dslreports logo
site
    All Forums Hot Topics Gallery
spc
Search Topic:
share rss forum feed


LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26
Reviews:
·Comcast

1 recommendation

reply to vzDE

Re: Spamming issue - Logs Included

Thanks, No malware showing in the logs. THere are a few items to cleanup, but that's it.

First:
Use Add/Remove Programs to uninstall Shop at Home. The entry in appears as "SelectRebatesUninstall" or ShopAtHome.com Toolbar

* Adware and Privacy Concerns

Second:
Wild Tangent comes pre-installed on a lot of computer for the games. While there are mild adware and privacy concerns, it's not great enough, at this time, to recommend removal. I'll leave that up to you.

If you elect to remove, there is a master removal entry in Add/Remove Programs. Use that first, then check to see that any others have been removed.

Third:
Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, copy and paste the contents of the following box:


:OTL
IE - HKLM\..\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}: "URL" = »search.mywebsearch.com/mywebsear···chTerms}
IE - HKCU\..\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}: "URL" = »search.mywebsearch.com/mywebsear···chTerms}
IE - HKCU\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = »search.alot.com/web?q={searchTer···9000.490
O3 - HKLM\..\Toolbar: (RadioRage) - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files\RadioRage_4j\bar\1.bin\4jbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (RadioRage) - {78BA36C9-6036-482B-B48D-ECCA6F964B84} - C:\Program Files\RadioRage_4j\bar\1.bin\4jbar.dll File not found
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\firefox\ File not found
FF - HKLM\Software\MozillaPlugins\@RadioRage_4j.com/Plugin: C:\Program Files\RadioRage_4j\bar\1.bin\NP4jStub.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4jffxtbr@RadioRage_4j.com: C:\Program Files\RadioRage_4j\bar\1.bin [2012/05/31 13:15:37 | 000,000,000 | ---D | M]
SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 -- (Norton Internet Security)

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]


[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Once you see a message box "Fix complete! Click OK to open the fix log."
[*]Click the OK button
[*]The log will open in Notepad (your default text editor).
{*]Save the log. Post a copy of that log in your next reply.


Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.

If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start-All Programs-Accessories-Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

vzDE

join:2006-11-23
Newark, DE

Ran OTL again, here's the log.
No jog file after reboot.
Thanks for all the help.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{110a9ea2-8810-4c04-b916-cfd4e9427fec}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{110a9ea2-8810-4c04-b916-cfd4e9427fec}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{78ba36c9-6036-482b-b48d-ecca6f964b84} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78ba36c9-6036-482b-b48d-ecca6f964b84}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{78BA36C9-6036-482B-B48D-ECCA6F964B84} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78BA36C9-6036-482B-B48D-ECCA6F964B84}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mywebsearch.com/Plugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@RadioRage_4j.com/Plugin\ deleted successfully.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\firefox not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4jffxtbr@RadioRage_4j.com: C:\Program Files\RadioRage_4j\bar\1.bin not found.
Service Norton Internet Security stopped successfully!
Service Norton Internet Security deleted successfully!
File C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Kate
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Ron
->Temp folder emptied: 1843350 bytes
->Temporary Internet Files folder emptied: 519555388 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 65569398 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 11156 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24351231 bytes
RecycleBin emptied: 493 bytes

Total Files Cleaned = 583.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Kate
->Flash cache emptied: 0 bytes

User: Public

User: Ron
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.44.0 log created on 06142012_164305

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...