Page 1 of 5 123 ... LastLast
Results 1 to 10 of 46
  1. #1
    Member
    Join Date
    Nov 2006
    Posts
    709
    Points
    1

    Default win32.downloader.gen & Fraud.hotspotshield

    My MBAM & SAS logs are clean but Spybot finds the above problems.

    I'm also finding that KB2833941 can't be installed

    Should I be concerned?

    I haven't used the machine for 6 months. I booted it up yesterday, have installed 27 winows upsates (xp), updated Adobe etc.

  2. #2
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    2,966
    Points
    462

    Default

    Hi MickKnipfler,

    I wouldn't be too concerned. It appears those are aggressive browser hijackers or PUP's (Potentially Unwanted Programs) which many would classify as malware for those reasons.

    Let's take a deeper look here and see what is found. Since I will be using tools that have removal capabilities, I will have to run my fixes by my instructor and await a reply before posting a proposed fix, so my replies might be a bit delayed. Thank you for your patients:

    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista/Windows 7 users please right click and select Run as administrator
    • Click the Search button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[xx].txt where xx denotes the number of times the application has been run


    Thank you,
    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy C.B.



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #3
    Member
    Join Date
    Nov 2006
    Posts
    709
    Points
    1

    Default

    Thanks Donna:




    # AdwCleaner v2.306 - Logfile created 08/18/2013 at 22:09:21
    # Updated 19/07/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Chell - BLACKDELL
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Chell\My Documents\Downloads\Adwcleaner\adwcleaner.exe
    # Option [Search]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Found : C:\Documents and Settings\Steve\Desktop\eBay.lnk
    File Found : C:\Documents and Settings\Steve\Start Menu\eBay.lnk
    Folder Found : C:\Documents and Settings\All Users\Application Data\Trymedia
    Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\registry mechanic
    Folder Found : C:\Documents and Settings\Chell\Application Data\dvdvideosoftiehelpers
    Folder Found : C:\Documents and Settings\Chell\Application Data\OpenCandy
    Folder Found : C:\Documents and Settings\Chell\Local Settings\Application Data\Conduit
    Folder Found : C:\Documents and Settings\Chell\Local Settings\Application Data\ConduitEngine
    Folder Found : C:\Documents and Settings\Chell\Local Settings\Application Data\DVDVideoSoftTB
    Folder Found : C:\Documents and Settings\Chell\Local Settings\Application Data\DVDVideoSoftTB
    Folder Found : C:\Documents and Settings\Chell\Local Settings\Application Data\Hotspot_Shield
    Folder Found : C:\Documents and Settings\Chell\Local Settings\Application Data\Hotspot_Shield
    Folder Found : C:\Documents and Settings\LocalService\Local Settings\Application Data\DVDVideoSoftTB
    Folder Found : C:\Documents and Settings\LocalService\Local Settings\Application Data\DVDVideoSoftTB
    Folder Found : C:\Documents and Settings\LocalService\Local Settings\Application Data\Hotspot_Shield
    Folder Found : C:\Documents and Settings\LocalService\Local Settings\Application Data\Hotspot_Shield
    Folder Found : C:\Documents and Settings\NetworkService\Local Settings\Application Data\DVDVideoSoftTB
    Folder Found : C:\Documents and Settings\NetworkService\Local Settings\Application Data\DVDVideoSoftTB
    Folder Found : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Hotspot_Shield
    Folder Found : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Hotspot_Shield
    Folder Found : C:\Documents and Settings\Steve\Application Data\AD ON Multimedia
    Folder Found : C:\Documents and Settings\Steve\Local Settings\Application Data\AVG Security Toolbar
    Folder Found : C:\Documents and Settings\Steve\Local Settings\Application Data\Conduit
    Folder Found : C:\Documents and Settings\Steve\Local Settings\Application Data\DVDVideoSoftTB
    Folder Found : C:\Documents and Settings\Steve\Local Settings\Application Data\DVDVideoSoftTB
    Folder Found : C:\Documents and Settings\Steve\Local Settings\Application Data\Hotspot_Shield
    Folder Found : C:\Documents and Settings\Steve\Local Settings\Application Data\Hotspot_Shield
    Folder Found : C:\Program Files\Common Files\DVDVideoSoft\TB
    Folder Found : C:\Program Files\Conduit
    Folder Found : C:\Program Files\ConduitEngine
    Folder Found : C:\Program Files\DVDVideoSoftTB
    Folder Found : C:\Program Files\DVDVideoSoftTB
    Folder Found : C:\Program Files\Hotspot Shield
    Folder Found : C:\Program Files\Hotspot_Shield
    Folder Found : C:\Program Files\Hotspot_Shield
    Folder Found : C:\Program Files\registry mechanic
    Folder Found : C:\Program Files\Trymedia

    ***** [Registry] *****

    Key Found : HKCU\Software\AppDataLow\AskBarDis
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AVG Security Toolbar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\conduitEngine
    Key Found : HKCU\Software\ConduitSearchScopes
    Key Found : HKCU\Software\DVDVideoSoftTB
    Key Found : HKCU\Software\DVDVideoSoftTB
    Key Found : HKCU\Software\Hotspot_Shield
    Key Found : HKCU\Software\Hotspot_Shield
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB70C75C-19AA-4EA1-9132-AE76A30DC4C2}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DCB5A30B-BEE2-4319-80F6-EEDAF3E6AD9B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
    Key Found : HKCU\Software\PriceGong
    Key Found : HKCU\Software\YahooPartnerToolbar
    Key Found : HKCU\Toolbar
    Key Found : HKLM\Software\AskBarDis
    Key Found : HKLM\Software\AVG Security Toolbar
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AB70C75C-19AA-4EA1-9132-AE76A30DC4C2}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DCB5A30B-BEE2-4319-80F6-EEDAF3E6AD9B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
    Key Found : HKLM\SOFTWARE\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C7E7FB02-C4FD-446E-8F5B-463A049935BF}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\DVDVideoSoftTB
    Key Found : HKLM\Software\DVDVideoSoftTB
    Key Found : HKLM\Software\Hotspot_Shield
    Key Found : HKLM\Software\Hotspot_Shield
    Key Found : HKLM\Software\ImInstaller
    Key Found : HKLM\Software\iWon
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF08E71-3657-462F-898C-F7E791948F94}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F612290-68ED-4E54-BD11-4C1CDCAB74ED}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56965DCF-718F-4148-BECF-5A2B466F4556}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7225F6C9-CF64-4D6D-AE8A-169779FD7B4D}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83092444-6309-4BD2-BC18-994306783BA3}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5224560-189F-4171-976C-C17057C50434}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB4E40F8-600A-465D-AE31-4CAD654D5F10}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Hotspot_Shield Toolbar
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlayMP3
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AB70C75C-19AA-4EA1-9132-AE76A30DC4C2}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DCB5A30B-BEE2-4319-80F6-EEDAF3E6AD9B}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hotspot_Shield Toolbar
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
    Key Found : HKU\S-1-5-21-1125036970-2553168607-427279615-1007\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKU\S-1-5-21-1125036970-2553168607-427279615-1007\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    *************************

    AdwCleaner[R1].txt - [15337 octets] - [18/08/2013 22:09:21]

    ########## EOF - C:\AdwCleaner[R1].txt - [15398 octets] ##########

  4. #4
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    2,966
    Points
    462

    Default

    Hi MickKnipfler,

    That's perfect! Let's get rid of what AdwCleaner found......

    Please do the following:

    • Double-click AdwCleaner.exe to run the tool.
    • Click Delete button as shown below.


    • Everything that was found will be deleted.
    • Save any open files and approve the reboot. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • Or you can find the logfile at C:\AdwCleaner[xx].txt where xx denotes the number of times the application has been run


    Next:

    Please download Junkware Removal Tool to your desktop.

    • Disable your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking on XP. Or right click and select Run as Administrator Vista/Win7 and above.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    Next:

    Please do the following to provide fresh OTL logs:
    • Double click on and select to start the program.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click Run Scan at the top left hand corner.
    • When done, two Notepad files will open.
      • OTL.txt <-- Will be opened, maximized
      • Extras.txt <-- Will be minimized on task bar.
    • Please post the contents of both OTL.txt and Extras.txt files in your next reply.


    Please post the following logs in your next reply:
    AdwCleaner.txt
    JRT.txt
    OTL.txt
    Extras.txt


    Thank you,
    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy C.B.



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  5. #5
    Member
    Join Date
    Nov 2006
    Posts
    709
    Points
    1

    Default

    OK, I've pasted the log contents below.

    I have found another PUP called myway.mywebsearch which is a little odd as the machine hasn't been used?



    # AdwCleaner v2.306 - Logfile created 08/19/2013 at 15:38:58
    # Updated 19/07/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Steve - BLACKDELL
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Chell\My Documents\Downloads\Adwcleaner\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\Documents and Settings\Steve\Desktop\eBay.lnk
    File Deleted : C:\Documents and Settings\Steve\Start Menu\eBay.lnk
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
    Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\registry mechanic
    Folder Deleted : C:\Documents and Settings\Chell\Application Data\dvdvideosoftiehelpers
    Folder Deleted : C:\Documents and Settings\Chell\Application Data\OpenCandy
    Folder Deleted : C:\Documents and Settings\Chell\Local Settings\Application Data\Conduit
    Folder Deleted : C:\Documents and Settings\Chell\Local Settings\Application Data\ConduitEngine
    Folder Deleted : C:\Documents and Settings\Chell\Local Settings\Application Data\DVDVideoSoftTB
    Folder Deleted : C:\Documents and Settings\Chell\Local Settings\Application Data\Hotspot_Shield
    Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\DVDVideoSoftTB
    Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\Hotspot_Shield
    Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Application Data\DVDVideoSoftTB
    Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Hotspot_Shield
    Folder Deleted : C:\Documents and Settings\Steve\Application Data\AD ON Multimedia
    Folder Deleted : C:\Documents and Settings\Steve\Application Data\Mozilla\Firefox\Profiles\lhf0mhdh.default\extensions\2pffxtbr@CouponAlert_2p.com
    Folder Deleted : C:\Documents and Settings\Steve\Local Settings\Application Data\AVG Security Toolbar
    Folder Deleted : C:\Documents and Settings\Steve\Local Settings\Application Data\Conduit
    Folder Deleted : C:\Documents and Settings\Steve\Local Settings\Application Data\DVDVideoSoftTB
    Folder Deleted : C:\Documents and Settings\Steve\Local Settings\Application Data\Hotspot_Shield
    Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB
    Folder Deleted : C:\Program Files\Conduit
    Folder Deleted : C:\Program Files\ConduitEngine
    Folder Deleted : C:\Program Files\DVDVideoSoftTB
    Folder Deleted : C:\Program Files\Hotspot Shield
    Folder Deleted : C:\Program Files\Hotspot_Shield
    Folder Deleted : C:\Program Files\registry mechanic
    Folder Deleted : C:\Program Files\Trymedia

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\AskBarDis
    Key Deleted : HKCU\Software\AskBarDis
    Key Deleted : HKCU\Software\AVG Security Toolbar
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\DVDVideoSoftTB
    Key Deleted : HKCU\Software\Hotspot_Shield
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DCB5A30B-BEE2-4319-80F6-EEDAF3E6AD9B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
    Key Deleted : HKCU\Software\PriceGong
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKCU\Toolbar
    Key Deleted : HKLM\Software\AskBarDis
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AB70C75C-19AA-4EA1-9132-AE76A30DC4C2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DCB5A30B-BEE2-4319-80F6-EEDAF3E6AD9B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7E7FB02-C4FD-446E-8F5B-463A049935BF}
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\DVDVideoSoftTB
    Key Deleted : HKLM\Software\Hotspot_Shield
    Key Deleted : HKLM\Software\ImInstaller
    Key Deleted : HKLM\Software\iWon
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF08E71-3657-462F-898C-F7E791948F94}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F612290-68ED-4E54-BD11-4C1CDCAB74ED}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56965DCF-718F-4148-BECF-5A2B466F4556}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7225F6C9-CF64-4D6D-AE8A-169779FD7B4D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83092444-6309-4BD2-BC18-994306783BA3}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5224560-189F-4171-976C-C17057C50434}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB4E40F8-600A-465D-AE31-4CAD654D5F10}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Hotspot_Shield Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlayMP3
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AB70C75C-19AA-4EA1-9132-AE76A30DC4C2}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DCB5A30B-BEE2-4319-80F6-EEDAF3E6AD9B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hotspot_Shield Toolbar
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Mozilla Firefox v [Unable to get version]

    File : C:\Documents and Settings\Steve\Application Data\Mozilla\Firefox\Profiles\lhf0mhdh.default\prefs.js

    C:\Documents and Settings\Steve\Application Data\Mozilla\Firefox\Profiles\lhf0mhdh.default\user.js ... Deleted !

    Deleted : user_pref("extensions.snipit.askTbInstalled", true);

    *************************

    AdwCleaner[R1].txt - [15468 octets] - [18/08/2013 22:09:21]
    AdwCleaner[S1].txt - [360 octets] - [19/08/2013 15:38:11]
    AdwCleaner[S2].txt - [13238 octets] - [19/08/2013 15:38:58]

    ########## EOF - C:\AdwCleaner[S2].txt - [13299 octets] ##########

  6. #6
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    2,966
    Points
    462

    Default

    I have found another PUP called myway.mywebsearch which is a little odd as the machine hasn't been used?
    Nasty little booger! We'll take care of that with OTL. Please continue with running the OTL scan and post the logs for my viewing pleasure. Once we remove the nasties and verify you have a clean machine we'll work on that .NET update that fails..

    Thanks!
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy C.B.



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  7. #7
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    2,966
    Points
    462

    Default

    Ooops! And the JRT scan.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy C.B.



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  8. #8
    Member
    Join Date
    Nov 2006
    Posts
    709
    Points
    1

    Default

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 5.5.0 (08.18.2013:1)
    OS: Microsoft Windows XP x86
    Ran by Steve on 19/08/2013 at 15:58:43.59
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
    Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\hotspotshield
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4623A8C4-150D-4983-8982-68C01E7D6541}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7BB68F0F-CDC5-4F84-BAF1-21D325F76FEB}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FAAD1056-9DB2-4423-B746-E070BBEDB93D}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B98DF367-1B9F-4AA3-8758-7556D4FB03F8}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}



    ~~~ Files

    Successfully deleted: [File] "C:\WINDOWS\wininit.ini"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Program Files\couponalert_2pei"





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 19/08/2013 at 16:03:36.95
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  9. #9
    Member
    Join Date
    Nov 2006
    Posts
    709
    Points
    1

    Default

    Where do I download OTL from Donna? I may already have it on my machine but if so, I doubt if it's the latest

  10. #10
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    2,966
    Points
    462

    Default

    Oh my! I am so sorry.. Make sure to download the file to the desktop and run the program from there. I've seen some weird results/errors when downloaded elsewhere.

    Please download OTL to your Desktop
    • Double click on the to run the program.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic.

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy C.B.



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

Page 1 of 5 123 ... LastLast