Firewall issues?

Page 1 of 2 12 LastLast

  1. Cyanide
    Posts : 297
    Windows 7 Home Premium x64 Service Pack 1
       New #1

    Firewall issues?


    Hello.

    So ever since I fixed that braviax virus issue thanks to Jacee, (here - Random viruses | win 7 antivirus 2013?) my firewall apparently has been acting..weird. When I open Google Chrome, or Internet Explorer (on accident), I get a error message from Malwarebytes saying that it prevented a rouge address from entering my computer, and then it says the process (which in this case would be my browser). It also opens this second tab which says something is wrong with my firewall. I'm not sure what this means but I'm hoping you guys can fix it.

    Regards,
    ~CN-
      My Computer
    Quote Quote

  3. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #2

    Apparently you're still infected ...

    These instructions are only for Cyanide

    Download Combofix from any of the links below, and save it to your desktop.<--Important
    Link 1
    Link 2
    Link 3

    Click on this link Here to see a list of programs that should be disabled.
    The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
    Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
    Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.

    This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
    • Double click combofix.exe and follow the prompts.
    • When finished, it will produce a log for you.
    Note: Do not mouseclick combofix's window while its running. That may cause it to stall
    Please be patient while the scan runs, at times it may appear to stall.
    When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
    Post this log in your next reply
    After rebooting ensure your Security applications have been re-enabled.

    In your next reply post:
    ComboFix.txt
    ***A guide and tutorial on "How to use Combofix" can be found here:
      My Computer
    Quote Quote

  4. Cyanide
    Posts : 297
    Windows 7 Home Premium x64 Service Pack 1
    Thread Starter
       New #3

    How do I disable malwarebytes? O_O
      My Computer
    Quote Quote

  6. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #4

    Don't worry about MBam ....
      My Computer
    Quote Quote

  7. Cyanide
    Posts : 297
    Windows 7 Home Premium x64 Service Pack 1
    Thread Starter
       New #5

    Okay. Well here's the log. Sorry for massive reply.

    ComboFix 12-12-04.01 - Hunter 12/10/2012 16:47:45.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6044.4553 [GMT -5:00]
    Running from: c:\users\Hunter\Downloads\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    - REDUCED FUNCTIONALITY MODE -
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Install.exe
    c:\program files (x86)\Java\jre7\bin\ssv.dll
    c:\users\Hunter\AppData\Local\6o4v7yr6ikfw18072u
    c:\users\Hunter\AppData\Local\Temp\7zS1320\HPSLPSVC64.DLL
    c:\users\Hunter\AppData\Roaming\siw_sdk.dll
    c:\windows\iun6002.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-11-10 to 2012-12-10 )))))))))))))))))))))))))))))))
    .
    .
    2012-12-09 07:03 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D536313C-C2CB-4742-8710-E301DC4E2CFD}\mpengine.dll
    2012-12-08 14:15 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-12-02 18:42 . 2012-12-02 18:42 -------- d-----w- c:\users\Hunter\AppData\Roaming\Malwarebytes
    2012-12-02 18:42 . 2012-12-02 18:42 -------- d-----w- c:\programdata\Malwarebytes
    2012-12-02 18:42 . 2012-12-02 18:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-12-02 18:42 . 2012-09-30 00:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-11-29 02:41 . 2012-11-29 02:41 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6536EAFD-801E-4019-B537-CAE77AA2147C}\gapaengine.dll
    2012-11-27 00:52 . 2012-11-27 00:51 68880 ----a-w- c:\windows\SysWow64\SynTPEnhPS.dll
    2012-11-27 00:52 . 2012-11-27 00:51 229648 ----a-w- c:\windows\system32\SynTPAPI.dll
    2012-11-27 00:52 . 2012-11-27 00:51 150800 ----a-w- c:\windows\system32\SynTPCo9.dll
    2012-11-27 00:52 . 2012-11-27 00:51 113936 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
    2012-11-27 00:52 . 2012-11-27 00:51 425232 ----a-w- c:\windows\system32\drivers\SynTP.sys
    2012-11-27 00:52 . 2012-11-27 00:51 280336 ----a-w- c:\windows\system32\SynCtrl.dll
    2012-11-27 00:52 . 2012-11-27 00:51 224528 ----a-w- c:\windows\SysWow64\SynCtrl.dll
    2012-11-27 00:52 . 2012-11-27 00:51 187664 ----a-w- c:\windows\SysWow64\SynCOM.dll
    2012-11-27 00:52 . 2012-11-27 00:51 21264 ----a-w- c:\windows\system32\drivers\Smb_driver.sys
    2012-11-25 18:40 . 2012-11-25 18:40 -------- d-----w- c:\users\Hunter\AppData\Roaming\ProgSense
    2012-11-25 18:40 . 2012-11-25 18:40 -------- d-----w- C:\Downloads
    2012-11-25 18:39 . 2012-11-27 22:08 -------- d-----w- c:\users\Hunter\AppData\Roaming\Orbit
    2012-11-25 14:25 . 2012-11-25 14:25 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
    2012-11-24 13:01 . 2012-11-24 13:01 -------- d-----w- c:\program files (x86)\Common Files\Skype
    2012-11-24 13:01 . 2012-11-24 13:01 -------- d-----r- c:\program files (x86)\Skype
    2012-11-20 15:23 . 2012-11-20 15:23 -------- d-----w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
    2012-11-17 23:01 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
    2012-11-17 23:01 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
    2012-11-17 23:01 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
    2012-11-17 23:01 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
    2012-11-17 22:49 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
    2012-11-17 22:49 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
    2012-11-17 22:49 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
    2012-11-17 22:49 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
    2012-11-17 22:49 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
    2012-11-17 22:48 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
    2012-11-17 22:48 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
    2012-11-16 22:44 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
    2012-11-16 22:44 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
    2012-11-16 22:44 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
    2012-11-16 22:42 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
    2012-11-16 22:42 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
    2012-11-12 23:54 . 2012-11-12 23:54 -------- d-----w- c:\program files\Common Files\DESIGNER
    2012-11-12 23:19 . 2012-11-13 00:22 -------- d-----w- c:\program files (x86)\AVG Secure Search
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-12-09 14:48 . 2012-02-04 06:24 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-09 14:48 . 2012-02-04 06:24 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-12-05 23:03 . 2012-09-05 06:04 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2012-12-05 23:01 . 2012-09-05 06:03 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2012-11-27 00:51 . 2011-10-01 17:14 423696 ----a-w- c:\windows\system32\SynCOM.dll
    2012-11-24 17:29 . 2012-08-13 04:15 106496 ----a-r- c:\users\Hunter\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut311_0951773981FA4AB2BC21B7DCEC95892A.exe
    2012-11-24 17:29 . 2012-08-13 04:15 106496 ----a-r- c:\users\Hunter\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut31_2F252077BA3F4362913955273A708467.exe
    2012-11-24 17:29 . 2012-08-13 04:15 61440 ----a-r- c:\users\Hunter\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut2_E88611396FF84AFCB2EE5C1594058E02.exe
    2012-11-24 17:29 . 2012-08-13 04:15 61440 ----a-r- c:\users\Hunter\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\ARPPRODUCTICON.exe
    2012-11-24 17:29 . 2012-08-13 04:15 106496 ----a-r- c:\users\Hunter\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut1_EDD4ABB1C1B34A9D84CE33FBFB5D3639.exe
    2012-11-24 17:28 . 2012-08-13 04:14 18760 ----a-w- c:\windows\SysWow64\QQVistaHelper.dll
    2012-11-17 22:49 . 2012-08-06 01:23 66395536 ----a-w- c:\windows\system32\MRT.exe
    2012-10-31 00:39 . 2012-10-31 00:39 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2012-10-31 00:39 . 2012-08-06 00:51 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2012-10-31 00:39 . 2012-08-06 00:51 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-10-17 00:06 . 2012-09-05 06:04 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI. dll
    2012-10-16 23:55 . 2012-09-22 04:47 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
    2012-10-16 23:45 . 2012-09-22 04:46 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    2012-10-16 23:44 . 2012-10-16 23:44 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2012-10-16 08:38 . 2012-11-27 22:13 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38 . 2012-11-27 22:13 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39 . 2012-11-27 22:13 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
    2012-10-09 14:34 . 2012-10-09 14:34 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
    2012-09-27 22:53 . 2012-09-27 22:53 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2012-09-23 01:52 . 2012-09-23 01:52 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
    2012-09-23 01:52 . 2012-09-23 01:52 289768 ----a-w- c:\windows\system32\javaws.exe
    2012-09-23 01:52 . 2012-09-23 01:52 189416 ----a-w- c:\windows\system32\javaw.exe
    2012-09-23 01:52 . 2012-09-23 01:52 188904 ----a-w- c:\windows\system32\java.exe
    2012-09-23 01:52 . 2012-09-18 21:33 916456 ----a-w- c:\windows\system32\deployJava1.dll
    2012-09-23 01:52 . 2012-09-18 21:33 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
    2012-09-15 11:44 . 2012-09-15 11:39 2217552 ----a-w- c:\windows\system32\bootres.dll
    2012-09-14 19:19 . 2012-10-09 18:19 2048 ----a-w- c:\windows\system32\tzres.dll
    2012-09-14 18:28 . 2012-10-09 18:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    .
    .
    ------- Sigcheck -------
    Note: Unsigned files aren't necessarily malware.
    .
    [-] 2012-02-04 . F57FE94E65AD868435C9D348AB5A6BB2 . 2900480 . . [6.1.7600.16385] .. c:\windows\explorer.exe
    [7] 2012-02-04 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\Alienware Skin Pack\Backup\explorer.exe
    [7] 2012-02-04 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
    [7] 2012-02-04 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
    [7] 2010-11-21 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
    2012-07-09 22:46 351136 ----a-w- c:\program files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-08-07 291608]
    "HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2011-08-26 1342008]
    "VERIZONDM"="c:\program files (x86)\VERIZONDM\bin\sprtcmd.exe" [2012-08-07 206120]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
    "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-20 2254768]
    "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    YzShadow.lnk - c:\windows\Alienware Skin Pack\YzShadow\YzShadow.exe [2009-3-21 184320]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "mixer1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
    "msnmsgr"="c:\progra~2\WIC4A1~1\MESSEN~1\msnmsgr.exe" /background
    "HPOSD"=c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    .
    R1 MpKslda5c5b02;MpKslda5c5b02;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FE0CD6D4-3B93-456D-A59F-402FC3490CF3}\MpKslda5c5b02.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
    R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-06 1255736]
    R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
    S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2012-08-07 16152]
    S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
    S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [2012-08-05 141920]
    S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-20 2462128]
    S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
    S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
    S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
    S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-08-03 352248]
    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
    S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2011-12-16 128280]
    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
    S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe [2012-08-07 206120]
    S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2012-07-16 2416040]
    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
    S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe [2012-08-07 185640]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
    S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-08-07 355096]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-08-07 786200]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
    S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2012-07-06 1874016]
    S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys [2011-09-21 258664]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
    S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys [2012-11-27 21264]
    .
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
    \shell\AutoRun\command - F:\setup.exe
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f24325aa-1ac2-11e2-9b23-a0b3cc847c42}]
    \shell\AutoRun\command - F:\setup.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-12-10 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-04 14:48]
    .
    2012-12-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-409992338-1120037448-625944680-1001Core.job
    - c:\users\Hunter\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-05 18:31]
    .
    2012-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-409992338-1120037448-625944680-1001UA.job
    - c:\users\Hunter\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-05 18:31]
    .
    2012-11-20 c:\windows\Tasks\HPCeeScheduleForHunter.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-13 170264]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-13 398104]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-13 440600]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-07 1425408]
    "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
    "SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-20 44880]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
    IE: {{25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    FF - ProfilePath - c:\users\Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\6vfyvrp9.default\
    FF - prefs.js: browser.search.selectedEngine - MyStart Search
    FF - prefs.js: browser.startup.homepage - hxxp://search.b1.org/?bsrc=4hfxr&chid=c162341
    FF - prefs.js: keyword.URL - hxxp://searchservices.verizon.com/search/ws.portal?&_nfpb=true&_pageLabel=google_results&rs=&web_search_type=basic&sc=web&clientid=vz-cnsmr-tlbr&channel=Tlbr-v6IE&q=
    FF - user.js: extensions.incredibar_i.newTab - false
    FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8CUeNw6M&loc=IB_TB&i=26&search=
    FF - user.js: extensions.incredibar_i.id - e01fcabc000000000000e006e66e4ca6
    FF - user.js: extensions.incredibar_i.instlDay - 15575
    FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
    FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
    FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1421:41
    FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
    FF - user.js: extensions.incredibar_i.prdct - incredibar
    FF - user.js: extensions.incredibar_i.aflt - orgnl
    FF - user.js: extensions.incredibar_i.smplGrp - none
    FF - user.js: extensions.incredibar_i.tlbrId - base
    FF - user.js: extensions.incredibar_i.instlRef -
    FF - user.js: extensions.incredibar_i.dfltLng -
    FF - user.js: extensions.incredibar_i.excTlbr - false
    FF - user.js: extensions.incredibar_i.ms_url_id -
    FF - user.js: extensions.incredibar_i.upn2 - 6R8CUeNw6M
    FF - user.js: extensions.incredibar_i.upn2n - 92824927721491452
    FF - user.js: extensions.incredibar_i.productid - 26
    FF - user.js: extensions.incredibar_i.installerproductid - 26
    FF - user.js: extensions.incredibar_i.did - 10650
    FF - user.js: extensions.incredibar_i.ppd - 34%5F7
    .
    - - - - ORPHANS REMOVED - - - -
    .
    HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-12ee5d87 - c:\windows\system32\12ee5d87.exe
    AddRemove-{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
    AddRemove-{8833FFB6-5B0C-4764-81AA-06DFEED9A476} - c:\program files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe
    AddRemove-{92606477-9366-4D3B-8AE3-6BE4B29727AB} - c:\program files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe
    AddRemove-{C1594429-8296-4652-BF54-9DBE4932A44C} - c:\program files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe
    AddRemove-{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} - c:\program files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe
    AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe ,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe ,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2012-12-10 16:53:31
    ComboFix-quarantined-files.txt 2012-12-10 21:53
    .
    Pre-Run: 490,955,431,936 bytes free
    Post-Run: 490,916,274,176 bytes free
    .
    - - End Of File - - DE8FC599E7A2851A5750074E98CE8628
      My Computer
    Quote Quote

  8. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #6

    Sorry for the delay

    If you're still with me, download AdWareCleaner AdwCleaner Download to your desktop
    1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
    2.Click on Delete button.
    3.Confirm each time with OK.
    4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
    Note: You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
      My Computer
    Quote Quote

  10. Cyanide
    Posts : 297
    Windows 7 Home Premium x64 Service Pack 1
    Thread Starter
       New #7

    Here you go!

    # AdwCleaner v2.100 - Logfile created 12/12/2012 at 17:56:51
    # Updated 09/12/2012 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Hunter - HUNTER-HP
    # Boot Mode : Normal
    # Running from : C:\Users\Hunter\Desktop\AdwCleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\user.js
    File Deleted : C:\Users\Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\6vfyvrp9.default\searchplugins\MyStart Search.xml
    Folder Deleted : C:\Program Files (x86)\AVG Secure Search
    Folder Deleted : C:\ProgramData\InstallMate
    Folder Deleted : C:\ProgramData\Premium
    Folder Deleted : C:\ProgramData\WeCareReminder
    Folder Deleted : C:\Users\Hunter\AppData\LocalLow\Playbryte
    Folder Deleted : C:\Users\Hunter\AppData\Roaming\BrowserCompanion
    Folder Deleted : C:\Users\Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\6vfyvrp9.default\extensions\ffxtlbr@incredi bar.com

    ***** [Registry] *****

    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\ImInstaller
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\TENCENT
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
    Key Deleted : HKLM\Software\TENCENT
    Key Deleted : HKLM\Software\Web Assistant
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKLM\SOFTWARE\Web Assistant
    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16455

    [OK] Registry is clean.

    -\\ Mozilla Firefox v17.0.1 (en-US)

    Profile name : default
    File : C:\Users\Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\6vfyvrp9.default\prefs.js

    C:\Users\Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\6vfyvrp9.default\user.js ... Deleted !

    Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb139?a=6R8CUeNw6M&loc=FF_NT");
    Deleted : user_pref("browser.search.defaultenginename", "MyStart Search");
    Deleted : user_pref("browser.search.selectedEngine", "MyStart Search");
    Deleted : user_pref("extensions.enabledAddons", "ffxtlbr%40incredibar.com:1.5.0,%7B933e157f-0e33-28da-4f42-44c[...]
    Deleted : user_pref("extensions.incredibar.admin", false);
    Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
    Deleted : user_pref("extensions.incredibar.cntry", "US");
    Deleted : user_pref("extensions.incredibar.dfltLng", "");
    Deleted : user_pref("extensions.incredibar.dfltSrch", false);
    Deleted : user_pref("extensions.incredibar.did", "10650");
    Deleted : user_pref("extensions.incredibar.envrmnt", "production");
    Deleted : user_pref("extensions.incredibar.excTlbr", false);
    Deleted : user_pref("extensions.incredibar.hdrMd5", "19F69A72C8BBA6D70C3B355593FDB856");
    Deleted : user_pref("extensions.incredibar.hmpg", false);
    Deleted : user_pref("extensions.incredibar.id", "e01fcabc000000000000e006e66e4ca6");
    Deleted : user_pref("extensions.incredibar.installerproductid", "26");
    Deleted : user_pref("extensions.incredibar.instlDay", "15575");
    Deleted : user_pref("extensions.incredibar.instlRef", "");
    Deleted : user_pref("extensions.incredibar.isDcmntCmplt", false);
    Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1421:41:13");
    Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
    Deleted : user_pref("extensions.incredibar.newTab", false);
    Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
    Deleted : user_pref("extensions.incredibar.ppd", "34%5F7");
    Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
    Deleted : user_pref("extensions.incredibar.productid", "26");
    Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
    Deleted : user_pref("extensions.incredibar.sg", "none");
    Deleted : user_pref("extensions.incredibar.smplGrp", "none");
    Deleted : user_pref("extensions.incredibar.tlbrId", "base");
    Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8CUeNw6M&loc=IB_T[...]
    Deleted : user_pref("extensions.incredibar.upn2", "6R8CUeNw6M");
    Deleted : user_pref("extensions.incredibar.upn2n", "92824927721491452");
    Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
    Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1421:41:13");
    Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
    Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
    Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
    Deleted : user_pref("extensions.incredibar_i.did", "10650");
    Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
    Deleted : user_pref("extensions.incredibar_i.id", "e01fcabc000000000000e006e66e4ca6");
    Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
    Deleted : user_pref("extensions.incredibar_i.instlDay", "15575");
    Deleted : user_pref("extensions.incredibar_i.instlRef", "");
    Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
    Deleted : user_pref("extensions.incredibar_i.newTab", false);
    Deleted : user_pref("extensions.incredibar_i.ppd", "34%5F7");
    Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
    Deleted : user_pref("extensions.incredibar_i.productid", "26");
    Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
    Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
    Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
    Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8CUeNw6M&loc=IB[...]
    Deleted : user_pref("extensions.incredibar_i.upn2", "6R8CUeNw6M");
    Deleted : user_pref("extensions.incredibar_i.upn2n", "92824927721491452");
    Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
    Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1421:41:13");
    Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

    -\\ Google Chrome v23.0.1271.95

    File : C:\Users\Hunter\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [7868 octets] - [12/12/2012 17:56:51]

    ########## EOF - C:\AdwCleaner[S1].txt - [7928 octets] ##########
      My Computer
    Quote Quote

  11. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #8

    Good! ... now, I'd like you to scan your machine with ESET OnlineScan
    1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the icon on your desktop.
    4. Check
    5. Click the button.
    6. Accept any security warnings from your browser.
    7. Check
    8. Push the Start button.
    9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    10. When the scan completes, push
    11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    12. Push the button.
    13. Push
      My Computer
    Quote Quote

  12. DBone
    Posts : 431
    Windows 7 Home Premium x64 SP1
       New #9

    Good stuff Jacee! (I can't rep you again yet )
      My Computer
    Quote Quote

  13. Cyanide
    Posts : 297
    Windows 7 Home Premium x64 Service Pack 1
    Thread Starter
       New #10

    Jacee said:
    Good! ... now, I'd like you to scan your machine with ESET OnlineScan
    1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the icon on your desktop.
    4. Check
    5. Click the button.
    6. Accept any security warnings from your browser.
    7. Check
    8. Push the Start button.
    9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    10. When the scan completes, push
    11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    12. Push the button.
    13. Push
    Well it said that there weren't any threats.. O_O
      My Computer
    Quote Quote

 
Page 1 of 2 12 LastLast

  Related Discussions
Firewall Issues
in System Security

I'm having trouble with someone logging on to my computer. Any help would be greatly appreciated. I'm not sure how to go about the situation. Also, would anyone know who I would need to contact to get an IP address?
Hi all, I have recently created an Image using MDT 2012. The image is fine, however the Option for disabling the Windows Firewall is 'greyed out' and it states Some settings may be controlled by the system administrator. 1) I am logged on using a local admin account 2) The is a standalone...
Firewall issues
in System Security

Hello I ran Gibson's tests and all was good except it said my firewall allowed a leak. I have Win 7 x64,i5,1T,6GB,3.30 GHz and use the firewall that came with Windows Home Premium. I do not undrstand firewalls. What can I do to protect my pc if after trying to read the directions, I still do...
More Firewall Issues
in System Security

Hi,all.had posted at end of a long running thread with similar issue,but have now started it here,hope that's OK. Am unable to start windows firewall,error code 13. Have stand alone win 7. 64bit home premium machine,am sole user BFE appears to be started I would like to confirm that related...
Hi everyone, this is my first post here.. I have two PCs, each with Windows 7 Ultimate installed, that I've been puzzled on how to set up to share files. Both also have AVG 8.5 suites installed, and after reading some posts on here, I tried turning the AVG firewalls off.. This worked great, as I...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 05:06.
Find Us