Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to remove Astromenda?


  • Please log in to reply
6 replies to this topic

#1 emwick

emwick

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 12 September 2014 - 02:40 PM

We got an astromenda bug within last 10 days or so and I'd like to remove it.  I have xp home.
I did remove it from control panel with no effect.  googled it but I don't trust all the sites, probly some of the same ones who made it.  Do I need an HJT file first?

Edit: Moved topic from Windows XP to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:57 PM

Posted 12 September 2014 - 03:58 PM

Hello emwick

Do these next...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 emwick

emwick
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 13 September 2014 - 01:18 AM

      MiniToolBox by Farbar  Version: 21-07-2014
Ran by mike (administrator) on 12-09-2014 at 23:04:16
Running from "C:\Documents and Settings\mike.MIKENMICH\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

VIA Compatable Fast Ethernet Adapter = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : mikenmich

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : VIA Compatable Fast Ethernet Adapter

        Physical Address. . . . . . . . . : 00-0C-76-EE-9A-C2

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.2

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : Friday, September 12, 2014 10:58:33 PM

        Lease Expires . . . . . . . . . . : Saturday, September 13, 2014 10:58:33 PM

Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.239.39, 74.125.239.38, 74.125.239.32, 74.125.239.37
      74.125.239.40, 74.125.239.34, 74.125.239.36, 74.125.239.41, 74.125.239.33
      74.125.239.35, 74.125.239.46



Pinging google.com [74.125.239.41] with 32 bytes of data:



Reply from 74.125.239.41: bytes=32 time=23ms TTL=52

Reply from 74.125.239.41: bytes=32 time=24ms TTL=52



Ping statistics for 74.125.239.41:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 23ms, Maximum = 24ms, Average = 23ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=96ms TTL=44

Reply from 98.139.183.24: bytes=32 time=94ms TTL=44



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 94ms, Maximum = 96ms, Average = 95ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0c 76 ee 9a c2 ...... VIA Compatable Fast Ethernet Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.2      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0      192.168.1.2     192.168.1.2      20
      192.168.1.2  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255      192.168.1.2     192.168.1.2      20
        224.0.0.0        240.0.0.0      192.168.1.2     192.168.1.2      20
  255.255.255.255  255.255.255.255      192.168.1.2     192.168.1.2      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/12/2014 02:01:33 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 32.0.1.5367, faulting module mozalloc.dll, version 32.0.1.5367, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (09/12/2014 00:15:05 PM) (Source: Application Error) (User: )
Description: Faulting application brs.exe, version 0.0.0.0, faulting module brs.exe, version 0.0.0.0, fault address 0x000887bb.
Processing media-specific event for [brs.exe!ws!]

Error: (09/12/2014 11:54:47 AM) (Source: Application Error) (User: )
Description: Faulting application brs.exe, version 0.0.0.0, faulting module brs.exe, version 0.0.0.0, fault address 0x000887bb.
Processing media-specific event for [brs.exe!ws!]

Error: (09/11/2014 10:55:09 AM) (Source: Application Error) (User: )
Description: Faulting application brs.exe, version 0.0.0.0, faulting module , version 0.0.0.0, fault address 0x000887bb.
Processing media-specific event for [brs.exe!ws!]

Error: (09/10/2014 11:32:28 AM) (Source: Application Error) (User: )
Description: Faulting application brs.exe, version 0.0.0.0, faulting module brs.exe, version 0.0.0.0, fault address 0x000887bb.
Processing media-specific event for [brs.exe!ws!]

Error: (09/09/2014 01:44:05 PM) (Source: Application Error) (User: )
Description: Faulting application brs.exe, version 0.0.0.0, faulting module brs.exe, version 0.0.0.0, fault address 0x000887bb.
Processing media-specific event for [brs.exe!ws!]

Error: (09/08/2014 00:58:39 PM) (Source: Application Error) (User: )
Description: Faulting application brs.exe, version 0.0.0.0, faulting module brs.exe, version 0.0.0.0, fault address 0x000887bb.
Processing media-specific event for [brs.exe!ws!]

Error: (09/07/2014 10:23:09 PM) (Source: Application Error) (User: )
Description: Faulting application brs.exe, version 0.0.0.0, faulting module brs.exe, version 0.0.0.0, fault address 0x000887bb.
Processing media-specific event for [brs.exe!ws!]

Error: (09/07/2014 09:24:24 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (09/07/2014 09:18:56 PM) (Source: Application Error) (User: )
Description: Faulting application brs.exe, version 0.0.0.0, faulting module brs.exe, version 0.0.0.0, fault address 0x000887bb.
Processing media-specific event for [brs.exe!ws!]


System errors:
=============
Error: (09/12/2014 11:00:03 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL.
Reference error message: The operation completed successfully.
.

Error: (09/12/2014 11:00:03 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (09/12/2014 11:00:03 PM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (09/12/2014 11:00:03 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL.
Reference error message: The operation completed successfully.
.

Error: (09/12/2014 11:00:03 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (09/12/2014 11:00:03 PM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (09/12/2014 05:23:05 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL.
Reference error message: The operation completed successfully.
.

Error: (09/12/2014 05:23:05 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (09/12/2014 05:23:05 PM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (09/12/2014 05:23:05 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL.
Reference error message: The operation completed successfully.
.


Microsoft Office Sessions:
=========================
Error: (09/12/2014 02:01:33 PM) (Source: Application Error)(User: )
Description: plugin-container.exe32.0.1.5367mozalloc.dll32.0.1.53670000141b

Error: (09/12/2014 00:15:05 PM) (Source: Application Error)(User: )
Description: brs.exe0.0.0.0brs.exe0.0.0.0000887bb

Error: (09/12/2014 11:54:47 AM) (Source: Application Error)(User: )
Description: brs.exe0.0.0.0brs.exe0.0.0.0000887bb

Error: (09/11/2014 10:55:09 AM) (Source: Application Error)(User: )
Description: brs.exe0.0.0.00.0.0.0000887bb

Error: (09/10/2014 11:32:28 AM) (Source: Application Error)(User: )
Description: brs.exe0.0.0.0brs.exe0.0.0.0000887bb

Error: (09/09/2014 01:44:05 PM) (Source: Application Error)(User: )
Description: brs.exe0.0.0.0brs.exe0.0.0.0000887bb

Error: (09/08/2014 00:58:39 PM) (Source: Application Error)(User: )
Description: brs.exe0.0.0.0brs.exe0.0.0.0000887bb

Error: (09/07/2014 10:23:09 PM) (Source: Application Error)(User: )
Description: brs.exe0.0.0.0brs.exe0.0.0.0000887bb

Error: (09/07/2014 09:24:24 PM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (09/07/2014 09:18:56 PM) (Source: Application Error)(User: )
Description: brs.exe0.0.0.0brs.exe0.0.0.0000887bb



=========================== Installed Programs ============================
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk Design Tracking 6 (HKLM\...\{76D6189D-0001-6000-0001-DFC2EE337EAC}) (Version: 6.2.0.12000 - Autodesk, Inc.)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon MP Navigator EX 4.1 (HKLM\...\MP Navigator EX 4.1) (Version:  - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Canon MX410 series User Registration (HKLM\...\Canon MX410 series User Registration) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM\...\Speed Dial Utility) (Version:  - )
Contour Storyteller (HKLM\...\Contour Storyteller 3.3.3) (Version: 3.3.3 - Contour)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
GIMP (HKLM\...\{46BBA993-5554-42E7-8042-E760D92A580A}) (Version: 2.6.11 - Spencer Kimball)
Google Earth (HKLM\...\{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}) (Version: 7.0.2.8415 - Google)
Google Talk (remove only) (HKLM\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Guitar Tuner 1.0 Win 2k-XP (HKLM\...\Guitar Tuner 1.0 Win 2k-XP) (Version:  - )
Java Auto Updater (Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JD2 Tube Bend App. (HKLM\...\{FEE5C812-51C7-4A6B-9DC0-4618AC9F6BD4}) (Version: 1.01.0003 - JD2)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (HKLM\...\NLSDownlevelMapping) (Version:  - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
PitchPerfect Musical Instrument Tuner (HKLM\...\PitchPerfect) (Version:  - NCH Software)
Quicken 2002 Deluxe (HKLM\...\Quicken 2002 Deluxe) (Version:  - )
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Studio 8 (HKLM\...\{53EF6570-21A4-47ED-A40A-E6470A5677A3}) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB925720) (HKLM\...\KB925720) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VectorEngineer Quick-Tools (HKLM\...\VectorEngineer Quick-Tools) (Version:  - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WinALDL (HKLM\...\WinALDL) (Version:  - )
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (Version: 3.1 - Microsoft Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 991.49 MB
Available physical RAM: 734.07 MB
Total Pagefile: 2390.66 MB
Available Pagefile: 2201.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1988.75 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.51 GB) (Free:13.63 GB) FAT32

========================= Users: ========================================

User accounts for \\MIKENMICH

Administrator            ASPNET                   eric                     
Guest                    HelpAssistant            michelle                 
mike                     ryan                     SUPPORT_388945a0         


**** End of log ****
 



#4 emwick

emwick
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 13 September 2014 - 10:43 AM

here's tool file report.  Astro is still here.  I'll run eset but?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by mike on Sat 09/13/2014 at  8:28:17.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Documents and Settings\mike.MIKENMICH\Application Data\mozilla\firefox\profiles\kxk5nsll.default\minidumps [13106 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 09/13/2014 at  8:36:53.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#5 emwick

emwick
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 13 September 2014 - 02:30 PM

Ok here's eset report

C:\Program Files\NCH Swift Sound\PitchPerfect\pitchperfect.exe    a variant of Win32/Toolbar.Conduit.I potentially unwanted application    deleted - quarantined
C:\Program Files\NCH Swift Sound\PitchPerfect\uninst.exe    a variant of Win32/Toolbar.Conduit.I potentially unwanted application    deleted - quarantined
C:\Program Files\NCH Swift Sound\PitchPerfect\ppsetup_v1.20.exe    a variant of Win32/Toolbar.Conduit.I potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\StartNow Toolbar\Toolbar32.dll.vir    Win32/Toolbar.Zugo.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\StartNow Toolbar\StartNowToolbarUninstall.exe.vir    Win32/Toolbar.Zugo.E potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe.vir    Win32/Toolbar.Zugo potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Michelle\Desktop\zlsSetup_70_483_000_en.exe    a variant of Win32/AdInstaller potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Michelle\Desktop\zlsSetup_70_483_000_en(2).exe    a variant of Win32/AdInstaller potentially unwanted application    deleted - quarantined
C:\Documents and Settings\mike.MIKENMICH\My Documents\Downloads\ppsetup.exe    a variant of Win32/Toolbar.Conduit.I potentially unwanted application    deleted - quarantined
C:\Documents and Settings\mike.MIKENMICH\My Documents\Downloads\google earth setup.exe    a variant of Win32/InstallCore.QN potentially unwanted application    deleted - quarantined
C:\Documents and Settings\mike.MIKENMICH\My Documents\Downloads\Google_Talk_Setup.exe    a variant of Win32/InstallCore.QB potentially unwanted application    deleted - quarantined
C:\Documents and Settings\mike.MIKENMICH\My Documents\Downloads\Google_Talk_Setup(1).exe    a variant of Win32/InstallCore.QB potentially unwanted application    deleted - quarantined
C:\Documents and Settings\mike.MIKENMICH\My Documents\Downloads\Google_Talk_Setup(2).exe    a variant of Win32/InstallCore.QB potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{79C92991-B981-490C-B254-2C41702F4860}\RP763\A0083635.exe    a variant of Win32/BrowseFox.H potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{79C92991-B981-490C-B254-2C41702F4860}\RP767\A0083708.dll    Win32/Toolbar.Zugo.A potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{79C92991-B981-490C-B254-2C41702F4860}\RP767\A0083709.exe    Win32/Toolbar.Zugo.E potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{79C92991-B981-490C-B254-2C41702F4860}\RP767\A0083710.exe    Win32/Toolbar.Zugo potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{79C92991-B981-490C-B254-2C41702F4860}\RP767\A0083839.exe    multiple threats    cleaned by deleting - quarantined
 



#6 emwick

emwick
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 13 September 2014 - 03:07 PM

It's still there.  No difference.

 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:57 PM

Posted 15 September 2014 - 12:47 PM

Did you run ADWCleaner?
What is your Browser?

Uninstall this in Control Panel
Java 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users