Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow computer & Poss IE9 problem


  • Please log in to reply

#16
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Post when ready, and safe travels.
  • 0

Advertisements


#17
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Jintan,

Sorry for the delay, was home for only 1 1/2 days and had to go again.

Below is the log file from Combofix:

ComboFix 12-07-24.01 - user 07/23/2012 22:29:28.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3832.2399 [GMT -4:00]
Running from: c:\users\user\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Anna\Documents\~WRL1720.tmp
E:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-24 to 2012-07-24 )))))))))))))))))))))))))))))))
.
.
2012-07-24 02:34 . 2012-07-24 02:34 -------- d-----w- c:\users\Mom\AppData\Local\temp
2012-07-24 02:34 . 2012-07-24 02:34 -------- d-----w- c:\users\Dick and Betty\AppData\Local\temp
2012-07-24 02:34 . 2012-07-24 02:34 -------- d-----w- c:\users\Bunting\AppData\Local\temp
2012-07-16 01:13 . 2012-07-16 01:13 -------- d-----w- c:\program files (x86)\Oracle
2012-07-16 01:13 . 2012-07-06 02:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-16 01:13 . 2012-07-16 01:13 -------- d-----w- c:\program files (x86)\Java
2012-07-12 01:47 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-09 16:11 . 2012-07-09 16:11 -------- d-----w- c:\users\Anna\AppData\Roaming\Avira
2012-07-08 15:14 . 2012-07-08 15:14 -------- d-----w- c:\users\Andrew\AppData\Roaming\Avira
2012-07-07 19:39 . 2012-07-07 19:39 -------- d-----w- c:\users\user\AppData\Roaming\Avira
2012-07-07 19:34 . 2012-05-02 19:24 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-07-07 19:34 . 2012-04-27 14:20 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-07-07 19:34 . 2012-04-25 04:32 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-07-07 19:34 . 2012-07-07 19:34 -------- d-----w- c:\programdata\Avira
2012-07-07 19:34 . 2012-07-07 19:34 -------- d-----w- c:\program files (x86)\Avira
2012-07-06 22:45 . 2012-06-18 07:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EBDA1A63-C94E-4FF4-A1E7-57FB788CB6C3}\mpengine.dll
2012-07-06 02:52 . 2012-07-06 02:52 -------- d-----w- c:\users\Bunting\AppData\Local\Macromedia
2012-07-02 20:04 . 2012-07-02 20:04 -------- d-----w- c:\users\Dick and Betty\AppData\Local\Macromedia
2012-07-02 20:02 . 2012-07-02 20:02 -------- d-----w- c:\users\Dick and Betty\AppData\Local\Mozilla
2012-06-25 17:25 . 2012-06-25 17:25 -------- d-----w- c:\users\Anna\AppData\Local\Macromedia
2012-06-25 16:42 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-25 16:42 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-25 16:42 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-25 16:42 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-25 16:42 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-25 16:42 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-25 16:42 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-25 16:42 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-25 16:42 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 01:44 . 2011-02-12 22:47 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-11 22:28 . 2012-04-17 00:29 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-11 22:28 . 2011-05-13 02:17 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-06 02:06 . 2011-02-21 17:54 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-06 03:47 . 2012-06-06 03:47 53248 ----a-r- c:\users\Andrew\AppData\Roaming\Microsoft\Installer\{F42F3704-4CA7-4D28-9F5B-FDBF2E589EB2}\ARPPRODUCTICON.exe
2012-05-04 11:06 . 2012-06-13 00:41 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 00:41 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 00:41 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 00:41 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 00:41 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 00:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 00:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 00:41 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-11 98304]
"Name of App"="e:\updates\FWManager.exe" [2010-08-04 692317]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-02 348624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
R3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;c:\windows\system32\drivers\libusb0.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
R3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-13 1255736]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [2009-07-14 226616]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-05-24 55952]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-05-02 27760]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-01-18 226448]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-01-18 54864]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-10 202752]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-02 86224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-10 6368256]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-10 188416]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-01-18 154256]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-01-18 173840]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 18:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 22:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8icaa8ni.default\
FF - prefs.js: browser.search.selectedEngine - Bing
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
.
**************************************************************************
.
Completion time: 2012-07-23 22:42:05 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-24 02:42
.
Pre-Run: 44,322,299,904 bytes free
Post-Run: 45,832,540,160 bytes free
.
- - End Of File - - F0E1270445683C847081421433D77BB9
  • 0

#18
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
I'll admit it's tough with these gaps, as I have to review the entire thread to come up to speed. Do these changes for now, but there needs to be a time where you can stay the course here so we can wrap this up.


Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after each:

sc delete MSICDSetup

Then type exit and press Enter to close the command window. That driver is loading from a non-existent D drive, so is apparently some install remnant.

----------

Go to Start - Control Panel - Programs - Programs and Features/Uninstall, then click on each of the following programs, if they show there, and click "Uninstall/Change".

Mozilla Maintenance Service

That's a terribly problematic crash dump program that is of no benefit to users, causes all sorts of problems, and Mozilla seems dead set to keep trying different versions of it still.

Reboot, check for change please.
  • 0

#19
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Seems to boot faster. No major change, but it does seem slightly "quicker".
  • 0

#20
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
So let's get up to date here. What issues are you still experiencing we still need to address please?
  • 0

#21
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
As originally posted, there were issues with IE9, that are now resolved after rolling back. Will IE9 re-appear after the next update?

The firefox issue has gone away, after I upgraded to ver 14.0.1

Everything else feels ok.

I think things are good now.

But, I still don't have a firewall running, other than Windows firewall. Is that good enough, or should I have something else? I just don't trust a lot of MS products.

I apologize for the delays, but they couldn't be helped.

If you believe there is no malware lingering, then I am happy.

Thanks,

Tom
  • 0

#22
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts

Will IE9 re-appear after the next update?


Yes, it may try again to sneak in as an update for Windows. Got to Control Panel - Classic View - Windows Update, check for updates, click for the Important ones, then if IE9 shows there, uncheck it, right click it, and Hide Update it.

Then just a few changes to finish up our work here.

The logs show you have slightly outdated versions of Java, so go here and update that.

http://java.com/en/download/manual.jsp
(For Java 7 Update 5 - trying to slip Ask adware/spyware or Google Chrome or McAfee to systems lately, so watch and uncheck it)

Once you have done that, be sure to go to Programs and Features and uninstall any older, more vulnerable Java versions.

-----------

Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after each:

cd "%userprofile%\desktop"

combofix /uninstall


ComboFix should uninstall itself at this time.

------

Eset, if you don't plan to use it again, uninstalls through the Control Panel - Programs and Features.


You can also at this time delete the files/folders of the tools we used. To assist with some of that run OTL again. This will help by automatically removing some of the tools we used.

Just click CleanUp, and select Yes. When it finishes removing some of the tools and files we used there just agree to the reboot.

In addition, I like to recommend reviewing the information below to make sure you stay malware free.


http://www.geekstogo...he-first-place/

http://www.geekstogo...safe-computing/
  • 0

#23
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
All installed/uninstalled and cleaned up nicely.

Thank you for your assistance. I am glad it is done, since I leave again tomorrow for another week. I always seem to get all of my travel during the summer.

You have been a great help.

Thanks again,

Tom
  • 0

#24
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Glad to have helped my friend. :thumbsup:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP