Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Javascript Virus affecting Firefox

(In Progress)
(!)

Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
25-Aug-2013, 10:40 PM #1
Javascript Virus affecting Firefox
I get this when opening a new tab or window, then pop ups try to get me to click on them....
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
25-Aug-2013, 10:42 PM #2
HJT post
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:30:08 PM, on 8/25/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\ANDREW~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\File Type Assistant\TSAssist.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
D:\Desktop old\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=...&m=aspire_5515
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=...&m=aspire_5515
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=...&m=aspire_5515
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Auto run of VideoCam Suite 1.0.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: BrowserDefendert - Unknown owner - C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (file missing)
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

--
End of file - 9586 bytes
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
25-Aug-2013, 10:51 PM #3
Attach.TXT

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 7/16/2009 8:09:34 AM
System Uptime: 8/25/2013 4:55:46 AM (18 hours ago)
.
Motherboard: Acer | | Nile
Processor: AMD Athlon(tm) Processor 2650e | Socket M2/S1G1 | 1600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 70 GiB total, 28.22 GiB free.
D: is FIXED (NTFS) - 70 GiB total, 37.71 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP194: 8/10/2013 4:01:00 PM - Scheduled Checkpoint
RP195: 8/11/2013 7:48:54 AM - Windows Update
RP196: 8/14/2013 12:53:14 PM - Windows Update
RP197: 8/18/2013 6:10:01 PM - Windows Update
RP198: 8/21/2013 3:56:16 PM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
RP199: 8/21/2013 4:00:15 PM - Installed OpenOffice 4.0.0
RP200: 8/22/2013 5:43:07 PM - Windows Update
RP201: 8/23/2013 3:04:14 PM - Scheduled Checkpoint
RP202: 8/25/2013 9:30:05 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acer Assist
Acer Empowering Technology
Acer eRecovery Management
Acer Mobility Center Plug-In
Acer Registration
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader Free Download Packages
Adobe Reader XI (11.0.03)
Agatha Christie Peril at End House
Alice Greenfingers
Alien Shooter
ATI Catalyst Install Manager
AVG SafeGuard toolbar
Bookworm Adventures
C:\Program Files\Acer GameZone\GameConsole
Cake Mania
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chicken Invaders 2
Dream Day First Home
File Type Assistant
Galapago
Garmin USB Drivers
Garmin WebUpdater
Go-Go Gourmet
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
HD Tune 2.55
Heroes of Hellas
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
InterVideo WinDVD 8
Java Auto Updater
Java(TM) 6 Update 37
LaCie Device Updater
Launch Manager
LG USB Modem driver
LightScribe 1.4.142.1
Magic Farm
Magic Match Adventures
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery Solitaire - Secret Island
Mythic Mahjong
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
OpenOffice 4.0.0
OpenOffice Calc Free Download Packages
Orion
Putt Mania
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
Safe Saver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skins
Synaptics Pointing Device Driver
The Rise of Atlantis
Tiks Texas Hold em
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoCam Suite
VideoCam Suite 1.0
VLC media player 1.0.0
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Live ID Sign-in Assistant
Womens Murder Club
.
==== Event Viewer Messages From Past Week ========
.
8/25/2013 9:09:40 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
8/25/2013 10:46:05 PM, Error: Service Control Manager [7000] - The BrowserDefendert service failed to start due to the following error: The system cannot find the path specified.
8/24/2013 9:28:21 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/24/2013 9:15:00 AM, Error: Service Control Manager [7000] - The BrowserDefendert service failed to start due to the following error: The system cannot find the file specified.
8/22/2013 10:24:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Ati External Event Utility service.
8/21/2013 4:31:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.
8/21/2013 4:31:14 PM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/18/2013 5:51:06 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{1D69327A-41BE-45F5-9F83-B01C419E94E5} because another computer on the network has the same name. The server could not start.
.
==== End Of File ===========================
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
25-Aug-2013, 10:52 PM #4
DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 1.6.0_37
Run by Andrew Maul at 22:45:07 on 2013-08-25
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2813.1012 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\bgsvcgen.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\ANDREW~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\File Type Assistant\TSAssist.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vb32&d=0709&m=aspire_5515
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vb32&d=0709&m=aspire_5515
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vb32&d=0709&m=aspire_5515
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrec ordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [BkupTray] "c:\program files\newtech infosystems\nti backup now 5\BkupTray.exe"
mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe
mRun: [eRecoveryService] <no file>
StartupFolder: c:\users\andrew~1\appdata\roaming\micros~1\windows\startm~1\programs\startu p\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoru~1.lnk - c:\program files\panasonic\videocamsuite\VideoCamSuiteAutoStart.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\windows\system32\wpclsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{1D69327A-41BE-45F5-9F83-B01C419E94E5} : DHCPNameServer = 10.1.10.1
TCP: Interfaces\{D00B9979-42B9-4910-94EB-250C116767D1} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.5.0\ViProtocol.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\andrew maul\appdata\roaming\mozilla\firefox\profiles\exl8zvnc.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=667C00242B27D255&affID=119360&tsp=4964
FF - prefs.js: keyword.URL -
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.5.0\npsitesafety.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\np rndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\np rndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\np rndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\andrew maul\appdata\roaming\mozilla\firefox\profiles\exl8zvnc.default\extensions\{ 195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-08-03 22:34; 588a2804-b11d-4809-963b-a886d1e8684e...86b99379db.com; c:\users\andrew maul\appdata\roaming\mozilla\firefox\profiles\exl8zvnc.default\extensions\5 88a2804-b11d-4809-963b-a886d1e8684e@416c8902-1140-4f75-9037-bf86b99379db.com
FF - ExtSQL: 2013-08-03 22:36; ffxtlbr@delta.com; c:\users\andrew maul\appdata\roaming\mozilla\firefox\profiles\exl8zvnc.default\extensions\f fxtlbr@delta.com
FF - ExtSQL: 2013-08-21 15:32; avg@toolbar; c:\programdata\avg safeguard toolbar\firefoxext\15.5.0.2
FF - ExtSQL: !HIDDEN! 2009-07-29 10:43; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 667caab600000000000000242b27d255
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15921
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.022:36:23
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119360&tsp=4964
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-8-21 37664]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-3-3 16384]
R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2009-7-15 24576]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 107392]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-4-26 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-4-26 131072]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-4-16 39056]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\ToolbarUpdater.exe [2013-8-22 1643184]
R3 LaCieUSBFilter;Silver USB Filter (USB BUS Filter Driver);c:\windows\system32\drivers\LaCieUSBFilter.sys [2012-3-31 15872]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-6-20 295376]
S2 BrowserDefendert;BrowserDefendert;c:\programdata\browserdefender\2.6.1519.1 90\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserdefender.exe --> c:\programdata\browserdefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-12-4 24064]
S3 LaCieFWFilter;Silver 1394 Filter (1394 BUS Filter Driver);c:\windows\system32\drivers\LaCieFWFilter.sys [2012-3-31 14848]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2013-4-18 754856]
.
=============== Created Last 30 ================
.
2013-08-26 01:30:57 7166848 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b022f9ad-608f-4edf-a9ac-f761de9c9b20}\mpengine.dll
2013-08-24 02:24:05 7166848 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-08-22 21:58:25 697992 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{cb6fdb70-cb8e-46d3-a149-e745048c6221}\gapaengine.dll
2013-08-21 20:06:02 -------- d-----w- c:\program files\OpenOffice 4
2013-08-21 19:33:59 -------- d-----w- c:\users\andrew maul\appdata\roaming\24x7 Help
2013-08-21 19:33:44 -------- d-----w- c:\users\andrew maul\appdata\local\AVG SafeGuard toolbar
2013-08-21 19:32:33 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-08-21 19:32:27 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2013-08-21 19:32:26 -------- d-----w- c:\program files\common files\AVG Secure Search
2013-08-21 19:32:25 -------- d-----w- c:\program files\AVG SafeGuard toolbar
2013-08-21 19:28:26 -------- d--h--w- c:\programdata\Common Files
2013-08-14 17:04:55 -------- d-----w- c:\windows\system32\MRT
2013-08-14 15:03:43 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-14 15:03:43 15872 ----a-w- c:\windows\system32\icaapi.dll
2013-08-14 15:03:42 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 15:03:42 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-08-14 15:03:11 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-14 15:02:52 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 15:02:50 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-14 15:02:50 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-14 15:02:49 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-08-14 15:02:44 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-08-14 15:02:44 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-14 15:02:43 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-14 15:02:43 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-08-04 02:35:58 -------- d-----w- c:\users\andrew maul\appdata\roaming\1O1L1I1PtF1F1C1N
2013-08-04 02:35:14 -------- d-----w- c:\program files\Delta
2013-08-04 02:34:38 -------- d-----w- c:\programdata\BrowserDefender
2013-08-04 02:34:12 -------- d-----w- c:\programdata\Symantec
2013-08-04 02:33:58 -------- d-----w- c:\programdata\Norton
2013-08-04 02:33:51 -------- d-----w- c:\programdata\NortonInstaller
2013-08-04 02:33:32 -------- d-----w- c:\program files\Safe Saver
2013-08-04 02:32:54 -------- d-----w- c:\programdata\Babylon
2013-08-02 00:38:32 -------- d-----w- c:\users\andrew maul\appdata\local\FileTypeAssistant
2013-08-02 00:38:27 -------- d-----w- c:\program files\File Type Assistant
2013-08-01 22:05:32 -------- d-----w- c:\users\andrew maul\appdata\roaming\RealNetworks
2013-08-01 21:25:19 -------- d-----w- c:\program files\RealNetworks
2013-08-01 21:25:13 -------- d-----w- c:\programdata\RealNetworks
2013-08-01 21:24:54 -------- d-----w- c:\program files\common files\xing shared
2013-08-01 21:24:37 153736 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2013-08-01 21:24:30 124504 ----a-w- c:\program files\mozilla firefox\plugins\nprpplugin.dll
2013-08-01 21:23:58 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-08-01 21:23:58 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
==================== Find3M ====================
.
2013-08-21 19:25:01 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-21 19:25:00 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-25 02:32:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-07-25 02:26:10 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-07-25 02:25:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-25 02:23:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-25 02:23:58 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-07-25 02:22:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-19 01:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-19 01:50:08 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-04 01:50:43 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-06-01 04:06:08 505344 ----a-w- c:\windows\system32\qedit.dll
.
============= FINISH: 22:46:06.19 ===============
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
26-Aug-2013, 07:51 AM #5
GMER's quick scan...

GMER 2.1.19163 - http://www.gmer.net
Rootkit quick scan 2013-08-26 07:49:19
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\0000005c WDC_WD16 rev.1.10 149.05GB
Running: 1v6bsiwt.exe; Driver: C:\Users\ANDREW~1\AppData\Local\Temp\kgtyauog.sys


---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- Devices - GMER 2.1 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys

---- EOF - GMER 2.1 ----
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
26-Aug-2013, 11:09 PM #6
GMER's C drive scan...
Arc2.log I can't attach because it's too big. It's over 10 MB in size but the biggest txt file TSG allows is 1 MB. Zipping it doesn't help, as it's 0.7 MB in size and the biggest zip TSG allows is 0.5 MB. Please advise...
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
26-Aug-2013, 11:24 PM #7
BTW, GMER took about 12 hours to scan my C drive.
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
28-Aug-2013, 12:19 AM #8
I split Arc2 into 2 parts, 2a and 2b, zipped and attached them here...
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
28-Aug-2013, 12:26 AM #9
BTW, before posting to TSG, I did a complete scan by MalwareBytes which found lots -- I had MalwareBytes remove what it could, but my computer is still acting funny as described at the initial post here.
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
28-Aug-2013, 12:01 PM #10
Currently, the JavaScript popup error shown in the initial post doesn't come up any more, but the irritating ads keep on opening new windows and ad popups.
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
29-Aug-2013, 02:21 AM #11
bump
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 96,997 posts.
 
Join Date: Aug 2003
30-Aug-2013, 10:20 AM #12
Please download ADWCleaner. Click on the Download Now button and save it to your desktop.

Close your browser and double-click on the AdwCleaner icon on your desktop to run the program.

Click on the Scan button. It may take several minutes to complete. When it is done click on the Report button and copy and paste the log here please.
__________________
Microsoft MVP - Consumer Security
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
30-Aug-2013, 11:02 AM #13
# AdwCleaner v3.001 - Report created 30/08/2013 at 10:27:02
# Updated 24/08/2013 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : Andrew Maul - ANDREWMAUL-PC
# Running from : C:\Users\Andrew Maul\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : BrowserDefendert

***** [ Files / Folders ] *****

File Found : C:\Users\Andrew Maul\AppData\Roaming\Mozilla\Firefox\Profiles\exl8zvnc.default\bProtector_e xtensions.rdf
File Found : C:\Users\Andrew Maul\AppData\Roaming\Mozilla\Firefox\Profiles\exl8zvnc.default\bprotector_e xtensions.sqlite
File Found : C:\Users\Andrew Maul\AppData\Roaming\Mozilla\Firefox\Profiles\exl8zvnc.default\bprotector_p refs.js
File Found : C:\Users\Andrew Maul\AppData\Roaming\Mozilla\Firefox\Profiles\exl8zvnc.default\searchplugin s\Babylon.xml
File Found : C:\Users\Andrew Maul\AppData\Roaming\Mozilla\Firefox\Profiles\exl8zvnc.default\searchplugin s\BrowserDefender.xml
File Found : C:\Users\Andrew Maul\AppData\Roaming\Mozilla\Firefox\Profiles\exl8zvnc.default\user.js
File Found : C:\Windows\System32\Tasks\BrowserDefendert
File Found : C:\Windows\System32\Tasks\EPUpdater
Folder Found : C:\Users\Andrew Maul\AppData\Roaming\Mozilla\Firefox\Profiles\exl8zvnc.default\Extensions\f fxtlbr@delta.com
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\delta
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\BrowserDefender
Folder Found C:\Users\Andrew Maul\AppData\LocalLow\delta
Folder Found C:\Users\Andrew Maul\AppData\Roaming\24x7 help
Folder Found C:\Users\Andrew Maul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\5d0d98ae56dbe47
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\5d0d98ae56dbe47
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0033254.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0033254.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0033254.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\BrowserDefendert
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\BrowserDefendert
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=667C00242B27D255&affID=119360&tsp=4964
hxxp://global.acer.com

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Andrew Maul\AppData\Roaming\Mozilla\Firefox\Profiles\exl8zvnc.default\prefs.js ]

Line Found : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=667C00242B27D255&affID=119360&tsp=4964");
Line Found : user_pref("browser.search.order.1", "Delta Search");
Line Found : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=667C00242B27D255&affID=119360&tsp=4964");
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.backgroundjs", "\n\n/*************************************************************************** **[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.js", "\n\n /*************************************************************************** *********\[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_13.name", "CrossriderAppUtils");
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_14.name", "CrossriderUtils");
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}() );[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_78.name", "CrossriderInfo");
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Line Found : user_pref("extensions.a588a2804b11d4809963ba886d1e8684e416c890211404f759037 bf86b99379dbcom33254.33254.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Line Found : user_pref("extensions.crossrider.bic", "140ae0cf8d0e2b0d57eacde203d33d4e");
Line Found : user_pref("extensions.delta.admin", false);
Line Found : user_pref("extensions.delta.aflt", "babsst");
Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Found : user_pref("extensions.delta.autoRvrt", "false");
Line Found : user_pref("extensions.delta.dfltLng", "en");
Line Found : user_pref("extensions.delta.excTlbr", false);
Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
Line Found : user_pref("extensions.delta.id", "667caab600000000000000242b27d255");
Line Found : user_pref("extensions.delta.instlDay", "15921");
Line Found : user_pref("extensions.delta.instlRef", "sst");
Line Found : user_pref("extensions.delta.newTab", false);
Line Found : user_pref("extensions.delta.prdct", "delta");
Line Found : user_pref("extensions.delta.prtnrId", "delta");
Line Found : user_pref("extensions.delta.rvrt", "false");
Line Found : user_pref("extensions.delta.smplGrp", "none");
Line Found : user_pref("extensions.delta.tlbrId", "base");
Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Found : user_pref("extensions.delta.vrsn", "1.8.22.0");
Line Found : user_pref("extensions.delta.vrsnTs", "1.8.22.022:36:23");
Line Found : user_pref("extensions.delta.vrsni", "1.8.22.0");
Line Found : user_pref("extensions.delta_i.babExt", "");
Line Found : user_pref("extensions.delta_i.babTrack", "affID=119360&tsp=4964");
Line Found : user_pref("extensions.delta_i.srcExt", "ss");
Line Found : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\Windows\\\\Microsoft.NET\\\\Framewo rk\\\\v3.5\\\\W[...]

*************************

AdwCleaner[R0].txt - [15284 octets] - [30/08/2013 10:27:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15345 octets] ##########
Android's Avatar
Android Android is offline
Member with 290 posts.
THREAD STARTER
 
Join Date: Oct 2006
30-Aug-2013, 11:10 AM #14
Also, AdwCleaner has checked to clean...
BrowserDefendert
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 96,997 posts.
 
Join Date: Aug 2003
30-Aug-2013, 11:24 AM #15
If you still have AdwCleaner open then click on the Clean button to remove everything it found. If you've closed it then run another scan and then click on the Clean button. Then post the new log please.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑