theredog

M Bam came up clean and after running Delfix the two new things on the desktop are gone! Delfix: # DelFix v1.010 - Logfile created 06/05/2015 at 17:29:47 # Updated 26/04/2015 by Xplode # Username : Redog - T00T1E_3564 # Operating System : Windows 7 Professional Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\RegBackup Deleted : HKLM\SOFTWARE\OldTimer Tools Deleted : HKLM\SOFTWARE\AdwCleaner ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #316 [scheduled Checkpoint | 04/25/2015 04:00:01] Delete

think it's OK to delete these?

I noticed that these are new on my desktop: One says: [.ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799 [LocalizedFileNames] CyberLink Power2Go.lnk=@C:\PROGRA~2\CYBERL~1\Power2Go\MUITRA~1\EnvRes.dll,-1 and the other says: [.ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769 IconResource=%SystemRoot%\system32\imageres.dll,-183

I really didn't have a problem. I just suspected issues because of the two streaming sites I went to for watching the big fight Saturday night. I'll run Malwarebytes again and see if the same 7 come up.

No??? I close browsers before running these programs?????????

OK, I had to delete Farber and download it again. I inserted script, including start and end in the search box and clicked fix. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-05-2015 01 Ran by Redog at 2015-05-06 17:01:10 Run:1 Running from C:\Users\Redog\Desktop\CNET Loaded Profiles: Redog (Available profiles: Redog) Boot Mode: Normal ============================================== Content of fixlist: ***************** start CloseProcesses: SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -

Include "start" and "end"? Where do I use this script? I said earlier that I tried Farber again and it locked up. "Not Responding"

OK. You want me to remove Firefox?

Farber. You said run Farber and there is no run. I hit scan and it finished in a few minutes. Then I hit fix and it said something like, nothing found. I close browsers when running these programs. I have AVG turned off too.

I hit scan and when it finished I clicked fix and nothing happened. I tried OTL again and it locked up at Firefox. Tried Farber again and it says new update please wait, then locks up. "Not Responding"

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015 Ran by Redog (administrator) on T00T1E_3564 on 06-05-2015 16:00:17 Running from C:\Users\Redog\Desktop\CNET Loaded Profiles: Redog (Available profiles: Redog) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (I

So what should I do, big daddy? You want me to remove Firefox? I have already tried disabling extensions and add ons like "No Script" and I tried to do a quick scan. Same thing, it locks up at scanning Firefox.

Tried OTL twice and it hangs at "scanning Firefox"???? # AdwCleaner v4.203 - Logfile created 06/05/2015 at 12:14:05 # Updated 30/04/2015 by Xplode # Database : 2015-05-05.1 [server] # Operating system : Windows 7 Professional Service Pack 1 (x64) # Username : Redog - T00T1E_3564 # Running from : C:\Users\Redog\Desktop\CNET\adwcleaner_4.203.exe # Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E773585931

Tried watching the big fight and was directed to sites that I believe caused malware before, trying to watch the Isle of Man TT last year. Open Candy keeps coming up in scans. After the fight, I started scans. Today I did another Malwarebytes scan and the same 7 come up. Here is the Malwarebytes scan from today: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 5/6/2015 Scan Time: 8:54:16 AM Logfile: May 6 2015.txt Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.05.06.03 Rootkit Database: v2015.04.21.01 License: Free Malware Protection: Disabled Malicious Website P

OK. done. Thanks Chuck. As always, your the man!

I ran it again and now there is no threat detected???? I have to leave the confuser for a few hours. Truck has problems too.

Not experiencing any problem. I wouldn't have known about Scorpion Saver if Malwarebytes hadn't updated to a new version. I ran tdss killer but not sure how to post log. It won't let me copy and paste.

Still being throttled big time. Malwarebytes Log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 6/23/2014 Scan Time: 2:20:47 AM Logfile: Malwarebytes Log 6.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.06.23.02 Rootkit Database: v2014.06.20.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Redog Scan Type: Threat Scan Result: Completed Objects Scanned: 297752 Time Elapsed: 6 min, 6 sec Memory: Enabled Startup: Enabled Filesystem: Ena

Never seen it this bad. Everything I've tried with this has been an exercise in futility. Adobe flash update popped up so I decided to get that done. Took over an hour and a half. Next was Malwarebytes. If it doesn't load an update properly, I get an error message and have to reboot to try again. The last attempt took over an hour to update only to fail again. I'm done for today. This page will not load completely.

It's 3:30am. Now 4:00am and no improvement in speeds. Phone is in 1x not 3G. Don't think ESET will work at these speeds. Will try the updates. Program files and OS are on a SSD. Good ol' Verizon. Offering below dial up speeds for cubic dollars. I posted an edit to this and it didn't take. Reader says I am up to date and it took 4 minutes just to download the installer for flash player. Usually when weekends are 1x it will go back to 3G early Monday morning. Sorry about that Chuck. This will have to wait until then.

OTL: All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\D

ISP is throttling me big time. This page will not load completely. Shows a reply but I don't see it or a page 2 if there is one.

SystemLook32 bit: SystemLook 30.07.11 by jpshortstuff Log created at 03:18 on 21/06/2014 by Redog Administrator - Elevation successful WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results. Invalid Context: Select all No Context: :filefind No Context: *Fun4IM* No Context: *Bandoo* No Context: *Searchnu* No Context: *Searchqu* No Context: *iLivid* No Context: *whitesmoke* No Context: *datamngr* No Context: *trolltech* No Context: *babylon* No Context: *conduit* No Context: *opencandy* No Context: :fol

Note: The Malwarebytes program is now 2.0.2.1021 ADW Cleaner Log: # AdwCleaner v3.212 - Report created 20/06/2014 at 18:22:53 # Updated 05/06/2014 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Redog - T00T1E_3564 # Running from : C:\Users\Redog\Desktop\CNET\adwcleaner_3.212.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Updater File Deleted : C:\Users\Redog\AppData\Local\Temp\Uninstall.exe ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\C

OK, I'll try and run these tonight. I did run ADW this morning. It automatically removed the old version and installed new version. I ran it but nothing came up. That one is confusing because above the dialog box are choices: services, folders, files, shortcut, registry, internet explorer, firefox. Should I be looking in all of those?