[Nutloaf]

My favourite movie. How did you guess

and now I have to watch the full clip

[Advertisements]

i'm running a disc check on the W drive now... and off to my son's school funtion; all day - back tonight

[briz_dad]

i'm running a disc check on the W drive now... and off to my son's school funtion; all day - back tonight

[Nutloaf]

Thanks for letting me now. Site has been down for a bit But is now back

[briz_dad]

I've run a diskchk 2x on drive W - it got stuck both times. Stuck at different places...

[Nutloaf]

O.K. Leave that be for the time being. Check disk does appear to stick but it will complete. Powering off can cause more damage:

This may take anything from 20 minutes to many hours (one user I had it took 26 hours!) don't switch off if it appears to be doing nothing, this is normal.

Naughty!

For that user the check was stuck on 10% for 24 hours, 11% for an hour and then it completed. For now remove that disk.

I really want to concentrate on getting your system clean. V9 can be tricky to remove. I am awaiting clearance for my post. Once clean I will investigate the log results for the C: drive. I will post instructions on how this is done.

[Nutloaf]

Hi Briz, this will hopefully shift some more baddies!


1. Shortcut Cleaner

• Using this link download and save to Desktop - Shortcut Cleaner
• Right-click Shortcut Cleaner and select Run as Administrator.
• When the Shortcut Cleaner has finished scanning your hard drive it will create a log file on your desktop called sc-cleaner.txt and then display it.
• Please post in your next reply.

2. OTL Fix
Open OTL then Copy the entire text in the Quote box below, do not include the word QUOTE and Paste into the Custom Scans/Fixes box in OTL.

:COMMANDS
[CREATERESTOREPOINT]

:REG
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"

:FILES
ipconfig /flushdns /c

:COMMANDS
[RESETHOSTS]
[EMPTYTEMP]

• Then click Run Fix
• Click O.K to Reboot.
• An OTL fix log will be saved in the following location: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log - Where mmddyyy _hhmmss is the date and time of fix.
• Copy and Paste Fix Log into your next reply.

[briz_dad]

1. Shortcut Cleaner
When the Shortcut Cleaner has finished scanning your hard drive it will create a log file on your desktop called sc-cleaner.txt and then display it.
Please post in your next reply.

Shortcut Cleaner 1.2.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingc...ortcut-cleaner/

Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 06/07/2013 08:33:23 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Greg\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Greg\Desktop


0 bad shortcuts found.

Program finished at: 06/07/2013 08:33:34 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

[briz_dad]

[*]Then click Run Fix
[*]Click O.K to Reboot.
[*]An OTL fix log will be saved in the following location: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log - Where mmddyyy _hhmmss is the date and time of fix.
[*]Copy and Paste Fix Log into your next reply.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\\"Default_Page_URL"|"http://www.google.com" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\\"Start Page"|"http://www.google.com" /E : value set successfully!
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Greg\Desktop\cmd.bat deleted successfully.
C:\Users\Greg\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Greg
->Temp folder emptied: 15946985 bytes
->Temporary Internet Files folder emptied: 35765190 bytes
->Java cache emptied: 226453 bytes
->FireFox cache emptied: 210772741 bytes
->Google Chrome cache emptied: 6099312 bytes
->Flash cache emptied: 3998 bytes

User: Public

User: QBDataServiceUser22
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 67748 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 272874103 bytes

Total Files Cleaned = 517.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06072013_203545

Files\Folders moved on Reboot...
File\Folder C:\Users\Greg\AppData\Local\Temp\OICE_42D69647-9AC0-4415-B251-953E917850C1.0\E190705A. not found!
C:\Users\Greg\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Greg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\XA69I52T\Video Three Descriptions and SEO tags 091412. not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[briz_dad]

man... long hike w/ my son's class - i'm beat! gettin' old in my old age

[Nutloaf]

Hi Briz any aches and pains today in places that are strange?....... now thats age!

Please complete the following steps

1.On your Desktop delete the good dog cool.zip folder and also delete the files from where they were extracted.

2. Reset Internet Explorer

• Click Start and type the following in the Search box - inetcpl.cpl and press Enter
• The Internet Options dialog box appears. Click the Advanced tab under Reset Internet Explorer settings click Reset
• Select the Delete personal settings check box and click Reset
• When complete click Close then start Internet Explorer again.

2. Reset Firefox

• At the top of the Firefox window, click the Firefox button and in the Help sub-menu select Troubleshooting Information
• Click the Reset Firefox button in the upper-right corner of the page.
• Click Reset Firefox in the confirmation window that opens.
• Firefox will close and reset. When complete a window will list the information that was imported. Click Finish and Firefox will open.

3. OPEN CHROME BROWSER

• In the Chrome Search Bar (top of the page with a star at the end) Copy and Paste the following: chrome://settings and press Enter
• Under Search click Manage Search Engines and in the Default Search Settings Highlight and Remove (X) any V9 references, and click Done I only have Google in mine.
• Bottom of the Settings page select Show Advanced Settings. Under Privacy select Clear browsing data
• In the Obliterate the following items from: box choose The beginning of time
• Check the Delete Cookies and Empty the Cache boxes and click Clear browsing data
• Close Chrome

How are the browsers behaving now?

[briz_dad]

How are the browsers behaving now?

v9 is still firmly entrenched in them... wow, this is a nefarious bit of software!!

[Nutloaf]

Before I try anything else can you delete the Shortcut Icons for your browsers on the desktop, Taskbar and Start menu if present.

• Now click Start then Computer and double click Local Disk C:
• Double click the Program Files (x86) folder then double click the iexplore icon.
• Still Present?

[briz_dad]

[*]Still Present?

that did it!!

[Nutloaf]

Hooray nice video thanks

I am in the middle of a discussion with my instructor about this will get back to you soon

[Nutloaf]

Hi Briz

V9 hijacks the browser shortcuts. I was hoping that Shortcut cleaner would show this, apparently not as they were indeed Hijacked. I will provide you a scan later to see if all is well.

For now make sure all browser shortcuts are deleted you need to check - Desktop, Start Menu, Taskbar. Then click Start - All Programs and delete those shortcuts as well.

Now that is done we can make some new clean shortcuts

Create New Shortcuts

• Click Start then Computer and double click Local Disk C:
• Double click the Program Files (x86) folder then right click the iexplore icon and select Send to and choose Desktop (create shortcut)
• Now click the back arrow to go back to the programs (x86) folder and double click the Google folder.
• Double click Chrome - then Application then right click the Chrome icon and select Send to and choose Desktop (create shortcut)
• Now click the back arrow to go back to the programs (x86) folder and double click the Mozilla Firefox folder.
• right click the Firefox icon and select Send to and choose Desktop (create shortcut)

After you have completed this let me know how the browsers are