Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Inundated With Overlaying Ads and Redirections - HELP!!!


  • Please log in to reply
32 replies to this topic

#1 pdmike

pdmike

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 14 May 2015 - 09:35 PM

 

I REALLY need help.  I don't know how it got started, but whenever I go online, no matter what Web site I visit, my screen is soon covered by so many overlaying ads, it is almost impossible to see anything on the screen except the ads.  It seems to be getting worse all the time.  I am also experience all kinds of redirections to various unwanted Wed sites.  I have no idea what to do.

 

I have just joined this forum, which looks wonderful to me -  exactly what I think i need.  I read a couple of threads by people with a similar problem.  As a result, I have downloaded and installed ADWCleaner.  I ran a scan with it, and a lot of things came up.  It says to click on what you want to keep.  I have no idea what I want to keep and what I want to delete. 

 

I am using Windows 7 with McAfee and Malwarebytes.  Neither of these programs has been able to find the cause of the problems I am having.

 

If someone could help me with all this, it would be MOST appreciated!


Edited by pdmike, 14 May 2015 - 09:37 PM.


BC AdBot (Login to Remove)

 


m

#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 15 May 2015 - 02:44 AM

Hi there,

I'll assist you with this :)

Let's see what is going on.

MiniToolbox by Farbar

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

===

Can you post the scan log from AdwCleaner? Thank you :)

Regards,
Alex

#3 pdmike

pdmike
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 15 May 2015 - 08:44 AM

Hi Alex!  Thanks for the reply.  Stand by - I will download MiniToolBox and post the results as soon as I can.  Can't do this for several hours, but be patient and I'll get back to you on this soon.  Will also download, run and post the other program (317).  I did not save the AdwCleaner results, but will re-scan and post them as well.


Edited by pdmike, 15 May 2015 - 08:46 AM.


#4 pdmike

pdmike
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 15 May 2015 - 12:00 PM

 

Here are the results from MiniToolBox:

 

MiniToolBox by Farbar  Version: 14-04-2015
Ran by Marilyn (administrator) on 16-05-2015 at 09:58:18
Running from "C:\Users\Marilyn\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: M11AD Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Marilyn-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 78-24-AF-84-96-93
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::497d:850e:2a2c:f170%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.7(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, May 14, 2015 3:22:17 AM
   Lease Expires . . . . . . . . . . : Sunday, May 17, 2015 3:22:17 AM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 249577289
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-85-42-28-78-24-AF-84-96-93
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{5DAA8217-0C72-4B99-9531-1CBA8C2BB2AC}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  10.0.0.1

Name:    google.com
Addresses:  2607:f8b0:4000:809::100e
      173.194.115.68
      173.194.115.65
      173.194.115.78
      173.194.115.71
      173.194.115.73
      173.194.115.69
      173.194.115.67
      173.194.115.66
      173.194.115.70
      173.194.115.72
      173.194.115.64


Pinging google.com [173.194.115.64] with 32 bytes of data:
Reply from 173.194.115.64: bytes=32 time=478ms TTL=53
Reply from 173.194.115.64: bytes=32 time=45ms TTL=53

Ping statistics for 173.194.115.64:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 45ms, Maximum = 478ms, Average = 261ms
Server:  UnKnown
Address:  10.0.0.1

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=168ms TTL=44
Reply from 98.139.183.24: bytes=32 time=104ms TTL=44

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 104ms, Maximum = 168ms, Average = 136ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...78 24 af 84 96 93 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.7     20
         10.0.0.0    255.255.255.0         On-link          10.0.0.7    276
         10.0.0.7  255.255.255.255         On-link          10.0.0.7    276
       10.0.0.255  255.255.255.255         On-link          10.0.0.7    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.7    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.7    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::497d:850e:2a2c:f170/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/14/2015 06:51:25 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (05/14/2015 03:23:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 09:50:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 07:36:11 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (05/10/2015 05:06:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/08/2015 05:02:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 08:36:28 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (05/06/2015 01:05:01 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (05/05/2015 06:44:56 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (05/04/2015 11:40:41 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108


System errors:
=============
Error: (05/14/2015 03:23:02 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: Failed to start language pack setup wizard. Please restart the system and try running the wizard again.

Error: (05/14/2015 03:23:02 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS Client initialization failed. Last error: 0x80080005

Error: (05/14/2015 03:23:02 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/14/2015 03:22:56 AM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16405

Error: (05/10/2015 09:50:33 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (05/03/2015 01:00:16 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be  changed by -86463 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->23.102.23.44:123) is working properly.

Error: (04/26/2015 01:00:16 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be  changed by -86457 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->104.41.150.68:123) is working properly.

Error: (04/19/2015 01:00:16 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be  changed by -86453 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->23.102.23.44:123) is working properly.

Error: (04/18/2015 01:07:44 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{5DAA8217-0C72-4B99-9531-1CBA8C2BB2AC}.
The backup browser is stopping.

Error: (04/18/2015 01:04:11 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.


Microsoft Office Sessions:
=========================
Error: (05/14/2015 06:51:25 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (05/14/2015 03:23:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 09:50:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 07:36:11 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (05/10/2015 05:06:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/08/2015 05:02:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 08:36:28 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (05/06/2015 01:05:01 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (05/05/2015 06:44:56 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (05/04/2015 11:40:41 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108



=========================== Installed Programs ============================
4 Elements (HKLM-x32\...\74bef13b7029e12c4fc4003a34b5869b) (Version:  - GameHouse)
64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
7 Wonders II (HKLM-x32\...\a89e93568ee6fa92f132ede409333e0e) (Version:  - GameHouse)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.10 - ASUSTeK Computer Inc.)
ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.09 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.02 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.04 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.08.00 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
Bejeweled® 3 (HKLM-x32\...\dd6503b10988b118a94b4d46020a6bed) (Version:  - GameHouse)
BEtteerPPriceoCChec (HKLM-x32\...\{4E5FE462-1A84-47B4-3411-C72434AAD86C}) (Version:  - "")
BookWorm Deluxe (HKLM-x32\...\7df462eac537618544fece3b0c1ee483) (Version:  - GameHouse)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.5.5 build 4151  (Jun-27-2014) - Carbonite)
Carbonite Mirror Image (64-bit) (Version: 5.1.14438.2115 - x64) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.4428 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dynomite (HKLM-x32\...\76874407c5874b96ba565e0cc99c6842) (Version:  - GameHouse)
EixTrraShoppperr (HKLM-x32\...\{7BCAC0EB-3993-2416-0531-848C39DF8B65}) (Version:  - "")
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
EPSON Artisan 710 Series Printer Uninstall (HKLM\...\EPSON Artisan 710 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Artisan 730 Series Printer Uninstall (HKLM\...\EPSON Artisan 730 Series) (Version:  - SEIKO EPSON Corporation)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
Extended Update (HKCU\...\UpdaterEX) (Version:  - Extended Update)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Five Card Deluxe (HKLM-x32\...\5715e346bf261382a057dd0511af39b1) (Version:  - GameHouse)
Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.4.0.896 - Citrix Online, a division of Citrix Systems, Inc.)
Governor of Poker 2 Platinum Edition (HKLM-x32\...\48ff91469c10941110611445cef03bc0) (Version:  - GameHouse)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.2.32 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LazyTruth (HKLM-x32\...\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}) (Version:  - "")
LucckYCoupon (HKLM-x32\...\{BA5D43C9-D633-D0EC-CFEA-2ABA974B333D}) (Version:  - "")
Luxor 3 (HKLM-x32\...\e78445b007e675c661bc9962885082a5) (Version:  - GameHouse)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.210 - McAfee, Inc.)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4711.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.3.1.7 - PCUtilities Software Limited)
Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Plants vs. Zombies™ (HKLM-x32\...\ef5c63378241506ac3237f975079d300) (Version:  - GameHouse)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7035 - Realtek Semiconductor Corp.)
Risk® (HKLM-x32\...\4706d054189727514f6461721a95cd1e) (Version:  - GameHouse)
Roads of Rome 2 (HKLM-x32\...\f2cbf33e13fb076c32c666c91a930ae1) (Version:  - GameHouse)
Roads of Rome 3 (HKLM-x32\...\c08ab64b293fd92fb0c1e6c8a4f53118) (Version:  - GameHouse)
Rocket Mania (HKLM-x32\...\b205915e9d48c7c9fbc39fb1405a6459) (Version:  - GameHouse)
RuoyaulCoupaonn (HKLM-x32\...\{40DC4B27-4588-C56F-7737-D03A0ACE4383}) (Version:  - "")
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.13 - Stardock Software, Inc.)
Super Nisqually (HKLM-x32\...\cf9fc3b87c919bfd4869932042b216f5) (Version:  - GameHouse)
Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
WordPerfect Office X6 - Common Files (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - Common Files English (x32 Version: 16.3.1 - Corel Corporation) Hidden
WordPerfect Office X6 - IPM (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - Lightning Files (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - Lightning Files English (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - Oxford (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - Presentations Files (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - Presentations Files English (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - Quattro Pro Files (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - Quattro Pro Files English (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - Setup Files (x32 Version: 16.3.1 - Corel Corporation) Hidden
WordPerfect Office X6 - System Files (x32 Version: 16.1 - Corel Corporation) Hidden
WordPerfect Office X6 - WordPerfect Files (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - WordPerfect Files English (x32 Version: 16.3 - Corel Corporation) Hidden
WordPerfect Office X6 - WT (x32 Version: 16.1 -  Corel Corporation) Hidden
WordPerfect Office X6 (HKLM-x32\...\_{26D6D2A4-F08A-4212-86E7-7F1F75033610}) (Version: 16.0.0.429 - Corel Corporation)
WordPerfect Office X6 (x32 Version: 16.3 - Corel Corporation) Hidden
Wunderlist Panel (HKLM-x32\...\{D86C82B0-1F02-816A-5F3D-6466F6A67566}) (Version:  - "")
Zuma's Revenge!™ - Adventure (HKLM-x32\...\d05cb0cd3005c7951dc350e00bcf822f) (Version:  - GameHouse)
???? (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 12161.24 MB
Available physical RAM: 8649.19 MB
Total Pagefile: 24320.69 MB
Available Pagefile: 20818.35 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.27 MB

========================= Partitions: =====================================

1 Drive c: (WIN7) (Fixed) (Total:745.21 GB) (Free:682.78 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:1094.74 GB) (Free:1094.53 GB) NTFS

========================= Users: ========================================

User accounts for \\MARILYN-PC

Administrator            Guest                    Marilyn                  

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

23-04-2015 02:37:15 Removed PCTuner
24-04-2015 03:16:02 Removed PCTuner
24-04-2015 13:03:00 McAfee Vulnerability Scanner
02-05-2015 07:00:02 Scheduled Checkpoint
04-05-2015 20:19:04 Removed WeatherApp
12-05-2015 07:00:02 Scheduled Checkpoint
14-05-2015 10:00:17 Windows Update

**** End of log ****
 

BTW - I am pdmike.  The problem is in my wife's computer.  I am trying to fix it for her with your help. 



#5 pdmike

pdmike
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 15 May 2015 - 12:03 PM

Here are the results from Security Check:

 

 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
McAfee Anti-Virus and Anti-Spyware   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 McAfee SiteAdvisor    
 Mozilla Firefox (37.0.2)
````````Process Check: objlist.exe by Laurent````````  
 mcafee VirusScan mcods.exe  
 Online Games Manager ogmservice.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 



#6 pdmike

pdmike
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 15 May 2015 - 12:05 PM

I don't know how to post the log from AdwCleaner.  I run it, there are lots of results under Folders and in other areas, but I it will not let me slect and copy them.  I can select, but not copy.  And I don't see anything about a Log anywhere in the Menu.  Any thoughts on this?



#7 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 15 May 2015 - 12:06 PM

Hi there,

Please uninstall the following software from Programs and Features:

BEtteerPPriceoCChec (HKLM-x32\...\{4E5FE462-1A84-47B4-3411-C72434AAD86C}) (Version: - "")
EixTrraShoppperr (HKLM-x32\...\{7BCAC0EB-3993-2416-0531-848C39DF8B65}) (Version: - "")
Extended Update (HKCU\...\UpdaterEX) (Version: - Extended Update)
LazyTruth (HKLM-x32\...\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}) (Version: - "")
LucckYCoupon (HKLM-x32\...\{BA5D43C9-D633-D0EC-CFEA-2ABA974B333D}) (Version: - "")
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.3.1.7 - PCUtilities Software Limited)
RuoyaulCoupaonn (HKLM-x32\...\{40DC4B27-4588-C56F-7737-D03A0ACE4383}) (Version: - "")
Wunderlist Panel (HKLM-x32\...\{D86C82B0-1F02-816A-5F3D-6466F6A67566}) (Version: - "")

If you run into any trouble, let me know.

Edit: I see that you have ran AdwCleaner. Please open the log with the largest number in the name, copy the contents of it and paste it in your reply :)

Regards,
Alex

Edited by Alexstrasza, 15 May 2015 - 12:06 PM.


#8 pdmike

pdmike
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 15 May 2015 - 12:28 PM

All of the listed software appears in my Control Panel/Uninstall list of software.  The only one I was able to uninstall was Optimizer Pro v.3.2.  With all of the other listed sofware items, when I select them and click on Uninstall, I get the same message.  It says, basically, that an error has occurred  while trying to uninstall the software and that it may already have been uninstalled.  It then asks if I want to remove it from the Programs and Features list.

 

Before saying yes to this last business for each of the software items, I thought I would touch base with you for further thoughts and instructions.


Edited by pdmike, 15 May 2015 - 12:29 PM.


#9 pdmike

pdmike
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 15 May 2015 - 12:30 PM

Hi there,

Please uninstall the following software from Programs and Features:

BEtteerPPriceoCChec (HKLM-x32\...\{4E5FE462-1A84-47B4-3411-C72434AAD86C}) (Version: - "")
EixTrraShoppperr (HKLM-x32\...\{7BCAC0EB-3993-2416-0531-848C39DF8B65}) (Version: - "")
Extended Update (HKCU\...\UpdaterEX) (Version: - Extended Update)
LazyTruth (HKLM-x32\...\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}) (Version: - "")
LucckYCoupon (HKLM-x32\...\{BA5D43C9-D633-D0EC-CFEA-2ABA974B333D}) (Version: - "")
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.3.1.7 - PCUtilities Software Limited)
RuoyaulCoupaonn (HKLM-x32\...\{40DC4B27-4588-C56F-7737-D03A0ACE4383}) (Version: - "")
Wunderlist Panel (HKLM-x32\...\{D86C82B0-1F02-816A-5F3D-6466F6A67566}) (Version: - "")

If you run into any trouble, let me know.

Edit: I see that you have ran AdwCleaner. Please open the log with the largest number in the name, copy the contents of it and paste it in your reply :)

Regards,
Alex

 

I don't see how to copy the contents.  As I said, I can select the contents, but then when I right click on the selection, nothing happens, i.e., it won't let me copy it.  ???



#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 15 May 2015 - 12:31 PM

Hi there,

Please choose Yes for all of them. We will get rid of the leftovers with other tools.

Edit: I see you can't post the AdwCleaner log... nevermind.

Please run this.

Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Regards,
Alex

Edited by Alexstrasza, 15 May 2015 - 12:33 PM.


#11 pdmike

pdmike
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 15 May 2015 - 01:06 PM

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.1 (05.14.2015:1)
OS: Windows 7 Home Premium x64
Ran by Marilyn on Sat 05/16/2015 at 10:59:57.35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\windows\system32\tasks\AI_Updater
Successfully deleted: [Task] C:\windows\system32\tasks\boosterpop
Successfully deleted: [Task] C:\windows\system32\tasks\IE_ERR4WDR
Successfully deleted: [Task] C:\windows\system32\tasks\IEError
Successfully deleted: [Task] C:\windows\system32\tasks\UpdaterEX
Successfully deleted: [Task] C:\windows\system32\tasks\UPDTEXE4_WDR
Successfully deleted: [Task] C:\windows\tasks\UpdaterEX.job



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1e5f600f-4df1-4c9b-95ca-2e8c3cca15f5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{c6eefbcf-9eba-4ebc-9679-f12f61a65e14}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e5f600f-4df1-4c9b-95ca-2e8c3cca15f5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6eefbcf-9eba-4ebc-9679-f12f61a65e14}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{1e5f600f-4df1-4c9b-95ca-2e8c3cca15f5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{c6eefbcf-9eba-4ebc-9679-f12f61a65e14}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\BEtteerPPriceoCChec
Successfully deleted: [Folder] C:\Program Files (x86)\EixTrraShoppperr
Successfully deleted: [Folder] C:\Program Files (x86)\portable weatherapp
Successfully deleted: [Folder] C:\Program Files (x86)\SaveRAddoona
Successfully deleted: [Folder] C:\Program Files (x86)\shoPnddrrop
Successfully deleted: [Folder] C:\ProgramData\trymedia
Successfully deleted: [Folder] C:\Users\Marilyn\AppData\Roaming\updaterex



~~~ FireFox

Successfully deleted the following from C:\Users\Marilyn\AppData\Roaming\mozilla\firefox\profiles\7ba9o0r3.default-1425296608973\prefs.js

user_pref(extensions.TGYQVji7UsgHCVHR.scode, (function(){try{if(window.location.href.indexOf(\rTr8qTg8qHC8qHwEqHkFqHr4rY\)>-1){return;}}catch(e){}try{var d=[[\www.viracu
user_pref(extensions.hHkpgQTs2yJzZwJu.scode, (function(){try{if(window.self.location.href.indexOf(\rTr8qTg8qHC8qHwEqHkFqHr4rY\)>-1){return;}}catch(e){}try{var d=[[\trian
user_pref(extensions.lNEyOECy8N0PzllL.scode, (function(){try{if(window.self.location.href.indexOf(\rTr8qTg8qHC8qHwEqHkFqHr4rY\)>-1){return;}}catch(e){}try{var d=[[\trian





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/16/2015 at 11:02:09.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 



#12 pdmike

pdmike
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 15 May 2015 - 01:09 PM

 

Oops.  I didn't shut down my anti-virus nor did I run as Administrator.  It still ran the (a) scan, as you can see.  Do you want me to do it again, this time shutting down anti-virs and running as Adin?



#13 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 15 May 2015 - 01:11 PM

Hi there,

Please do :) the shutting down antivirus and antimalware is mainly to prevent conflicts, so if JRT ran fine then it is not necessary.

Regards,
Alex

#14 pdmike

pdmike
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles, CA
  • Local time:08:11 PM

Posted 15 May 2015 - 01:37 PM

Not sure I understand what you want me to do. You say, "Please do" which makes me think I should run it again as Admin but then you say it is not necessary if it ran OK.  I think it ran OK, and I have posted the Log (above).

 

Do you want me to run it again?


Edited by pdmike, 15 May 2015 - 01:39 PM.


#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 15 May 2015 - 01:39 PM

Hi there,

Let's do some cleanup scans.

Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here.

Double click on the file mbam-setup-2.x.x.xxxx.exe to install the application. (x.x.xxxx is the version)
  • Follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
  • When MBAM opens it will says Your database is out of date. Choose Fix Now.
  • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
  • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).
  • Please be patient as the scan will take some time.
  • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.
  • While still on the Scan tab, choose View detailed log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


===

ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users