ThirdTimesTheCharm Posted February 19, 2014 Author ID:793378 Share Posted February 19, 2014 Ok I turned IE back on but it's just not working properly. Finally figured out how to enable javascript but everything I try to do it just says over and over "an add on for this site has failed to run". I'm thinking I'll dl firefox, I guess Link to post Share on other sites More sharing options...
ThirdTimesTheCharm Posted February 19, 2014 Author ID:793539 Share Posted February 19, 2014 ESETSmartInstaller@High as downloader log:all ok# version=8# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.6920# api_version=3.0.2# EOSSerial=e1e8790390d96f49a6fb2e8ee60520ae# engine=17126# end=finished# remove_checked=false# archives_checked=true# unwanted_checked=true# unsafe_checked=true# antistealth_checked=true# utc_time=2014-02-19 04:48:03# local_time=2014-02-18 11:48:03 (-0500, Eastern Standard Time)# country="United States"# lang=1033# osver=6.1.7601 NT Service Pack 1# compatibility_mode=1284 16777213 100 98 0 88489995 0 0# compatibility_mode=5893 16776573 100 94 0 144328733 0 0# scanned=256010# found=22# cleaned=0# scan_time=10089sh=180C8ED7C81E3AE7B0507B26C927EA93584B017C ft=1 fh=b0b83453fcc7b480 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Downloads\Software\ccsetup327.exe"sh=B7B6AE801A596F62836C62B968F6963FD9B85E47 ft=1 fh=db707ae2b0810f31 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Downloads\Software\dfsetup212.exe"sh=308867BC57149FA5CCD12734BD1B33906769BDF4 ft=1 fh=af9e88bdadee648c vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application" ac=I fn="C:\Downloads\Software\gamefire.exe"sh=CB20DFD703B61B9470BBB3B1BE157D47A8C0849A ft=1 fh=63788d9fe9c2f077 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Downloads\Software\Shockwave_Installer_Slim.exe"sh=2E9FC5EE22DDB3588857BAEB1EC51885EB3D3C27 ft=1 fh=78aa2c558c3526a3 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup318.exe"sh=2C16CF7AF335A0943C5973070050474E2565691B ft=1 fh=dbab1590fe63551b vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup319.exe"sh=432E95C9B13671B563FDDECA6C408A763B4020F8 ft=1 fh=5a87b2eed39a59c6 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup321.exe"sh=3D84C7C0E316EAD02DD7A59E746EC798DAB8BC0C ft=1 fh=ce50a11e70bad71c vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup328.exe"sh=60C77FF66F63F585FCE95C78FF44B513E2AAB9F9 ft=1 fh=17494879e4339ab3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup400.exe"sh=2FEC2BB06C11B711B37E7D1BAC0004F8F25A4C7B ft=1 fh=9586b0754c97a9e0 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup401 (1).exe"sh=EA244E84E1468A6AF4741F2184E113A16F833D8B ft=1 fh=a9c73d0d07b22a58 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup402.exe"sh=59C75B45AC46FAC8C4018205544938C46B1BA631 ft=1 fh=ab462a0af6e69b03 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup405.exe"sh=ADF2AD3B94EB35DC371AB7A1A49B004B7C76BFA5 ft=1 fh=f95766f30bc4ebc6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup406 (1).exe"sh=ADF2AD3B94EB35DC371AB7A1A49B004B7C76BFA5 ft=1 fh=f95766f30bc4ebc6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup406.exe"sh=DD6E088E22874B283348A15DB5159C7B20CC6D22 ft=1 fh=fe9dda6ca79832a6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\ccsetup407.exe"sh=D40FBAF76D1B6D1FC593E0399A3171EF50E1204E ft=1 fh=e7700d129ff08fc3 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Users\David\Downloads\dfsetup209.exe"sh=DB6F475A6FBE870FE7A8A3C629049E2F02B7A977 ft=1 fh=7df196dca5a810ba vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Users\David\Downloads\dfsetup213.exe"sh=104FB6843F23D760F8AE357A6E5C7297B9402651 ft=1 fh=cbcff19174039424 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Users\David\Downloads\dfsetup214.exe"sh=FD8F04FC658467BE815860357E720C8F9A458335 ft=1 fh=45b9055eb78cc73e vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\dfsetup215.exe"sh=8FED8B0A2D646AECA2C5EF60FD7A98901AA9CAC3 ft=1 fh=531c0e216047db7b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\dfsetup216 (1).exe"sh=8FED8B0A2D646AECA2C5EF60FD7A98901AA9CAC3 ft=1 fh=531c0e216047db7b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\dfsetup216.exe"sh=8FED8B0A2D646AECA2C5EF60FD7A98901AA9CAC3 ft=1 fh=531c0e216047db7b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David\Downloads\py.exe" Link to post Share on other sites More sharing options...
ThirdTimesTheCharm Posted February 19, 2014 Author ID:793812 Share Posted February 19, 2014 Ok, when I turned on my computer just now, it did something weird. For a minute the icons didn't come up and there was a message box titled: Personal Settings In the box it said something like: Setting up personal settings. After a minute or so the icons came up. Link to post Share on other sites More sharing options...
Tomk1 Posted February 19, 2014 ID:793816 Share Posted February 19, 2014 Those are just setup files that have been patched to include google toolbar. They should not be causing your troubles. Let's get rid of them anyway. This will also give the tool a chance to see if anything has changed. COMBOFIX-Script Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:File::C:\Downloads\Software\ccsetup327.exeC:\Downloads\Software\dfsetup212.exeC:\Downloads\Software\gamefire.exeC:\Downloads\Software\Shockwave_Installer_Slim.exeC:\Users\David\Downloads\ccsetup318.exeC:\Users\David\Downloads\ccsetup319.exeC:\Users\David\Downloads\ccsetup321.exeC:\Users\David\Downloads\ccsetup328.exeC:\Users\David\Downloads\ccsetup400.exeC:\Users\David\Downloads\ccsetup401 (1).exeC:\Users\David\Downloads\ccsetup402.exeC:\Users\David\Downloads\ccsetup405.exeC:\Users\David\Downloads\ccsetup406 (1).exeC:\Users\David\Downloads\ccsetup406.exeC:\Users\David\Downloads\ccsetup407.exeC:\Users\David\Downloads\dfsetup209.exeC:\Users\David\Downloads\dfsetup213.exeC:\Users\David\Downloads\dfsetup214.exeC:\Users\David\Downloads\dfsetup215.exeC:\Users\David\Downloads\dfsetup216 (1).exeC:\Users\David\Downloads\dfsetup216.exeC:\Users\David\Downloads\py.exeC:\Program Files (x86)\GUM8CD3.tmpC:\Windows\SysWow64\sho5739.tmpSave this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall. Link to post Share on other sites More sharing options...
ThirdTimesTheCharm Posted February 20, 2014 Author ID:794022 Share Posted February 20, 2014 had to attach again. I hope this is the right file...ComboFix.txt Link to post Share on other sites More sharing options...
Tomk1 Posted February 20, 2014 ID:794192 Share Posted February 20, 2014 I've been going back over your logs... and I'm just not seeing the problem. The open action center warning about no Anti-Virus when it is actually enabled is not unusual. For some reason that warning is even more prevalent on systems running MSSE. If Kaspersky says it's running... I'd not worry about it. I'm just not seeing any system files being reported other than they should be. You're not throwing errors. I just don't know what is going on. Please try to describe for me each of the issues you are having. Link to post Share on other sites More sharing options...
ThirdTimesTheCharm Posted February 20, 2014 Author ID:794382 Share Posted February 20, 2014 Well, I think at this point I may not be having any issues. The trouble I had with IE was from me removing it from my taskbar and from some tweaks I made to it to keep it from being a problem when my machine "Has to use it". Seems the windows fix thingy restored the corrupted files and everything seems to be working good. If the open action center thing is ok and the other message was normal, too, then I think we might be done. =) Link to post Share on other sites More sharing options...
Tomk1 Posted February 20, 2014 ID:794402 Share Posted February 20, 2014 Great! I haven't been impressed with the action center. I suggest you take it's warnings as warnings... not facts. If Kaspersky says it's running - then it's running and the warning is wrong. Let's clean up: Log looks good Time for some housekeepingClick START then RUN Now type ComboFix /Uninstall in the runbox and click OK.Note the space between the X and the U, it needs to be there.The above procedure will:Implement some cleanup procedures.Reset System Restore. We need to remove the tools we've used during cleaning your machine Download Delfix from hereEnsure Remove disinfection tools is tickedAlso tick:Create registry backupPurge system restoreClick RunThe program will run for a few moments and then notepad will open with a log. I don't really need to see the log.Please re-enable any security that was disabled. If you have any stray tools or logs left... just go ahead and delete them. The following is my standard advice for the future. Use what you can and pat yourself on the back for what you're already doing.Please take time to read Preventing Malware - Tools and Practices for Safe Computing. Very important information for your consideration is contained therein.I would also suggest you read this:So how did I get infected in the first place?by Tony KleinAlso: "How to prevent malware" by miekiemoesPlease respond back that you understand the above and let me know if you have any questions. Otherwise, this thread will be closed Resolved. Link to post Share on other sites More sharing options...
ThirdTimesTheCharm Posted February 21, 2014 Author ID:794689 Share Posted February 21, 2014 I can not thank you enough, Tomk. I have bookmarked the articles and will get on raising my protection as soon as I get home tonight. Skimming through them just now, I actually already see some misconceptions I had about Windows 7's firewall. Also, see some great programs there that I don't already use. I use the clean-up programs and then tried deleting some left over stuff but it said it could not be found. I'm hoping it will be gone once I restart. Again, many, many thanks man. Hopefully now I can get back to SWTOR.. lol Link to post Share on other sites More sharing options...
Tomk1 Posted February 21, 2014 ID:794836 Share Posted February 21, 2014 May the force be with you! You are very welcome. Good luck and be well! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted February 22, 2014 Root Admin ID:794941 Share Posted February 22, 2014 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts