JoDeeAnne

Members
  • Content Count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About JoDeeAnne

  • Rank
    Newbie
  • Birthday May 25

Profile Information

  • Gender
    Male
  • Location
    North Carolina
  1. I did uninstall. Would it hurt if I kept the 'adwcleaner'? I think you have finished with me! You did a great job! Thanks again so much!
  2. Sweet Cecilia.... The 'Trojan.win32.Generic!bt' is in quarantine per AdAware. Avast picked up 'dnsbasic.exe (Win32.basicScan.c.adw) which I assumed is the adaware running. Here is the log from the AdwCleaner after 'search', 'delete' then a reboot of the computer. (I attached the 2 logs from the dds run) Everything seems to be running back to normal. *I am waiting to see if I get the 'pop up' window saying my windows is not a valid version. We will see. Thanks for all your help & Patience! Hugs! ****************************************************************************************************************************************************************** # AdwCleaner v2.201 - Logfile created 04/21/2013 at 18:34:19 # Updated 21/04/2013 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Jo Anne - JOANNE-PC # Boot Mode : Normal # Running from : C:\Users\Jo Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V075ZMDO\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Registry is clean. -\\ Google Chrome v26.0.1410.64 File : C:\Users\Jo Anne\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [5438 octets] - [21/04/2013 13:08:30] AdwCleaner[R2].txt - [5498 octets] - [21/04/2013 13:10:10] AdwCleaner[R3].txt - [5558 octets] - [21/04/2013 13:30:59] AdwCleaner[R4].txt - [5614 octets] - [21/04/2013 13:41:00] AdwCleaner[R5].txt - [1158 octets] - [21/04/2013 18:05:14] AdwCleaner[R6].txt - [1279 octets] - [21/04/2013 18:34:03] AdwCleaner[s1].txt - [5658 octets] - [21/04/2013 13:41:12] AdwCleaner[s2].txt - [1219 octets] - [21/04/2013 18:08:10] AdwCleaner[s3].txt - [1210 octets] - [21/04/2013 18:34:19] ########## EOF - C:\AdwCleaner[s3].txt - [1270 octets] ########## attach.txt dds.txt
  3. Sorry Celilia! I didn't download the "AdwCleaner" Got it now! Here is the report after doing the search! Thanks! *I am able to play the 'pangya' game now, after following your instructions. But I continue to get a 'pop up' window saying I do not have 'valid' windows. It gives me a link to go an purchase the 'windows'. Also when I open Google Chrome, I get 4 tabs reading 1. Lavasoft Secure Search 2. start.sweetpacks.com/? (http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={FDABD91C-A516-11E2-B5EC-1C6F65973872} ) 3. Google 4. Yahoo! Search *********************************************************************************************************************** # AdwCleaner v2.200 - Logfile created 04/21/2013 at 13:30:59 # Updated 02/04/2013 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Jo Anne - JOANNE-PC # Boot Mode : Normal # Running from : C:\Users\Jo Anne\Downloads\adwcleaner (2).exe # Option [search] ***** [services] ***** Found : DefaultTabUpdate ***** [Files / Folders] ***** File Found : C:\Users\Jo Anne\AppData\Local\funmoods-speeddial.crx File Found : C:\Users\Jo Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage Folder Found : C:\Program Files (x86)\Common Files\spigot Folder Found : C:\Program Files (x86)\OApps Folder Found : C:\ProgramData\Tarma Installer Folder Found : C:\Users\Jo Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj Folder Found : C:\Users\Jo Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Crossrider Key Found : HKCU\Software\AppDataLow\Software\DefaultTab Key Found : HKCU\Software\AppDataLow\Software\Freecause Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\Search Settings Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Default Tab Key Found : HKCU\Software\DefaultTab Key Found : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Key Found : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\ShopToWin Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Default Tab Key Found : HKLM\Software\Freeze.com Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Found : HKLM\SOFTWARE\Tarma Installer Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Registry is clean. -\\ Google Chrome v26.0.1410.64 File : C:\Users\Jo Anne\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [5438 octets] - [21/04/2013 13:08:30] AdwCleaner[R2].txt - [5498 octets] - [21/04/2013 13:10:10] AdwCleaner[R3].txt - [5435 octets] - [21/04/2013 13:30:59] ########## EOF - C:\AdwCleaner[R3].txt - [5495 octets] ##########
  4. Thanks Cecilia, Couldn't find c:\adwcleaner[r1].txt This was the 'log' Not sure if this is what you need to see. [info] [1] tid=2980 09:46:27.460018 [Loki::ImplOf<class Common::ComServerLauncher>::COMServerDown:289] Service Process not exist [info] [2] tid=2980 09:46:27.460018 [Loki::ImplOf<class Common::ComServerLauncher>::GetComServerPath:174] CLSID[b08ecec8-805c-49f5-a388-3a769e2ed33d] [info] [3] tid=2980 09:46:27.460018 [Loki::ImplOf<class Common::ComServerLauncher>::GetComServerPath:177] Server path C:\PROGRA~2\AD-AWA~1\AdAware.exe [info] [4] tid=2980 09:46:27.756419 [Loki::ImplOf<class Common::ComServerLauncher>::WaitServerInitialization:253] Wait for init [info] [5] tid=2980 09:46:27.756419 [Loki::ImplOf<class Common::ComServerLauncher>::WaitServerInitialization:254] Init event name [Global\c9fd0629-f27f-5b83-b841-e73fcc79f267] [info] [6] tid=2980 09:46:32.526623 [Loki::ImplOf<class Common::ComServerLauncher>::WaitServerInitialization:268] Wait done [info] [7] tid=2980 09:46:32.526623 [Loki::ImplOf<class Common::ComServerLauncher>::ImpersonateThread:317] User before Impersonate [sYSTEM] [info] [8] tid=2980 09:46:32.526623 [Loki::ImplOf<class Common::ComServerLauncher>::ImpersonateThread:322] User after Impersonate [Jo Anne] [info] [9] tid=2980 09:46:32.527623 [Loki::ImplOf<class Common::ComServerLauncher>::CreateClassInstance:352] Try create instance... [info] [10] tid=2980 09:46:32.539623 [Loki::ImplOf<class Common::ComServerLauncher>::CreateClassInstance:357] Successful [info] [11] tid=2980 09:53:08.013243 [Loki::ImplOf<class Common::ComServerLauncher>::COMServerDown:284] Service Process exist [info] [12] tid=2980 09:53:08.014243 [Loki::ImplOf<class Common::ComServerLauncher>::WaitServerInitialization:253] Wait for init [info] [13] tid=2980 09:53:08.014243 [Loki::ImplOf<class Common::ComServerLauncher>::WaitServerInitialization:254] Init event name [Global\c9fd0629-f27f-5b83-b841-e73fcc79f267] [info] [14] tid=2980 09:53:08.014243 [Loki::ImplOf<class Common::ComServerLauncher>::WaitServerInitialization:268] Wait done [info] [15] tid=2980 09:53:08.014243 [Loki::ImplOf<class Common::ComServerLauncher>::ImpersonateThread:317] User before Impersonate [sYSTEM] [info] [16] tid=2980 09:53:08.014243 [Loki::ImplOf<class Common::ComServerLauncher>::ImpersonateThread:322] User after Impersonate [Jo Anne] [info] [17] tid=2980 09:53:08.014243 [Loki::ImplOf<class Common::ComServerLauncher>::CreateClassInstance:352] Try create instance... [info] [18] tid=2980 09:53:08.033244 [Loki::ImplOf<class Common::ComServerLauncher>::CreateClassInstance:357] Successful [info] [19] tid=2224 10:25:01.279676 [Loki::ImplOf<class Common::ComServerLauncher>::COMServerDown:284] Service Process exist [info] [20] tid=2224 10:25:01.279676 [Loki::ImplOf<class Common::ComServerLauncher>::WaitServerInitialization:253] Wait for init [info] [21] tid=2224 10:25:01.279676 [Loki::ImplOf<class Common::ComServerLauncher>::WaitServerInitialization:254] Init event name [Global\c9fd0629-f27f-5b83-b841-e73fcc79f267] [info] [22] tid=2224 10:25:01.279676 [Loki::ImplOf<class Common::ComServerLauncher>::WaitServerInitialization:268] Wait done [info] [23] tid=2224 10:25:01.279676 [Loki::ImplOf<class Common::ComServerLauncher>::ImpersonateThread:317] User before Impersonate [sYSTEM] [info] [24] tid=2224 10:25:01.279676 [Loki::ImplOf<class Common::ComServerLauncher>::ImpersonateThread:322] User after Impersonate [Jo Anne] [info] [25] tid=2224 10:25:01.279676 [Loki::ImplOf<class Common::ComServerLauncher>::CreateClassInstance:352] Try create instance... [info] [26] tid=2224 10:25:01.281676 [Loki::ImplOf<class Common::ComServerLauncher>::CreateClassInstance:357] Successful
  5. I ran "Adware" found the Trojan.win32.genric!bt was on my computer. Ran the DNS as instructed and attached the text as instructed. Now.... what to do is my question. Thanks so much! I can use Chrome explorer, but not i.e. I keep receiving a 'pop up' box saying my windows is not valid. With a link to go an purchase a valid copy. I play "Pangya" (NTreev online golf game) but this virus will not allow me to pull up the game. Just about ready to throw this computer in the trash..... arrghhh! Hugs & Thanks Jo Dee Carolina Girl from North Carolina with a little "TarHeel" goin on! oops 4got to attach the 2nd one! Sorry Attach 4-20-13.txt DDS 4-20-13.txt