Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

persistent toolbars, spam and SLOW computer

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

persistent toolbars, spam and SLOW computer

Unread postby punkpal » August 6th, 2013, 9:29 am

Hello there

So my girlfriend was 'fixing' her computer...she downloaded a 'google update' and now has a "mixiDJ" toolbar that won't go away (in both Chrome and IE) and her homepage has changed from 'google.com' to

"http://search.conduit.com/?ctid=CT3298566&SearchSource=48&CUI=UN12293171171939312&UM=2"

(I'm guessing you get this problem often enough). I 'removed' from programs the 'mixiDJ toolbar' and some 'search savings' spam but alas, they are still present.

But here's the kicker...she downloaded what she thought was a safe "PC Fixer" program...then proceeded to talk on the PHONE with the people via the number given after her computer froze and they gained remote access to her computer. Once I saw what she was doing I immediately freaked out and told her to get off the phone, stop what she was doing and leave the premises. (It's okay you can laugh). I disabled remote access via 'system'. :shock: :shock: ....

The problem however still remains and her computer , despite being fine in the first place is hardly fixed. It is also running abnormally slow. It 'greys out' as if it's loading something and does so randomly. I didnt want to do anything else until I asked you first.

Any help would be greatly appreciated, as you've wonderful people have helped me much in the past.

DDS LOGS




DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16496 BrowserJavaVersion: 10.7.2
Run by owner at 9:10:50 on 2013-08-06
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2036.731 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\SearchProtect\bin\CltMngSvc.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\IoctlSvc.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Users\owner\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\program files\solid savings\solid savings-bg.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT32985 ... CE5E6B9B25
uWindow Title = Internet Explorer, optimized for Bing and MSN
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} -
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: MixiDJ V30 Toolbar: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - c:\program files\mixidj_v30\prxtbMixi.dll
mURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} -
mURLSearchHooks: MixiDJ V30 Toolbar: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - c:\program files\mixidj_v30\prxtbMixi.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Solid Savings: {11111111-1111-1111-1111-110211621178} - c:\program files\solid savings\Solid Savings-bho.dll
BHO: MixiDJ V30 Toolbar: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - c:\program files\mixidj_v30\prxtbMixi.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} -
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: MixiDJ V30 Toolbar: {1122B43D-30EE-403F-9BFA-3CC99B0CADDD} - c:\program files\mixidj_v30\prxtbMixi.dll
TB: MixiDJ V30 Toolbar: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - c:\program files\mixidj_v30\prxtbMixi.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen] "c:\windows\system32\rundll32.exe" "c:\program files\conduit\ct3298566\plugins\TBVerifier.dll",RunConduitFloatingPlugin fdkednngfjmpnljkolbapdednncafhen
uRun: [SearchProtect] c:\users\owner\appdata\roaming\searchprotect\bin\cltmng.exe
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SearchProtectAll] c:\program files\searchprotect\bin\cltmng.exe
StartupFolder: c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\startup\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: blizzard%20download
Trusted Zone: blizzard.com
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{094AFB1D-8002-45F2-8451-683375A4BE8B} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{575FDEA0-4129-443C-8FAD-E13C2A44B28E} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{69FEA41D-0E59-459A-ABF2-D3B7B7609771} : NameServer = 64.222.84.243 64.222.212.243
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-4-20 176128]
R2 CltMngSvc;Search Protect by Conduit Updater;c:\program files\searchprotect\bin\CltMngSvc.exe [2013-5-8 97056]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 iprip;RIP Listener;c:\windows\system32\svchost.exe -k ipripsvc [2008-1-20 21504]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-30 107392]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2010-8-16 100368]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-6-20 295376]
R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2008-1-20 987648]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2008-1-20 251904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 CTUPnPSv;Creative Centrale Media Server;c:\program files\creative\creative centrale\CTUPnPSv.exe [2008-5-21 64000]
S3 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2010-8-5 401920]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-8 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 PAC207;PC Camer@;c:\windows\system32\drivers\PFC027.SYS [2007-4-12 507264]
S3 USB_RNDIS_VISTA;Westell USB Network Interface;c:\windows\system32\drivers\usb8023.sys [2013-3-15 15872]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
.
=============== Created Last 30 ================
.
2013-08-06 12:39:41 -------- d-----w- c:\users\owner\appdata\local\LogMeIn Rescue Applet
2013-08-06 12:29:00 -------- d-----w- C:\temp
2013-08-06 11:30:43 -------- d-----w- c:\users\owner\appdata\local\Updater26278
2013-08-06 11:30:16 -------- d-----w- c:\program files\Solid Savings
2013-08-06 11:29:12 -------- d-----w- c:\program files\MixiDJ_V30
2013-08-06 11:28:27 -------- d-----w- c:\program files\SearchProtect
2013-08-06 11:27:55 -------- d-----w- c:\users\owner\appdata\roaming\SearchProtect
2013-08-06 11:20:01 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{4d11e3a3-68e8-4d1a-ad79-afdd524f35dc}\mpengine.dll
2013-08-04 20:44:45 7143960 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-07-21 23:46:13 -------- d-----w- c:\program files\Ventrilo
2013-07-21 23:44:05 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2013-07-17 22:56:06 -------- d-----w- c:\users\owner\appdata\local\{4D8A9E15-F19A-4B96-992B-DCE3E61A5A01}
2013-07-17 22:55:34 -------- d-----w- c:\users\owner\appdata\local\Windows Live Writer
2013-07-17 11:59:18 698504 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{03371262-3fc9-4739-bec9-0817e6fa9e8c}\gapaengine.dll
2013-07-16 01:00:17 -------- d-----w- c:\windows\system32\MRT
2013-07-11 04:03:45 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 04:03:14 798208 ----a-w- c:\windows\system32\FntCache.dll
2013-07-11 04:03:14 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-07-11 04:03:13 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-07-11 04:03:13 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-07-11 04:03:13 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-07-11 04:03:11 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-07-11 04:03:10 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-07-11 04:03:10 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-07-11 04:03:10 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-07-11 04:03:02 505344 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 04:02:59 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 04:02:53 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-07-11 04:02:52 983552 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2013-07-11 04:02:52 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2013-07-11 04:02:52 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2013-07-08 22:49:17 0 ----a-w- c:\users\owner\WMIDiag.vbs
.
==================== Find3M ====================
.
2013-06-19 01:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-19 01:50:08 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-12 15:45:02 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 15:45:02 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-29 01:50:14 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-05-29 01:41:52 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-29 01:41:08 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-05-29 01:37:15 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-29 01:36:09 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-05-29 01:33:22 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2010-06-03 23:24:50 2736736 ----a-w- c:\program files\tbSoft.dll
.
============= FINISH: 9:12:35.42 ===============




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/28/2009 3:58:38 PM
System Uptime: 8/6/2013 8:58:32 AM (1 hours ago)
.
Motherboard: Intel Corporation | | DG41TY
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz | LGA775 | 2500/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 163.884 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0006
Manufacturer: Microsoft
Name: isatap.westell.com
PNP Device ID: ROOT\*ISATAP\0006
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.6)
Adobe Shockwave Player 11.5
Amazon Games & Software Downloader
Amazon MP3 Downloader 1.0.17
AMD APP SDK Runtime
AMD Catalyst Install Manager
ArcSoft Panorama Maker 6
ATI Catalyst Registration
Audacity 1.2.6
BufferChm
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
Copy
Creative Centrale
Creative Software Update
D3DX10
Destinations
DeviceDiscovery
DJ_AIO_05_F4400_Software_Min
DVD Suite
Escape Rosecliff Island
F4400
FileOpen Client
FormatFactory 3.0.1
Google Chrome
Google Earth
Google Update Helper
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 14.0
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5
HP Imaging Device Functions 14.0
HP Photo Creations
HP Print Projects 1.0
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
Java 7 Update 7
Java Auto Updater
Junk Mail filter update
Last.fm 1.5.4.27091
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MixiDJ V30 Toolbar
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Essentials
neroxml
OGA Notifier 2.0.0048.0
PC CIF Camer@
PMB
PowerDVD
PowerProducer
Realtek Ethernet Controller Driver For Windows Vista
Realtek High Definition Audio Driver
Scan
Search Protect by conduit
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Segoe UI
Shop for HP Supplies
SmartWebPrinting
Solid Savings
SolutionCenter
SPORE™
SPORE™ Galactic Adventures
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
Status
System Requirements Lab for Intel
The Lord of the Rings FREE Trial
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client
Visual Studio C++ 9.0 Runtime
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
World of Warcraft
.
==== End Of File ===========================
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm
Advertisement
Register to Remove

Re: persistent toolbars, spam and SLOW computer

Unread postby askey127 » August 7th, 2013, 9:19 am

Hi punkpal,
-------------------------------------------------------------
AdwCleaner Download
Please download AdwCleaner from HERE and save it to your desktop or somewhere you can find it.

-------------------------------------------------------------
AdwCleaner Scan
  • Close all open programs and internet browsers.
  • Double click to Start AdwCleaner. (Right click and choose "Run as administrator" in Vista/Win7).
  • Click on the Search button.
  • When the results log pops up, please copy and paste the contents in your reply.
The log file is saved in the C: drive main directory with this filepath: C:\AdwCleaner[Rx].txt. (x in the filename represents the run number)
When you close/exit adwCleaner, if you get a message about not performing any Deletions, that's OK. We need to evaluate the scan log first.

---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.

---------------------------------------------
Run a Scan with OTL
  • For WinXP, double click on the OTL icon to run it.
  • For Vista or Win7, right click the icon and choose "Run as administrator".
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so.
    When the scan starts, OTL may appear to be frozen while it runs. Please be patient.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear as a running Notepad document the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

So we will be looking for the logs from AdwCleaner and (2) logs from OTL.
Separate replies are fine.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13905
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 26 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware