Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is it a Virus? Firefox, Windows Installer (updating issues), etc.


  • Please log in to reply
21 replies to this topic

#1 Bubble10

Bubble10

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 16 October 2014 - 06:03 AM

Hi all,

I have Windows 7 (I think 64-bit home edition).
For some time I have had issues with Windows Installer. I can't install programs or update certain one (Java/Adobe; message I get there is "another program is being installed or so") and yesterday afternoon another issue came up. I can't access the Internet with Firefox.

All I get is this message (yahoo is my current homepage, when I get online):
"Unable to connect

Firefox can't establish a connection to the server at www.yahoo.com.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer's network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web."

I.E. and Chrome work fine. Right now I am in Safe-Mode and have Malwarebytes running. My Antivirus is for some odd reason not working properly.
Any help would be appreciated.



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:40 PM

Posted 16 October 2014 - 10:04 AM

Hello Bubble, lets rule out malware first

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Bubble10

Bubble10
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 16 October 2014 - 02:41 PM

 
I am trying to let the TDSSKiller run, but it is stuck on 80% Initialization :-/

Edited by Bubble10, 16 October 2014 - 03:42 PM.


#4 Bubble10

Bubble10
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 16 October 2014 - 02:47 PM

forgot to mention that I uninstalled FF and can't download it because of the issue with the Windows Installer



#5 Bubble10

Bubble10
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 16 October 2014 - 03:46 PM

I hope it is the right log, since it didn't pop up after restart.
 

# AdwCleaner v4.000 - Report created 16/10/2014 at 16:25:24
# DB v2014-10-15.7
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : J... Family - FAMILY
# Running from : C:\Users\J... Family\Desktop\AdwCleaner (3).exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : APNMCP
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.8
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17344


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:40 PM

Posted 16 October 2014 - 03:52 PM

Try the other tools again, if still no joy we'll run a repair.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Bubble10

Bubble10
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 16 October 2014 - 03:58 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Home Premium x64
Ran by J... Family on Thu 10/16/2014 at 16:52:01.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [Service] couponprinterservice 
Successfully deleted: [Service] couponprinterservice 
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Empty Folder] C:\Users\J... Family\appdata\local\{10127816-154D-47FA-B28F-DC28CB3B8283}
 
 
 
~~~ FireFox
 
Successfully deleted the following from C:\Users\J... Family\AppData\Roaming\mozilla\firefox\profiles\tv11l0xt.default\prefs.js
 
user_pref("valueApps.storage.mam_gk_userId", "35656363653538342D613061322D343934342D623066662D353632653834383337626633");
Emptied folder: C:\Users\J... Family\AppData\Roaming\mozilla\firefox\profiles\tv11l0xt.default\minidumps [515 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/16/2014 at 16:56:46.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:40 PM

Posted 16 October 2014 - 04:11 PM

Looks like we need to run this...
 
Download Windows Repair (All in One) from this site   Install the program then run it.   NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator". NOTE 2. Disable your antivirus program before running Windows Repair.   Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed. If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk, then restart your computer.   1406373241-3-o.png     Once the above is done, go to Step 4 and allow it to run System File Check by clicking on the Do It button.   1406373250-4-o.png     Go to Step 5 and under"System Restore" click on Create button.   1406373259-5-o.png     Go to Start Repairs tab and click the Start button.   1406373267-start1-o.png     Leave the check marks as they are. NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.   Click on Start Repairs button.   1406373275-start2-o.png     After the repair finished, you may be prompted to restart the computer. Please allow it to do so.   Please post the Windows Repair log which is located in the following folder: 64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs 32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Bubble10

Bubble10
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 16 October 2014 - 04:27 PM

ESET is still running and so far it found 25 threats (infected files)



#10 Bubble10

Bubble10
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 16 October 2014 - 07:13 PM

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe.vir Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\SO.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Program Files (x86)\CheckPoint\Install\CUninstallerZA.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Program Files (x86)\CheckPoint\Install\zatb.exe Win32/Toolbar.Montiera.I potentially unwanted application deleted - quarantined
C:\Users\J... Family\AppData\Local\Downloaded Installations\{4175787A-9EE1-4D7D-9D00-F80F59573684}\The Weather Channel App.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Users\J... Family\AppData\Local\Downloaded Installations\{BF3589D3-BF62-48FE-9405-C2FB81574783}\The Weather Channel App.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Users\J... Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PBC1V45X\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Users\J... Family\Downloads\Foto_Grafik_Designer_7_SE_DE_CHIP_DE_131029_15-06(1).exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Users\J... Family\Downloads\FoxitReader510.1021_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Users\J... Family\Downloads\FreeYouTubeToMP3Converter.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\J... Family\Downloads\rcsetup143.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantined
C:\Users\J... Family\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\J... Family\Downloads\xtrphogrades5_silver_en.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Users\J... Family\Downloads\zaSetupWeb_110_780_000.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\J... Family\Downloads\zaSetupWeb_120_104_000.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\J... Family\Downloads\zaSetupWeb_131_211_000.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Windows\Installer\48104.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Windows\Installer\7b01a.msi a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Windows\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:40 PM

Posted 16 October 2014 - 08:09 PM

Run the repair tool and let me know..

In the future when you install applications,games etcc.. DO NOT use the recommended install but rather the Custom. Thos way you can uncheck the installs of other spy garbage like Toolbars and Browsers.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 Bubble10

Bubble10
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 17 October 2014 - 04:51 AM

Run the repair tool and let me know..

In the future when you install applications,games etcc.. DO NOT use the recommended install but rather the Custom. Thos way you can uncheck the installs of other spy garbage like Toolbars and Browsers.

thanks. I started doing the custom install a long time ago. I dislike all the extra stuff that comes with it. 



#13 Bubble10

Bubble10
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 17 October 2014 - 06:50 AM

Tweaking.com - Windows Repair v2.9.2
--------------------------------------------------------------------------------
 
System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: FAMILY
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\J... Family
Current Profile SID: S-1-5-21-4046771281-2696689483-3638236772-1000
Current Profile Classes: S-1-5-21-4046771281-2696689483-3638236772-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\J... Family\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:10:48
 
Process Count: 103
Commit Total: 2.83 GB
Commit Limit: 7.49 GB
Commit Peak: 3.42 GB
Handle Count: 31843
Kernel Total: 333.77 MB
Kernel Paged: 266.89 MB
Kernel Non Paged: 66.88 MB
System Cache: 1.21 GB
Thread Count: 1156
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.75 GB
Memory Used: 2.38 GB(63.4059%)
Memory Avail.: 1.37 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.75 GB
Memory Used: 2.43 GB(64.7385%)
Memory Avail.: 1.32 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Started at (10/17/2014 6:59:31 AM)
 
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 185
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (10/17/2014 6:59:48 AM)
   Running Repair Under Current User Account
   Done (10/17/2014 7:00:37 AM)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (10/17/2014 7:00:37 AM)
   Running Repair Under System Account
   Done (10/17/2014 7:14:12 AM)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (10/17/2014 7:14:12 AM)
   Running Repair Under System Account
   Done (10/17/2014 7:17:26 AM)
 
03 - Reset Service Permissions
   Start (10/17/2014 7:17:26 AM)
   Running Repair Under System Account
   Done (10/17/2014 7:18:17 AM)
 
04 - Register System Files
   Start (10/17/2014 7:18:17 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:19:02 AM)
 
05 - Repair WMI
   Start (10/17/2014 7:19:02 AM)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   Avira Desktop Exported.
   ZoneAlarm Antivirus Exported.
 
   Exporting AntiSpyware Info...
   Avira Desktop Exported.
   Windows Defender Exported.
   ZoneAlarm Anti-Spyware Exported.
 
   Exporting 3rd Party Firewall Info...
   ZoneAlarm Firewall Exported.
 
   Running Repair Under Current User Account
   Done (10/17/2014 7:23:49 AM)
 
06 - Repair Windows Firewall
   Start (10/17/2014 7:23:49 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:24:29 AM)
 
07 - Repair Internet Explorer
   Start (10/17/2014 7:24:29 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:25:13 AM)
 
08 - Repair MDAC/MS Jet
   Start (10/17/2014 7:25:13 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:25:29 AM)
 
09 - Repair Hosts File
   Start (10/17/2014 7:25:29 AM)
   Running Repair Under System Account
   Done (10/17/2014 7:25:30 AM)
 
10 - Remove Policies Set By Infections
   Start (10/17/2014 7:25:30 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:25:32 AM)
 
11 - Repair Start Menu Icons Removed By Infections
   Start (10/17/2014 7:25:32 AM)
   Running Repair Under System Account
   Done (10/17/2014 7:25:34 AM)
 
12 - Repair Icons
   Start (10/17/2014 7:25:34 AM)
   Running Repair Under Current User Account
   Done (10/17/2014 7:25:36 AM)
 
13 - Repair Winsock & DNS Cache
   Start (10/17/2014 7:25:36 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:26:00 AM)
 
15 - Repair Proxy Settings
   Start (10/17/2014 7:26:00 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:26:02 AM)
 
17 - Repair Windows Updates
   Start (10/17/2014 7:26:02 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (10/17/2014 7:26:58 AM)
 
18 - Repair CD/DVD Missing/Not Working
   Start (10/17/2014 7:26:58 AM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (10/17/2014 7:26:58 AM)
 
19 - Repair Volume Shadow Copy Service
   Start (10/17/2014 7:26:58 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:25 AM)
 
21 - Repair MSI (Windows Installer)
   Start (10/17/2014 7:27:25 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:42 AM)
 
23.01 - Repair bat Association
   Start (10/17/2014 7:27:42 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:44 AM)
 
23.02 - Repair cmd Association
   Start (10/17/2014 7:27:44 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:46 AM)
 
23.03 - Repair com Association
   Start (10/17/2014 7:27:46 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:48 AM)
 
23.04 - Repair Directory Association
   Start (10/17/2014 7:27:48 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:50 AM)
 
23.05 - Repair Drive Association
   Start (10/17/2014 7:27:50 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:53 AM)
 
23.06 - Repair exe Association
   Start (10/17/2014 7:27:53 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:55 AM)
 
23.07 - Repair Folder Association
   Start (10/17/2014 7:27:55 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:57 AM)
 
23.08 - Repair inf Association
   Start (10/17/2014 7:27:57 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:27:59 AM)
 
23.09 - Repair lnk (Shortcuts) Association
   Start (10/17/2014 7:27:59 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:28:01 AM)
 
23.10 - Repair msc Association
   Start (10/17/2014 7:28:01 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:28:05 AM)
 
23.11 - Repair reg Association
   Start (10/17/2014 7:28:05 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:28:07 AM)
 
23.12 - Repair scr Association
   Start (10/17/2014 7:28:07 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:28:09 AM)
 
24 - Repair Windows Safe Mode
   Start (10/17/2014 7:28:09 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:28:11 AM)
 
25 - Repair Print Spooler
   Start (10/17/2014 7:28:11 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:28:28 AM)
 
26 - Restore Important Windows Services
   Start (10/17/2014 7:28:28 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:28:42 AM)
 
27 - Set Windows Services To Default Startup
   Start (10/17/2014 7:28:42 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:29:03 AM)
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
31 - Repair Windows 'New' Submenu
   Start (10/17/2014 7:29:03 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10/17/2014 7:29:05 AM)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done at (10/17/2014 7:29:05 AM)
   Total Repair Time: 00:29:36
 
 
...YOU MUST RESTART YOUR SYSTEM...


#14 SunnySkyguy

SunnySkyguy

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Markham, ON,Canada
  • Local time:08:40 PM

Posted 17 October 2014 - 07:17 AM

Potential Undesirable Programs (PUPs) (but not malware ) detected so far
... from Toolbars e.g. Ask or http://xxx.apn.ask.com/ Conduit and OpenCandy

Mods use good tools here, but root cause not found yet. I wonder next move. :)

Zone Alarm and Avira are good but even the best miss 2% of all malware, thus surfing / install habits need more caution.
Anthony

(aka SunnySky) in Markham
I'd Rather be Golfing ...

if I'm not dis-arming tag-team polymorphic trojans ....

#15 Bubble10

Bubble10
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Race City USA
  • Local time:08:40 PM

Posted 17 October 2014 - 02:01 PM

Issue with Firefox is still there unfortunately 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users