Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

vosteran problem


  • Please log in to reply
18 replies to this topic

#1 ChicagoMel

ChicagoMel

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:33 AM

Posted 20 December 2014 - 12:59 PM

How do I get it completely gone? I got some files out and ran ADW xleaner plus a nymber of malwate removal tools but though thr shortcut is gone it's still pn my browser.

Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus


BC AdBot (Login to Remove)

 


m

#2 ChicagoMel

ChicagoMel
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:33 AM

Posted 20 December 2014 - 01:02 PM

Grr how do I delete this?

Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus


#3 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 20 December 2014 - 01:03 PM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Non-malware removal steps
 
Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup

Thanks and good luck!



#4 gigahurtz

gigahurtz

  • Members
  • 36 posts
  • OFFLINE
  •  

Posted 20 December 2014 - 01:05 PM

Right click on your shortcut to internet (Google Chrome, Internet Explorer, etc) and check and check the 'Target' box. After the path to the web browser, make sure you erase everything after the last ". Usually, these will be left behind because your shortcut was changed to open to a certain website regardless of what your browsers homepage is.

 

 

I hope this helps you!



#5 ChicagoMel

ChicagoMel
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:33 AM

Posted 20 December 2014 - 01:08 PM

I will check my targets again. Ran Mbam last night after discovering it. I will put up a log shortly

Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus


#6 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:12:33 AM

Posted 20 December 2014 - 01:14 PM

Your other topic has been deleted

#7 ChicagoMel

ChicagoMel
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:33 AM

Posted 20 December 2014 - 01:17 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/20/2014
Scan Time: 12:11:03 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.12.20.01
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Melinda
 
Scan Type: Threat Scan
Result: Cancelled
Objects Scanned: 980
Time Elapsed: 0 min, 28 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
I have to wait and run the toolkits after work. The other things I tried, if you're interested: Eset, I have Avast, Malicious Software Removal Tool.

Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus


#8 ChicagoMel

ChicagoMel
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:33 AM

Posted 20 December 2014 - 01:23 PM

Also checked my target and only what should be there is there. And thanks for the delete.

Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus


#9 ChicagoMel

ChicagoMel
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:33 AM

Posted 20 December 2014 - 06:56 PM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Melinda (administrator) on 20-12-2014 at 17:51:51
Running from "C:\Users\Melinda\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
 
=========================== Installed Programs ============================
Action Replay PowerSaves 3DS version 1.21 (HKLM-x32\...\{CD24B06F-0A4D-410A-AEF2-DFE6A28AB4C0}_is1) (Version: 1.21 - Datel Design & Development)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.356 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Cozi (HKLM-x32\...\{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}) (Version: 1.0.4323.24051 - Cozi Group, Inc.)
CSI NY (HKLM-x32\...\CSINYUbisoft) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{F336F89D-8C5A-432C-8EA9-DA19377AD591}) (Version: 1.4.162.0 - Fingertapps)
Dell Perks Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.30 - ArcSoft)
Dell Stage (HKLM-x32\...\{D770F4B4-C422-45D9-8CEE-1B4C66E68CA8}) (Version: 1.4.173.0 - Fingertapps)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.1.1.1408 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.1.1408 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pokémon Trading Card Game Online (HKLM-x32\...\{D81F39D4-FDA9-4356-92B1-16081D8BF71A}) (Version: 1.0.0 - The Pokémon Company International)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Roxio Burn (x32 Version: 1.01 - Roxio) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (03/24/2010 6.3.0.2501) (HKLM\...\AF09E130E2FD4D1BEFD1B9132AE624BAE0364719) (Version: 03/24/2010 6.3.0.2501 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPatrol (HKLM\...\{A62F9CD0-B2E0-4F2A-88F2-79254A3C8539}) (Version: 26.1.2013.0 - BillP Studios)
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
========================= Restore Points ==================================
 
29-10-2014 02:38:31 Windows Update
29-10-2014 23:04:38 Installed Adobe Flash Player 15 ActiveX.
29-10-2014 23:07:15 Installed Adobe Flash Player 15 Plugin.
04-11-2014 18:01:56 Windows Update
11-11-2014 13:23:07 Windows Update
11-11-2014 18:16:21 Windows Update
14-11-2014 19:49:16 Windows Update
19-11-2014 20:48:57 Windows Update
20-11-2014 06:57:36 Windows Update
27-11-2014 06:06:45 avast! antivirus system restore point
27-11-2014 06:20:51 Windows Update
03-12-2014 21:53:13 Windows Update
09-12-2014 17:51:17 Windows Update
09-12-2014 18:15:12 Windows Update
12-12-2014 07:10:40 Windows Update
13-12-2014 05:13:14 Windows Update
17-12-2014 20:16:58 Windows Update
18-12-2014 05:21:42 Windows Update
 
**** End of log ****
 

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.9016)   
 JavaFX 2.1.0    
 Java 7 Update 60  
 Java version 32-bit out of Date!
  Adobe Flash Player 15.0.0.246 Flash Player out of Date!
 Adobe Reader XI  
 Mozilla Firefox 33.0.2 Firefox out of Date!
 Google Chrome (39.0.2171.71) 
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````
 WinPatrol winpatrol.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
 AVAST Software Avast avastui.exe  
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log``````````````````````
 
(I know I need to do some updates, will update later on tonight)

Edited by ChicagoMel, 20 December 2014 - 07:24 PM.

Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus


#10 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 04:04 AM

Hello there,

:step1: Please uninstall some programs
 
There's currently some programs on your PC that we need to remove, for the time-being at least. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • Java 7 Update 60
  • JavaFX 2.1.0
  • Yahoo! Software Update

If any programs listed above aren't in Programs and Features, you can just skip them. Please download JavaRa from here and once opened it, select 'remove JRE' (If that's not there, select remove Java Runtime). Make sure you skip the re-install Java option!

:step2: Please download rKill to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)
  • The tool will run and then a log file should open.
  • Please post the contents of it in your next reply.

Please don't restart your computer before running the next step.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

:step5: Please visit the ESET Online Scanner webpage
:exclame: Internet Explorer MUST be used for this step.  :exclame:

  • Click the checkbox next to 'Yes, I accept the Terms of Use' and click start.
  • Select the checkboxes which are displayed in the picture below.

jqnp8z.png

  • Press start and the scan will now begin - this scan will take a long time.
  • When the scand finished, select list threats and then export.
  • Choose a name for the log (e.g ESET) and click save (to your desktop)
  • Press the back button and then click finish. Please include the contents of the log in your reply.


#11 ChicagoMel

ChicagoMel
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:33 AM

Posted 21 December 2014 - 01:11 PM

How long should the Eset scan take. It's stuck on 46% and 55177 files and wont move. It's been like 10min. The clock is moving though.

Edit: i started over, I'll see if it's different this time.

Edited by ChicagoMel, 21 December 2014 - 01:12 PM.

Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus


#12 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 01:15 PM

ESET can take up to 24 hours in some cases.

 

Best to leave it running.



#13 ChicagoMel

ChicagoMel
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female

Posted 21 December 2014 - 01:35 PM

Ok understood.

Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus


#14 ChicagoMel

ChicagoMel
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:33 AM

Posted 21 December 2014 - 04:56 PM

Rkill 2.6.9 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2014 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/21/2014 09:50:20 AM in x64 mode.

Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Melinda\APPDATA\LOCAL\PROGRAMS\GOOGLE\MUSICMANAGER\MUSICMANAGER.EXE (PID: 2632) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 12/21/2014 09:52:26 AM

Execution time: 0 hours(s), 2 minute(s), and 6 seconds(s)

# AdwCleaner v4.105 - Report created 21/12/2014 at 09:55:55

# Updated 08/12/2014 by Xplode

# Database : 2014-12-21.4 [Live]

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Melinda - MELINDA-PC

# Running from : C:\Users\Melinda\Downloads\adwcleaner_4.105 (2).exe

# Option : Clean

***** [ Services ] *****

 

***** [ Files / Folders ] *****

 

***** [ Scheduled Tasks ] *****

 

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

 

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

 

-\\ Mozilla Firefox v33.0.2 (x86 en-US)

 

-\\ Google Chrome v39.0.2171.95

 

*************************

AdwCleaner[R0].txt - [9516 octets] - [10/09/2013 17:39:09]

AdwCleaner[R1].txt - [7815 octets] - [19/12/2014 23:24:34]

AdwCleaner[R2].txt - [1269 octets] - [20/12/2014 11:35:56]

AdwCleaner[R3].txt - [1168 octets] - [21/12/2014 09:53:43]

AdwCleaner[S0].txt - [9506 octets] - [10/09/2013 17:40:31]

AdwCleaner[S1].txt - [7092 octets] - [19/12/2014 23:27:23]

AdwCleaner[S2].txt - [1334 octets] - [20/12/2014 11:37:57]

AdwCleaner[S3].txt - [1090 octets] - [21/12/2014 09:55:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1150 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.0 (11.29.2014:1)

OS: Windows 7 Home Premium x64

Ran by Melinda on Sun 12/21/2014 at 10:21:58.53

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

~~~ Services

 

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

 

 

~~~ Registry Keys

 

 

~~~ Files

 

 

~~~ Folders

 

 

~~~ FireFox

Successfully deleted: [Folder] C:\Users\Melinda\AppData\Roaming\mozilla\firefox\profiles\lfj0o4nd.default-1354510197761\extensions\staged

Emptied folder: C:\Users\Melinda\AppData\Roaming\mozilla\firefox\profiles\lfj0o4nd.default-1354510197761\minidumps [17 files]

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 12/21/2014 at 10:29:39.57

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C:\AdwCleaner\Quarantine\C\Users\Melinda\AppData\Local\Vosteran\Application\31.0.1650.23\Extensions\Vosteran.crx.vir JS/Astromenda.A potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\Melinda\AppData\Local\Vosteran\Application\31.0.1650.23\Installer\chrome.7z.vir JS/Astromenda.A potentially unwanted application deleted - quarantined

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application deleted - quarantined

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application deleted - quarantined

C:\Users\Melinda\Downloads\ccsetup326.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

C:\Users\Melinda\Downloads\ccsetup328.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

C:\Users\Melinda\Downloads\ccsetup402.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

C:\Users\Melinda\Downloads\ccsetup405.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

C:\Users\Melinda\Downloads\spsetup126.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined


Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus


#15 ChicagoMel

ChicagoMel
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Female

Posted 21 December 2014 - 04:57 PM

Why isn't any of these tools getting rid of Vosteran? Seems like if I'm running all these, one of them should find it and kill it.

Edited by ChicagoMel, 21 December 2014 - 05:02 PM.

Was using Firefox...until Chrome took over.

One God, One Truth, One Savior-Jesus





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users