User Tag List

spyware/popup issues

This is a discussion on spyware/popup issues within the Resolved HJT Threads forums, part of the Tech Support Forum category. I need help with adware on my machine. every site I visit is swamped with popups. I am following the


 
 
Thread Tools Search this Thread
Old 04-03-2016, 05:31 AM   #1
Registered Member
 
Join Date: Feb 2016
Location: Ireland
Posts: 16
OS: Windows Vista



I need help with adware on my machine. every site I visit is swamped with popups. I am following the process of the malware topic now & will post my results here as I go along.I hope I have done everything right here :)

dds.txt

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16749 BrowserJavaVersion: 11.77.2
Run by Curry at 12:45:46 on 2016-04-03
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.2036.417 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MediatekWiFi\Common\RaUI.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe
C:\Program Files\GNU\GnuPG\dirmngr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\MediatekWiFi\Common\RaRegistry.exe
C:\Program Files\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\node.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Windows\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Windows\explorer.exe
c:\PROGRA~1\COMMON~1\mcafee\updmgr\307041~1.1\MCUPDA~1.EXE
C:\Program Files\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\node.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Curry\Downloads\AdwCleaner.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=itm&hsimp=yhs-001&type=jmb_sumalq_16_12&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dgb%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzuyB0C0D0DzytD0AyD0Bzz0BtDtBzytCyEtN0D0Tzu0StCyDyEyBtN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StAyDyDzy0C0CyDyEtGyD0Fzz0BtGyB0FyEzytGtCtAyE0BtGzytAtDyCtByEyB0DtAzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDtDtAzytCzytAtGyBtA0BzytGyEzztCzytGzy0Azy0FtGyDtD0ByEyDtB0A0DtAtBtAzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D1022503598%26a%3Djmb_sumalq_16_12%26os_ver%3D6%26os%3DWindows%2BVista%2B(TM)%2BHome%2BBasic
uSearch Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=GB&userid=5d8ef566-5d00-64fe-75e1-4b817244805f&searchtype=ds&q={searchTerms}&installDate=03/11/2013
mStart Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=itm&hsimp=yhs-001&type=jmb_sumalq_16_12&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dgb%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzuyB0C0D0DzytD0AyD0Bzz0BtDtBzytCyEtN0D0Tzu0StCyDyEyBtN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StAyDyDzy0C0CyDyEtGyD0Fzz0BtGyB0FyEzytGtCtAyE0BtGzytAtDyCtByEyB0DtAzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDtDtAzytCzytAtGyBtA0BzytGyEzztCzytGzy0Azy0FtGyDtD0ByEyDtB0A0DtAtBtAzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D1022503598%26a%3Djmb_sumalq_16_12%26os_ver%3D6%26os%3DWindows%2BVista%2B(TM)%2BHome%2BBasic
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=GB&userid=5d8ef566-5d00-64fe-75e1-4b817244805f&searchtype=ds&q={searchTerms}&installDate=03/11/2013
BHO: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_77\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_77\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [hpqSRMon] <no file>
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mediat~1.lnk - c:\program files\mediatekwifi\common\RaUI.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TCP: NameServer = 82.163.143.171 82.163.142.173
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{007100D9-2C08-4DED-92F8-46D89AD8F975} : NameServer = 82.163.143.171 82.163.142.173
TCP: Interfaces\{007100D9-2C08-4DED-92F8-46D89AD8F975} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{872D1E90-B39F-4F3E-A3BE-A3B7F4A410D0} : NameServer = 82.163.143.171 82.163.142.173
TCP: Interfaces\{872D1E90-B39F-4F3E-A3BE-A3B7F4A410D0} : DHCPNameServer = 82.163.143.171
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\49.0.2623.110\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\curry\appdata\roaming\mozilla\firefox\profiles\41svd052.default\
FF - prefs.js: browser.search.selectedEngine - Search Provided by Yahoo
FF - prefs.js: keyword.URL - hxxps://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p=
FF - prefs.js: browser.startup.homepage - hxxps://uk.search.yahoo.com/yhs/web?hspart=itm&hsimp=yhs-001&type=jmb_sumalq_16_12&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dgb%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzuyB0C0D0DzytD0AyD0Bzz0BtDtBzytCyEtN0D0Tzu0StCyDyEyBtN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StAyDyDzy0C0CyDyEtGyD0Fzz0BtGyB0FyEzytGtCtAyE0BtGzytAtDyCtByEyB0DtAzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDtDtAzytCzytAtGyBtA0BzytGyEzztCzytGzy0Azy0FtGyDtD0ByEyDtB0A0DtAtBtAzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D1022503598%26a%3Djmb_sumalq_16_12%26os_ver%3D6%26os%3DWindows%2BVista%2B(TM)%2BHome%2BBasic
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfedisk;McAfee AAC Disk Filter Driver;c:\windows\system32\drivers\mfedisk.sys [2015-2-17 82800]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2015-2-17 648552]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2015-2-17 217584]
R2 BT Help Wizard;BT Help Wizard;c:\program files\bt broadband desktop help\btbb\ma\8.4.0.53.bt.10\ma\bin\MAHostService.exe [2014-4-9 321024]
R2 DirMngr;DirMngr;c:\program files\gnu\gnupg\dirmngr.exe [2013-10-7 218112]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 HomeNetSvc;McAfee Home Network;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2016-3-29 291816]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2016-3-29 132160]
R2 McAPExe;McAfee AP Service;c:\program files\mcafee\msc\McAPExe.exe [2016-3-29 690408]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2016-3-29 291816]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2016-3-29 291816]
R2 mcpltsvc;McAfee Platform Services;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2016-3-29 291816]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2016-3-29 291816]
R2 MediatekRegistryWriter;MediatekRegistryWriter;c:\program files\mediatekwifi\common\RaRegistry.exe [2016-1-20 405136]
R2 mfemms;McAfee Service Controller;c:\program files\common files\mcafee\systemcore\mfemms.exe [2016-3-29 334576]
R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2015-12-30 375608]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2015-2-17 61848]
R3 mfeaack;McAfee Inc. mfeaack;c:\windows\system32\drivers\mfeaack.sys [2015-2-17 304928]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2015-2-17 260248]
R3 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2016-3-29 196600]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2015-2-17 371648]
R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [2015-1-16 380496]
R3 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2016-3-29 238288]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2016-1-20 2833296]
S2 0019141459277590mcinstcleanup;McAfee Application Installer Cleanup (0019141459277590);c:\windows\temp\001914~1.exe -cleanup -nolog --> c:\windows\temp\001914~1.EXE -cleanup -nolog [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\norton internet security\engine\16.0.0.125\ccsvchst.exe" /s "norton internet security" /m "c:\program files\norton internet security\engine\16.0.0.125\dimaster.dll" /prefetch:1 --> c:\program files\norton internet security\engine\16.0.0.125\ccSvcHst.exe [?]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2016-3-29 147912]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.11.266\McCHSvc.exe [2015-12-2 235696]
S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [2015-1-16 80760]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2013-8-6 18944]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="c:\windows\system32\NOTEPAD.EXE" %1
FileExt: .ini: inifile="c:\windows\system32\NOTEPAD.EXE" %1
FileExt: .inf: inffile="c:\windows\system32\NOTEPAD.EXE" %1
.
=============== Created Last 30 ================
.
2016-04-03 11:33:32 -------- d-----w- C:\AdwCleaner
2016-04-03 09:40:07 -------- d-----w- c:\programdata\5d932e67-47d5-1
2016-04-03 09:40:07 -------- d-----w- c:\programdata\5d932e67-0111-0
2016-04-03 03:40:00 -------- d-----w- c:\programdata\5d932e67-6d55-0
2016-04-03 03:40:00 -------- d-----w- c:\programdata\5d932e67-2ce7-1
2016-04-02 21:40:00 -------- d-----w- c:\programdata\5d932e67-3341-0
2016-04-02 21:40:00 -------- d-----w- c:\programdata\5d932e67-25b7-1
2016-04-02 15:40:00 -------- d-----w- c:\programdata\5d932e67-7623-1
2016-04-02 15:40:00 -------- d-----w- c:\programdata\5d932e67-4657-0
2016-04-02 09:40:00 -------- d-----w- c:\programdata\5d932e67-71c1-0
2016-04-02 09:40:00 -------- d-----w- c:\programdata\5d932e67-6645-1
2016-04-02 03:40:00 -------- d-----w- c:\programdata\5d932e67-6671-1
2016-04-02 03:40:00 -------- d-----w- c:\programdata\5d932e67-5737-0
2016-04-01 21:40:00 -------- d-----w- c:\programdata\5d932e67-4fb7-0
2016-04-01 21:40:00 -------- d-----w- c:\programdata\5d932e67-0657-1
2016-04-01 15:40:00 -------- d-----w- c:\programdata\5d932e67-69c3-0
2016-04-01 15:40:00 -------- d-----w- c:\programdata\5d932e67-3241-1
2016-04-01 09:40:02 -------- d-----w- c:\programdata\5d932e67-6cc7-1
2016-04-01 09:40:02 -------- d-----w- c:\programdata\5d932e67-0dc3-0
2016-04-01 03:40:00 -------- d-----w- c:\programdata\5d932e67-1fe1-0
2016-04-01 03:40:00 -------- d-----w- c:\programdata\5d932e67-1523-1
2016-03-31 21:40:00 -------- d-----w- c:\programdata\5d932e67-65b5-1
2016-03-31 21:40:00 -------- d-----w- c:\programdata\5d932e67-2335-0
2016-03-31 15:40:00 -------- d-----w- c:\programdata\5d932e67-7b67-0
2016-03-31 15:40:00 -------- d-----w- c:\programdata\5d932e67-2e87-1
2016-03-31 09:40:00 -------- d-----w- c:\programdata\5d932e67-7777-0
2016-03-31 09:40:00 -------- d-----w- c:\programdata\5d932e67-3aa5-1
2016-03-31 03:40:00 -------- d-----w- c:\programdata\5d932e67-4f35-1
2016-03-31 03:40:00 -------- d-----w- c:\programdata\5d932e67-4e25-0
2016-03-30 21:40:00 -------- d-----w- c:\programdata\5d932e67-7c05-1
2016-03-30 21:40:00 -------- d-----w- c:\programdata\5d932e67-41d1-0
2016-03-30 15:40:00 -------- d-----w- c:\programdata\5d932e67-6d71-0
2016-03-30 15:40:00 -------- d-----w- c:\programdata\5d932e67-4641-1
2016-03-30 09:40:00 -------- d-----w- c:\programdata\5d932e67-5197-1
2016-03-30 09:40:00 -------- d-----w- c:\programdata\5d932e67-1b65-0
2016-03-30 03:40:01 -------- d-----w- c:\programdata\5d932e67-7075-1
2016-03-30 03:40:01 -------- d-----w- c:\programdata\5d932e67-2b81-0
2016-03-29 21:40:44 -------- d-----w- c:\programdata\5d932e67-4391-0
2016-03-29 21:40:30 -------- d-----w- c:\programdata\5d932e67-1297-1
2016-03-29 18:43:14 147912 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2016-03-29 18:26:53 238288 ----a-w- c:\windows\system32\mfevtps.exe
2016-03-11 22:40:04 -------- d-----w- c:\programdata\5d932e67-55d5-0
2016-03-11 22:40:04 -------- d-----w- c:\programdata\5d932e67-02f3-1
2016-03-09 16:40:02 -------- d-----w- c:\programdata\5d932e67-23a3-0
2016-03-09 16:40:01 -------- d-----w- c:\programdata\5d932e67-0b51-1
2016-03-09 10:40:02 -------- d-----w- c:\programdata\5d932e67-0617-0
2016-03-09 10:40:01 -------- d-----w- c:\programdata\5d932e67-11c1-1
2016-03-09 04:40:02 -------- d-----w- c:\programdata\5d932e67-2337-0
2016-03-09 04:40:02 -------- d-----w- c:\programdata\5d932e67-0805-1
2016-03-09 03:14:58 802304 ----a-w- c:\windows\system32\advapi32.dll
2016-03-09 03:14:57 783872 ----a-w- c:\windows\system32\rpcrt4.dll
2016-03-09 03:14:57 64000 ----a-w- c:\windows\system32\smss.exe
2016-03-09 03:14:57 49664 ----a-w- c:\windows\system32\csrsrv.dll
2016-03-09 03:14:57 1208776 ----a-w- c:\windows\system32\ntdll.dll
2016-03-09 03:14:56 3609024 ----a-w- c:\windows\system32\ntkrnlpa.exe
2016-03-09 03:14:56 3556800 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-03-09 03:14:37 19968 ----a-w- c:\windows\system32\seclogon.dll
2016-03-09 03:14:18 34304 ----a-w- c:\windows\system32\atmlib.dll
2016-03-09 03:14:18 297472 ----a-w- c:\windows\system32\atmfd.dll
2016-03-09 03:13:46 707584 ----a-w- c:\program files\common files\system\wab32.dll
2016-03-09 03:13:46 65536 ----a-w- c:\program files\windows mail\wabmig.exe
2016-03-09 03:13:46 515584 ----a-w- c:\program files\windows mail\wab.exe
2016-03-09 03:13:46 41984 ----a-w- c:\program files\windows mail\wabimp.dll
2016-03-09 03:13:46 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2016-03-09 03:13:26 89600 ----a-w- c:\windows\system32\olepro32.dll
2016-03-09 03:13:26 67072 ----a-w- c:\windows\system32\asycfilt.dll
2016-03-09 03:13:26 564736 ----a-w- c:\windows\system32\oleaut32.dll
2016-03-09 03:01:59 2068992 ----a-w- c:\windows\system32\win32k.sys
2016-03-08 22:40:01 -------- d-----w- c:\programdata\5d932e67-36c7-1
2016-03-08 22:40:01 -------- d-----w- c:\programdata\5d932e67-0fd3-0
2016-03-08 16:40:01 -------- d-----w- c:\programdata\5d932e67-0771-0
2016-03-08 16:40:00 -------- d-----w- c:\programdata\5d932e67-1e17-1
2016-03-08 10:40:01 -------- d-----w- c:\programdata\5d932e67-5e05-0
2016-03-08 10:40:01 -------- d-----w- c:\programdata\5d932e67-4583-1
2016-03-08 04:40:00 -------- d-----w- c:\programdata\5d932e67-6687-0
2016-03-08 04:40:00 -------- d-----w- c:\programdata\5d932e67-1013-1
2016-03-07 22:40:01 -------- d-----w- c:\programdata\5d932e67-5ef3-0
2016-03-07 22:40:01 -------- d-----w- c:\programdata\5d932e67-5cc7-1
2016-03-06 16:40:04 -------- d-----w- c:\programdata\5d932e67-5303-0
2016-03-06 16:40:03 -------- d-----w- c:\programdata\5d932e67-7403-1
2016-03-06 04:40:00 -------- d-----w- c:\programdata\5d932e67-74f5-1
2016-03-06 04:40:00 -------- d-----w- c:\programdata\5d932e67-62e1-0
2016-03-05 22:40:00 -------- d-----w- c:\programdata\5d932e67-4a73-0
2016-03-05 22:40:00 -------- d-----w- c:\programdata\5d932e67-1915-1
2016-03-05 16:40:00 -------- d-----w- c:\programdata\5d932e67-6ba3-1
2016-03-05 16:40:00 -------- d-----w- c:\programdata\5d932e67-5173-0
2016-03-05 10:40:00 -------- d-----w- c:\programdata\5d932e67-52a3-0
2016-03-05 10:40:00 -------- d-----w- c:\programdata\5d932e67-26f1-1
2016-03-05 04:40:01 -------- d-----w- c:\programdata\5d932e67-71e1-1
2016-03-05 04:40:01 -------- d-----w- c:\programdata\5d932e67-6bf5-0
2016-03-04 22:40:01 -------- d-----w- c:\programdata\5d932e67-2bb3-0
2016-03-04 22:40:00 -------- d-----w- c:\programdata\5d932e67-0f93-1
.
==================== Find3M ====================
.
2016-03-29 18:10:55 797376 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-03-29 18:10:55 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-03-27 08:30:00 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-02-23 18:02:56 87608 ----a-w- c:\users\curry\appdata\roaming\inst.exe
2016-02-23 18:02:56 47360 ----a-w- c:\users\curry\appdata\roaming\pcouffin.sys
2016-02-09 00:17:02 1815552 ----a-w- c:\windows\system32\jscript9.dll
2016-02-09 00:13:45 367616 ----a-w- c:\windows\system32\html.iec
2016-02-09 00:11:33 1129472 ----a-w- c:\windows\system32\wininet.dll
2016-02-09 00:10:42 424960 ----a-w- c:\windows\system32\vbscript.dll
2016-02-09 00:10:40 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2016-02-09 00:10:15 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2016-02-09 00:09:46 11776 ----a-w- c:\windows\system32\mshta.exe
2016-02-09 00:09:32 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2016-01-30 03:09:19 324608 ----a-w- c:\windows\system32\sdohlp.dll
2016-01-30 03:09:17 323072 ----a-w- c:\windows\system32\sbe.dll
2016-01-30 03:09:17 153088 ----a-w- c:\windows\system32\sbeio.dll
2016-01-30 03:09:11 429056 ----a-w- c:\windows\system32\EncDec.dll
2016-01-30 03:09:11 293376 ----a-w- c:\windows\system32\psisdecd.dll
2016-01-30 03:09:11 217600 ----a-w- c:\windows\system32\psisrndr.ax
2016-01-30 03:09:04 1316864 ----a-w- c:\windows\system32\ole32.dll
2016-01-30 03:08:46 107520 ----a-w- c:\windows\system32\mtxoci.dll
2016-01-30 03:08:43 80896 ----a-w- c:\windows\system32\MSNP.ax
2016-01-30 03:08:43 180224 ----a-w- c:\windows\system32\msorcl32.dll
2016-01-30 03:08:34 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2016-01-30 03:08:31 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2016-01-30 03:08:11 57344 ----a-w- c:\windows\system32\iasads.dll
2016-01-30 03:08:11 48128 ----a-w- c:\windows\system32\iasdatastore.dll
2016-01-30 03:08:11 119296 ----a-w- c:\windows\system32\iasrecst.dll
2016-01-30 01:32:16 17408 ----a-w- c:\windows\system32\iashost.exe
2016-01-09 1723 501760 ----a-w- c:\windows\system32\kerberos.dll
2016-01-07 15:18:47 115200 ----a-w- c:\windows\system32\drivers\mrxdav.sys
.
============= FINISH: 12:48:27.19 ===============
Attached Files
File Type: txt attach.txt (13.0 KB, 21 views)
Garyc85 is offline  
Sponsored Links
Advertisement
 
Old 04-03-2016, 10:53 AM   #2
Registered Member
 
Join Date: Feb 2016
Location: Ireland
Posts: 16
OS: Windows Vista



I have seen down this page someone has the exact same issue and pop up type. Is it wise for me to move through the same steps that dude was given by support without having the above checked?
Garyc85 is offline  
Old 04-03-2016, 11:25 PM   #3
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello Garyc85,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Please download to and run all requested tools from your Desktop.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My native language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
Back up important files before we start.

Now, let's get started, shall we? Please do the below steps.

STEP 1

Please launch AdwCleaner

Run AdwCleaner and select Scan
Once the Scan is done, select Cleaning
Once done it will ask to reboot, please allow the reboot.
On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
Please copy/paste the contents of the log in your next reply.

STEP 2

Please download Farbar Recovery Scan Tool and save it to your desktop.

Double-click to run it. When the tool opens click Yes to the disclaimer.
Make sure the Addition.txt button is ticked.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.
__________________
tekir06 is offline  
Sponsored Links
Advertisement
 
Old 04-03-2016, 11:27 PM   #4
Registered Member
 
Join Date: Feb 2016
Location: Ireland
Posts: 16
OS: Windows Vista



# AdwCleaner v5.108 - Logfile created 03/04/2016 at 15:13:22
# Updated 30/03/2016 by Xplode
# Database : 2016-03-30.1 [Server]
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (x86)
# Username : Curry - CURRYHOME-PC
# Running from : C:\Users\Curry\Downloads\AdwCleaner.exe
# Option : Clean
# Support : ToolsLib - Forum: Ask for help or share your experience.

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Ask
[+] Folder Deleted : C:\ProgramData\Browser Manager
[-] Folder Deleted : C:\ProgramData\58b0ac23-1df3-1
[-] Folder Deleted : C:\ProgramData\58b0ac23-7483-0
[-] Folder Deleted : C:\ProgramData\5d932e67-0111-0
[-] Folder Deleted : C:\ProgramData\5d932e67-02f3-1
[-] Folder Deleted : C:\ProgramData\5d932e67-0617-0
[-] Folder Deleted : C:\ProgramData\5d932e67-0657-1
[-] Folder Deleted : C:\ProgramData\5d932e67-0771-0
[-] Folder Deleted : C:\ProgramData\5d932e67-0805-1
[-] Folder Deleted : C:\ProgramData\5d932e67-0b51-1
[-] Folder Deleted : C:\ProgramData\5d932e67-0dc3-0
[-] Folder Deleted : C:\ProgramData\5d932e67-0f93-1
[-] Folder Deleted : C:\ProgramData\5d932e67-0fd3-0
[-] Folder Deleted : C:\ProgramData\5d932e67-1013-1
[-] Folder Deleted : C:\ProgramData\5d932e67-11c1-1
[-] Folder Deleted : C:\ProgramData\5d932e67-1297-1
[-] Folder Deleted : C:\ProgramData\5d932e67-1523-1
[-] Folder Deleted : C:\ProgramData\5d932e67-1915-1
[-] Folder Deleted : C:\ProgramData\5d932e67-1b65-0
[-] Folder Deleted : C:\ProgramData\5d932e67-1e17-1
[-] Folder Deleted : C:\ProgramData\5d932e67-1fe1-0
[-] Folder Deleted : C:\ProgramData\5d932e67-2335-0
[-] Folder Deleted : C:\ProgramData\5d932e67-2337-0
[-] Folder Deleted : C:\ProgramData\5d932e67-23a3-0
[-] Folder Deleted : C:\ProgramData\5d932e67-25b7-1
[-] Folder Deleted : C:\ProgramData\5d932e67-26f1-1
[-] Folder Deleted : C:\ProgramData\5d932e67-2b81-0
[-] Folder Deleted : C:\ProgramData\5d932e67-2bb3-0
[-] Folder Deleted : C:\ProgramData\5d932e67-2ce7-1
[-] Folder Deleted : C:\ProgramData\5d932e67-2e87-1
[-] Folder Deleted : C:\ProgramData\5d932e67-3241-1
[-] Folder Deleted : C:\ProgramData\5d932e67-3341-0
[-] Folder Deleted : C:\ProgramData\5d932e67-36c7-1
[-] Folder Deleted : C:\ProgramData\5d932e67-3aa5-1
[-] Folder Deleted : C:\ProgramData\5d932e67-41d1-0
[-] Folder Deleted : C:\ProgramData\5d932e67-4391-0
[-] Folder Deleted : C:\ProgramData\5d932e67-4583-1
[-] Folder Deleted : C:\ProgramData\5d932e67-4641-1
[-] Folder Deleted : C:\ProgramData\5d932e67-4657-0
[-] Folder Deleted : C:\ProgramData\5d932e67-46d5-0
[-] Folder Deleted : C:\ProgramData\5d932e67-47d5-1
[-] Folder Deleted : C:\ProgramData\5d932e67-4a73-0
[-] Folder Deleted : C:\ProgramData\5d932e67-4e25-0
[-] Folder Deleted : C:\ProgramData\5d932e67-4f35-1
[-] Folder Deleted : C:\ProgramData\5d932e67-4fb7-0
[-] Folder Deleted : C:\ProgramData\5d932e67-5173-0
[-] Folder Deleted : C:\ProgramData\5d932e67-5197-1
[-] Folder Deleted : C:\ProgramData\5d932e67-52a3-0
[-] Folder Deleted : C:\ProgramData\5d932e67-5303-0
[-] Folder Deleted : C:\ProgramData\5d932e67-55d5-0
[-] Folder Deleted : C:\ProgramData\5d932e67-5737-0
[-] Folder Deleted : C:\ProgramData\5d932e67-5cc7-1
[-] Folder Deleted : C:\ProgramData\5d932e67-5e05-0
[-] Folder Deleted : C:\ProgramData\5d932e67-5ef3-0
[-] Folder Deleted : C:\ProgramData\5d932e67-62e1-0
[-] Folder Deleted : C:\ProgramData\5d932e67-65b5-1
[-] Folder Deleted : C:\ProgramData\5d932e67-6645-1
[-] Folder Deleted : C:\ProgramData\5d932e67-6671-1
[-] Folder Deleted : C:\ProgramData\5d932e67-6687-0
[-] Folder Deleted : C:\ProgramData\5d932e67-69c3-0
[-] Folder Deleted : C:\ProgramData\5d932e67-6ba3-1
[-] Folder Deleted : C:\ProgramData\5d932e67-6bf5-0
[-] Folder Deleted : C:\ProgramData\5d932e67-6cc7-1
[-] Folder Deleted : C:\ProgramData\5d932e67-6d55-0
[-] Folder Deleted : C:\ProgramData\5d932e67-6d71-0
[-] Folder Deleted : C:\ProgramData\5d932e67-7075-1
[-] Folder Deleted : C:\ProgramData\5d932e67-71c1-0
[-] Folder Deleted : C:\ProgramData\5d932e67-71e1-1
[-] Folder Deleted : C:\ProgramData\5d932e67-7403-1
[-] Folder Deleted : C:\ProgramData\5d932e67-74f5-1
[-] Folder Deleted : C:\ProgramData\5d932e67-7623-1
[-] Folder Deleted : C:\ProgramData\5d932e67-7777-0
[-] Folder Deleted : C:\ProgramData\5d932e67-7b67-0
[-] Folder Deleted : C:\ProgramData\5d932e67-7c05-1
[-] Folder Deleted : C:\ProgramData\5d932e67-7c75-0
[-] Folder Deleted : C:\ProgramData\f1fff9cc
[-] Folder Deleted : C:\ProgramData\{15803ab3-512c-0}
[-] Folder Deleted : C:\ProgramData\{23770d64-412c-1}
[-] Folder Deleted : C:\Users\Curry\AppData\Local\MalwareProtectionLive
[-] Folder Deleted : C:\Users\Curry\AppData\Local\YSearchUtil
[-] Folder Deleted : C:\Users\Curry\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Curry\AppData\LocalLow\Smartbar
[-] Folder Deleted : C:\Users\Curry\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\YSearchUtil

***** [ Files ] *****

[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d16fk4ms6rqz1v.cloudfront.net_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d19tqk5t6qcjac.cloudfront.net_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d22j4fzzszoii2.cloudfront.net_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utop.it_0.localstorage
[-] File Deleted : C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utop.it_0.localstorage-journal
[-] File Deleted : C:\Users\Curry\AppData\Roaming\Mozilla\Firefox\Profiles\41svd052.default\searchplugins\yahoo_ff.xml
[-] File Deleted : C:\Users\Curry\AppData\Roaming\Mozilla\Firefox\Profiles\41svd052.default\searchplugins\Search Provided by Yahoo.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{f1fff9cc}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
[-] Key Deleted : HKCU\Software\DataMngr_Toolbar
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\SoftSuma
[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[-] Key Deleted : HKLM\SOFTWARE\SearchquSRTB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{02CBE8F2-87C4-4FD3-9010-08C7C9465B0D}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E7B5B31E-35D5-444A-85E1-C682FCD2119F}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9B2DF106-1EE9-4D65-8712-DF96AEBA169D}
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{007100D9-2C08-4DED-92F8-46D89AD8F975} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{872D1E90-B39F-4F3E-A3BE-A3B7F4A410D0} [NameServer]
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.XViD-LiViDiTY
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cloudfront.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchnu.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com

***** [ Web browsers ] *****

[-] [C:\Users\Curry\AppData\Roaming\Mozilla\Firefox\Profiles\41svd052.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxps://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p=");
[-] [C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : amfclgbdpgndipgoegfpkkgobahigbcl
[-] [C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dknkjnkhedbanphkkpbpcgoblmkbfhlf
[-] [C:\Users\Curry\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [13985 bytes] - [03/04/2016 15:13:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [14077 bytes] - [03/04/2016 12:33:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [14151 bytes] - [03/04/2016 13:04:23]
C:\AdwCleaner\AdwCleaner[S3].txt - [14225 bytes] - [03/04/2016 15:07:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [14281 bytes] ##########
Garyc85 is offline  
Old 04-04-2016, 10:40 AM   #5
Registered Member
 
Join Date: Feb 2016
Location: Ireland
Posts: 16
OS: Windows Vista



Here is the results of farbar
Attached Files
File Type: txt FRST.txt (39.8 KB, 32 views)
File Type: txt Addition.txt (41.5 KB, 29 views)
Garyc85 is offline  
Old 04-05-2016, 01:50 AM   #6
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello Garyc85,

Thanks for the logs. AdwCleaner has done a nice job. Now let's fix what I saw in FRST logs. Before we get started, I should remind you two issues.

I wanted to save your desktop for FRST.

From FRST.txt:
Quote:
Running from C:\Users\Curry\Downloads
==========================================================

Your Windows Defender disabled an out of date. From Addition.txt
Quote:
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
=========================================================

I see you have P2P software (µTorrent and Vuze) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

A reference for the risk of these programs is here

I would strongly recommend that you uninstall it. You can do so via Control Panel >> Programs and Features

=========================================================

Please do the following.

Open Notepad (Start > All Programs > Accessories > Notepad).
Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
Save it as fixlist.txt next to FRST.exe

NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.
Code:
start
CreateRestorePoint:
HKLM\...\Run: [hpqSRMon] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-3636820267-1660532881-3041002845-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=GB&userid=5d8ef566-5d00-64fe-75e1-4b817244805f&searchtype=ds&q={searchTerms}&installDate=03/11/2013
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
FF Extension: New Tab by Yahoo - C:\Program Files\Mozilla Firefox\browser\extensions\[email protected] [2015-11-23] [not signed]
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.110\ppGoogleNaClPluginChrome.dll => No File
CHR HKLM\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3636820267-1660532881-3041002845-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CMD: bitsadmin /reset /allusers
EmptyTemp:
end
Double-click FRST to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
Click the Fix button just once, and wait.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after the restart.
When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
__________________
tekir06 is offline  
Old 04-06-2016, 09:30 AM   #7
Registered Member
 
Join Date: Feb 2016
Location: Ireland
Posts: 16
OS: Windows Vista



Hi, Yes everything seems to have been repaired as iv no pop-ups at all and my machine is going stong & fast :).

I removed both of the P2P programs within the last few days, I seen it should be removed in another topic, so thank you :)

I will post my reply of the next step when it completes, thank you!
Garyc85 is offline  
Old 04-06-2016, 10:00 AM   #8
Registered Member
 
Join Date: Feb 2016
Location: Ireland
Posts: 16
OS: Windows Vista



ix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by Curry (2016-04-06 17:18:40) Run:1
Running from C:\Users\Curry\Downloads
Loaded Profiles: Curry (Available Profiles: Curry)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CreateRestorePoint:
HKLM\...\Run: [hpqSRMon] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-3636820267-1660532881-3041002845-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=GB&userid=5d8ef566-5d00-64fe-75e1-4b817244805f&searchtype=ds&q={searchTerms}&installDate=03/11/2013
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
FF Extension: New Tab by Yahoo - C:\Program Files\Mozilla Firefox\browser\extensions\[email protected] [2015-11-23] [not signed]
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.110\ppGoogleNaClPluginChrome.dll => No File
CHR HKLM\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3636820267-1660532881-3041002845-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CMD: bitsadmin /reset /allusers
EmptyTemp:
end
*****************

Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hpqSRMon => value removed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
HKU\S-1-5-21-3636820267-1660532881-3041002845-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Program Files\Mozilla Firefox\browser\extensions\[email protected] => moved successfully
C:\Program Files\Google\Chrome\Application\49.0.2623.110\ppGoogleNaClPluginChrome.dll => not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\bahkljhhdeciiaodlkppoonappfnheoi" => key removed successfully.
"HKU\S-1-5-21-3636820267-1660532881-3041002845-1000\SOFTWARE\Google\Chrome\Extensions\bahkljhhdeciiaodlkppoonappfnheoi" => key removed successfully.

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.0.6001 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

{D42967A7-A986-42F5-83AB-7A5E923F0475} canceled.
{41959833-C4F1-460E-8A8E-6A2BF912E370} canceled.
{7004A58B-0732-4A4D-B529-EC7736011707} canceled.
{23EFA690-BD71-4C58-9918-4D0844D18E0E} canceled.
4 out of 4 jobs canceled.

========= End of CMD: =========

EmptyTemp: => 18.5 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 17:35:40 ====
Garyc85 is offline  
Old 04-06-2016, 11:03 PM   #9
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello Garyc85,

You're welcome.
Quote:
everything seems to have been repaired as iv no pop-ups at all and my machine is going stong & fast :).
I'm glad to hear that.

Please do the below steps. Let's make sure.

STEP 1

Please download Malwarebytes Anti-Malware and save it to your desktop.

Double-click mbam-setup-2.2.0.1024.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:

  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
At the end of the installation, a database update will be performed.
Click on Scan Now.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Remove Selected to allow MBAM to clean what was detected.
In most cases, a restart will be required and a prompt will be shown.
Wait for the prompt to restart the computer to appear, then click on Yes.

Posting the Malwarebytes log:

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click Export.
Click Text file (*.txt)
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named File Saved should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

STEP 2

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
Click the blue Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
Click on Advanced Settings
Make sure that the option Remove found threats is unticked.
Ensure these options are ticked
  • Scan archives
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
Click Start
Wait for the scan to finish
When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
Close the ESET online scan, and let me know how things are now.

=========================================================

Things I need to see in your next post:

1- MBAM log
2- ESET report
__________________
tekir06 is offline  
Old 04-07-2016, 10:44 AM   #10
Registered Member
 
Join Date: Feb 2016
Location: Ireland
Posts: 16
OS: Windows Vista



C:\AdwCleaner\FileQuarantine\C\ProgramData\Ask\APN-Stub\ORJ\APNToolbarInstaller.exe.vir a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\AdwCleaner\FileQuarantine\C\ProgramData\Ask\APN-Stub\ORJ\Local\APNIC.dll.vir a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\AdwCleaner\FileQuarantine\C\ProgramData\Ask\APN-Stub\ORJ\Local\ApnStub.exe.vir a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\AdwCleaner\FileQuarantine\C\ProgramData\Ask\APN-Stub\ORJ\Local\APNToolbarInstaller.exe.vir a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\AdwCleaner\FileQuarantine\C\ProgramData\f1fff9cc\c2c6406a.dll.vir a variant of Win32/Adware.Adposhel.C application
C:\AdwCleaner\FileQuarantine\C\Users\Curry\AppData\Roaming\OpenCandy\A400434F1B014A028DD3F7DE47064888\sp-downloader.exe.vir Win32/Toolbar.Conduit.R potentially unwanted application
C:\Users\Curry\AppData\LocalLow\Sun\Java\jre1.7.0_45\java_sp.dll a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application


I can say the same as my last reply. Everything seems to be running as good as new. thank you very very much! :)
Attached Files
File Type: txt MWB scan log.txt (9.1 KB, 30 views)
Garyc85 is offline  
Old 04-08-2016, 12:21 AM   #11
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello Garyc85,

You're welcome.

That looks good and we can just get rid of what Eset found.

Please copy all text in the code box below and paste it into Notepad:
Code:
@echo off
if exist "%temp%\log.txt" del "%temp%\log.txt"

for %%g in (

"C:\Users\Curry\AppData\LocalLow\Sun\Java\jre1.7.0_45\java_sp.dll"


) do (
del /a/f/q %%g >nul 2>&1
if exist %%g echo.%%~g>>"%temp%\log.txt"
)


if exist "%temp%\log.txt" ( start notepad "%temp%\log.txt"
) else echo.Deleted Successfully !!

pause
del %0
save the Notepad file to your desktop and name it delfiles.bat
save type as "All Files"
on your desktop, double-click on delfiles.bat to run it, (a black CMD window will flash, then disappear - this is normal).
Please tell me what it says in your next reply.

=========================================================

Your reports are clear. Let's remove all tools and logs that we use.

CLEAN UP

Your reports are clear. Let's remove all tools and logs that we use.

Please download delfix to your desktop.
  • Close all other programs and start delfix.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Ensure Remove disinfection tools is ticked. Also tick: Create registry backup, Purge system restore
  • Click Run
  • delfix will now delete all found traces of our removal process.
Note: The program will run for a few moments and then notepad will open with a log. No need to post this log.

=========================================================

MICROSOFT UPDATES

It is very important that you get all of the critical updates for your Operating System. Another essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help keep your computer from becoming vulnerable. It is best if you have these set to download automatically.

Turn ON Automatic Updates in Windows Vista

------------------------------------------------------

Make sure you backup your system, so possible reformatting in the future isn't necessary:

Backup and Restore - Microsoft Windows

------------------------------------------------------

PREVENTION

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.

  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware, or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop

    WOT has an add-on available for IE, Firefox, and Chrome.
  • MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is the IP of your local computer. See guide here and for Windows Vista here
Keep your antivirus program and antispyware programs updated and scan with them on a regular basis.

Please respond to this thread one more time so we can mark this thread as resolved.
__________________
tekir06 is offline  
Old 04-09-2016, 03:11 AM   #12
Registered Member
 
Join Date: Feb 2016
Location: Ireland
Posts: 16
OS: Windows Vista



message from the clean up, everything deleted. :)

everything is perfect again! thanks again, so much! :)
Garyc85 is offline  
Old 04-09-2016, 03:18 PM   #13
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello Garyc85,

You're welcome! Thank you for your patience and cooperation.
__________________
tekir06 is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Black Screen Issues and Troubleshooting
The procedure below is to be carried out once you have addressed any Software, Driver, Malware/Virus or Blue Screen of Death (BSOD) issues or if your laptop does not power on at all. If previous BSOD issues had occured then carry out the following in this link - BSOD Posting Instructions. There...
night_shift Laptop Support 1 10-22-2014 03:52 PM
Wireless connection issues on desktop but not on other devices.
As the subject line stated I am having internet connectivity issues. I have a desktop PC with an ASUS motherboard (model: M4A89TD PRO/USB3.0). I have a broadband internet account through Charter which is a 30 Mbit connection. I am using their modem which is a Cisco; model # DPC3010. I am using...
Lydokane Networking Support 7 11-25-2012 11:17 AM
Strange connectivity issues.
As of late I've been noticing some connectivity issues on my computers. The weird thing, however, is that the issues are different on each computer in my home, and they also don't happen at the same time. My router/modem are set up in my living room. The computer I'm on now is a tower in my...
supercrazyguy Networking Support 9 08-11-2011 03:05 PM
video streaming issues
I have for the last four days been experiencing some extremely slow video streaming problems with all website involving flash (netflix, youtube, hulu, etc.). The video will play for about 2 minutes and then stop, then play again for 2 minutes, then stop. Buffering is extremely slow, even...
ece421 Windows 7 , Windows Vista Support 0 07-02-2011 06:33 PM
I got lots of issues...I don't know where to begin..
Okay, Im currently having a whole lotta issues with my laptop. I don't know if it is Virus's or Spyware that is causing the problems. I don't know if its just my computer acting up. Im not sure. So I wasn't really sure where I should post my question. If I posted in the wrong section, please...
MissLaniSMS Windows 7 , Windows Vista Support 1 02-08-2011 08:55 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 03:18 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts