Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need help, have multiple pop-ups and probably a virus too

Started by juglar21 , Dec 19 2014 04:07 PM

  • This topic is locked This topic is locked

#16
zep516
Posted 21 December 2014 - 01:44 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,007 posts
Run JRT now post the JRT.txt log
  • 0

Advertisements

#17
juglar21
Posted 21 December 2014 - 02:00 PM

juglar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

Here is the JRT txt

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Kris on Sun 12/21/2014 at 14:52:02.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] ssnfd
Successfully deleted: [Service] ssnfd



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util swift browse
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.DynamicBarButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.DynamicBarButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.FeedManager
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.FeedManager.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.HTMLMenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.HTMLMenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.HTMLPanel
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.HTMLPanel.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.MultipleButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.MultipleButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.PseudoTransparentPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.PseudoTransparentPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.Radio
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.Radio.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.RadioSettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.RadioSettings.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.ScriptButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.ScriptButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.SettingsPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.SettingsPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.ThirdPartyInstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.ThirdPartyInstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.UrlAlertButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.UrlAlertButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.XMLSessionPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\RecipeHub_2j.XMLSessionPlugin.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1AC6F0D9-5B4C-423A-B201-98A06EC8B28E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fb17d7e0-5f62-443d-aa59-0234ee02af98}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{fb17d7e0-5f62-443d-aa59-0234ee02af98}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fb17d7e0-5f62-443d-aa59-0234ee02af98}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06e3475c-5521-4de8-bb12-50720f21631c}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{06e3475c-5521-4de8-bb12-50720f21631c}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fb17d7e0-5f62-443d-aa59-0234ee02af98}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{fb17d7e0-5f62-443d-aa59-0234ee02af98}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06e3475c-5521-4de8-bb12-50720f21631c}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{06e3475c-5521-4de8-bb12-50720f21631c}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fb17d7e0-5f62-443d-aa59-0234ee02af98}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{fb17d7e0-5f62-443d-aa59-0234ee02af98}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job
Successfully deleted: [File] C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-969E73DB.pf
Successfully deleted: [File] C:\Windows\prefetch\TOOLBARUPDATER.EXE-F2CC6776.pf



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Kris\appdata\locallow\recipehub_2j"
Successfully deleted: [Folder] "C:\Program Files (x86)\recipehub_2j"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/21/2014 at 14:55:33.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

thanks J


  • 0

#18
zep516
Posted 21 December 2014 - 02:02 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,007 posts
Reset your Chrome browser
Please follow these instructions here to reset chrome.

Next

If you already have Malwarebytes you will not have to download it, follow these instructions and remember (If threats are detected, click the Apply Actions button)

Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
/Post that log

If you have trouble with getting log report you can try it this way too.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the Histor tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.
Thanks
Joe :)
  • 0

#19
juglar21
Posted 21 December 2014 - 02:04 PM

juglar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

Regarding my anti-virus s/w. Before we got started today, I went into the uninstall program and deleted many things, one of them was the AVG software and the other was McAffee software. I believe those were the 2 anti virus softwares on the comuter.

I will now reinstall AVG

 

Thanks, J


  • 0

#20
zep516
Posted 21 December 2014 - 02:08 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,007 posts
No don't reinstall anything now
  • 0

#21
juglar21
Posted 21 December 2014 - 02:10 PM

juglar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

Hi,

 

<<Reset your Chrome browser>>

 

I am using Mozilla, but have Google toolbar for I.E. as well as Google Earth.

 

In other words, couldn't find google chrome anywhere on the computer

 

Thanks, J


  • 0

#22
zep516
Posted 21 December 2014 - 02:12 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,007 posts
OK,

Run the malwarebytes scan.
  • 0

#23
juglar21
Posted 21 December 2014 - 02:12 PM

juglar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

okay, won't re-install anything


  • 0

#24
juglar21
Posted 21 December 2014 - 02:13 PM

juglar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

I got this computer from my wife, since it gave her too many headaches, fyi.

 

So what about Malwarebytes? I can't find it currently and mught have deleted it earlier to day too,

and since you do not want me to install anything right now, what shall I do?

 

Thanks, J


  • 0

#25
juglar21
Posted 21 December 2014 - 02:14 PM

juglar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

weill, you gave instructions to down load it, so will do that now!


  • 0

Advertisements

#26
zep516
Posted 21 December 2014 - 02:15 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,007 posts
You can install Malwarebytes, as instructed in post # 18
  • 0

#27
juglar21
Posted 21 December 2014 - 02:21 PM

juglar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

whilst trying to install Malwarebytes I get the message  'CoCreateInstance failed:  code 0x80040154. Class not registered.

 

When I clicked on the OK  button, the second time the process moved on and now I can click on finish


  • 0

#28
zep516
Posted 21 December 2014 - 02:30 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,007 posts
OK.

Is it working now, is it scanning ?

Joe
  • 0

#29
juglar21
Posted 21 December 2014 - 02:53 PM

juglar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

yes it is scanning and has already 116 detected objects. But before I scanned my computer was already working much better  :)

 

Thanks, J


  • 0

#30
zep516
Posted 21 December 2014 - 03:01 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,007 posts
You're welcome.

You have this Anti Virus installed (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

My recommendation is to keep that and not re-install AVG.

We can talk about that at the end. Quite a bit more to do yet, a very infected machine you had there.

Joe
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP