Barowwsoe2Save

**kidzndogz** · 2014-03-02, 04:18

Never mind. It seemed to work, I think:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-03-2014 01
Ran by NSauter at 2014-03-01 22:15:00 Run:1
Running from C:\Documents and Settings\NSauter\My Documents\Fix
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
SearchScopes: HKLM - DefaultScope {F2641A41-2FF8-4B53-9A53-E9DB04B08CD5} URL =
SearchScopes: HKLM - {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} URL = http://www.zumie.com/?prt=ZumFreez&keywords={searchTerms}
SearchScopes: HKCU - {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} URL =
BHO: deal4ime - {40034C10-13E9-09F9-E216-0D4A63039FF0} - C:\Documents and Settings\All Users\Application Data\deal4ime\M.dll ()
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\searchplugins\MyStart Search.xml
FF Extension: ImageToPng - C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\Extensions\juap@uyutnjirrp.com [2014-02-05]
FF Extension: deal4ime - C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\Extensions\oidn90k@kxd-tiei.co.uk [2014-02-15]
CHR Extension: (deal4ime) - C:\Documents and Settings\NSauter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ajikdlmpdhlojfpcammldldohjobdace [2014-02-13]
CHR HKLM\...\Chrome\Extension: [aobbhmkkplckkcbnbcdbkneemiooegoc] - C:\Documents and Settings\NSauter\Local Settings\Application Data\CRE\aobbhmkkplckkcbnbcdbkneemiooegoc.crx [2013-09-30]
CHR HKCU\...\Chrome\Extension: [aobbhmkkplckkcbnbcdbkneemiooegoc] - C:\Documents and Settings\NSauter\Local Settings\Application Data\CRE\aobbhmkkplckkcbnbcdbkneemiooegoc.crx [2013-09-30]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 ca82e1a5; C:\Program Files\Optimizer Pro\OptProCrashSvc.dll [193176 2013-10-05] ()
S2 CltMngSvc; C:\Program Files\SearchProtect\bin\CltMngSvc.exe [X]
S4 Zumie Search Service; "C:\Program Files\Zumie\zumie.exe"
C:\Program Files\Zumie\zumie.dll
S3 RkHit; \??\C:\WINDOWS\system32\drivers\RKHit.sys [X]
C:\Documents and Settings\NSauter\jagex_runescape_preferences.dat
C:\Documents and Settings\NSauter\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
end

**Juliet** · 2014-03-02, 12:36

This is the fixlist I posted, if it worked properly it should had extended lines saying.....deleted successfully?

**Juliet** · 2014-03-02, 12:58

Running from C:\Documents and Settings\NSauter\My Documents\Fix <-- this might be the problem.

If it didn't run as expected we can try again.
Find the fixlist I had created. See if when you saved it it was named fixlist not fix
If it wasn't......right click on the file and select rename, then you can rename it fixlist

Make sure they are still located together and open FRST, then click run?

If not we can just delete the FRST you have and re-download it again.

If using these 2 browsers below follow these instructions to ensure the tool is located on desktop.

Firefox
you press the orange Firefox button in the top left corner >> Options
Beneath where it shows homepage, click on save files to desktop.

Chrome --
Press the Customize and Control Google button (three horizontal lines in top right corner of screen) >> Settings >> Show Advanced Settings >> Downloads, Download location, click on save to desktop.

**kidzndogz** · 2014-03-02, 14:23

It seemed to have worked now:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-03-2014 01
Ran by NSauter at 2014-03-01 22:15:00 Run:1
Running from C:\Documents and Settings\NSauter\My Documents\Fix
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
SearchScopes: HKLM - DefaultScope {F2641A41-2FF8-4B53-9A53-E9DB04B08CD5} URL =
SearchScopes: HKLM - {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} URL = http://www.zumie.com/?prt=ZumFreez&keywords={searchTerms}
SearchScopes: HKCU - {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} URL =
BHO: deal4ime - {40034C10-13E9-09F9-E216-0D4A63039FF0} - C:\Documents and Settings\All Users\Application Data\deal4ime\M.dll ()
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\searchplugins\MyStart Search.xml
FF Extension: ImageToPng - C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\Extensions\juap@uyutnjirrp.com [2014-02-05]
FF Extension: deal4ime - C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\Extensions\oidn90k@kxd-tiei.co.uk [2014-02-15]
CHR Extension: (deal4ime) - C:\Documents and Settings\NSauter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ajikdlmpdhlojfpcammldldohjobdace [2014-02-13]
CHR HKLM\...\Chrome\Extension: [aobbhmkkplckkcbnbcdbkneemiooegoc] - C:\Documents and Settings\NSauter\Local Settings\Application Data\CRE\aobbhmkkplckkcbnbcdbkneemiooegoc.crx [2013-09-30]
CHR HKCU\...\Chrome\Extension: [aobbhmkkplckkcbnbcdbkneemiooegoc] - C:\Documents and Settings\NSauter\Local Settings\Application Data\CRE\aobbhmkkplckkcbnbcdbkneemiooegoc.crx [2013-09-30]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 ca82e1a5; C:\Program Files\Optimizer Pro\OptProCrashSvc.dll [193176 2013-10-05] ()
S2 CltMngSvc; C:\Program Files\SearchProtect\bin\CltMngSvc.exe [X]
S4 Zumie Search Service; "C:\Program Files\Zumie\zumie.exe"
C:\Program Files\Zumie\zumie.dll
S3 RkHit; \??\C:\WINDOWS\system32\drivers\RKHit.sys [X]
C:\Documents and Settings\NSauter\jagex_runescape_preferences.dat
C:\Documents and Settings\NSauter\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
end

**kidzndogz** · 2014-03-02, 14:26

Oops! sorry I got confused and didn't see your answer above. I now see I just reposted the same thing. Let me follow these new ideas.

**kidzndogz** · 2014-03-02, 14:45

This is what I got this time:

fix completed the "Fix Log.txt" is saved in the same directory FRST is located.

This is what the Fixlog says:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-03-2014 01
Ran by NSauter at 2014-03-02 08:41:42 Run:2
Running from C:\Documents and Settings\NSauter\Desktop\Fixlist
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
SearchScopes: HKLM - DefaultScope {F2641A41-2FF8-4B53-9A53-E9DB04B08CD5} URL =
SearchScopes: HKLM - {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} URL = http://www.zumie.com/?prt=ZumFreez&keywords={searchTerms}
SearchScopes: HKCU - {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} URL =
BHO: deal4ime - {40034C10-13E9-09F9-E216-0D4A63039FF0} - C:\Documents and Settings\All Users\Application Data\deal4ime\M.dll ()
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\searchplugins\MyStart Search.xml
FF Extension: ImageToPng - C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\Extensions\juap@uyutnjirrp.com [2014-02-05]
FF Extension: deal4ime - C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\Extensions\oidn90k@kxd-tiei.co.uk [2014-02-15]
CHR Extension: (deal4ime) - C:\Documents and Settings\NSauter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ajikdlmpdhlojfpcammldldohjobdace [2014-02-13]
CHR HKLM\...\Chrome\Extension: [aobbhmkkplckkcbnbcdbkneemiooegoc] - C:\Documents and Settings\NSauter\Local Settings\Application Data\CRE\aobbhmkkplckkcbnbcdbkneemiooegoc.crx [2013-09-30]
CHR HKCU\...\Chrome\Extension: [aobbhmkkplckkcbnbcdbkneemiooegoc] - C:\Documents and Settings\NSauter\Local Settings\Application Data\CRE\aobbhmkkplckkcbnbcdbkneemiooegoc.crx [2013-09-30]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 ca82e1a5; C:\Program Files\Optimizer Pro\OptProCrashSvc.dll [193176 2013-10-05] ()
S2 CltMngSvc; C:\Program Files\SearchProtect\bin\CltMngSvc.exe [X]
S4 Zumie Search Service; "C:\Program Files\Zumie\zumie.exe"
C:\Program Files\Zumie\zumie.dll
S3 RkHit; \??\C:\WINDOWS\system32\drivers\RKHit.sys [X]
C:\Documents and Settings\NSauter\jagex_runescape_preferences.dat
C:\Documents and Settings\NSauter\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
end
*****************

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Unable to delete value
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} => Key not found.
HKCR\Wow6432Node\CLSID\{94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} => Key not found.
HKCR\Wow6432Node\CLSID\{94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40034C10-13E9-09F9-E216-0D4A63039FF0} => Key not found.
HKCR\CLSID\{40034C10-13E9-09F9-E216-0D4A63039FF0} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Unable to delete value
HKCR\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Key not found.
"C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\searchplugins\MyStart Search.xml" => not found.
C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\Extensions\juap@uyutnjirrp.com => not found.
C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\Extensions\oidn90k@kxd-tiei.co.uk => not found.
C:\Documents and Settings\NSauter\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ajikdlmpdhlojfpcammldldohjobdace directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\aobbhmkkplckkcbnbcdbkneemiooegoc => Key not found.
"C:\Documents and Settings\NSauter\Local Settings\Application Data\CRE\aobbhmkkplckkcbnbcdbkneemiooegoc.crx" => File/Directory not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\aobbhmkkplckkcbnbcdbkneemiooegoc => Key not found.
"C:\Documents and Settings\NSauter\Local Settings\Application Data\CRE\aobbhmkkplckkcbnbcdbkneemiooegoc.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key not found.
ca82e1a5 => Service not found.
CltMngSvc => Service not found.
Zumie Search Service => Service not found.
"C:\Program Files\Zumie\zumie.dll" => File/Directory not found.
RkHit => Service not found.
"C:\Documents and Settings\NSauter\jagex_runescape_preferences.dat" => File/Directory not found.
"C:\Documents and Settings\NSauter\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe" => File/Directory not found.

==== End of Fixlog ====

**kidzndogz** · 2014-03-02, 15:18

from ADWCleaner.exe:

# AdwCleaner v3.020 - Report created 02/03/2014 at 08:56:57
# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : NSauter - MOM
# Running from : C:\Documents and Settings\NSauter\My Documents\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : ca82e1a5
[#] Service Deleted : CltMngSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\All Users\Application Data\GamesBar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\GamesBar
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\GamesBar
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Documents and Settings\NSauter\Local Settings\Application Data\WordLayers
Folder Deleted : C:\Documents and Settings\NSauter\Application Data\Viewpoint
[!] Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aobbhmkkplckkcbnbcdbkneemiooegoc
[!] Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aobbhmkkplckkcbnbcdbkneemiooegoc
File Deleted : C:\WINDOWS\Downloaded Program Files\popcaploader.inf
File Deleted : C:\Documents and Settings\NSauter\Application Data\Mozilla\Firefox\Profiles\ud9hh5ku.default-1381060490796\user.js
File Deleted : C:\Documents and Settings\NSauter\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal

***** [ Shortcuts ] *****

**kidzndogz** · 2014-03-02, 16:26

JRT Log:

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by NSauter on Sun 03/02/2014 at 9:25:09.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}

~~~ Files

Successfully deleted: [File] "C:\Documents and Settings\NSauter\appdata\locallow\SkwConfig.bin"

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\NSauter\Application Data\getrighttogo"
Successfully deleted: [Folder] "C:\Documents and Settings\NSauter\Local Settings\Application Data\cre"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/02/2014 at 9:31:20.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

**kidzndogz** · 2014-03-02, 16:27

Do you think we did it? Are we done?

**Juliet** · 2014-03-02, 17:05

Looks better, and the fix did work this time.

Whats going on with the computer at the moment?

Thread: Barowwsoe2Save

Thread Tools

Display

Tags for this Thread

Posting Permissions