Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problem : Your connectionis not private


  • Please log in to reply
19 replies to this topic

#1 Foz2014

Foz2014

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 05 October 2014 - 11:36 AM

Hello everyone

I'm new in this website , and I hope that I post my problem in the correct place or forgive me. 

 

I have here a problem when I trying to open twitter or hotmail.com this message coming every time 

 

 

 

 

Your connection is not private

Attackers might be trying to steal your information from www.twitter.com (for example, passwords, messages, or credit cards).

Reload

Advanced

 

 

 

 

 

 

what should I do , I tried to change the timing as menitioned when I searching to find the answers , but nothing happen the problem still there, please can you help how fix this.

 

thank you in advance


Edited by hamluis, 05 October 2014 - 12:34 PM.
Moved from Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 05 October 2014 - 12:15 PM

I found your minitoolbox and I use it: kindly see what does this mean

 

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Authorised (administrator) on 05-10-2014 at 20:12:47
Running from "C:\Documents and Settings\Authorised\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® PRO/Wireless 2200BG Network Connection = Wireless Network Connection (Connected)
Realtek RTL8139 Family PCI Fast Ethernet NIC = Local Area Connection (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : authorised-pc
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Unknown
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC
 
        Physical Address. . . . . . . . . : 00-16-36-17-11-36
 
 
 
Ethernet adapter Wireless Network Connection:
 
 
 
        Connection-specific DNS Suffix  . : 
 
        Description . . . . . . . . . . . : Intel® PRO/Wireless 2200BG Network Connection
 
        Physical Address. . . . . . . . . : 00-16-6F-3B-4B-DC
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.1.6
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.1.1
 
        DHCP Server . . . . . . . . . . . : 192.168.1.1
 
        DNS Servers . . . . . . . . . . . : 192.168.1.1
 
        Lease Obtained. . . . . . . . . . : Sunday, October 05, 2014 7:06:51 PM
 
        Lease Expires . . . . . . . . . . : Monday, October 06, 2014 7:06:51 PM
 
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  173.194.39.37, 173.194.39.35, 173.194.39.41, 173.194.39.46
 173.194.39.33, 173.194.39.32, 173.194.39.34, 173.194.39.39, 173.194.39.38
 173.194.39.36, 173.194.39.40
 
 
 
Pinging google.com [173.194.39.37] with 32 bytes of data:
 
 
 
Reply from 173.194.39.37: bytes=32 time=111ms TTL=53
 
Reply from 173.194.39.37: bytes=32 time=110ms TTL=53
 
 
 
Ping statistics for 173.194.39.37:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 110ms, Maximum = 111ms, Average = 110ms
 
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45
 
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
 
 
 
Reply from 98.139.183.24: bytes=32 time=337ms TTL=42
 
Reply from 98.139.183.24: bytes=32 time=346ms TTL=39
 
 
 
Ping statistics for 98.139.183.24:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 337ms, Maximum = 346ms, Average = 341ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 36 17 11 36 ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
0x3 ...00 16 6f 3b 4b dc ...... Intel® PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.6  25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      192.168.1.0    255.255.255.0      192.168.1.6     192.168.1.6  25
      192.168.1.6  255.255.255.255        127.0.0.1       127.0.0.1  25
    192.168.1.255  255.255.255.255      192.168.1.6     192.168.1.6  25
        224.0.0.0        240.0.0.0      192.168.1.6     192.168.1.6  25
  255.255.255.255  255.255.255.255      192.168.1.6               2  1
  255.255.255.255  255.255.255.255      192.168.1.6     192.168.1.6  1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/05/2014 05:14:56 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 37.0.2062.124, faulting module chrome.dll, version 37.0.2062.124, fault address 0x00007f75.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (10/05/2014 01:09:48 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 32.0.3.5379, faulting module mozalloc.dll, version 32.0.3.5379, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]
 
Error: (10/05/2014 01:09:34 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 32.0.3.5379, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (10/05/2014 08:52:07 AM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 37.0.2062.124, faulting module chrome.dll, version 37.0.2062.124, fault address 0x00007f75.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (10/05/2014 08:51:21 AM) (Source: Avira Antivirus) (User: NT AUTHORITY)
Description: EXCEPTION calling function IThread(ProtocolSrvConThread)::run() for the file
unknown
[BAD_ALLOCATION Exception!! EIP = 0x0]
Please inform Avira and submit the appropriate file!
 
Error: (10/04/2014 05:55:47 PM) (Source: hshld) (User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile, will cycle exit event and retry
 
Error: (10/04/2014 05:55:46 PM) (Source: hshld) (User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile, will cycle exit event and retry
 
Error: (10/04/2014 05:54:47 PM) (Source: hshld) (User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile: C:\Program Files\Hotspot Shield\log\proxy.log
 
Error: (10/04/2014 05:54:46 PM) (Source: hshld) (User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile, will cycle exit event and retry
 
Error: (10/04/2014 05:54:46 PM) (Source: hshld) (User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile, will cycle exit event and retry
 
 
System errors:
=============
Error: (10/04/2014 05:59:54 PM) (Source: Service Control Manager) (User: )
Description: The Hotspot Shield Monitoring Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/04/2014 05:59:49 PM) (Source: Service Control Manager) (User: )
Description: The Hotspot Shield Routing Service service terminated unexpectedly.  It has done this 2 time(s).
 
Error: (10/04/2014 05:57:22 PM) (Source: Service Control Manager) (User: )
Description: The Hotspot Shield Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (10/04/2014 05:52:44 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.254.48.2 for the Network Card with network address 00FF3294F3E4 has been
denied by the DHCP server 10.254.143.254 (The DHCP Server sent a DHCPNACK message).
 
Error: (10/04/2014 05:23:43 PM) (Source: Service Control Manager) (User: )
Description: The Hotspot Shield Monitoring Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/04/2014 05:23:37 PM) (Source: Service Control Manager) (User: )
Description: The Hotspot Shield Routing Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/23/2014 09:09:20 PM) (Source: Service Control Manager) (User: )
Description: The IMAPI CD-Burning COM Service service failed to start due to the following error: 
%%1053
 
Error: (09/23/2014 09:09:20 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
 
Error: (09/23/2014 09:08:37 PM) (Source: Service Control Manager) (User: )
Description: The Avira Real-Time Protection service hung on starting.
 
Error: (09/21/2014 06:31:55 PM) (Source: Service Control Manager) (User: )
Description: The IMAPI CD-Burning COM Service service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (10/05/2014 05:14:56 PM) (Source: Application Error)(User: )
Description: chrome.exe37.0.2062.124chrome.dll37.0.2062.12400007f75
 
Error: (10/05/2014 01:09:48 PM) (Source: Application Error)(User: )
Description: plugin-container.exe32.0.3.5379mozalloc.dll32.0.3.53790000141b
 
Error: (10/05/2014 01:09:34 PM) (Source: Application Hang)(User: )
Description: firefox.exe32.0.3.5379hungapp0.0.0.000000000
 
Error: (10/05/2014 08:52:07 AM) (Source: Application Error)(User: )
Description: chrome.exe37.0.2062.124chrome.dll37.0.2062.12400007f75
 
Error: (10/05/2014 08:51:21 AM) (Source: Avira Antivirus)(User: NT AUTHORITY)
Description: unknownBAD_ALLOCATION0x0IThread(ProtocolSrvConThread)::run()
 
Error: (10/04/2014 05:55:47 PM) (Source: hshld)(User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile, will cycle exit event and retry
 
Error: (10/04/2014 05:55:46 PM) (Source: hshld)(User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile, will cycle exit event and retry
 
Error: (10/04/2014 05:54:47 PM) (Source: hshld)(User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile: C:\Program Files\Hotspot Shield\log\proxy.log
 
Error: (10/04/2014 05:54:46 PM) (Source: hshld)(User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile, will cycle exit event and retry
 
Error: (10/04/2014 05:54:46 PM) (Source: hshld)(User: )
Description: hshld error: 0OPENVPNAS: Cannot open logfile, will cycle exit event and retry
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.720 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.9.0.720 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X - Arabic (HKLM\...\{AC76BA86-7AD7-1025-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Conexant AC-Link Audio (HKLM\...\CNXT_AUDIO) (Version:  - )
Data Fax SoftModem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_FF311179) (Version:  - )
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
FormatFactory 3.1.1 (HKLM\...\FormatFactory) (Version: 3.1.1 - Free Time)
Free FLV Player V0.05 (HKLM\...\FLV Player_is1) (Version: 1.2.2009.1023 - Tekool.net)
GetPrivate (HKLM\...\GetPrivate) (Version: 1.0.0 - )
Golden Al-Wafi Translator (HKLM\...\ST6UNST #1) (Version:  - )
GOM Player (HKLM\...\GOM Player) (Version: 2.2.53.5169 - Gretech Corporation)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc?.?)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Hotspot Shield Toolbar for IE (HKLM\...\IECT1561552) (Version: 6.20.0.10 - Hotspot Shield)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
Intel® Graphics Media Accelerator Driver for Mobile (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4332 - )
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 ar) (HKLM\...\Mozilla Firefox 32.0.3 (x86 ar)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Nero 8 Micro 8.3.2.1 (HKLM\...\Nero8Lite_is1) (Version: 8.3.2.1 - Updatepack.nl)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Skype™ 5.8 (HKLM\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
???? ??????? Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
???? Windows Live (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 83%
Total physical RAM: 501.98 MB
Available physical RAM: 80.64 MB
Total Pagefile: 1610.77 MB
Available Pagefile: 241.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.26 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:28.32 GB) (Free:8.37 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:27.56 GB) (Free:8.04 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\AUTHORISED-PC
 
Administrator            Authorised               Guest                    
HelpAssistant            SUPPORT_388945a0         
 
========================= Minidump Files ==================================
 
C:\WINDOWS\Minidump\Mini061414-01.dmp
========================= Restore Points ==================================
 
14-07-2014 16:58:41 System Checkpoint
15-07-2014 17:35:02 System Checkpoint
16-07-2014 20:01:17 System Checkpoint
18-07-2014 11:28:51 System Checkpoint
19-07-2014 13:24:09 System Checkpoint
20-07-2014 15:42:50 System Checkpoint
21-07-2014 16:24:18 System Checkpoint
22-07-2014 17:37:37 System Checkpoint
23-07-2014 18:02:00 System Checkpoint
25-07-2014 09:34:54 System Checkpoint
26-07-2014 12:28:08 System Checkpoint
27-07-2014 14:24:55 System Checkpoint
28-07-2014 14:33:20 System Checkpoint
29-07-2014 15:02:12 System Checkpoint
30-07-2014 16:15:53 System Checkpoint
31-07-2014 17:58:18 System Checkpoint
01-08-2014 18:17:22 System Checkpoint
03-08-2014 18:05:50 System Checkpoint
05-08-2014 16:46:59 System Checkpoint
06-08-2014 17:59:21 System Checkpoint
07-08-2014 18:06:08 System Checkpoint
09-08-2014 04:10:53 System Checkpoint
10-08-2014 14:55:32 System Checkpoint
11-08-2014 15:32:15 System Checkpoint
12-08-2014 15:44:40 System Checkpoint
13-08-2014 16:21:00 System Checkpoint
14-08-2014 16:28:47 System Checkpoint
16-08-2014 08:09:14 System Checkpoint
17-08-2014 14:49:31 System Checkpoint
18-08-2014 15:54:40 System Checkpoint
19-08-2014 16:11:52 System Checkpoint
20-08-2014 16:34:23 System Checkpoint
21-08-2014 17:14:31 System Checkpoint
22-08-2014 20:25:55 System Checkpoint
23-08-2014 04:43:00 تمت إزالته مساعد تسجيل الدخول إلى Windows Live
24-08-2014 15:35:53 System Checkpoint
25-08-2014 16:12:15 System Checkpoint
26-08-2014 18:13:14 System Checkpoint
28-08-2014 15:53:49 System Checkpoint
29-08-2014 16:16:10 System Checkpoint
30-08-2014 17:19:34 System Checkpoint
01-09-2014 15:00:24 System Checkpoint
02-09-2014 15:29:27 System Checkpoint
03-09-2014 15:41:41 System Checkpoint
05-09-2014 09:44:24 System Checkpoint
06-09-2014 09:49:04 System Checkpoint
07-09-2014 14:49:14 System Checkpoint
08-09-2014 15:22:40 System Checkpoint
09-09-2014 15:49:43 System Checkpoint
10-09-2014 17:04:27 System Checkpoint
11-09-2014 17:05:32 System Checkpoint
13-09-2014 08:43:37 System Checkpoint
14-09-2014 14:44:00 System Checkpoint
15-09-2014 15:28:21 System Checkpoint
16-09-2014 16:21:26 System Checkpoint
19-09-2014 06:06:52 System Checkpoint
20-09-2014 12:08:28 System Checkpoint
21-09-2014 16:02:41 System Checkpoint
01-10-2014 15:59:46 System Checkpoint
03-10-2014 08:51:28 System Checkpoint
04-10-2014 15:16:44 System Checkpoint
 
**** End of log ****


#3 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 05 October 2014 - 11:41 PM

my request went to the next page, still no answer, hope anyone can see my problem. 

thank you for your effort 



#4 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 06 October 2014 - 07:12 AM

my computer is old it's intel inside centrino, window xp



#5 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:36 AM

Posted 06 October 2014 - 04:48 PM

You have malware/ adware on your comp. Use the programs below to find and remove.

 

Download Malwarebytes' Anti-Malware from Malwarebytes Anti-Malware Free

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR REVIEW.

 

download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Run the ESET Online Scanner.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Use CCleaner to cleanup the caches, temporary files, cookies, etc. Pay attention while installing and UNcheck offers of toolbars...especially Yahoo.

No need to use the Registry Cleaning Tool and it has the potential to cause a problem if used.

CCleaner - PC Optimization and Cleaning - Free Download


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 07 October 2014 - 03:55 AM

This is what I got from C:

 

Malwarebytes Anti-Malware 2.0.2.1012
 
Improvements:
•   Changed some of the terminology used in scan results and scan logs to make them clearer
•   Enabling or disabling self-protection should now be more responsive under most circumstances
•   Each language name is now listed in its native tongue rather than being translated to make switching languages easier
•   Blank window is no longer observed flashing on screen during startup and shut down of system when Malwarebytes Anti-Malware is running in the tray on Windows Vista and newer operating systems
 
Issues Fixed:
•   Several crashes and BSOD issues fixed with rootkit scanning
•   Scan speed improved with rootkit scanning enabled under some circumstances
•   Rootkit scans should no longer hang indefinitely under certain conditions
•   Compatibility issues with certain VPN client software fixed
•   Protection no longer fails to start after upgrade under some circumstances when self-protection is active prior to upgrading
•   Entire General Settings tab now responds to clicks correctly
•   Several issues with Access Policy restrictions not restricting access as they should
•   Editing the Access Policy password no longer results in restricted areas of the software being inaccessible when the correct password is entered
•   Access Policy feature now functions when Bitdefender Total Security is installed
•   Manual scan of individual files and folders using context menu scan feature in Explorer no longer results in the scan failing to run under certain circumstances
•   Green checkmark status is no longer indicated when Malwarebytes Anti-Malware is unable to reach update servers when attempting to update
•   Text is no longer cutoff in the UI on Windows XP or when the 'Classic' theme is used on Windows 7
•   Scan time is now reflected accurately at the end of a scan
•   Quarantined objects remain listed correctly in Limited User Accounts when restoration of an object fails due to lack of permissions
•   Some words in UI which were not translated into non-English languages now are when those languages are selected
•   Driver left behind during uninstallation of Malwarebytes Anti-Malware is now removed as it should be when the product is uninstalled


#7 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 07 October 2014 - 04:22 AM

Sorry that previous one is not the one.
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Protection, 13/12/1435 11:11:16 ?, SYSTEM, AUTHORISED-PC, Protection, Malware Protection, Starting, 
Protection, 13/12/1435 11:11:16 ?, SYSTEM, AUTHORISED-PC, Protection, Malware Protection, Started, 
Protection, 13/12/1435 11:11:17 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Starting, 
Protection, 13/12/1435 11:11:33 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Started, 
Update, 13/12/1435 11:12:32 ?, SYSTEM, AUTHORISED-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.9.19.1, 
Update, 13/12/1435 11:13:41 ?, SYSTEM, AUTHORISED-PC, Manual, Malware Database, 2014.3.4.9, 2014.10.7.5, 
Protection, 13/12/1435 11:13:44 ?, SYSTEM, AUTHORISED-PC, Protection, Refresh, Starting, 
Protection, 13/12/1435 11:13:45 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 13/12/1435 11:13:45 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 13/12/1435 11:16:37 ?, SYSTEM, AUTHORISED-PC, Protection, Refresh, Success, 
Protection, 13/12/1435 11:16:52 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Starting, 
Protection, 13/12/1435 11:17:27 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Started, 
Protection, 13/12/1435 11:42:59 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 13/12/1435 11:43:05 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 13/12/1435 11:43:07 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Starting, 
Protection, 13/12/1435 11:43:31 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Started, 
Protection, 13/12/1435 12:05:45 ?, SYSTEM, AUTHORISED-PC, Protection, Malware Protection, Starting, 
Protection, 13/12/1435 12:05:46 ?, SYSTEM, AUTHORISED-PC, Protection, Malware Protection, Started, 
Protection, 13/12/1435 12:05:46 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Starting, 
Protection, 13/12/1435 12:06:03 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Started, 
Detection, 13/12/1435 12:09:14 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, IP, 212.117.183.25, 0, Outbound, 
Detection, 13/12/1435 12:10:46 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, IP, 95.84.156.146, 0, Outbound, 
 
(end)

# AdwCleaner v3.311 - Report created 07/10/2014 at 11:58:15
# Updated 30/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Authorised - AUTHORISED-PC
# Running from : C:\Documents and Settings\Authorised\My Documents\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : KMService
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\hotspot shield
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tbccint
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\GetPrivate
Folder Deleted : C:\DOCUME~1\AUTHOR~1\LOCALS~1\Temp\Hotspot_Shield
Folder Deleted : C:\DOCUME~1\AUTHOR~1\LOCALS~1\Temp\NativeMessaging
Folder Deleted : C:\Documents and Settings\Authorised\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Authorised\Local Settings\Application Data\Hotspot_Shield
Folder Deleted : C:\Documents and Settings\Authorised\Local Settings\Application Data\Mobogenie
Folder Deleted : C:\Documents and Settings\Authorised\Local Settings\Application Data\NativeMessaging
Folder Deleted : C:\Documents and Settings\Authorised\Local Settings\Application Data\Tbccint
Folder Deleted : C:\Documents and Settings\Authorised\Application Data\baidu
Folder Deleted : C:\Documents and Settings\Authorised\Start Menu\Programs\GetPrivate
Folder Deleted : C:\Documents and Settings\Authorised\Application Data\Mozilla\Firefox\Profiles\0gswof4a.default\CT1561552
Folder Deleted : C:\Documents and Settings\Authorised\Application Data\Mozilla\Firefox\Profiles\0gswof4a.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
File Deleted : C:\END
File Deleted : C:\WINDOWS\system32\srvany.exe
File Deleted : C:\Documents and Settings\Authorised\daemonprocess.txt
File Deleted : C:\Documents and Settings\Authorised\Application Data\Mozilla\Firefox\Profiles\0gswof4a.default\searchplugins\Askcom.xml
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT1561552
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07AD74F3-2AF5-4D6D-9755-6E5A8BDF9E7F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\Hotspot_Shield
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\TbccintSearchScopes
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\movies~1\datamngr\mgrldr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v7.0.5730.13
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v32.0.3 (x86 ar)
 
[ File : C:\Documents and Settings\Authorised\Application Data\Mozilla\Firefox\Profiles\0gswof4a.default\prefs.js ]
 
Line Deleted : user_pref("CT1561552.FF19Solved", "true");
Line Deleted : user_pref("CT1561552.UserID", "UN39252934582006067");
Line Deleted : user_pref("CT1561552.dum", "2");
Line Deleted : user_pref("CT1561552.fullUserID", "UN39252934582006067.IN.20141004172604");
Line Deleted : user_pref("CT1561552.installDate", "04/10/2014 17:26:12");
Line Deleted : user_pref("CT1561552.installSessionId", "-1");
Line Deleted : user_pref("CT1561552.installSp", "FALSE");
Line Deleted : user_pref("CT1561552.installerVersion", "1.11.0.11");
Line Deleted : user_pref("CT1561552.searchRevert", "false");
Line Deleted : user_pref("CT1561552.searchUninstallUserMode", "4");
Line Deleted : user_pref("CT1561552.searchUserMode", "4");
Line Deleted : user_pref("CT1561552.toolbarInstallDate", "04-10-2014 17:26:04");
Line Deleted : user_pref("CT1561552.versionFromInstaller", "10.34.0.3");
Line Deleted : user_pref("CT1561552.xpeMode", "1");
Line Deleted : user_pref("smartbar.machineId", "AWNIVL+QMH/TN+9STX0RORINVG3GKYNOTRLR4NDLAX+VRCJIU0UZME69F/6ZTGKUM8JOKSIJX5OKPOISRBPLSW");
 
-\\ Google Chrome v
 
[ File : C:\Documents and Settings\Authorised\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [10149 octets] - [07/10/2014 11:53:25]
AdwCleaner[S0].txt - [8461 octets] - [07/10/2014 11:58:15]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8521 octets] ##########


#8 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:36 AM

Posted 07 October 2014 - 04:35 AM

You've posted improvements in the MBAM program after upgrading. I need to see the log showing what was found and removed

after scanning and rebooting your computer if MBAM tells you it is necessary to reboot/ restart.

 

Open MBAM and click on the History tab at top. There you will find a log listed by date for latest scan results.

The log is automatically saved by MBAM and can be viewed by clicking the History tab and then selecting Application Logs.

Copy and paste the log back here.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 07 October 2014 - 04:39 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Authorised on Tue 10/07/2014 at 12:32:08.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\Authorised\Local Settings\Application Data\cre"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
 
 
 
~~~ FireFox
 
Emptied folder: C:\Documents and Settings\Authorised\Application Data\mozilla\firefox\profiles\0gswof4a.default\minidumps [2 files]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 10/07/2014 at 12:38:12.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#10 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 07 October 2014 - 04:43 AM

You've posted improvements in the MBAM program after upgrading. I need to see the log showing what was found and removed

after scanning and rebooting your computer if MBAM tells you it is necessary to reboot/ restart.

 

Open MBAM and click on the History tab at top. There you will find a log listed by date for latest scan results.

The log is automatically saved by MBAM and can be viewed by clicking the History tab and then selecting Application Logs.

Copy and paste the log back here.

 

 

Yes I noticed that and I just post it right after this post. this one.



#11 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:36 AM

Posted 07 October 2014 - 05:11 AM

That's not the MBAM log I need to see. I need to see the log showing the scanning results. The log

will show what malicious or PUP files were found and removed.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 07 October 2014 - 05:28 AM

C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\Tbccint\IE\CT1561552\UninstallerUI.exe.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\Tbccint\Multi\CT1561552\UninstallerUI.exe.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Authorised\Application Data\Mozilla\Firefox\Profiles\0gswof4a.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\ctypes\FirefoxCtype.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Authorised\Application Data\Mozilla\Firefox\Profiles\0gswof4a.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\Plugins\npFirefoxPlugin.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Authorised\Local Settings\Application Data\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Authorised\Local Settings\Application Data\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Authorised\Local Settings\Application Data\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir Win32/NextLive.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Authorised\Local Settings\Application Data\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\Documents and Settings\Authorised\Local Settings\Temp\bdg51.tmp a variant of Win32/Hao123.A potentially unwanted application deleted - quarantined
C:\Documents and Settings\Authorised\Local Settings\Temp\bdgF3.tmp a variant of Win32/Hao123.A potentially unwanted application deleted - quarantined
C:\Documents and Settings\Authorised\Local Settings\Temp\nscF5\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application deleted - quarantined
C:\Documents and Settings\Authorised\Local Settings\Temp\nseF8\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application deleted - quarantined
C:\Documents and Settings\Authorised\Local Settings\Temp\nsiD6\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application deleted - quarantined
C:\Documents and Settings\Authorised\Local Settings\Temp\nsiD6\Uninstall.exe a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application deleted - quarantined
C:\Documents and Settings\Authorised\Local Settings\Temp\nsiD6\nslDB.tmp\nsfEE.exe a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application deleted - quarantined
C:\Documents and Settings\Authorised\Local Settings\Temp\nsiD6\nslDB.tmp\TorchSetupFull.exe a variant of Win32/TorchMedia potentially unwanted application deleted - quarantined


#13 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 07 October 2014 - 05:36 AM

This the malware result that I got.

 

 

 

  Malwarebytes Anti-Malware

www.malwarebytes.org
 
 
Protection, 13/12/1435 11:11:16 ?, SYSTEM, AUTHORISED-PC, Protection, Malware Protection, Starting, 
Protection, 13/12/1435 11:11:16 ?, SYSTEM, AUTHORISED-PC, Protection, Malware Protection, Started, 
Protection, 13/12/1435 11:11:17 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Starting, 
Protection, 13/12/1435 11:11:33 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Started, 
Update, 13/12/1435 11:12:32 ?, SYSTEM, AUTHORISED-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.9.19.1, 
Update, 13/12/1435 11:13:41 ?, SYSTEM, AUTHORISED-PC, Manual, Malware Database, 2014.3.4.9, 2014.10.7.5, 
Protection, 13/12/1435 11:13:44 ?, SYSTEM, AUTHORISED-PC, Protection, Refresh, Starting, 
Protection, 13/12/1435 11:13:45 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 13/12/1435 11:13:45 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 13/12/1435 11:16:37 ?, SYSTEM, AUTHORISED-PC, Protection, Refresh, Success, 
Protection, 13/12/1435 11:16:52 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Starting, 
Protection, 13/12/1435 11:17:27 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Started, 
Protection, 13/12/1435 11:42:59 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 13/12/1435 11:43:05 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 13/12/1435 11:43:07 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Starting, 
Protection, 13/12/1435 11:43:31 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Started, 
Protection, 13/12/1435 12:05:45 ?, SYSTEM, AUTHORISED-PC, Protection, Malware Protection, Starting, 
Protection, 13/12/1435 12:05:46 ?, SYSTEM, AUTHORISED-PC, Protection, Malware Protection, Started, 
Protection, 13/12/1435 12:05:46 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Starting, 
Protection, 13/12/1435 12:06:03 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, Started, 
Detection, 13/12/1435 12:09:14 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, IP, 212.117.183.25, 0, Outbound, 
Detection, 13/12/1435 12:10:46 ?, SYSTEM, AUTHORISED-PC, Protection, Malicious Website Protection, IP, 95.84.156.146, 0, Outbound, 
 
(end)


#14 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:36 AM

Posted 07 October 2014 - 06:50 AM

That is not the scan log showing results of a scan of your computer by MBAM.

Have you allowed MBAM to scan your computer? Did it tell you it needed to restart your computer to remove what it found?

 

This is what a typical scan log would look like. This log shows nothing malicious was found. Yours may show otherwise.

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 333473
Time elapsed: 16 minute(s), 
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 Foz2014

Foz2014
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:36 PM

Posted 07 October 2014 - 07:40 AM

I hope this what you want : 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 13/12/1435
Scan Time: 03:00:02 ?
Logfile: Scanning History log.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.10.07.05
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Authorised
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 279681
Time Elapsed: 38 min, 6 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users