Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Here is a good one.


  • Please log in to reply
19 replies to this topic

#1 Gunny3053

Gunny3053

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, Ca
  • Local time:06:39 PM

Posted 29 October 2014 - 05:06 PM

Hi Gang

 

  I will try to explain this as good as I can.

 

  This all started when I was having a problem with Google, so I deleted it and tried to reinstall it and I could not get it to install, I would click on install and it would just sit there forever. I am just telling you this because it might have something to do with it.

 

  Now I am using Win 7 and IE 10. Ok so the problem is this, Say I want to open up a site like Yahoo, I click on the icon and the little tab pops up and says yahoo.com, and with in a couple or less seconds it go to waiting for yahoo.com. I have never noticed it doing this until recently. And if I let it sit there long enough eventually it will go to The page cannot be displayed. This is not only with yahoo, I only used that as an example.

 

  Any and all help appreciated

 

  Thanx.....Gunny


Edited by hamluis, 30 October 2014 - 01:57 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:39 PM

Posted 29 October 2014 - 06:05 PM

Try these solutions....First completely uninstall Google Chrome...I am assuming that is what you refer to as just Google.

Use Download Revo Uninstaller Freeware - Free and Full Download - Uninstall software, remove programs, solve uninstall problems

to uninstall Chrome.

 

Next, clean up the Temporary files, Cookies, logs, program caches, etc using CCleaner - PC Optimization and Cleaning - Free Download

Use the default settings. No need to use the Registry Cleaner tool....risky. Pay close attention while installing and UNcheck any offers

of toolbars...especially Yahoo.

 

If the problem still persists use this Windows Repair (All In One) Download . Be sure to run Option #4 as well as other repairs.

 

Check for adware using AdwCleaner.

  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 Gunny3053

Gunny3053
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, Ca
  • Local time:06:39 PM

Posted 30 October 2014 - 10:11 AM

Hi Buddy

 

  Thanx for all the info, I will run through this and let you know what happens. It looks like you are thinking bug instead of something messed up with my files or folders or settings. I was thinking settings for some reason, anyway I will let you know what happens.

 

  Thanx....Gunny



#4 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:39 PM

Posted 30 October 2014 - 10:20 AM

It is more of a 'shotgun' approach to solving or finding the cause of the problem.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 Gunny3053

Gunny3053
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, Ca
  • Local time:06:39 PM

Posted 30 October 2014 - 11:31 AM

Hi Buddy

 

  Ok here it is.....Thanx....Gunny

 

# AdwCleaner v3.311 - Report created 30/10/2014 at 09:17:40
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Administrator - GUNNYMAINCOMPUT
# Running from : C:\Users\Administrator\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : iSafeNetFilter
[#] Service Deleted : vToolbarUpdater18.1.0
[#] Service Deleted : KMService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\pastaleads
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\Program Files\adawaretb
Folder Deleted : C:\Program Files\Advanced System Protector
Folder Deleted : C:\Program Files\File Type Helper
Folder Deleted : C:\Program Files\pastaleads
Folder Deleted : C:\Program Files\RegClean Pro
Folder Deleted : C:\Program Files\Webinternetsecurity
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Administrator\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Administrator\AppData\Local\iLivid
Folder Deleted : C:\Users\Administrator\AppData\Local\visi_coupon
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\visi_coupon
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Administrator\AppData\Roaming\UpdaterEX
Folder Deleted : C:\Users\Administrator\Documents\PC Speed Maximizer
Folder Deleted : C:\Users\Gunny main computer\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Gunny main computer\AppData\Local\PackageAware
Folder Deleted : C:\Users\Gunny main computer\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Gunny main computer\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\Gunny main computer\AppData\LocalLow\Unitech LLC
Folder Deleted : C:\Users\Gunny main computer\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Gunny main computer\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Gunny main computer\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Gunny main computer\AppData\Roaming\Strongvault
Folder Deleted : C:\Users\Gunny main computer\Favorites\Security Systems
Folder Deleted : C:\Users\Gunny main computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner
Folder Deleted : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ScorpionSaver@jetpack
Folder Deleted : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\profile\Extensions\ScorpionSaver@jetpack
Folder Deleted : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs2\Extensions\ScorpionSaver@jetpack
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coibnogmjcpbccgjofoiklnfpbbjbapo
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Windows\system32\srvany.exe
File Deleted : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\profile\user.js
File Deleted : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs2\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : Advanced System Protector
Task Deleted : Advanced System Protector_startup
Task Deleted : RegClean Pro

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\oneclick
Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298570
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\NpApp
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Solvusoft
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Wpm

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16921

-\\ Mozilla Firefox v

[ File : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

[ File : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\profile\prefs.js ]

[ File : C:\Users\Gunny main computer\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs2\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Gunny main computer\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [17413 octets] - [30/10/2014 09:15:40]
AdwCleaner[S0].txt - [17781 octets] - [30/10/2014 09:17:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17842 octets] ##########



#6 Gunny3053

Gunny3053
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, Ca
  • Local time:06:39 PM

Posted 30 October 2014 - 12:03 PM

Hi Buddy

 

I see a lot of AVG stuff in there too, I have had trouble with that one. And a lot of stuff that should not be there. I use Revo uninstaller all the time and I thought it was supposed to be pretty good at cleaning out all the left over crap but it don't look like it is doing a good job. I use malwarebytes too very often, among other programs.

 

  Thanx....Gunny



#7 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:39 PM

Posted 30 October 2014 - 12:14 PM

That is quite a collection of undesireables. It suggests more scans should be run. Since you have MBAM run a scan with it

after updating it and post the log of what it finds back here. Check its scan settings and allow it to scan for rootkits and PUPS.

 

  • thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

ESET SCAN

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

If you haven't run the All In One tool, hold off on that until we see what else is found by the three scans.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#8 redvette

redvette

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 30 October 2014 - 05:15 PM

Hi Buddy

 

  Ok I will have the stuff from JRT and the other one as soon as it finishes.  Its at 86% and 37 found, been running about 3 1/2 hours so far.   Boy these are some great sites.

 

  Oh one thing I know some forums have a instant notification if anyone replies to your post, I don't see it on here. 

 

  Thanx....Gunny


Edited by redvette, 30 October 2014 - 05:17 PM.


#9 Gunny3053

Gunny3053
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, Ca
  • Local time:06:39 PM

Posted 30 October 2014 - 05:33 PM

Hi  Buddy

 

  Here is the one from eset...........Thanx....Gunny

 

 

C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir Win32/Systweak.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Gunny main computer\AppData\Roaming\Search Protection\Uninstall.exe.vir a variant of Win32/Toolbar.Widgi potentially unwanted application
C:\AdwCleaner\Quarantine\C\Windows\system32\roboot.exe.vir a variant of Win32/Systweak.A potentially unwanted application
C:\Program Files\4KDownload\ccsetup407.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files\CCleaner\ccsetup406.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files\CCleaner\ccsetup408.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files\CCleaner\ccsetup410.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files\CCleaner\ccsetup414.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files\CCleaner\ccsetup416.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files\CCleaner\ccsetup417 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files\CCleaner\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files\CCleaner\DriverNavigator_Setup (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.28.13\uninstall.exe Win32/Toolbar.Montiera.B potentially unwanted application
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.28.13\zonealarmApp.dll a variant of Win32/Toolbar.Montiera.A potentially unwanted application
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.28.13\zonealarmEng.dll a variant of Win32/Toolbar.Montiera.A potentially unwanted application
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.28.13\zonealarmTlbr.dll a variant of Win32/Toolbar.Montiera.F potentially unwanted application
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.28.13\bh\zonealarm.dll a variant of Win32/Toolbar.Escort.A potentially unwanted application
C:\Program Files\DoNotTrackPlus\ScriptHost.dll a variant of Win32/Toolbar.Besttoolbars.J potentially unwanted application
C:\Program Files\Panda Security\Panda Cloud Antivirus\Tools\PandaSecurityTb.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\Program Files\pcmax\a.exe Win32/Conduit.SearchProtect.M potentially unwanted application
C:\Program Files\pcmax\pcmax.exe a variant of Win32/Conduit.SearchProtect.O potentially unwanted application
C:\ProgramData\Panda Security\Panda Cloud Antivirus\Download\0x04011000\CloudAntivirus.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\ProgramData\zoomify2\1.1.0.25\zoomifyL32.dll a variant of Win32/AdWare.PennyBee.A application
C:\ProgramData\zoomify2\1.1.0.25\zoomifyL64.dll a variant of Win64/Adware.PennyBee.A application
C:\UBCD4Win\plugin\CDBurning\ExpressBurn\expressburn.exe a variant of Win32/Toolbar.Conduit.I potentially unwanted application
C:\UBCD4Win\plugin\Cleanup Tools\SDFix\SDFix.exe Win32/PrcView potentially unsafe application
C:\UBCD4Win\plugin\System-Info\Information\SysInfo\sysinfo.7z a variant of Win32/RemoteAdmin.RemoteExec.AA potentially unsafe application
C:\Users\Administrator\AppData\Local\tmp11298\dag15485.exe a variant of Win32/AdWare.PennyBee.A application
C:\Users\Administrator\AppData\Local\tmp11298\dag15485tmp.exe a variant of Win32/AdWare.PennyBee.A application
C:\Users\Administrator\Downloads\cbsidlm-cbsi188-Advanced_Uninstaller_Pro-ORG-10069986.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Administrator\Downloads\ccsetup413.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Administrator\Downloads\Garbage_Finder_2.exe Win32/AdWare.1ClickDownload.AW application
C:\Users\Administrator\Downloads\Smarty Uninstaller 4.0.131 + Patch\Smarty Uninstaller 4.0.131 + Patch.tgz a variant of Win32/HackTool.Patcher.AD potentially unsafe application
C:\Users\Administrator\Downloads\VSO ConvertXtoDVD 5.1.0.12 Incl Activator [KaranPC]\Patch.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application
C:\Users\All Users\Panda Security\Panda Cloud Antivirus\Download\0x04011000\CloudAntivirus.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\Users\All Users\zoomify2\1.1.0.25\zoomifyL32.dll a variant of Win32/AdWare.PennyBee.A application
C:\Users\All Users\zoomify2\1.1.0.25\zoomifyL64.dll a variant of Win64/Adware.PennyBee.A application

 



#10 Gunny3053

Gunny3053
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, Ca
  • Local time:06:39 PM

Posted 30 October 2014 - 05:37 PM

Hi Buddy...Here is the one from JRT....Thanx....GUnny

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Professional x86
Ran by Administrator on Thu/10/30/2014 at 11:12:59.20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441193}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\IdealDVDCopy_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\IdealDVDCopy_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateRightSurf_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateRightSurf_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilRightSurf_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilRightSurf_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441193}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ad-aware browsing protection"
Successfully deleted: [Folder] "C:\Users\Administrator\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Users\Administrator\appdata\locallow\yahoocouponaddon"
Successfully deleted: [Folder] "C:\Program Files\earth networks"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Folder] "C:\ai_recyclebin"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu/10/30/2014 at 11:15:32.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#11 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:39 PM

Posted 30 October 2014 - 06:11 PM

Did you allow Eset to remove what it found? It found a lot of junk. As did all the scans.

 

After cleaning using CCleaner, open it again and click on Tools. Then click on Uninstall. At the bottom right of that page you

will see a button that when clicked will allow you to copy and paste the list programs installed on your computer. Please

post that list back here.

 

Also, again using CCleaner, click on Tools then Startup. Click on IE button at the top of that page and copy and paste the list of items shown as starting up

in IE back here.

 

Have you used Revo to remove Chrome? After doing all of the above, is IE behaving or is there still a problem? I've used Firefox browser for 10 years. So I 

am a bit biased toward its being the best around. You may want to give it go. Always a good idea to have two browsers installed.

Download Firefox — Free Web Browser — Mozilla


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#12 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:39 PM

Posted 30 October 2014 - 06:14 PM

Meant to add...what about MBAM...were you able to update it and did it find anything?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#13 Gunny3053

Gunny3053
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, Ca
  • Local time:06:39 PM

Posted 30 October 2014 - 10:02 PM

Hi Buddy

 

  What is MBAM. ?

 

  Thanx....Gunny



#14 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:39 PM

Posted 31 October 2014 - 05:17 AM

Oooops....

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR MY REVIEW.

 

EDIT: ......Oh one thing I know some forums have a instant notification if anyone replies to your post, I don't see it on here......

At the top of this page on the right you will see a button..Follow this topic...click on that and you will receive a notification when there is a new reply.


Edited by buddy215, 31 October 2014 - 07:26 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#15 redvette

redvette

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 31 October 2014 - 11:05 AM

Hi Buddy

 

  My apologies I was not thinking on that one. I do have Malwarebytes and have had it for years and I do use it all the time. I think it is one of the better ones. I will have to do some reading up on how to properly use that Eset program, I don't think I am using it right.

 

  Thanx....Gunny






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users