Version: 1.00.1 - Toshiba America Information Systems)
Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.1 - TOSHIBA)
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.2 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version:  - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version:  - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version:  - )
TOSHIBA Supervisor Password (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.48.0.8C - TOSHIBA)
TOSHIBA Supervisor Password (Version: 1.48.0.8C - TOSHIBA) Hidden
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.28 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.2.28 - TOSHIBA Corporation) Hidden
TouchChip USB Driver 2.18 (Version: 2.18.0.0157 - UPEK Inc.) Hidden
TweetDeck (HKLM\...\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}) (Version: 3.3.7 - Twitter)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Utility Common Driver (Version: 0.0.50.7C - TOSHIBA) Hidden
Vista Shortcut Manager (HKLM\...\{47609E69-4C5E-48B1-A889-24C6B82B5C04}) (Version: 2.0 - Frameworkx)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 2046.41 MB
Available physical RAM: 1285.18 MB
Total Pagefile: 4092.83 MB
Available Pagefile: 2998.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951.32 MB

========================= Partitions: =====================================

1 Drive c: (SQ004441V05) (Fixed) (Total:110.32 GB) (Free:62.35 GB) NTFS
2 Drive d: () (Fixed) (Total:111.79 GB) (Free:111.67 GB) NTFS

========================= Users: ========================================

User accounts for \\ZBREWER-PC

Administrator            Guest                    ZBREWER                  


**** End of log ****
 



#4 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:08 AM

Posted 25 July 2014 - 03:44 PM

Do not use Registry Mechanic or this kind of software.It is not too clever to fix and delete registry entries and may cause problems.

I am not familiar with MVPS Hosts File protection to block ads, banners, 3rd party page counters, web bugs, and even most hijackers and so.

So this Blastro is the problem?

May be it is extension,plugin or add-on.Look for it in browsers.

 

Internet Explorer

    In the menu bar, select Tools > Manage Add-ons.
    In the Manage Add-ons window, find the add-on from the list of currently loaded add-ons on the right.
    Select it and click on the Disable button at the bottom right.

 

Firefox

    In the menu bar, select Tools > Add-ons.
    In the Add-ons window, click on the Plugins icon.
    Find the plugin from the list of installed plugins that you want to remove.
    Select it and click on the Disable button on the right side.

 

Google Chrome

    At the top right of the browser, click on the "wrench" Chrome wrench icon or "Menu" Chrome Menu button icon and navigate to Tools > Extensions.
    In the Extensions tab find the extension from the list that you want to remove.
    Click the Disable link or Uninstall link under the name of the extension as shown in the picture below. This will either disable the extension or complete uninstall it, depending on which link you click.

 

Please download AdwCleaner by Xplode HERE onto your desktop.

    Close all open programs and internet browsers.
    Double click on AdwCleaner.exe to run the tool.
    Click on Scan.
    After the scan is complete click on "Clean"
    Confirm each time with Ok.
    Your computer will be rebooted automatically. A text file will open after the restart.
    Please post the content of that logfile with your next answer.
    You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool HERE to your desktop.

    Shut down your protection software now to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message.

 

I do not suggest ot use Spybot.

 

Thank you!



#5 Zcar

Zcar

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 25 July 2014 - 04:00 PM

Be very careful with Junkware Removal Tool.  I decided to download and try it a couple hours ago.  I ran it and when it completed it announced that it had successfully removed some Big Fish Game files from my computer.  It surprised me because it didn't ask for permission to remove or clean anything, it just removed some files on its own.  I have a pretty good collection of Big Fish Games and have never had a malware or virus issue with any of them and there was absolutely no reason for JRT to remove any of the files.  Needless to say I'm not happy.  I tried a restore point from a couple days ago and the Big Fish Game manager still won't work.  I don't know yet how much of my game files have been destroyed but looks like JRT has successfully created a problem for me.



#6 rdbrewer

rdbrewer
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 26 July 2014 - 02:32 PM

Thanks, Zcar.  AdwCleaner caused me a lot of problems.  I'm not going to run  JRT.

 

That popup thing shows up whenver I go to Photobucket. 

 

I just screencapped it.  It appeared over this window.

 

I guess there's something on Photobucket and Norton and Malwarebytes and Spybot haven't included it yet.  Is that what's going on?



#7 rdbrewer

rdbrewer
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 26 July 2014 - 02:58 PM

Okay, I found another forum where people are talking about this, and posts are recent: here at Avast






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users