Browser Settings Keep Changing

View previous topic View next topic Go down

Browser Settings Keep Changing

Post by mh on Sun 24 Mar 2013, 2:35 pm

Hi,

I'm not sure if this is the right forum for this, but I'll give it a shot. I downloaded some video software, which gave me spam. It caused my browser homepage to change as well as my Internet search page. No matter how I set it, it would change back. Also IE kept asking me if it could change my homepage settings, which I ignored and then did not allow. From then on, I'd get my browser with my old settings along w/all the tabs I had open before I downloaded the video software. Now it either keeps giving me my old settings w/multiple tabs or Delta search page as the homepage and search page. I also noticed some popup ad today while I was looking at something and I didn't even install it.

I've followed all the guidelines and the results are below. It seems AdwCleaner may have cleaned up everything that was installed, but I'm not totally sure. Please let me know what I should do. I appreciate your help! Thanks.

Results from AdwCleaner:

# AdwCleaner v2.115 - Logfile created 03/23/2013 at 18:36:51
# Updated 17/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : MH
# Boot Mode : Normal
# Running from : C:\Documents and Settings\MH\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : BrowserProtect

***** [Files / Folders] *****

Deleted on reboot : C:\Documents and Settings\All Users\Application Data\BrowserProtect
File Deleted : C:\Documents and Settings\MH\Application Data\Mozilla\Firefox\Profiles\i1tgu06k.default\bprotector_extensions.sqlite
File Deleted : C:\Documents and Settings\MH\Application Data\Mozilla\Firefox\Profiles\i1tgu06k.default\bprotector_prefs.js
File Deleted : C:\Documents and Settings\MH\Application Data\Mozilla\Firefox\Profiles\i1tgu06k.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Documents and Settings\MH\Application Data\Mozilla\Firefox\Profiles\i1tgu06k.default\searchplugins\delta.xml
File Deleted : C:\Documents and Settings\MH\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\WINDOWS\Tasks\BrowserProtect.job
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\DOCUME~1\MH\LOCALS~1\Temp\AskSearch
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\MH\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\MH\Application Data\BabSolution
Folder Deleted : C:\Documents and Settings\MH\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\MH\Application Data\Delta
Folder Deleted : C:\Documents and Settings\MH\Application Data\Mozilla\Firefox\Profiles\i1tgu06k.default\extensions\ffxtlbr@delta.com
Folder Deleted : C:\Documents and Settings\MH\Application Data\Mozilla\Firefox\Profiles\i1tgu06k.default\extensions\toolbar@ask.com
Folder Deleted : C:\Documents and Settings\MH\Application Data\Mozilla\Firefox\Profiles\i1tgu06k.default\jetpack
Folder Deleted : C:\Documents and Settings\MH\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\MH\Start Menu\Programs\BrowserProtect
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Delta
Folder Deleted : C:\Program Files\hdvidcodec.com
Folder Deleted : C:\Program Files\Movie2KDownloader.com
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\9508fd9b13abe10
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\BrowserProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\9508fd9b13abe10
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\TENCENT
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKU\S-1-5-21-3208879591-2319935990-467615217-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] =

[You must be registered and logged in to see this link.] --> [You must be registered and logged in to see this link.]

-\\ Mozilla Firefox v20.0 (en-US)

File : C:\Documents and Settings\MH\Application Data\Mozilla\Firefox\Profiles\i1tgu06k.default\prefs.js

C:\Documents and Settings\MH\Application Data\Mozilla\Firefox\Profiles\i1tgu06k.default\user.js ... Deleted !

Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119776&babsrc=NT_ss&mntrId=bfa05[...]
Deleted : user_pref("browser.search.order.1", "Delta Search");
Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId[...]
Deleted : user_pref("extensions.asktb.AviraIDW-TS", "1359171036480");
Deleted : user_pref("extensions.asktb.AviraIDW-XML", "Deleted : user_pref("extensions.asktb.config-updated", false);
Deleted : user_pref("extensions.asktb.crumb", "2011.07.06+16.14.38-toolbar010iad-US-Q2hpY2FnbyxJTCxVbml0ZWQgU3
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYUS");
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.guid", "c25e7e53-9ccb-48c2-9b8d-6ebd8e47be4d");
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.if", "first");
Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1350174103070");
Deleted : user_pref("extensions.asktb.last-v", "3.13.1.100009");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.location", "Chicago,IL,United States");
Deleted : user_pref("extensions.asktb.notification-shown", true);
Deleted : user_pref("extensions.asktb.o", "100000080");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "3");
Deleted : user_pref("extensions.asktb.sa", "NO");
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.silent-upgrade", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Deleted : user_pref("extensions.asktb.themeid", "");
Deleted : user_pref("extensions.asktb.to", "");
Deleted : user_pref("extensions.asktb.v", "3.13.1.100015");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119776&babsrc[...]
Deleted : user_pref("extensions.delta.admin", false);
Deleted : user_pref("extensions.delta.aflt", "babsst");
Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Deleted : user_pref("extensions.delta.autoRvrt", "false");
Deleted : user_pref("extensions.delta.bbDpng", "22");
Deleted : user_pref("extensions.delta.cntry", "US");
Deleted : user_pref("extensions.delta.dfltLng", "en");
Deleted : user_pref("extensions.delta.excTlbr", false);
Deleted : user_pref("extensions.delta.hdrMd5", "385F6500F5EAC0B9C2CFB4A4DD56CFFC");
Deleted : user_pref("extensions.delta.id", "bfa056ba0000000000000013022b895d");
Deleted : user_pref("extensions.delta.instlDay", "15774");
Deleted : user_pref("extensions.delta.instlRef", "sst");
Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.10.013:06:47");
Deleted : user_pref("extensions.delta.newTab", false);
Deleted : user_pref("extensions.delta.prdct", "delta");
Deleted : user_pref("extensions.delta.prtnrId", "delta");
Deleted : user_pref("extensions.delta.rvrt", "false");
Deleted : user_pref("extensions.delta.sg", "azb");
Deleted : user_pref("extensions.delta.smplGrp", "azb");
Deleted : user_pref("extensions.delta.tlbrId", "base");
Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Deleted : user_pref("extensions.delta.vrsn", "1.8.10.0");
Deleted : user_pref("extensions.delta.vrsni", "1.8.10.0");
Deleted : user_pref("extensions.delta.vrsnTs", "1.8.10.013:06:47");
Deleted : user_pref("extensions.enabledAddons", "testpilot%40labs.mozilla.com:1.2.2,%7B3d7eb24f-2740-49df-8937[...]
Deleted : user_pref("extensions.toolbar@ask.com.install-event-fired", true);

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\MH\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [19471 octets] - [23/03/2013 18:36:51]

########## EOF - C:\AdwCleaner[S1].txt - [19532 octets] ##########


mbam log:

Malwarebytes Anti-Malware 1.70.0.1100
[You must be registered and logged in to see this link.]

Database version: v2013.03.23.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
MH :: [administrator]

3/23/2013 6:49:49 PM
mbam-log-2013-03-23 (18-49-49).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 351107
Time elapsed: 1 hour(s), 47 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


checkup:

Results of screen317's Security Check version 0.99.61
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 4.2
SpywareGuard v2.2
Malwarebytes Anti-Malware version 1.70.0.1100
Java(TM) 6 Update 20
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.6.602.180
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (20.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 4%
````````````````````End of Log``````````````````````

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Mon 25 Mar 2013, 11:52 am

Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.


First Verify your Java Version

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the Sun Java Runtime Environment.

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download JavaRa and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
*********************************************
Update your Adobe Reader. get.adobe.com/reader.

Be sure to uncheck the Free McAfee Security Scan so it isn't installed.

********************************************
Download Combofix from any of the links below, and save it to your DESKTOP.
If your version of Windows defaults to you download folder you will need to copy it to your desktop.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Tue 26 Mar 2013, 2:08 pm

Hi,

As I was installing Java, spyware caught something that was trying to change my browser homepage again. I removed that.

I've run combofix 3 times. Each time it seems to freeze my computer or take over 30 minutes. Is there something else I can use for this? The autoscan part is what seems to lag.

Thanks!

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Wed 27 Mar 2013, 4:47 am

mh wrote:Hi,
As I was installing Java, spyware caught something that was trying to change my browser homepage again. I removed that.
I've run combofix 3 times. Each time it seems to freeze my computer or take over 30 minutes. Is there something else I can use for this? The autoscan part is what seems to lag.
Thanks!
You could try running it in Safe Mode.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Wed 27 Mar 2013, 1:49 pm

I ran it in Safe Mode and ran it twice, still nothing changed. I forgot to mention that my time would stop at a certain point while ComboFix was running and was frozen once again. Is ComboFix the only thing I can run? Another option would be nice. Thanks.

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Thu 28 Mar 2013, 12:23 am


  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

******************************************
SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

[You must be registered and logged in to see this link.]

Unzip it into a folder on your desktop.

  • Double click Sysprot.exe to start the program.
  • Click on the Log tab.
  • In the Write to log box select the following items.

    • Process << Selected
    • Kernel Modules << Selected
    • SSDT << Selected
    • Kernel Hooks << Selected
    • IRP Hooks << NOT Selected
    • Ports << NOT Selected
    • Hidden Files << Selected

  • At the bottom of the page

    • Hidden Objects Only << Selected

  • Click on the Create Log button on the bottom right.
  • After a few seconds a new window should appear.
  • Select Scan Root Drive. Click on the Start button.
  • When it is complete a new window will appear to indicate that the scan is finished.
  • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Fri 29 Mar 2013, 10:29 am

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRKgmailcom
Feedback : [You must be registered and logged in to see this link.]
Website : [You must be registered and logged in to see this link.]
Blog : [You must be registered and logged in to see this link.]

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : MH [Admin rights]
Mode : Scan -- Date : 03/28/2013 18:26:05
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[25] : NtClose @ 0x8056F8D7 -> HOOKED (Unknown @ 0xF7BDABD4)
SSDT[41] : NtCreateKey @ 0x80578ABE -> HOOKED (Unknown @ 0xF7BDAB8E)
SSDT[50] : NtCreateSection @ 0x8056DB66 -> HOOKED (Unknown @ 0xF7BDABDE)
SSDT[53] : NtCreateThread @ 0x805860C0 -> HOOKED (Unknown @ 0xF7BDAB84)
SSDT[63] : NtDeleteKey @ 0x8059A5CD -> HOOKED (Unknown @ 0xF7BDAB93)
SSDT[65] : NtDeleteValueKey @ 0x805991EC -> HOOKED (Unknown @ 0xF7BDAB9D)
SSDT[68] : NtDuplicateObject @ 0x8057DDAF -> HOOKED (Unknown @ 0xF7BDABCF)
SSDT[98] : NtLoadKey @ 0x805D608D -> HOOKED (Unknown @ 0xF7BDABA2)
SSDT[122] : NtOpenProcess @ 0x8057BB80 -> HOOKED (Unknown @ 0xF7BDAB70)
SSDT[128] : NtOpenThread @ 0x80596A0F -> HOOKED (Unknown @ 0xF7BDAB75)
SSDT[177] : NtQueryValueKey @ 0x80572F19 -> HOOKED (Unknown @ 0xF7BDABF7)
SSDT[193] : NtReplaceKey @ 0x8065724C -> HOOKED (Unknown @ 0xF7BDABAC)
SSDT[200] : NtRequestWaitReplyPort @ 0x8057D89E -> HOOKED (Unknown @ 0xF7BDABE8)
SSDT[204] : NtRestoreKey @ 0x80656DE1 -> HOOKED (Unknown @ 0xF7BDABA7)
SSDT[213] : NtSetContextThread @ 0x8063628D -> HOOKED (Unknown @ 0xF7BDABE3)
SSDT[237] : NtSetSecurityObject @ 0x8059EC29 -> HOOKED (Unknown @ 0xF7BDABED)
SSDT[247] : NtSetValueKey @ 0x8057B4EF -> HOOKED (Unknown @ 0xF7BDAB98)
SSDT[255] : NtSystemDebugControl @ 0x80651B27 -> HOOKED (Unknown @ 0xF7BDABF2)
SSDT[257] : NtTerminateProcess @ 0x8058E6B9 -> HOOKED (Unknown @ 0xF7BDAB7F)
S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF7BDAC06)
S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF7BDAC0B)

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: HTS541010G9SA00 +++++
--- User ---
[MBR] 3b4d2ff67d57d4298acdb0575a8db258
[BSP] 5e47b50246e58b794bca04f29dd90dd8 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 95205 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_03282013_02d1826.txt >>
RKreport[1]_S_03282013_02d1826.txt




mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Fri 29 Mar 2013, 10:38 am

SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: A9EEA000
Module End: A9F02000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS
Service Name: ---
Module Base: F7B6A000
Module End: F7B6C000
Hidden: Yes

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwClose
Address: F7BDABD4
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwCreateKey
Address: F7BDAB8E
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwCreateSection
Address: F7BDABDE
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwCreateThread
Address: F7BDAB84
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwDeleteKey
Address: F7BDAB93
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwDeleteValueKey
Address: F7BDAB9D
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwDuplicateObject
Address: F7BDABCF
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwLoadKey
Address: F7BDABA2
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwOpenProcess
Address: F7BDAB70
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwOpenThread
Address: F7BDAB75
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwQueryValueKey
Address: F7BDABF7
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwReplaceKey
Address: F7BDABAC
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwRequestWaitReplyPort
Address: F7BDABE8
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwRestoreKey
Address: F7BDABA7
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSetContextThread
Address: F7BDABE3
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSetSecurityObject
Address: F7BDABED
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSetValueKey
Address: F7BDAB98
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSystemDebugControl
Address: F7BDABF2
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwTerminateProcess
Address: F7BDAB7F
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
No hidden files/folders found


mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Fri 29 Mar 2013, 1:04 pm

Please run RogueKiller again and click "Delete" to remove those items which were found.

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.

  • Leave the check mark next to Remove found threats.

•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Fri 29 Mar 2013, 11:21 pm

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=69d6274e4a3efe4e8720c35cc5555b10
# engine=13507
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-29 08:37:53
# local_time=2013-03-29 03:37:53 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1799 16775165 100 97 0 134270778 131902 0
# scanned=109880
# found=0
# cleaned=0
# scan_time=18009

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Sat 30 Mar 2013, 9:03 am

That looks good. How's your computer running now?

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Sat 30 Mar 2013, 1:09 pm

I think it's better. But I had to disable my antivirus to run the ComboFix last time and when I enabled it again, it made my antivirus my browser's home page. It also installed Ask as the search engine as well. I'm not sure why it did that.

Is there anything else I'd need to do? Should I be worried about my personal information being leaked via spyware when I had these issues?

Thanks for all your help!

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Sun 31 Mar 2013, 5:04 am

But I had to disable my antivirus to run the ComboFix last time and when I enabled it again, it made my antivirus my browser's home page. It also installed Ask as the search engine as well. I'm not sure why it did that.
Once you change your home page back to what you want this shouldn't happen again. Please uninstall anything to do with Ask.
Should I be worried about my personal information being leaked via spyware when I had these issues?
No, you should be good. Just make sure your AV is kept up-to-date and keep your Firewall running. If you want more protection you could install a third-party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus
5) ZoneAlarm Firewall

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
*********************************************
Let's do some cleanup.

To turn off Windows XP System Restore:

NOTE: These instructions assume that you are using the default Windows XP Start Menu and have not changed to the Classic Start menu. To re-enable the default menu, right-click Start, click Properties, click Start menu (not Classic) and then click OK.

1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore" or "Turn off System Restore on all drives"
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
8. Restart the computer and follow the instructions in the next section to turn on System Restore.

To turn on Windows XP System Restore:

1. Click Start.
2. Right-click My Computer, and then click Properties.
3. Click the System Restore tab.
4. Uncheck "Turn off System Restore" or "Turn off System Restore on all drives."
5. Click Apply, and then click OK.
***************************************
Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.



Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.



This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
***************************************
Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Sun 31 Mar 2013, 1:54 pm

I've followed all your steps and Spybot found over 90 malawares after being scanned. All but one was fixed due to 'access is denied' error. I'm admin, but it doesn't allow me to change settings in my startup or services. I'm also having this error when I try to enable/start my antivirus scheduler. What should I do?

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Mon 01 Apr 2013, 5:33 am

Please try this to see if it helps.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Mon 01 Apr 2013, 10:06 am

That didn't work. I keep getting 'access is denied' on anything in that folder. I ended up uninstalling the antivirus software so I could reinstall it. But my security settings are preventing me from downloading the software. It says 'blocked by your security zone policy'. I'm not sure which software is blocking it. It's either the Spyware blaster or spybot, but I can't seem to find the settings to change that. I thought it was the pc tools firewall plus, but I disabled it and still got that problem. Please help me.

Also, I noticed my juschedule.exe keeps failing on startup ever since the new upgrade.

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Mon 01 Apr 2013, 12:23 pm

I keep getting 'access is denied' on anything in that folder
What folder are you trying to access?

Also, I noticed my juschedule.exe keeps failing on startup ever since the new upgrade.
According to the Security Check you still have Java(TM) 6 Update 20 so you haven't done the upgrade. Also, there is no reason for juschedule.exe to be running. It's only using up resources.

But my security settings are preventing me from downloading the software. It says 'blocked by your security zone policy'.
You could try lowering your Security zone. With your browser running click on Tools, Internet Options, Privacy and lower your Security settings and click Apply.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Mon 01 Apr 2013, 12:53 pm

I was trying to access c:\program files\avira\.

I have Java 6 Update 43 installed according to my program settings.

There's no option to lower the security settings in Firefox. Is it located elsewhere?

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Mon 01 Apr 2013, 2:29 pm

I figured out where to adjust the security settings and was able to successfully install my antivirus. However, Avira said it was incompatible with PC Tools Firewall Plus and Malwarebytes' Anti-Malaware. Should I uninstall one of these items?

What should I do about making sure I have the newest version of Java?

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Tue 02 Apr 2013, 6:04 am

I figured out where to adjust the security settings and was able to successfully install my antivirus. However, Avira said it was incompatible with PC Tools Firewall Plus and Malwarebytes' Anti-Malaware. Should I uninstall one of these items?
Download MSE (MicroSoft Security Essentials) and disable Avira and see if you have any problems with conflicts with MSE as your AV.

Microsoft Security Essentials for Windows XP

What should I do about making sure I have the newest version of Java?
The updated Java for XP should be Java 7 update 11. Just click on "Verify your Java version" in the link I gave you on page 1. This will take you to the Java site. If your Java is out-of-date it will advise you to download the newest version.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Tue 02 Apr 2013, 10:54 am

I have installed Microsoft Security Essentials successfully. Should I uninstall Avira?

I now have the newest version of Java 7 update 17.

I'm curious to know why I had so many malawares when I ran SpywareBlaster since I ran all of those fixes and such previously. Do you know why? Is there anything else that I need?

Thanks again for your help!

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Tue 02 Apr 2013, 1:02 pm

I have installed Microsoft Security Essentials successfully. Should I uninstall Avira?
You can keep it if you wish to do an occasional scan but make sure only one AV is enabled at any time.

I'm curious to know why I had so many malawares when I ran SpywareBlaster since I ran all of those fixes and such previously.
SpywareBlaster is only to protect you from infections ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
Is there anything else that I need?
I guess we're finished here.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by mh on Tue 02 Apr 2013, 1:11 pm

Thanks so much for all your help!

mh

Rookie Surfer
Rookie Surfer

Posts : 56
Joined : 2009-04-08
Operating System : Windows XP

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Superdave on Wed 03 Apr 2013, 3:40 am

You're welcome. I will lock this thread. If you need additional help, please pm me.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Browser Settings Keep Changing

Post by Sponsored content Today at 4:12 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum