Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

SLOW/GUNKY PC [Solved]


  • This topic is locked This topic is locked

#16
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
there were 2 created and didn't think it was that obvious LOL
let me know your thoughts on the plan. thanks

# AdwCleaner v2.000 - Logfile created 09/04/2012 at 15:10:39
# Updated 30/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Shirley - DFJVRC91
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Shirley\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\oq1ux0z6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\oq1ux0z6.default\searchplugins\SweetIm.xml
File Deleted : C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Shirley\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\oq1ux0z6.default\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\oq1ux0z6.default\SweetIMToolbarData
Folder Deleted : C:\Documents and Settings\Shirley\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Shirley\Local Settings\Application Data\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Yontoo

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - SearchMigratedDefaultName] = My Web Search --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - SearchMigratedDefaultURL] = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZRxdm473YYUS&fl=0&ptb=rbi7UL9JebMb85ae8WObaQ&url=hxxp://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxps://isearch.avg.com/tab?cid={24150379-7E94-48C1-9BAD-59E0D7D3D389}&mid=0649f7d420e447d08b339d29986cadac-ced63b82405cc927fb4f5843bcf173b1c8d4cf58&lang=en&ds=is015&pr=sa&d=2012-08-25 12:55:23&v=12.2.5.32&sap=nt --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\oq1ux0z6.default\prefs.js

C:\Documents and Settings\Shirley\Application Data\Mozilla\Firefox\Profiles\oq1ux0z6.default\user.js ... Deleted !

Deleted : user_pref("aol_toolbar.buttons.layout", "web_mail_btn;aim_send_IM_btn;aim_this_page_btn;aim_go_away_[...]
Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
Deleted : user_pref("aol_toolbar.install.lastName", "AIM Toolbar");
Deleted : user_pref("aol_toolbar.install.lastVersion", "5.1.1.0");
Deleted : user_pref("aol_toolbar.metrics.activestampdate", "26");
Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "0");
Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2009");
Deleted : user_pref("aol_toolbar.metrics.originalDate", "17");
Deleted : user_pref("aol_toolbar.metrics.originalHours", "17");
Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "16");
Deleted : user_pref("aol_toolbar.metrics.originalMonth", "6");
Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "44");
Deleted : user_pref("aol_toolbar.metrics.originalYear", "2008");
Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
Deleted : user_pref("aol_toolbar.search.searchtype", "web");
Deleted : user_pref("aol_toolbar.searchHook.keepSearchSettings", false);
Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "AIM Search");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.aol.com/aolcom/search[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "AIM Search");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "www.yahoo.com");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.aol.com/aolcom/search?invocationTyp[...]
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{BA63A3EE-A871-4550-A566-B3C4A3069926}");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
Deleted : user_pref("sweetim.toolbar.version", "1.0.0.6");

Profile name : default
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3n3mm88s.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Shirley\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : urls_to_restore_on_startup ={"backup":{"_signature":"47M/WeRx2W9rAa6YxK5PrmQdntDJM0c4ERvStnkpOJQ=","_version":4,"browser":{"show_home_button":true},"extensions":{"ids":["ahfgeienlihckogmohjhadlkjgocpleb"]},"homepage":"hxxp://www.google.com","homepage_is_newtabpage":false,"session":{"restore_on_startup":4,["hxxp://www.google.com"]}},"browser":{"check_default_browser":false,"last_known_google_url":"hxxp://www.google.com/","last_prompted_google_url":"hxxp://www.google.com/","show_home_button":true,"window_placement":{"bottom":728,"left":10,"maximized":true,"right":1014,"top":10,"work_area_bottom":738,"work_area_left":0,"work_area_right":1024,"work_area_top":0}},"countryid_at_install":21843,"default_apps_install_state":2,"distribution":{"alternate_shortcut_text":false,"chrome_shortcut_icon_index":0,"create_all_shortcuts":true,"do_not_launch_chrome":true,"import_history":false,"import_home_page":false,"import_search_engine":false,"make_chrome_default_for_user":true,"oem_bubble":true,"show_welcome_page":true,"skip_first_run_ui":true,"verbose_logging":false},"dns_prefetching":{"host_referral_list":[2,["hxxp://fls.doubleclick.net/",["hxxp://googleads.g.doubleclick.net/",2.27338020,"hxxp://media.fastclick.net/",2.27338020,"hxxp://www.googleadservices.com/",2.27338020]],["hxxp://www.facebook.com/",["hxxp://static.ak.fbcdn.net/",2.60370040]],["hxxp://www.google.com/",["hxxp://id.google.com/",0.1379922749069377,"hxxp://lh6.googleusercontent.com/",0.990284415120,"hxxp://news.google.com/",0.1831631781741623,"hxxp://ssl.gstatic.com/",0.2633470467162817,"hxxp://t2.gstatic.com/",0.1204857922694903,"hxxp://t3.gstatic.com/",0.4082607505094903,"hxxp://www.google.com/",4.284769646142882]],["hxxp://www.mozilla.org/",["hxxp://statse.webtrendslive.com/",4.813601801329999,"hxxp://www.mozilla.org/",29.64521473460399]],["hxxp://www.skype.com/",["hxxp://connect.facebook.net/",2.27338020,"hxxp://fls.doubleclick.net/",3.264340799999999,"hxxp://ib.adnxs.com/",2.60370040,"hxxp://metrics.skype.com/",2.60370040,"hxxp://static.ak.facebook.com/",2.60370040,"hxxp://survey.122.2o7.net/",2.93402060,"hxxp://www.facebook.com/",2.60370040,"hxxp://www.google-analytics.com/",2.93402060,"hxxp://www.skypeassets.com/",23.74419319999999,"hxxps://s-static.ak.facebook.com/",2.60370040]],["hxxp://www.skypeassets.com/",["hxxp://track.api.skype.com/",2.27338020]],["hxxp://www.superantispyware.com/",["hxxp://events.webflowmetrics.com/",2.145776599045350,"hxxp://www.google-analytics.com/",2.457556104889546,"hxxp://www.superantispyware.com/",4.016453634110526]]],"startup_list":[1,"hxxp://download.cdn.mozilla.net/","hxxp://download.mozilla.org/","hxxp://lh6.googleusercontent.com/","hxxp://news.google.com/","hxxp://ssl.gstatic.com/","hxxp://statse.webtrendslive.com/","hxxp://t3.gstatic.com/","hxxp://www.google.com/","hxxp://www.mozilla.org/","hxxp://www.skype.com/"]},"download":{"directory_upgrade":true,"extensions_to_open":""},"extensions":{"autoupdate":{"last_check":"12990224479815375","next_check":"12990241076036375"},"blacklistupdate":{"lastpingday":"12990178801148375","version":"0.0.0.120"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"settings":{"aandpgohbohmlknpjbblpmoladhoochg":{"blacklist":true},"abciiempgohamehppammbkhkicmkgkob":{"blacklist":true},"acmpfcamncegnhjdeiodgilikjafcamg":{"blacklist":true},"aebfkgcamgnimcbnbiopgdakknjgggnm":{"blacklist":true},"aemcjbfajnnmhblifaejadoecfoaebld":{"blacklist":true},"afenhmponmfmdmbmccbmglppcmjhmhmh":{"blacklist":true},"aglmapjbjphdidmnileogpjkgpdoliep":{"blacklist":true},"agmhonoepgcnakccfpidhjehlocaeaaj":{"blacklist":true},"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["appNotifications","management","webstorePrivate"]},"app_launcher_ordinal":"n","page_ordinal":"n"},"ahjfgnikolodijnpakeknpilnemojlhc":{"blacklist":true},"aieglpnmmhleoenpbmfaffppfomgjmba":{"blacklist":true},"aifmjmboebdkdelpjenakhaodgneempp":{"blacklist":true},"alcbnnpmipohgdllkkglhkbncijplago":{"blacklist":true},"aldalonecchncedclgcndcndgilaclnk":{"blacklist":true},"aljdncnajablgppdcfbehhmidlmbndda":{"blacklist":true},"amfgdngndpfldigimkcindjalokfnmem":{"blacklist":true},"apdmgffkfhjfeejmbjidennfjdkmmmbl":{"blacklist":true},"aphncaagnlabkeipnbbicmcahnamibgb":{"blacklist":true},"bcddmcejgphfgofbpoocakaeapfomlek":{"blacklist":true},"benclngoadbppljglhphhnfknoppmjoa":{"blacklist":true},"bhdkpmneahdelgdgfhddianklldfoell":{"blacklist":true},"bilgncckogfgfipdlejkffnbkgjkmflh":{"blacklist":true},"bjihddggcgnblgojnmhpnngonofbnkaj":{"blacklist":true},"bkhafliomebnpccanacmlfaemgfiofko":{"blacklist":true},"bkkchglolnigbfncnbnnbhhempjkdpkf":{"blacklist":true},"bkplhcigeaiiliajeehehiikokgocbhb":{"blacklist":true},"bldgnkigdcpgnbfehgbameigoohecdfl":{"blacklist":true},"bndahdijlcnncjbpammoedeapmlobllc":{"blacklist":true},"boaoagnmpennjoigkkmnjhecapibhfko":{"blacklist":true},"boclfockfmgcppbajihcgajhpggaakgl":{"blacklist":true},"bokkificjhapflinbdejegngffgkcgfe":{"blacklist":true},"caphkimknlmnhpjoneddiaakmcaajagb":{"blacklist":true},"cbbbpmlnlpnjojeplppgeilanlihoojg":{"blacklist":true},"cbbjhegipokkofhhicbckicchjpcpeni":{"blacklist":true},"cekdjgnecpoooikhmceokdhojckkkhmh":{"blacklist":true},"cepfogmgfkddnllaopgknbdfkceejmhk":{"blacklist":true},"cfbdodejdeejbkffcmiaknpmojjeibpn":{"blacklist":true},"cgnkbnaiipmfbakpmhllalggoepniemh":{"blacklist":true},"cihlkpohodpdkdnfalhdkhhlhmhffmbe":{"blacklist":true},"cjhklhdjonhcohlacgggcbklpnldleck":{"blacklist":true},"cjohbbapkbkkhpohinffggbphnhoblea":{"blacklist":true},"ckckpgefkpjfopjppjfcikppehdhceah":{"blacklist":true},"clapnamcglekekmamicmbahkghdcjaeh":{"blacklist":true},"cmjphjljejnfgdbkdgdlclaabimpknna":{"blacklist":true},"cmlokmkdolieoaoddlfhaidnlmiadhik":{"blacklist":true},"coajchbkdbfhmhbgcjepiofllfjjcpfp":{"blacklist":true},"cpiiakoibaohkfoaijaigdnocfolnmll":{"blacklist":true},"dadcalgappognjbjpalfophhcfakoeac":{"blacklist":true},"danapgfidmepmcfbjjacceiaiiioieio":{"blacklist":true},"dbiblcmlcgdjjbdpbmbcpineegngkiip":{"blacklist":true},"dbmdicehacbaohlockjgdglcobimmjkh":{"blacklist":true},"dejippphmhbpgckbhdidnjmdcpfccbaj":{"blacklist":true},"dfafokiagoiocidlpglcanjkcdbdnioi":{"blacklist":true},"dfoegfajplmijblljfancdapbdaopebb":{"blacklist":true},"dgaehaeahdegbdlenicbmkbakhdgoeml":{"blacklist":true},"dgcfmgdfbfbgcpbendbhbkfjppboebed":{"blacklist":true},"dgkemngdheppgohkjjelnkjmdeimmfml":{"blacklist":true},"diinokaoicgobepmadnmedlhdfnpehcj":{"blacklist":true},"dinhjcapnfbffhiihdlnbdfjdjjfhcbk":{"blacklist":true},"djnahdkbfgnhgpakidinfonfcjbagkgp":{"blacklist":true},"dlobhinihbmedmheccecfnkcadpehmbf":{"blacklist":true},"dmhjdbigobajgnfoabodjgmcdgoeoljm":{"blacklist":true},"dmkdhgkknhnfpdjeicefnpmhcpbimden":{"blacklist":true},"dnemhlkdpajbbniphgkgceplmnkfnhfo":{"blacklist":true},"doneghboglgnflpdicnkaojmmljgejkj":{"blacklist":true},"dpgenihgggagjjggfocjceeobjkadcbc":{"blacklist":true},"dpmloehicimdjkibmobhmpgdndgbcced":{"blacklist":true},"ebdcdchjcndpjhehacedepnggfdbfkpn":{"blacklist":true},"echngajnlpjeacbanjejlhcajjfoedcc":{"blacklist":true},"edmnikahahfkfilbbjbdoiabnghbkmjc":{"blacklist":true},"efhjelcghjkfigiagdfbfilndaffpmdj":{"blacklist":true},"efnaljpgehfilpmkhobibbjceeeondmn":{"blacklist":true},"egljdhfnbjahogjahnigfnbpidlmdagi":{"blacklist":true},"ehgoiaffgjoinpkllmmnikghgpghnabc":{"blacklist":true},"ehomcoocpagnlcakcbecdaknmacmedld":{"blacklist":true},"eihjeehdobnpkonebmpanonopghepfle":{"blacklist":true},"ejijgghlncnaphklndknkbkclebfboca":{"blacklist":true},"ejlekamipdcfcfpgfepjmklllbpeecaj":{"blacklist":true},"elcaigjcaijbfpjngaekbblphmfjdhfo":{"blacklist":true},"eofejpelggimkodeojpeojnbijgiglgh":{"blacklist":true},"eopmhecjnginkckggjmhombbopmkjpam":{"blacklist":true},"epbmnbdplhcomkedpjfceakddnbgfjmf":{"blacklist":true},"fafoohpbicgbcejffcplajonhhooddle":{"blacklist":true},"fbhiehmngojjcmljddjmgpmcockbccmo":{"blacklist":true},"fcfepemfihgibdacjlnlecebknaaepmj":{"blacklist":true},"ffgfbfakpcnngelphjnppokmoicdollk":{"blacklist":true},"fhlkffpjoajppmhcakbkjndbjfljccpi":{"blacklist":true},"fiapkdjniadkodmdibdnchoifkpfoiid":{"blacklist":true},"fibgploapkhokkbncddlkcmbmiengcfp":{"blacklist":true},"fihepkmlkmciffbhijldnpmifhbkiinp":{"blacklist":true},"fjjeecfjmgfnleghoellhldedkaocjfc":{"blacklist":true},"fleljamdchegbjeiipbnmiebnhgheeld":{"blacklist":true},"flmmgcfcpbfddenepkfmgfpbaceolcoe":{"blacklist":true},"fmcccidacjgnfiafddkngmeolkoiihil":{"blacklist":true},"fmonlemffgbabjifjfaoamdflijecdbk":{"blacklist":true},"fngolbdmkneakeaoiieafkilnogbocda":{"blacklist":true},"fnhcgnmfccojojojacgeiaaeacefdohb":{"blacklist":true},"fnkaadkanmfgpfbmdcllhjdgmdbgljpi":{"blacklist":true},"fnnmbghphdnmmjdapccfobgjemjadeli":{"blacklist":true},"fnoadkjdjfgafomgmablhmffooijcfbn":{"blacklist":true},"fpbippbofbmgmbojjmgfcifpmdaelcmd":{"blacklist":true},"fpmajanjndhgpifbcbnklbiehgnpkgmf":{"blacklist":true},"fpoajjnnpmledpmohlgpgbmlhbgkgahg":{"blacklist":true},"gaicmfjflflabagobdiodejfpjikheeo":{"blacklist":true},"gandihaiobadcggbfkhpbkocmiemjlnf":{"blacklist":true},"gbenikfjhilhpgagllmfgggdjaflbmbi":{"blacklist":true},"gdggdkkjecogagaffaemnbfmllcoihjp":{"blacklist":true},"gekkhpjigmckhgmgngadbeknekgpgolb":{"blacklist":true},"ghgphbmpcfgkfneodjpbdanmdoemklio":{"blacklist":true},"ghmaokcegalalefnhlfcnjhnpdbanjkj":{"blacklist":true},"gifglngcdbggmlgkcombebegdaoknkho":{"blacklist":true},"gjkbghdignnlcknknflbigpammebiolo":{"blacklist":true},"gkjeccpmibljcfpfapfljciimedljpnm":{"blacklist":true},"gkjmgdpdndoaiholejnmdbbpdaafahmm":{"blacklist":true},"gmghjgfdialcnhadahmjefeflgnhcjeb":{"blacklist":true},"gnapdhmknipknfmhhnhdmhakdfhgeing":{"blacklist":true},"gncfgndgeoddelbfhlndhljnecoednaa":{"blacklist":true},"gngmkbiihflpghldjnbpemaicedhdddk":{"blacklist":true},"gobjcjhhebpjbmjdgmejhebbleadnceo":{"blacklist":true},"gplgjmecjpbfcdikpbicknafcnfcidek":{"blacklist":true},"hbaajkahagmlkdekmbdabikbopdgpaac":{"blacklist":true},"hbdhabpmbbanaopgkbaondabkkepjfaf":{"blacklist":true},"hbmlheccjkodhfejcmblndjodllmnlnl":{"blacklist":true},"hcapokajkngndbglnfglpfdpoeidmpha":{"blacklist":true},"hcpndbchnlgojmnijaldkicigmihmdca":{"blacklist":true},"hdijkiondgomjpehfhopomicjbiodmcm":{"blacklist":true},"hdnbmmfjbblajkjkcaeofolgfnljpnim":{"blacklist":true},"hecijapnccjhonbmacmkmffooodfokoo":{"blacklist":true},"hefmoncdemhjembgbnkgglhlookbipdc":{"blacklist":true},"hfpfbhnmbbigpmoodjemilggabklpopj":{"blacklist":true},"hgbaomphocgmdpmiohjclchaaljpaelp":{"blacklist":true},"hgboiaecclcbjphldpbgfgggcbihmnai":{"blacklist":true},"hgjgaeknhmidehalnmokomhpfhbfmpcm":{"blacklist":true},"hhfffemhgkginfafaoapljdllodppana":{"blacklist":true},"hhfiljkpjapjjphcocclhhaldpfkkjbi":{"blacklist":true},"hhjmkijkgojfifipdgmiemghfikbohcm":{"blacklist":true},"hhlgbfcfbkhlmajakkcjippgpcmejkko":{"blacklist":true},"hilncbjbdpnfepdidfchmdclhpnlegpj":{"blacklist":true},"hjkhligcnpfjhjlapmejaiaiigibofif":{"blacklist":true},"hkbgccpdcpbdckohbknjlamamelcnlki":{"blacklist":true},"hkjcejgfmaanpncnpoidgbhoikcaeepd":{"blacklist":true},"hkjfdgjkgpbbdmadbglcgljjjddkcdha":{"blacklist":true},"hmmoglffhpmacaacfbbmbbkcbdkjphnc":{"blacklist":true},"hnbcdmfeoldeppcbnnjmjkdofohaljbn":{"blacklist":true},"hncomkjbbkchfjelocejkbbflmjhlhfp":{"blacklist":true},"hnipgljcblpgnnojcfldehpeknhakbgj":{"blacklist":true},"hnkcpoijaeegompjgbjjhkdmljldaccg":{"blacklist":true},"hnnebfeppcbhhbhiifeaajgcjnkljlld":{"blacklist":true},"hnonhhpgjnjcjfbkjdpfbkfpaodcmncb":{"blacklist":true},"hpcdoodjfcmpcpkeendjnjkeinimhkih":{"blacklist":true},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true},"iablioliielnhdianpbiijaoncbmfend":{"blacklist":true},"iccblehkchfmjgfafjcpjlkjcponhdhl":{"blacklist":true},"icihfeaofpcfehanhbnjigdlpfahjlee":{"blacklist":true},"iemfpgbdjfoihicbocpbjppipdbfimeh":{"blacklist":true},"ifbkndkaolfbjjhnnhfmkbkoclpdkpli":{"blacklist":true},"ifeijfpkjckedpclgncedmgdiaoeahmk":{"blacklist":true},"igaajdmlejbjcbmpmnigopikfdaccdcm":{"blacklist":true},"igbaoknfddliiaoimhehfbkfekpmmfll":{"blacklist":true},"igghanohiioehififjoalfkdoicafjof":{"blacklist":true},"ihnembcpodnfgkafmiojebccomjekopm":{"blacklist":true},"iiiinekimabooeihccihfopoadcaaphn":{"blacklist":true},"ijecjbcgpblkacpijljpaienknanaloa":{"blacklist":true},"ijenlpgidnapbndonoinbkhekgjonojg":{"blacklist":true},"ilhjicgcglhjigdehkcehjdokmkahbjl":{"blacklist":true},"imfbomjbodpfgfhfahlgkkcllmhbelhk":{"blacklist":true},"imkffpjpdngdkpgadcmnlkhhmhdocijn":{"blacklist":true},"iobnpmeeecphddicmhhmdjbnlbdhjlne":{"blacklist":true},"iomejadoamfilglofmeaffghddcgapmf":{"blacklist":true},"jaejgaoiipdjjlbnapngknalafalbkej":{"blacklist":true},"janhdpmhnighonkkbkdpnljcoenpfkbh":{"blacklist":true},"jbmbiepnidbnhbbfdbgioomdkgnbcacj":{"blacklist":true},"jbnafcjbcfgejacaanogofkkehcomamp":{"blacklist":true},"jcmipejepoimfflnoapdmkdephgjinck":{"blacklist":true},"jfalnphfjdoalcdhlnhdpekbmmopkgkj":{"blacklist":true},"jfjagidcpadkoaonbogmbgfimmnefeie":{"blacklist":true},"jgdkappiifgomhgikcjbanhnmlekpeje":{"blacklist":true},"jgmpapdckakiohhebmeoemejibommimi":{"blacklist":true},"jhhabiomopkibeecgngiggmopkeofacl":{"blacklist":true},"jindbcpkhnnnjgcjgmkjedbibibiojjf":{"blacklist":true},"jjnkfllhcgkgnfbekpnmoikpfihpjfli":{"blacklist":true},"jkihmglffmfjedfbpbpdbbimcodjbmdh":{"blacklist":true},"jkmhalpofmlfeglboejbchpoijnkmcgh":{"blacklist":true},"jmbkhogpjgjpfjhpdikloblkbkljkgao":{"blacklist":true},"jmeanodbelbflfmnkfdjgpikmldgjjko":{"blacklist":true},"jmifipgdcllamghkhdplfjffkciekbgo":{"blacklist":true},"jpehgolpfgnknboibogccapmdcadjkbd":{"blacklist":true},"jpeijjbllejgmokmahkeommcodahoobm":{"blacklist":true},"jpgidahfcgiajlcbleeiaibpmmblcmnb":{"blacklist":true},"jpkdlckejfjidmplieobnhijmoiecbhl":{"blacklist":true},"kbipembkfhbdmkkkfbigmohilmknjnof":{"blacklist":true},"kcanfkmhccbaheheaackijegkclkaeic":{"blacklist":true},"kcfnnanmpghdnoompcfclakpacapnfbn":{"blacklist":true},"kcgplbmkmfcpngilmhjmebdgkkpbdemp":{"blacklist":true},"kdchmeaiapjkejkcbeclgjklemecieeg":{"blacklist":true},"kelcbonmemlciepjdmfcifnhloeammhj":{"blacklist":true},"kelljdoinjlkmkncffgadbebgpmlcang":{"blacklist":true},"kffhenjbibjnbnjhlkcdlmpeccpaohio":{"blacklist":true},"kgbkdabomfdpfoibliicpmibceaoohgh":{"blacklist":true},"kgdhnhadbnpeibkghaebmhmngobdafag":{"blacklist":true},"kgdkcodealpfjolmiagcogfbgmaamegh":{"blacklist":true},"kgdmldjagfciieddcnlhampgkajkpanc":{"blacklist":true},"kibgmcdcfmcglajcfbecilngejnfppjp":{"blacklist":true},"kiipngoehgkgkackngaidmhmnchfbmio":{"blacklist":true},"kinhljbhjmcmoddhdoodekeklmjapjff":{"blacklist":true},"kkhomejdleoonmbdhcigkhkjcghngncf":{"blacklist":true},"kleaapgdkahaekcocmkbgfainbhihccj":{"blacklist":true},"kmlebjoghkhpapfhbdikannggmmffnco":{"blacklist":true},"kolbbghckjilleabphhgeggcgpfidofi":{"blacklist":true},"lambangeielkjcnmioccboaphdfcffib":{"blacklist":true},"lbaddolhebpnhdcdkicpcflhnfamcemn":{"blacklist":true},"lbficnmfealeidppcbgdcbemgfjodbkg":{"blacklist":true},"lceaiepehinnomgijphkmjccbigkljkj":{"blacklist":true},"lcfkojlnjnedeoepfemhdgkhiabkeadc":{"blacklist":true},"ldgfapfmnplpaohbbadnecegcpfkfall":{"blacklist":true},"lgalokbapphhklmilicdefmgbjkcmldf":{"blacklist":true},"lgcnahanhlfpceencjmlehpfklokhojk":{"blacklist":true},"likifpgnijjfbdegfepoalpamlgnfofi":{"blacklist":true},"liomofjeffddiiccaolcnllbhnipbkhe":{"blacklist":true},"ljcicfibknpmlcmcecddjlbgkejehhpa":{"blacklist":true},"ljeihpebkahejeacdalhkhmckmggppif":{"blacklist":true},"lkdimamelhbiijkiljlnedmhnnkkmlbl":{"blacklist":true},"lkfdchejjogilmloogbbjlnlpbhgjfab":{"blacklist":true},"lkhcbijhgfchgdmklonlobkfbcadbokg":{"blacklist":true},"lljnngafekbnkpdfophmcdlbfebcbcld":{"blacklist":true},"lnahlgmhpghkhmafjppdidhcoaomipfg":{"blacklist":true},"lnbeebaenahmkbffnimghceldeeihfak":{"blacklist":true},"lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true},"lndempehphjoeimfchjflohpmhamiamf":{"blacklist":true},"lnjgjionmhobdfdegbciceafphgemjnc":{"blacklist":true},"lnlaeblencbjjjeaanegaldcjfekeled":{"blacklist":true},"lojppnndedobolgfepahepphhloediji":{"blacklist":true},"loldehkdjdncebfnncknlkdchjclifbn":{"blacklist":true},"lookpbabilcplifjdeifacodednpacmk":{"blacklist":true},"lpgiafapdmlapiokjnmpbbfkomiceoml":{"blacklist":true},"lplmcpcnhpbffpcfiaddbeaplhhbengd":{"blacklist":true},"mamfageekafifnickhgkibkofcclfefe":{"blacklist":true},"mbmdaiddhfoljplpdhohimgieioblfif":{"blacklist":true},"mcknnlhkkdbcppajgefagceglahcafjd":{"blacklist":true},"mdiehnlecbjlppbpaaipmlnhhjgepfcg":{"blacklist":true},"mdngbiejioalifclonjepjjfppmbgned":{"blacklist":true},"megkcfpbmemnpkgadkoompnoajcolpni":{"blacklist":true},"mfffdpnblflpobcnekhekiahepofaane":{"blacklist":true},"mfhfkclojmdocagbmecgcnlofppebebd":{"blacklist":true},"mfncimdpmknolnnnccdmkpnpkaofonkc":{"blacklist":true},"mgdgiplcofghdmpekdeeceolepakodcb":{"blacklist":true},"mjalegijammcloleihdmooifidcjggjp":{"blacklist":true},"mjgobkikdipfikmaoakdcdbicpioljgg":{"blacklist":true},"mjolnadmlahbpepjaemohnkhpjkbhmef":{"blacklist":true},"mknjbohhleiicbpagpgmhoaigbblmnic":{"blacklist":true},"mkobblpffgbncfhijabakfafmkjdmmnm":{"blacklist":true},"mlmegahemifabfmdnndafagnncfbnahn":{"blacklist":true},"mlmmbepkgelpbenpobinockmiehdahai":{"blacklist":true},"mlnoedbhndgbjcbeadjfnmjloejlgojk":{"blacklist":true},"mmjodihhmnpkldljaifiajmlnpflfhpm":{"blacklist":true},"mndoohjdoechinpkfbkolflbonciahfo":{"blacklist":true},"mnhcgaghminpdabllkbkecahjfkdiabk":{"blacklist":true},"mnichagcickblneeijmfnmoiakigmmhf":{"blacklist":true},"mnllienogacopjnkmhgnniopjpgjpopp":{"blacklist":true},"mogepbcllienegdibkfpmombhefhcoic":{"blacklist":true},"mplhbhmkccidaokcelbcbcmhhedebcng":{"blacklist":true},"naopgnjebjeeedbbhcadkhkmeefmloho":{"blacklist":true},"nbieffehfdniifkgdckbndjhojohbfjj":{"blacklist":true},"nckmikohoilfkcoahbjpbgbpegcjgngm":{"blacklist":true},"ncpdanjmicnihdlijomcggnnekloephc":{"blacklist":true},"ndhkiimgbjnendpcfbiadlifmangejoa":{"blacklist":true},"ndiogongcmocdgjciemhagfhpjamehpe":{"blacklist":true},"negkalblfongjbphdcbbhddlickhlamd":{"blacklist":true},"nepfiodmbijheamafkiglonfkjebdjmf":{"blacklist":true},"nfecfkjnlkbphobjbcnphimihniieehc":{"blacklist":true},"nhboiakpmibkbkbeehchlfkggmhphpnk":{"blacklist":true},"nhkmojkfnknbbmhbnacjdlodokeophkl":{"blacklist":true},"nibohffepnilngkecenfdgnokfhmnkod":{"blacklist":true},"nidmbljkkcbdfklgdkklgjgmhejmbojn":{"blacklist":true},"nidodbfomffkfabciljelkbdiabkeehe":{"blacklist":true},"nifbebeekindefklojhchehidpikbjfc":{"blacklist":true},"nihhbeikpchdddoillfdcdinnnnllmna":{"blacklist":true},"nlgapikcofpablcmfgaoodlhiejiehhh":{"blacklist":true},"nmmnodocfckpoddcgihiihcdinaonckb":{"blacklist":true},"nmphbnbmgfccfhcmibikmhcgajjpelpf":{"blacklist":true},"nnioepmjbjjlflmdgjanlcmbjahljeeo":{"blacklist":true},"nochkknnbahbhmmknnmdhagelcnfagom":{"blacklist":true},"noefghcilkpcabnhhilojimkkjplhcnd":{"blacklist":true},"npadaghbcdejfngcjpbnoikajdnongca":{"blacklist":true},"npolaghondefgiomhkbiiompikfjneep":{"blacklist":true},"oakhllhnbcpgagdafgbninlpjdemdmjk":{"blacklist":true},"oanjogmonneelfpnfmdlalfddkeckdej":{"blacklist":true},"ocmhjnhildbnglmlfimkjnnfgddelacb":{"blacklist":true},"ocnlnkjmfnolmbclblfhfhcakldceiec":{"blacklist":true},"odnamglmogfldajnhkfodmloofeokcmm":{"blacklist":true},"oghphhcagopecifjblgdcfihjnlcbcfc":{"blacklist":true},"ogjbodghhojomghbdfnlkppdagkfjede":{"blacklist":true},"oidjdpbndkjhmhmgdoggibcjnippkcgo":{"blacklist":true},"ojglppmhgfohhfeinlhklglifnbfebak":{"blacklist":true},"omceiakkomngangmllpgbjcoeloglald":{"blacklist":true},"onfbaaifbbahonepmednhkjbhdgogkbl":{"blacklist":true},"onpnpccdagncipgnoofbhchlbajcjnkd":{"blacklist":true},"oocfbmollajebjjpkahmlnclfhkjijea":{"blacklist":true},"ookcgejbfhcmcanfkfmmmpahflnlajbl":{"blacklist":true},"opnnngnphijodjhemhdafpnnpdjggofe":{"blacklist":true},"pajgiddgjidlcajihkjoacjbplimkgfe":{"blacklist":true},"pbdgmppmccanplobanhfkjndjkmmabgk":{"blacklist":true},"pbekednmpdekknlffkiopooofokfmkla":{"blacklist":true},"pbglijbamgmlcpnnpbfjkbdeheejjloj":{"blacklist":true},"peiijdmlgbelnnmnkighhkpeihmmamio":{"blacklist":true},"pfcelnbmkeoaeicedjomcjkcammlkdbk":{"blacklist":true},"pfhlnanelpgjbhndafjamnpfhkjadoip":{"blacklist":true},"pfoiaildicnbcjojocjlpcibenphhbln":{"blacklist":true},"pfonklmafadkmcedjlodommcoipgbcde":{"blacklist":true},"pgelifedkjaohmjehecojkfldinjlamn":{"blacklist":true},"pgjpnfpidejcmjibaaohcmehfohacckf":{"blacklist":true},"pgldfhecfiofkhnbgcncepnkjkeoahlk":{"blacklist":true},"phkpgooenaonkpnabopdbjjfmphclela":{"blacklist":true},"pihcfdffalbcnmbghijdfcaanagapelf":{"blacklist":true},"pjdhkkcnlbfebiokpeghfffajaabahfo":{"blacklist":true},"pjgbfgdpkbfimabdalhjmmeeelbmkcac":{"blacklist":true},"pkbbbncikcipejaiiiioboongndhmjgl":{"blacklist":true},"pkbkkendemaimikinaefldfljliecapm":{"blacklist":true},"pkhidkonipdjidjglnkfcfhnkfnlefbk":{"blacklist":true},"plfijddblbcdcnammpdmfccchkbdekmm":{"blacklist":true},"pnaiiipilbpcceggeanphcpkkihnojan":{"blacklist":true},"pnnbdjcjeiobikdfikegpclkcimgafpp":{"blacklist":true},"pnpfkfanlgljpkpilhgiimfadggfmhcd":{"blacklist":true},"pnpgiaejfbdapllkchhgchjpdbcpiooa":{"blacklist":true},"pobponmhkpmphbnfhpjdagklbkmjhked":{"blacklist":true},"ppmfajacidhcjbddpgmcmigffpppcadd":{"blacklist":true}}},"homepage":"hxxp://www.google.com","homepage_is_newtabpage":false,"net":{"hxxp_server_properties":{"clients2.google.com:443":{"settings":[{"id":4,"value":100},{"id":5,"value":32},{"id":6,"value":0}],"supports_spdy":true},"www.google.com:443":{"settings":[{"id":4,"value":100},{"id":5,"value":10},{"id":6,"value":0}],"supports_spdy":true}}},"ntp":{"gplus_required":false,"promo_closed":false,"promo_end":1345006800.0,"promo_group":851,"promo_group_max":1,"promo_group_timeslice":0,"promo_increment":1,"promo_initial_segment":4,"promo_line":"What do you think of Chrome? <a href=\"hxxp://survey.googleratings.com/wix/p5963862.aspx\">Take the survey</a>","promo_num_groups":1000,"promo_resource_cache_update":"1345747745.04925","promo_start":1344488400.0,"promo_views":0,"promo_views_max":15},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Program Files\\Google\\Chrome\\Application\\21.0.1180.83","plugins_list":[{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files\\Google\\Chrome\\Application\\21.0.1180.83\\PepperFlash\\pepflashplayer.dll","version":"11.3.31.230"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files\\Google\\Chrome\\Application\\21.0.1180.83\\gcswf32.dll","version":"11,3,300,271"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\WINDOWS\\system32\\Macromed\\Flash\\NPSWF32_11_4_402_265.dll","version":"11,4,402,265"},{"enabled":true,"name":"Flash"},{"enabled":true,"name":"Remoting Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Remoting Viewer"},{"enabled":true,"name":"Native Client","path":"C:\\Program Files\\Google\\Chrome\\Application\\21.0.1180.83\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"Chrome PDF Viewer","path":"C:\\Program Files\\Google\\Chrome\\Application\\21.0.1180.83\\pdf.dll","version":""},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Shockwave for Director","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\np32dsw.dll","version":"11.0r429"},{"enabled":true,"name":"Shockwave"},{"enabled":true,"name":"Ask Toolbar Plugin Stub","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\NPAskSBr.dll","version":"1, 0, 0, 0"},{"enabled":true,"name":"Ask Toolbar Plugin Stub"},{"enabled":true,"name":"MetaStream 3 Plugin","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npViewpoint.dll","version":"3, 5, 0, 36"},{"enabled":true,"name":"MetaStream 3 Plugin"},{"enabled":true,"name":"Microsoft® DRM","path":"C:\\Program Files\\Windows Media Player\\npdrmv2.dll","version":"9.00.00.4503"},{"enabled":true,"name":"Microsoft® DRM","path":"C:\\Program Files\\Windows Media Player\\npwmsdrm.dll","version":"9.00.00.4503"},{"enabled":true,"name":"Microsoft® DRM"},{"enabled":true,"name":"Windows Media Player Plug-in Dynamic Link Library","path":"C:\\Program Files\\Windows Media Player\\npdsplay.dll","version":"3.0.2.629"},{"enabled":true,"name":"Windows Media Player"},{"enabled":true,"name":"Google Update","path":"C:\\Program Files\\Google\\Update\\1.3.21.111\\npGoogleUpdate3.dll","version":"1.3.21.111"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"Java™ Platform SE 6 U34","path":"C:\\Program Files\\Java\\jre6\\bin\\plugin2\\npjp2.dll","version":"6.0.340.4"},{"enabled":true,"name":"Java Deployment Toolkit 6.0.340.4","path":"C:\\WINDOWS\\system32\\npdeployJava1.dll","version":"6.0.340.4"},{"enabled":true,"name":"Java"},{"enabled":true,"name":"RealNetworks Rhapsody Player Engine","path":"C:\\Program Files\\Real\\RhapsodyPlayerEngine\\nprhapengine.dll","version":"1.0.2.636"},{"enabled":true,"name":"RealNetworks Rhapsody Player Engine"}]},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"exited_cleanly":true,"name":"First user"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,["hxxp://www.google.com"]},"webkit":{"webprefs":{"allow_running_insecure_content":true}}}

*************************

AdwCleaner[R1].txt - [40681 octets] - [04/09/2012 15:10:19]
AdwCleaner[S1].txt - [41394 octets] - [04/09/2012 15:10:39]

########## EOF - C:\AdwCleaner[S1].txt - [41455 octets] ##########
  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What I would be looking at next would be the temperatures on the system in case of dust causing overheating

But we will look at that tomorrow when you arefree again
  • 0

#18
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
this PC has been sitting for years since it was my mother's before she passed. My daughter used it mostly for gaming (SIMS) and wasn't used for internet until just recently.
I have removed the cover already and blew out most of the dust/hair/particles before getting the wireless going on it. Do you want me to do a more thorough job? It doesn't sound like it's running on high or anything.
THANK YOU for all your assist in helping me w this - I know some things, but then again not enough. :D
  • 0

#19
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
We will check it all out tomorrow, If you could let me know how it behaves when you boot and then run this small programme

Download Speedfan and install it.
Once it's installed, run the program and post here the information it shows.
The information I want you to post is the stuff that is circled in the example picture I have attached.
If you are running on a vista machine, please go to where you installed the program and run the program as administrator.
Posted Image (this is a screenshot from a vista machine)
  • 0

#20
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
this is a windows xp machine - I'll run this in the morning - thanks
  • 0

#21
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
ok so I am having more problems this morning. Now my generic webcam is not able to find the drivers and is hanging up the system. I went into safemode to be able to run this speedfan job for you. It said 'unable to read i/o'. It just keeps running and I'm assuming it shouldn't run long. So do you think those changes made yest deleted my webcam drivers and if not, why would the system find new hardware? My daughter used the pc last nite but didn't use anything, just some word files.

I have meetings today but my daughter was using this camera later to skype w her director. Please let me know what you think. Cannot get this machine to run in anything but safemode. sorry I guess I was thinking this would be an easy fix.
  • 0

#22
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
okay so I went thru and re-installed the webcam. not sure why this happened, but at least I am not getting anymore errors/warnings. I am running the speedfan program and hopefully it finishes before I have to leave for work.
I assumed it wasn't running because I was in safe mode? not sure but this is all I see currently and it's been running for 15mins. let me know what you think - I'll be able to check emails later this afternoon. thanks!

top window
Win9x:NO 64Bit:NO GiveIO:YES SpeedFan:YES
I/O properly initialized
Linked ISA BUS at $0290
Linked Intel 82801EB ICH5 SMBUS at $EDA0
Scanning ISA BUS at $0290...
SuperIO Chip=LPC47m182
Scanning Intel SMBus at $EDA0...
Found HDS728080PLAT20 on AdvSMART
End of detection

HD0: 32C
  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK it is an old system, no onboard sensors. But the HDD temp looks OK

Could you now go to normal mode and let me know the behaviour there

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks
  • Allow the recovery console to be installed

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#24
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
was finally able to do this today - let me know how it looks and just enabling all my system stuff...so far so good I guess.
any other suggestions as what to have added to my weekly maintenance?? THANKS!!

ComboFix 12-09-05.02 - Shirley 09/06/2012 7:39.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.422 [GMT -5:00]
Running from: c:\documents and settings\Shirley\My Documents\Downloads\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Shirley\WINDOWS
c:\program files\jxpiinstall-6u11-fcs-bin-b90-windows-i586-25_nov_2008.exe
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f1611dd397012fe2.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\system32\wpcap.dll
c:\windows\wt
c:\windows\wt\data.wts
c:\windows\wt\updater\wt.ini
c:\windows\wt\webdriver.dll
c:\windows\wt\webdriver\4.1.1\actorobject.dll
c:\windows\wt\webdriver\4.1.1\dx5drv.dll
c:\windows\wt\webdriver\4.1.1\dx7drv.dll
c:\windows\wt\webdriver\4.1.1\objectbundle.dll
c:\windows\wt\webdriver\4.1.1\sound.dll
c:\windows\wt\webdriver\4.1.1\wdcaps.ded
c:\windows\wt\webdriver\4.1.1\wdengine.dll
c:\windows\wt\webdriver\4.1.1\webdriver.dll
c:\windows\wt\webdriver\4.1.1\wthost.exe
c:\windows\wt\webdriver\4.1.1\wthostctl.dll
c:\windows\wt\webdriver\4.1.1\wtmulti.dll
c:\windows\wt\webdriver\4.1.1\wtmulti.jar
c:\windows\wt\webdriver\4.1.1\wtwmplug.ax
c:\windows\wt\webdriver\4.1.1\wtwmplug.ini
c:\windows\wt\webdriver\jdriver.dll
c:\windows\wt\webdriver\rdriver.dll
c:\windows\wt\webdriver\wildtangent.jar
c:\windows\wt\wt3d.dll
c:\windows\wt\wt3d.ini
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.html
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo
c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas
c:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html
c:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\jdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\data.wts
c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\npWTHost.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt
c:\windows\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\rdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\Sound.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\update_info\data.wts
c:\windows\wt\wtupdates\webd\4.1.1\files\wdcaps.ded
c:\windows\wt\wtupdates\webd\4.1.1\files\wdengine.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo
c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas
c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas
c:\windows\wt\wtupdates\webd\4.1.1\files\webdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wildtangent.jar
c:\windows\wt\wtupdates\webd\4.1.1\files\wt3d.ini
c:\windows\wt\wtupdates\webd\4.1.1\files\WTHost.exe
c:\windows\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.jar
c:\windows\wt\wtupdates\webd\4.1.1\files\wtvh.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax
c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini
c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo
c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas
c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\controlpanel\index.html
c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl.cdanfo
c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl_Uninstall.cdas
c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\WireControl.dll
c:\windows\wt\wtupdates\wtupdater\appinfo.dat
c:\windows\wt\wtupdates\wtwebdriver\update_info\data.wts
c:\windows\wt\wtvh.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2012-08-06 to 2012-09-06 )))))))))))))))))))))))))))))))
.
.
2012-09-05 15:11 . 2012-09-05 16:36 -------- d-----w- c:\program files\SpeedFan
2012-09-04 18:58 . 2012-09-04 18:58 -------- d-----w- C:\_OTL
2012-09-04 17:17 . 2012-09-04 17:18 -------- d-----w- c:\documents and settings\Administrator
2012-09-04 12:46 . 2012-09-04 12:46 -------- d-s---w- c:\documents and settings\Shirley\PrivacIE
2012-09-02 13:16 . 2012-09-02 13:16 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-08-27 15:19 . 2012-08-27 15:19 -------- dc----w- c:\windows\system32\DRVSTORE
2012-08-27 15:19 . 2012-08-02 04:02 15248 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys
2012-08-25 18:07 . 2003-08-05 16:41 53248 ----a-w- c:\windows\ap561.exe
2012-08-25 18:07 . 2002-11-22 20:56 118784 ----a-w- c:\windows\ShowBmp.exe
2012-08-25 18:07 . 2012-08-25 18:07 -------- d-----w- c:\windows\Setup2K
2012-08-25 18:07 . 2002-10-01 19:43 119798 ----a-w- c:\windows\system32\drivers\SPCA561.SYS
2012-08-25 18:06 . 2008-04-13 17:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2012-08-25 18:06 . 2008-04-13 17:46 10880 ----a-w- c:\windows\system32\dllcache\ndisip.sys
2012-08-25 18:06 . 2008-04-13 17:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2012-08-25 18:06 . 2008-04-13 17:46 15232 ----a-w- c:\windows\system32\dllcache\streamip.sys
2012-08-25 18:06 . 2008-04-13 23:12 16384 ----a-w- c:\windows\system32\ipsink.ax
2012-08-25 18:06 . 2008-04-13 17:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2012-08-25 18:06 . 2008-04-13 17:39 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys
2012-08-25 18:06 . 2008-04-13 17:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2012-08-25 18:06 . 2008-04-13 17:46 11136 ----a-w- c:\windows\system32\dllcache\slip.sys
2012-08-25 18:05 . 2008-04-13 17:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2012-08-25 18:05 . 2008-04-13 17:46 19200 ----a-w- c:\windows\system32\dllcache\wstcodec.sys
2012-08-25 18:05 . 2008-04-13 17:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2012-08-25 18:05 . 2008-04-13 17:46 85248 ----a-w- c:\windows\system32\dllcache\nabtsfec.sys
2012-08-25 18:05 . 2008-04-13 17:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2012-08-25 18:05 . 2008-04-13 17:46 17024 ----a-w- c:\windows\system32\dllcache\ccdecode.sys
2012-08-25 18:05 . 2002-09-21 00:44 14336 ----a-w- c:\windows\system32\dshow508.ax
2012-08-25 17:56 . 2012-08-25 17:56 -------- d-----w- c:\documents and settings\Shirley\Local Settings\Application Data\Innovative Solutions
2012-08-25 17:55 . 2012-09-03 19:37 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-08-25 17:53 . 2012-08-25 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Files
2012-08-25 17:43 . 2001-08-23 23:58 1589248 ----a-w- c:\windows\system32\ippsw711.dll
2012-08-25 17:43 . 2001-08-23 23:58 266240 ----a-w- c:\windows\system32\ippsrw711.dll
2012-08-25 17:43 . 2001-08-23 23:58 77824 ----a-w- c:\windows\system32\ippsr11.dll
2012-08-25 17:12 . 2012-08-25 17:18 -------- d-----w- c:\program files\Free Download Manager
2012-08-25 17:11 . 2012-08-25 17:11 -------- d-----w- c:\documents and settings\Shirley\Local Settings\Application Data\antiphishing-vmninternethelper1_1dn
2012-08-25 09:04 . 2012-08-25 09:04 -------- d-s---w- c:\documents and settings\NetworkService\IETldCache
2012-08-25 09:04 . 2012-08-25 09:04 -------- d-sh--w- c:\documents and settings\Shirley\IETldCache
2012-08-25 08:46 . 2012-07-02 17:49 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2012-08-25 08:45 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll
2012-08-25 08:44 . 2012-07-02 17:49 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2012-08-25 08:44 . 2012-07-02 17:49 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2012-08-25 08:44 . 2012-07-02 17:49 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2012-08-25 08:40 . 2012-08-25 08:43 -------- dc-h--w- c:\windows\ie8
2012-08-25 08:18 . 2012-08-25 08:18 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2012-08-25 08:06 . 2012-08-25 09:03 -------- d-----w- c:\windows\SxsCaPendDel
2012-08-24 18:34 . 2012-06-02 20:18 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-08-24 18:34 . 2012-06-02 20:18 214256 ----a-w- c:\windows\system32\muweb.dll
2012-08-24 12:59 . 2012-08-24 12:59 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2012-08-23 20:26 . 2012-09-06 12:53 -------- d-----w- c:\documents and settings\Shirley\Application Data\Skype
2012-08-23 20:26 . 2012-08-23 20:26 -------- d-----w- c:\program files\Common Files\Skype
2012-08-23 20:26 . 2012-08-23 20:27 -------- d-----r- c:\program files\Skype
2012-08-23 20:26 . 2012-08-23 20:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2012-08-23 20:19 . 2012-09-04 12:24 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-08-23 20:19 . 2012-09-02 13:16 266720 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2012-08-23 20:19 . 2012-09-02 13:15 883864 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2012-08-23 20:19 . 2012-09-02 13:15 91104 ----a-w- c:\program files\Mozilla Firefox\smime3.dll
2012-08-23 20:19 . 2012-09-02 13:15 20960 ----a-w- c:\program files\Mozilla Firefox\plds4.dll
2012-08-23 20:19 . 2012-09-02 13:15 16864 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2012-08-23 20:19 . 2012-09-02 13:15 155104 ----a-w- c:\program files\Mozilla Firefox\softokn3.dll
2012-08-23 20:19 . 2012-09-02 13:15 145376 ----a-w- c:\program files\Mozilla Firefox\ssl3.dll
2012-08-23 20:19 . 2012-09-02 13:15 270304 ----a-w- c:\program files\Mozilla Firefox\updater.exe
2012-08-23 20:19 . 2012-09-02 13:15 19424 ----a-w- c:\program files\Mozilla Firefox\xpcom.dll
2012-08-23 20:19 . 2012-09-02 13:15 15612896 ----a-w- c:\program files\Mozilla Firefox\xul.dll
2012-08-23 20:19 . 2012-09-02 13:15 21472 ----a-w- c:\program files\Mozilla Firefox\plc4.dll
2012-08-23 19:21 . 2000-01-04 11:39 212992 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2012-08-23 19:21 . 2012-08-23 19:21 -------- d-----w- c:\program files\DSC Driver
2012-08-23 19:14 . 2008-04-13 23:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2012-08-23 19:14 . 2008-04-13 23:12 53760 ----a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2012-08-23 19:14 . 2008-04-13 23:12 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2012-08-23 19:14 . 2008-04-13 23:12 43008 ----a-w- c:\windows\system32\ksxbar.ax
2012-08-23 19:14 . 2008-04-13 23:12 61952 ----a-w- c:\windows\system32\kstvtune.ax
2012-08-23 19:02 . 2012-08-23 19:02 -------- d-----w- c:\documents and settings\Shirley\Application Data\Malwarebytes
2012-08-23 19:02 . 2012-08-23 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-08-23 19:01 . 2012-08-23 19:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-23 19:01 . 2012-07-03 18:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-23 18:45 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-08-23 18:45 . 2012-08-23 18:48 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2012-08-23 18:40 . 2012-08-23 18:45 -------- d-----w- c:\documents and settings\Shirley\Local Settings\Application Data\Temp
2012-08-23 18:39 . 2012-08-23 18:40 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-08-23 18:39 . 2012-08-23 18:39 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERSetup
2012-08-23 18:32 . 2012-08-23 18:32 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-23 18:32 . 2012-08-23 18:32 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-23 18:32 . 2012-08-23 18:32 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-23 18:30 . 2010-09-18 06:53 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2012-08-23 18:27 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2012-08-23 18:25 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2012-08-23 18:23 . 2012-08-23 18:23 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-23 18:23 . 2012-08-23 18:23 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-23 18:20 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2012-08-23 18:17 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
2012-08-23 18:17 . 2012-07-04 14:05 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys
2012-08-23 18:12 . 2012-05-28 18:16 536576 ------w- c:\windows\system32\dllcache\msado15.dll
2012-08-23 18:08 . 2012-08-23 18:08 -------- d-----w- c:\windows\system32\LogFiles
2012-08-23 18:02 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2012-08-23 18:02 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-08-23 18:02 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2012-08-23 18:01 . 2011-12-12 22:43 1034240 ----a-w- c:\windows\system32\drivers\bcmwlhigh5.sys
2012-08-23 18:01 . 2010-02-03 16:21 413696 ----a-w- c:\windows\system32\msvc28f1.rra
2012-08-23 18:01 . 2010-02-03 16:21 50704 ----a-w- c:\windows\system32\drivers\npf.sys
2012-08-23 18:01 . 2012-08-23 18:01 -------- d-----w- c:\program files\NETGEAR
2012-08-23 18:01 . 2010-08-16 08:45 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2012-08-13 18:35 . 2012-08-13 18:35 5115584 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-06 13:58 . 2004-08-10 18:50 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2004-08-10 19:01 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40 . 2004-08-10 18:51 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2004-08-10 18:51 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2004-08-10 18:51 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2004-08-10 18:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-10 18:51 385024 ------w- c:\windows\system32\html.iec
2009-01-25 21:48 . 2009-01-25 21:48 548864 ----a-w- c:\program files\EasyInfo_v2_for_Pogo.exe
2008-12-20 18:14 . 2008-12-20 18:14 29775112 ----a-w- c:\program files\setupeng.exe
2012-09-02 13:16 . 2012-08-23 20:19 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-07-14 02:48 66912 ----a-w- c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-09 4777856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-06 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-02-01 98304]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2005-08-31 106496]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\documents and settings\Shirley\Start Menu\Programs\Startup\
SpeedPlexer.lnk - c:\program files\SpeedPlexer\SpeedPlexer.exe [N/A]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WNA3100 Genie.lnk - c:\program files\NETGEAR\WNA3100\WNA3100.exe [2012-8-23 8364288]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [8/25/2012 12:55 PM 27496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8/23/2012 2:02 PM 655944]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [8/13/2012 1:33 PM 3064000]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [8/23/2012 1:01 PM 1034240]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/23/2012 2:01 PM 22344]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\drivers\pmkbdfltr.sys [8/27/2012 10:19 AM 15248]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/23/2012 1:40 PM 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 1:28 PM 160944]
S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe --> c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [?]
S2 WSWNA3100;WSWNA3100;c:\program files\NETGEAR\WNA3100\WifiSvc.exe [8/23/2012 1:01 PM 303360]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8/23/2012 1:23 PM 250568]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8/23/2012 1:40 PM 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [8/23/2012 3:19 PM 114144]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - SPEEDFAN
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-23 18:23]
.
2012-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-23 18:40]
.
2012-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-23 18:40]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com
uStart Page = hxxp://www.yahoo.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: pogo.com\www
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
FF - ProfilePath - c:\documents and settings\Shirley\Application Data\Mozilla\Firefox\Profiles\oq1ux0z6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
Toolbar-SITEguard - (no file)
HKCU-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
HKCU-Run-DW6 - c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe
HKLM-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
HKLM-Run-First Principle Group - c:\program files\First Principle Group\fpg.exe
HKLM-Run-Manolito - c:\program files\Manolito\Manolito.exe
HKLM-Run-vProt - c:\program files\AVG Secure Search\vprot.exe
HKLM-Run-ROC_roc_ssl_v12 - c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe
HKLM-Run-ROC_ROC_JULY_P1 - c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe
HKU-Default-Run-DWQueuedReporting - c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-06 07:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(828)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(2568)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2012-09-06 07:58:03 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-06 12:57
.
Pre-Run: 58,269,122,560 bytes free
Post-Run: 58,145,611,776 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 8BCA53B385E027705D8683EF8917D0ED
  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer behaving now in normal mode ?
  • 0

Advertisements


#26
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
well this box is only used by my teenager, but seems to be much better as far as performance and boot-up for me this morning. I knew my mom had a bunch of junk that she downloaded from those gaming sites that creates ALOT of unwanted problems! lol

Is there anything different that I should be doing as far as maintenance? I know it's an older model but we just wanted to get a little use out of it since I'll be buying my daughter a laptop for college soon.

I appreciate all of your help and diligence on this issue. I've recommended this site to many many friends since we only have a couple people locally that can work on pc problems. Thank you thank you for the great service!
  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What I will do now is remove my tools and give some recommendations. But I would suggest that once they are all removed to do a disc defragment to speed it up a tad more Disc Defrag

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#28
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
cannot get OTL to run correctly - Malwarebytes and MS Essentials keeps coming up w an errors from those programs and just hangs the system - ran for 30 mins and had to cold boot - how do you want me to proceed? I haven't gotten any further than doing your 1st step.

I already had Malwarebytes downloaded prev to logging the issue btw.
  • 0

#29
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Skip the initial OTL fix and restart from the combofix removal .. Malwarebytes does not like being asked to stop
  • 0

#30
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
I've got everything done except the OTL - anything else that I should be monitoring? I am off tomorrow so I can try to use this machine most of the day and see how it runs, does that sound okay? Let me know if there is anything else...thanks much!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP