Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Javascript Infection / Pop-Ups


  • Please log in to reply
15 replies to this topic

#1 starasoff

starasoff

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 20 October 2014 - 12:35 PM

Hi, from my research so far, I think that I accidentally downloaded a virus of some sort. Every time I try to search the internet I get pop ups saying my Java script is out of date, that my computer is infected or could be infected and it also prevents me/makes it pretty difficult to download any virus protection. I have gone to my programs and uninstalled what I thought looked recently downloaded as well as did a system restore to a few days previous but no luck. They won't go away. I only use my computer to do homework, so I feel like crying haha. One more thing I tried was ADW Cleaner. I did find stuff and remove them but pop ups keep happening.



BC AdBot (Login to Remove)

 


m

#2 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:47 PM

Posted 20 October 2014 - 01:14 PM

Hi starasoff and :welcome:

 

Download Screen317 Security Check HERE and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do so

Please download MiniToolBox HERE to your desktop to run it.
Checkmark the following boxes:
* List content of Hosts
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and Copy / Paste the result. (result.txt)

 

Please download Farbar Service Scanner (FSS) HERE and run it on the computer with the issue.

    Make sure the following options are checked:
        Internet Services
        Windows Firewall
        System Restore
        Security Center/Action Center
        Windows Update
        Windows Defender
        Other Services
    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.

 

Thank you!



#3 cincycomputerguru

cincycomputerguru

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:47 AM

Posted 20 October 2014 - 01:28 PM

You may also want to search google for host file fix. It most likely hijacked your host file.



#4 starasoff

starasoff
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 21 October 2014 - 08:39 AM

Hi,

 

I tried to do the first option, however, the first link provided to download the security check just made me download a bunch a crap to my computer, and none of them were a security check. Am I doing something wrong?



#5 cincycomputerguru

cincycomputerguru

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:47 AM

Posted 21 October 2014 - 09:33 AM

I just checked and it downloaded fine for me. Try this link http://www.bleepingcomputer.com/download/securitycheck/dl/123/

Make sure you're not being redirected to another website before downloading if you are having browser hijacking issue's.

If you're using Firefox, try to disable all of your addons and plugins. Chances are there is a hijacking plugin or addon that is causing the redirect issue(s).

 

my log:

 Results of screen317's Security Check version 0.99.89  
 Windows Vista Service Pack 2 x64 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Microsoft VM for Java  
 Java version out of Date!
 Adobe Flash Player     15.0.0.152  
 Mozilla Firefox 32.0.3 Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSASCui.exe
 Windows Defender MSASCui.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 7 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 


Edited by cincycomputerguru, 21 October 2014 - 09:37 AM.


#6 starasoff

starasoff
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 22 October 2014 - 08:53 AM

Hi I was able to finally download the programs (except the securty one, I can already tell you, I have no internet security at this time, I suck!! haha). And... sorry for late response, I work and go to school full time so it's hard for me to sit and think.

 

Here is the log I received for Mini Tool Bar:

 

MiniToolBox by Farbar  Version: 21-07-2014

Ran by HDC Family (administrator) on 22-10-2014 at 05:55:42

Running from "C:\Users\HDC Family\Downloads"

Microsoft Windows 8.1  (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ============================== 

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Hosts content: =================================

 

 

 

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (10/21/2014 09:06:15 PM) (Source: Customer Experience Improvement Program) (User: )

Description: 80070005

 

Error: (10/21/2014 06:17:53 AM) (Source: AVLogEvent) (User: NT AUTHORITY)

Description: Content is missing.

Error Code:a7f42014

 

Error: (10/21/2014 06:16:53 AM) (Source: AVLogEvent) (User: NT AUTHORITY)

Description: Content is missing.

Error Code:a7f42014

 

Error: (10/21/2014 06:15:53 AM) (Source: AVLogEvent) (User: NT AUTHORITY)

Description: Content is missing.

Error Code:a7f42014

 

Error: (10/21/2014 06:14:53 AM) (Source: AVLogEvent) (User: NT AUTHORITY)

Description: Content is missing.

Error Code:a7f42014

 

Error: (10/21/2014 06:13:52 AM) (Source: AVLogEvent) (User: NT AUTHORITY)

Description: Content is missing.

Error Code:a7f42014

 

Error: (10/21/2014 06:12:52 AM) (Source: AVLogEvent) (User: NT AUTHORITY)

Description: Content is missing.

Error Code:a7f42014

 

Error: (10/21/2014 06:11:52 AM) (Source: AVLogEvent) (User: NT AUTHORITY)

Description: Content is missing.

Error Code:a7f42014

 

Error: (10/21/2014 06:10:52 AM) (Source: AVLogEvent) (User: NT AUTHORITY)

Description: Content is missing.

Error Code:a7f42014

 

Error: (10/21/2014 06:09:52 AM) (Source: AVLogEvent) (User: NT AUTHORITY)

Description: Content is missing.

Error Code:a7f42014

 

 

System errors:

=============

Error: (10/21/2014 06:21:10 AM) (Source: DCOM) (User: HDCfamily)

Description: {209500FC-6B45-4693-8871-6296C4843751}

 

Error: (10/21/2014 06:20:40 AM) (Source: DCOM) (User: HDCfamily)

Description: {209500FC-6B45-4693-8871-6296C4843751}

 

Error: (10/21/2014 06:20:10 AM) (Source: DCOM) (User: HDCfamily)

Description: {209500FC-6B45-4693-8871-6296C4843751}

 

Error: (10/21/2014 06:15:43 AM) (Source: Service Control Manager) (User: )

Description: The Update Framed Display service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

 

Error: (10/20/2014 08:21:50 PM) (Source: Service Control Manager) (User: )

Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

 

Error: (10/19/2014 10:16:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Update for Windows 8.1 for x64-based Systems (KB2976978).

 

Error: (10/17/2014 03:44:06 PM) (Source: EventLog) (User: )

Description: The previous system shutdown at 10:11:14 PM on ‎10/‎16/‎2014 was unexpected.

 

Error: (10/16/2014 07:30:04 AM) (Source: Service Control Manager) (User: )

Description: The McAfee Home Network service depends on the McAfee Firewall Core Service service which failed to start because of the following error: 

%%1070

 

Error: (10/16/2014 07:30:04 AM) (Source: Service Control Manager) (User: )

Description: The McAfee Firewall Core Service service hung on starting.

 

Error: (10/16/2014 07:26:50 AM) (Source: Service Control Manager) (User: )

Description: The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: 

%%1070

 

 

Microsoft Office Sessions:

=========================

Error: (10/21/2014 09:06:15 PM) (Source: Customer Experience Improvement Program)(User: )

Description: 80070005

 

Error: (10/21/2014 06:17:53 AM) (Source: AVLogEvent)(User: NT AUTHORITY)

Description: a7f42014

 

Error: (10/21/2014 06:16:53 AM) (Source: AVLogEvent)(User: NT AUTHORITY)

Description: a7f42014

 

Error: (10/21/2014 06:15:53 AM) (Source: AVLogEvent)(User: NT AUTHORITY)

Description: a7f42014

 

Error: (10/21/2014 06:14:53 AM) (Source: AVLogEvent)(User: NT AUTHORITY)

Description: a7f42014

 

Error: (10/21/2014 06:13:52 AM) (Source: AVLogEvent)(User: NT AUTHORITY)

Description: a7f42014

 

Error: (10/21/2014 06:12:52 AM) (Source: AVLogEvent)(User: NT AUTHORITY)

Description: a7f42014

 

Error: (10/21/2014 06:11:52 AM) (Source: AVLogEvent)(User: NT AUTHORITY)

Description: a7f42014

 

Error: (10/21/2014 06:10:52 AM) (Source: AVLogEvent)(User: NT AUTHORITY)

Description: a7f42014

 

Error: (10/21/2014 06:09:52 AM) (Source: AVLogEvent)(User: NT AUTHORITY)

Description: a7f42014

 

 

 

=========================== Installed Programs ============================

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)

Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden

Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden

Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden

Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)

Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden

Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden

CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)

CyberLink LabelPrint (x32 Version: 2.5.5.6902 - CyberLink Corp.) Hidden

CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)

CyberLink Media Suite 10 (x32 Version: 10.0.5.3303 - CyberLink Corp.) Hidden

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)

CyberLink Power2Go 8 (x32 Version: 8.0.5.3416 - CyberLink Corp.) Hidden

CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)

CyberLink PowerDVD 12 (x32 Version: 12.0.3.3709 - CyberLink Corp.) Hidden

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)

CyberLink YouCam (x32 Version: 5.0.3.3907 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B6FBF358-6B5E-4DE4-8BC5-892C87BBD3B4}) (Version:  - Microsoft)

Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden

DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden

Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)

EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version:  - SEIKO EPSON Corporation)

Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden

Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden

Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden

HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden

HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)

HP Postscript Converter (Version: 4.5.12202 - Hewlett-Packard) Hidden

HP Recovery Manager (x32 Version: 12.00 - Hewlett-Packard) Hidden

HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)

HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)

HP SimplePass (Version: 8.01.11 - Hewlett-Packard) Hidden

HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)

HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)

HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)

HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)

Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden

Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)

Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)

Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)

Intel® Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden

Intel® Trusted Execution Engine Driver (Version: 1.0.0.1064 - Intel Corporation) Hidden

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.710 - Oracle)

Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden

Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden

Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden

Mahjongg Dimensions Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden

Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden

Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden

Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)

Pinger (x32 Version: 1.4.0.1 - Pinger Inc.) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)

Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)

Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden

Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{8260F0BF-F234-41FC-AB11-218A9925F77B}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{25DEA344-FF6F-41BD-B88F-5242BB8E80E1}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881004) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{AC8BEB81-5B5E-4503-B1F4-7781F4642E46}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881004) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AC8BEB81-5B5E-4503-B1F4-7781F4642E46}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0DC71935-8DEE-4621-A223-23FD1552E567}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EADBF225-163E-406B-B11A-26ECCCAB5A0E}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2889927) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{0A84CF05-F164-471D-8AFB-AC4C7FF7CA71}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2889927) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0A84CF05-F164-471D-8AFB-AC4C7FF7CA71}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2889927) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0A84CF05-F164-471D-8AFB-AC4C7FF7CA71}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2889940) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{36772E16-D3FA-440E-B001-0BEB2B1FCE47}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2889942) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C22AE0C4-590E-46FF-9E21-37F45B84ADDD}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2889942) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C22AE0C4-590E-46FF-9E21-37F45B84ADDD}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)

Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)

Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)

Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)

Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)

WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

 

========================= Devices: ================================

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 34%

Total physical RAM: 3984.27 MB

Available physical RAM: 2616.21 MB

Total Pagefile: 4688.27 MB

Available Pagefile: 3082.7 MB

Total Virtual: 4095.88 MB

Available Virtual: 3984.5 MB

 

========================= Partitions: =====================================

 

1 Drive c: (Windows) (Fixed) (Total:444.85 GB) (Free:396.8 GB) NTFS

2 Drive d: (RECOVERY) (Fixed) (Total:19.89 GB) (Free:1.93 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\HDCFAMILY

 

Administrator            Guest                    HDC Family               

hdcfamily                

 

 

**** End of log ****

 

 

Here is log I received for FARBAR:

 

Farbar Service Scanner Version: 21-07-2014

Ran by HDC Family (administrator) on 22-10-2014 at 06:05:14

Running from "C:\Users\HDC Family\Downloads"

Microsoft Windows 8.1  (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

 

 

System Restore:

============

 

System Restore Disabled Policy: 

========================

 

 

Action Center:

============

 

 

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

The start type of wuauserv service is set to Demand. The default start type is Auto.

The ImagePath of wuauserv service is OK.

The ServiceDll of wuauserv service is OK.

 

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\iphlpsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

 

**** End of log ****

 

Thanks again for anyone/everyone's time.

 

Sarah



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,607 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:47 AM

Posted 22 October 2014 - 11:00 AM

Hi I was able to finally download the programs (except the securty one...

Security Check direct download link 1
Security Check direct download link 2
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 starasoff

starasoff
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 23 October 2014 - 08:36 AM

And last but not least, here is the log from the security check:

 

 Results of screen317's Security Check version 0.99.89  

   x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Windows Defender   

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 71  

 Java version out of Date! 

 Google Chrome 37.0.2062.120  

 Google Chrome 37.0.2062.124  

````````Process Check: objlist.exe by Laurent````````  

 Windows Defender MSMpEng.exe 

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 

````````````````````End of Log`````````````````````` 

 

 

Thanks again everyone!



#9 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:47 PM

Posted 23 October 2014 - 04:26 PM

What product you had from McAfee?If it possible to download these:

 

Please download AdwCleaner by Xplode HERE onto your desktop.

    Close all open programs and internet browsers.
    Double click on AdwCleaner.exe to run the tool.
    Click on Scan.
    After the scan is complete click on "Clean"
    Confirm each time with Ok.
    Your computer will be rebooted automatically. A text file will open after the restart.
    Please post the content of that logfile with your next answer.
    You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool HERE to your desktop.

    Shut down your protection software now to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message.

 

Download Malwarebytes' Anti-Malware Free 2 HERE  to your desktop.
    - Do not accept the Free Trial Version at this time -
    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform quick scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.
How to open the log:
Open MalwareBytes Anti-Malware and then click on History
On the left column, select Application Logs. Select the most recent log among the list, it is usually the one on the top (or sort by date) and open it.
Go to the bottom left corner to Export and select Text File (*.txt)
Save it to the desktop

    Be sure to restart the computer if requested.

 

Please download the ESET Online Scanner HERE and save it to your Desktop.
Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
    Start esetsmartinstaller_enu.exe with administartor privileges.
    Select the option Yes, I accept the Terms of Use and click on Start.
    Make sure that the option Remove found threats is checked, and the option Scan archives is checked.
    Now click on Advanced Settings and select the following:
        Scan for potentially unwanted applications
        Scan for potentially unsafe applications
        Enable Anti-Stealth Technology
    Click on Start. The virus signature database will begin to download. This may take some time.
    When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
    When completed select Uninstall application on close if you so wish
    Now click on Finish
The path to the log file is "C:\Program Files\ESET\EsetOnlineScanner\log.txt" (on 64-bit systems this directory will be "C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt")

Note: Do not forget to re-enable your antivirus application after running the above scan!

 

Thank you!



#10 starasoff

starasoff
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 24 October 2014 - 04:44 PM

Hello,

 

ADW Cleaner Log:

 

# AdwCleaner v4.001 - Report created 23/10/2014 at 20:31:45

# DB v2014-10-23.2

# Updated 20/10/2014 by Xplode

# Operating System : Windows 8.1  (64 bits)

# Username : HDC Family - HDCFAMILY

# Running from : C:\Users\HDC Family\Downloads\adwcleaner_4.001.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Users\HDC Family\AppData\Roaming\DigitalSites

Folder Deleted : C:\Users\HDCFAM~1\AppData\Local\Temp\Framed Display

File Deleted : C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

File Deleted : C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

 

***** [ Scheduled Tasks ] *****

 

Task Deleted : Digital Sites

Task Deleted : LaunchSignup

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Deleted : HKCU\Software\dsiteproducts

Key Deleted : HKCU\Software\InstallCore

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17344

 

 

-\\ Google Chrome v37.0.2062.124

 

 

*************************

 

AdwCleaner[R0].txt - [3579 octets] - [17/10/2014 16:25:59]

AdwCleaner[R1].txt - [1202 octets] - [17/10/2014 21:27:12]

AdwCleaner[R2].txt - [1906 octets] - [23/10/2014 20:28:25]

AdwCleaner[S0].txt - [3454 octets] - [17/10/2014 16:29:26]

AdwCleaner[S1].txt - [1184 octets] - [17/10/2014 21:30:43]

AdwCleaner[S2].txt - [1635 octets] - [23/10/2014 20:31:45]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1695 octets] ##########

 

Junkware Removal Tool Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.3.3 (10.21.2014:1)

OS: Windows 8.1 x64

Ran by HDC Family on Thu 10/23/2014 at 20:37:04.60

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\Users\HDC Family\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"

Successfully deleted: [File] "C:\Users\HDC Family\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"

Successfully deleted: [File] C:\Windows\prefetch\DRIVERRESTORE.EXE-02A71713.pf

Successfully deleted: [File] C:\Windows\prefetch\DRIVERRESTORE.EXE-4DAE8A43.pf

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] C:\ProgramData\dealSTer

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 10/23/2014 at 20:41:41.90

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

MalwareBytes Log:

 

 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/24/2014
Scan Time: 5:45:57 AM
Logfile: anit.txt
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.10.24.04
Rootkit Database: v2014.10.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: HDC Family
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 347112
Time Elapsed: 31 min, 31 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 21
PUP.Optional.IBryte, C:\Users\HDC Family\AppData\Local\Temp\bs.exe, Quarantined, [1272f2266616b680c4e9902c857c0ef2], 
PUP.Optional.InstalLCore, C:\Users\HDC Family\AppData\Local\Temp\is1242154493\34510443_stp.EXE, Quarantined, [b2d2849494e8c76fc898a16afc0901ff], 
PUP.Optional.BPlug, C:\Users\HDC Family\AppData\Local\Temp\is1242154493\34510675_stp.EXE, Quarantined, [137138e0a1dbf442af6d427e1ee345bb], 
PUP.Optional.PremiumInstaller, C:\Users\HDC Family\Downloads\setup (1).exe, Quarantined, [d3b110083d3f70c6c6275dc157ae3fc1], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (10).exe, Quarantined, [562e71a76f0d290d745e96b332ce8e72], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (11).exe, Quarantined, [1e669e7adba1a4928052c9802ed2728e], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (12).exe, Quarantined, [a6de8692097385b1854ded5c629e54ac], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (13).exe, Quarantined, [176dc850dca0181edbf79faa4eb2af51], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (14).exe, Quarantined, [e0a4fd1b35476ec85979b198e61acf31], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (15).exe, Quarantined, [d2b253c5f785c96d478b8bbea55b916f], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (16).exe, Quarantined, [a1e320f8f08cbf778052af9aea16b848], 
PUP.Optional.PremiumInstaller, C:\Users\HDC Family\Downloads\setup (2).exe, Quarantined, [8103ee2af08c64d24aa344daa85d45bb], 
PUP.Optional.PremiumInstaller, C:\Users\HDC Family\Downloads\setup (3).exe, Quarantined, [7113ce4a720ab1857f6e8d91778e758b], 
PUP.Optional.PremiumInstaller, C:\Users\HDC Family\Downloads\setup (4).exe, Quarantined, [2a5a0f0998e4191d529b9f7f65a01ee2], 
PUP.Optional.PremiumInstaller, C:\Users\HDC Family\Downloads\setup (5).exe, Quarantined, [ed97918795e74aec56971b03ef1630d0], 
PUP.Optional.PremiumInstaller, C:\Users\HDC Family\Downloads\setup (6).exe, Quarantined, [7212d54392ea21155f8e49d532d31de3], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (7).exe, Quarantined, [71139880542865d14e84c881cc34a55b], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (8).exe, Quarantined, [d5af5dbb3d3f8da9933f9cad53ad36ca], 
PUP.Optional.OptimunInstaller, C:\Users\HDC Family\Downloads\setup (9).exe, Quarantined, [7014d048512bac8addf5c089af51c43c], 
PUP.Optional.PremiumInstaller, C:\Users\HDC Family\Downloads\setup.exe, Quarantined, [a8dc26f285f72115eeff64baa26350b0], 
PUP.Optional.Trovi.A, C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (         "new_tab_url": "https://www.trovi.com/?gd=&ctid=CT3332410&octid=EB_ORIGINAL_CTID&ISID=MDCBCE995-9A26-497C-B1B4-11312D5EBCE5&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=6&UP=SP84FB120F-8370-4559-B063-7C2752448CA5&SAT=CNTS",), Replaced,[6a1a40d8de9e77bfd5a1184924e1d030]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
and last but not least:
 
ESET LOG FILE:
 
EC:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe.vir a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\sAverneett\DxUuQWu.exe.vir a variant of Win32/AdWare.MultiPlug.BN application cleaned by deleting - quarantined
C:\Users\HDC Family\AppData\Local\Microsoft\Windows\INetCache\IE\3J2128W0\sp-downloader[1].exe Win32/Toolbar.Conduit.R potentially unwanted application deleted - quarantined
C:\Users\HDC Family\AppData\Local\Microsoft\Windows\INetCache\IE\5XMYSJH0\spstub[1].exe a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Users\HDC Family\AppData\Local\Microsoft\Windows\INetCache\IE\GHRV3I89\OptimizerPro[1].exe multiple threats cleaned by deleting - quarantined
C:\Users\HDC Family\AppData\Local\Microsoft\Windows\INetCache\IE\GHRV3I89\OrbiterInstaller[1].exe a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\Users\HDC Family\AppData\Local\Microsoft\Windows\INetCache\IE\GHRV3I89\SPSetup[1].exe a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Users\HDC Family\AppData\Local\Microsoft\Windows\INetCache\IE\GHRV3I89\spstub[1].exe a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Users\HDC Family\AppData\Local\Microsoft\Windows\INetCache\IE\Z4XOLAZ7\FramedDisplay[1].dll a variant of Win32/BrowseFox.O potentially unwanted application deleted - quarantined
C:\Users\HDC Family\AppData\Local\Temp\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\Users\HDC Family\AppData\Local\Temp\35566281.Uninstall\uninstaller.exe Win32/InstallCore.PC potentially unwanted application deleted - quarantined
C:\Users\HDC Family\AppData\Local\Temp\is1242154493\34510770_stp\uninstaller.exe Win32/InstallCore.PC potentially unwanted application deleted - quarantined
C:\Users\HDC Family\Downloads\FileOpenerSetup.exe a variant of Win32/InstallCore.QB potentially unwanted application deleted - quarantined
 
 
Thanks again for the help!


#11 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:47 PM

Posted 26 October 2014 - 11:29 AM

Download Delfix HERE to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

    Activate UAC (optional; some users prefer to keep it off)
    Remove disinfection tools
    Create registry backup
    Purge System Restore
    Reset system settings


Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

 

Download HitmanPro x64 HERE from onto your desktop.

Double-click on the file named HitmanPro.exe.It will be updated.When the program starts you will be presented with the start screen.Click on the Next button.Accept to store a copy of the program to your computer and click Next and it will start to scan.
When it has finished it will display a list of all the malware that the program found.Below next to button buy now is option Save log.Save it to your desktop and paste it here.

 

Thank you!



#12 starasoff

starasoff
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 28 October 2014 - 08:13 AM

HitmanPro 3.7.9.225
www.hitmanpro.com
 
   Computer name . . . . : HDCFAMILY
   Windows . . . . . . . : 6.3.0.9600.X64/4
   User name . . . . . . : HDCfamily\HDC Family
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)
 
   Scan date . . . . . . : 2014-10-28 05:49:28
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 16m 21s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : Yes
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 16
 
   Objects scanned . . . : 1,988,096
   Files scanned . . . . : 19,437
   Remnants scanned  . . : 354,732 files / 1,613,927 keys
 
Potential Unwanted Programs _________________________________________________
 
   HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> Deleted
   HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> Deleted
   HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> PendingDelete
   HKU\S-1-5-21-3270595446-1089841343-3250570288-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> Deleted
   HKU\S-1-5-21-3270595446-1089841343-3250570288-1002\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> Deleted
 
Cookies _____________________________________________________________________
 
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\HDC Family\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\HDC Family\AppData\Local\Microsoft\Windows\INetCookies\QQ0QL1R1.txt
 
 
 

Also, when hitman tried to delete a bunch of files, the repairing part failed for a lot of them

 

Thanks!



#13 starasoff

starasoff
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 29 October 2014 - 11:36 AM

bump!



#14 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:47 PM

Posted 29 October 2014 - 03:55 PM

So what is the situation now compare to your first post?



#15 starasoff

starasoff
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 30 October 2014 - 09:00 AM

It is much better. The pop up's have stopped happening but HITMAN and AVG still find malware and are unable to repair it. :(






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users