Hotfixinstaller.exe

View previous topic View next topic Go down

Hotfixinstaller.exe

Post by Omnioshi on 10th July 2013, 8:19 pm

I need some help i believe my laptop has been infected by the Hotfixinstaller.exe virus, and i think something else is on the laptop too. I need help cleaning and removing it.

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Superdave on 10th July 2013, 11:14 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*******************************************************
Please download [You must be registered and logged in to see this link.]by Xplode onto your Desktop.

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

********************************************************
Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 11th July 2013, 3:45 am

I wasn't able to get Malwarebytes to run but i got Adwcleaner to run heres the report

# AdwCleaner v2.304 - Logfile created 06/13/2013 at 00:26:19
# Updated 03/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Harrison - HARRISON-430SDB
# Boot Mode : Normal
# Running from : E:\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Harrison\Application Data\Mozilla\Firefox\Profiles\5olr42mo.default\extensions\plugin@yontoo.com.xpi
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\WINDOWS\system32\roboot.exe
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\Harrison\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\Harrison\Application Data\PerformerSoft
Folder Deleted : C:\Documents and Settings\Harrison\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\Harrison\Local Settings\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\Harrison\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Harrison\Local Settings\Application Data\Veoh_Web_Player
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\file scout
Folder Deleted : C:\Program Files\Yontoo

***** [Registry] *****

Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2653012
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\Software\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = [You must be registered and logged in to see this link.] --> [You must be registered and logged in to see this link.]
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = [You must be registered and logged in to see this link.] --> [You must be registered and logged in to see this link.]

-\\ Mozilla Firefox v12.0 (en-US)

File : C:\Documents and Settings\Harrison\Application Data\Mozilla\Firefox\Profiles\5olr42mo.default\prefs.js

C:\Documents and Settings\Harrison\Application Data\Mozilla\Firefox\Profiles\5olr42mo.default\user.js ... Deleted !

Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119679&babsrc=NT_ss&mntrId=e8854[...]
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119679&babsrc[...]

-\\ Google Chrome v28.0.1500.71

File : C:\Documents and Settings\Harrison\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [6191 octets] - [13/06/2013 00:26:19]

########## EOF - C:\AdwCleaner[S1].txt - [6251 octets] ##########

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 11th July 2013, 5:13 am

Heres the report from the security check, the malware report will be next.

Results of screen317's Security Check version 0.99.68
Windows XP Service Pack 3 x86
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Disabled!
avast! Free Antivirus
ESET NOD32 Antivirus
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Java(TM) 6 Update 33
Java version out of Date!
Adobe Flash Player 11.7.700.224
Mozilla Firefox 12.0 Firefox out of Date!
Google Chrome 28.0.1500.71
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbam.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 4%
````````````````````End of Log``````````````````````

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 11th July 2013, 5:58 am

finally heres the malware report

Malwarebytes Anti-Malware 1.75.0.1300
[You must be registered and logged in to see this link.]

Database version: v2013.07.11.01

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Administrator :: HARRISON-430SDB [administrator]

7/10/2013 9:35:02 PM
mbam-log-2013-07-10 (21-35-02).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 293334
Time elapsed: 1 hour(s), 21 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\System Volume Information\_restore{6F561D05-C800-4654-A8E0-5549563E146B}\RP154\A0094174.exe (PUP.BundleInstaller.IB) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6F561D05-C800-4654-A8E0-5549563E146B}\RP162\A0096007.ini (Rootkit.0Access) -> Quarantined and deleted successfully.

(end)

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Superdave on 11th July 2013, 7:19 pm

The Security Check log shows that you have two AV programs on your computer; avast! Free Antivirus and ESET NOD32 Antivirus. Please make sure that only one is enabled at any time on your computer.

Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.


First [You must be registered and logged in to see this link.]

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the [You must be registered and logged in to see this link.].

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download [You must be registered and logged in to see this link.] and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: [You must be registered and logged in to see this link.] adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
********************************************
Please download [You must be registered and logged in to see this link.] to your desktop.

Warning! Once the scan is complete JRT will shut down your browser with NO warning.

Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click [You must be registered and logged in to see this link.] link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.
******************************************
It appears your system is infected with a rootkit. A rootkit is a powerful piece of malware, that allows hackers full control over your computer for means of sending attacks over the Internet, or using your computer to generate revenue.

Malware experts have recommended that we make it clear that with the system under control of a hacker, your computer might become impossible to clean 100%.

Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. They can disable your antivirus and security tools to prevent detection and removal. This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is sent back to the hacker. To learn more about these types of infections, you can refer to:

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. Do NOT change passwords or do any transactions while using the infected computer because the attacker may get the new passwords and transaction information. (If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again.) Banking and credit card institutions should be notified to apprise them of your situation (possible security breach). To protect your information that may have been compromised, I recommend reading these references:
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed. In some instances an infection may have caused so much damage to your system that it cannot
be completely cleaned or repaired so you can never be sure that you have completely removed a rootkit. The malware may leave so many remnants behind that security tools cannot find them. Tools that claim to be able to remove rootkits cannot guarantee that all traces of it will be removed. Many experts in the security community believe that once infected with such a piece of malware, the best course of action would be a reformat and clean reinstall of the OS. This is something I don't like to recommend normally, but in most cases it is the best solution for your safety. Making this decision is based on what the computer is used for, and what information can be accessed from it. For more information, please read these references very carefully:
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

However, if you do not have the resources to reinstall your computer's OS and would like me to attempt to clean it, I will be happy to do so. But please consider carefully before deciding against a reformat.
If you do make that decision, I will do my best to help you clean the computer of any infections, but you must understand that once a machine has been taken over by this type of malware, I cannot guarantee that it will be 100% secure even after disinfection or that the removal will be successful.

Please let me know what you have decided to do in your next post. Should you have any questions, please feel free to ask.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 11th July 2013, 8:16 pm

Ok im updating java and running the Junkware scanner. I no longer have the original install cds for the laptop but i believe it has windows system recovery console installed into it that i can access during start up would that work?

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 11th July 2013, 9:46 pm

Heres the report from the JavaRe and Jrt

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Thu Jul 11 14:24:21 2013

Found and removed: C:\Program Files\Java\jre6

Found and removed: C:\Documents and Settings\Harrison\Application Data\Sun\Java\jre1.6.0_13

Found and removed: C:\Documents and Settings\Harrison\Application Data\Sun\Java\jre1.6.0_14

Found and removed: C:\Documents and Settings\Harrison\Application Data\Sun\Java\jre1.6.0_15

Found and removed: C:\Documents and Settings\Harrison\Application Data\Sun\Java\jre1.6.0_17

Found and removed: C:\Documents and Settings\Harrison\Application Data\Sun\Java\jre1.6.0_20

Found and removed: C:\Documents and Settings\Harrison\Application Data\Sun\Java\jre1.6.0_21

Found and removed: C:\Documents and Settings\Harrison\Application Data\Sun\Java\jre1.6.0_26

Found and removed: C:\Documents and Settings\Harrison\Application Data\Sun\Java\jre1.6.0_37

Found and removed: Applications\java.exe

Found and removed: Applications\javaw.exe

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.7 (07.11.2013:1)
OS: Microsoft Windows XP x86
Ran by Harrison on Thu 07/11/2013 at 14:26:59.62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\veohplugin



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Harrison\Application Data\mozilla\firefox\profiles\5olr42mo.default\searchplugins\bing-zugo.xml
Successfully deleted the following from C:\Documents and Settings\Harrison\Application Data\mozilla\firefox\profiles\5olr42mo.default\prefs.js

user_pref("extensions.searchtoolbar@zugo.com.install-event-fired", true);





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/11/2013 at 14:43:09.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Superdave on 11th July 2013, 10:12 pm

If you have the Recovery Console on your computer you can use that to re-install your OS. Don't forget to save your data.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 11th July 2013, 10:19 pm

ok, i've never used it before so is there anything i need to know, like how to save my data?

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Superdave on 11th July 2013, 10:28 pm

When you access the Recovery Console you should be able to choose Re-install. You can save your important data to an external Drive, memory sticks or DVD's. Make sure you scan them before putting them back on your computer.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 11th July 2013, 10:33 pm

will the recovery delete everything from the hard drive? or is saving everything just as a back up incase something goes wrong?

just wanna know all the facts of what im doing and what recovery does.

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Superdave on 11th July 2013, 10:48 pm

Since this is Windows XP I doubt that there is a Recovery Console installed unless you installed it yourself. If you can't find your OS disk you could borrow one to do a re-format and re-install the OS but it must the same OS as the one installed on your computer. Here's how to run the re-install.

To wipe the drive clean, [You must be registered and logged in to see this link.] and reinstall the OS.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 11th July 2013, 10:54 pm

I believe my friend installed the Recovery Console onto it the last time something happened to it because it wasn't on there before, and the computers an old sony vaio ive had for quit a long time now so i don't have any of the cds nore do i know anyone with one. Would it still be ok to just run Recovery Console to fix the laptop? im in the process of transferring all my import files to an external hard drive right now.

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Superdave on 11th July 2013, 11:13 pm

Ok. When you boot into the Recovery Console please let me know what options you have.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 11th July 2013, 11:21 pm

ok, just gotta finish backing up everything and i'll let you know what it says.

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 12th July 2013, 12:56 am

its asking which windows installation i want to log onto?

1: c:\windows is all there is

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Superdave on 12th July 2013, 1:39 am

[You must be registered and logged in to see this link.] wrote:its asking which windows installation i want to log onto?

1: c:\windows is all there is
You'll have to go with that one. Keep me informed.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 12th July 2013, 2:36 am

its just waiting for me to type in a command.

I found this support site that gives me different command prompts [You must be registered and logged in to see this link.]

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 12th July 2013, 3:27 am

have you preformed this process before?

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Superdave on 12th July 2013, 7:24 pm

[You must be registered and logged in to see this link.] wrote:have you preformed this process before?
No, I've never had the opportunity to use it but you won't be able to wipe your harddrive and re-install the OS without the OS disk.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Omnioshi on 12th July 2013, 8:33 pm

where would i go to obtain an OS disk or could frys or best buy's tech support be able to re install it for me?

Omnioshi
Novice
Novice

Posts Posts : 42
Joined Joined : 2009-12-06
Gender Gender : Male
OS OS : sony windows xp laptop
Points Points : 26180
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Hotfixinstaller.exe

Post by Superdave on 13th July 2013, 1:05 am

[You must be registered and logged in to see this link.] wrote:where would i go to obtain an OS disk or could frys or best buy's tech support be able to re install it for me?
Most tech shops have copies of all versions of OS's. They should be willing to re-format and do a re-install for a nominal fee.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum