Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

got help with my work computer, now my home computer is super messed u


  • This topic is locked This topic is locked

#1
Lauriek1970

Lauriek1970

    Member

  • Member
  • PipPip
  • 82 posts
My home computer is really messed up. I can't even get it to start up properly. It is my kid's computer and I knew that it hasn't been operating right for awhile. I got help here with my work computer. The guy who helped me is a genius, so I thought maybe, perhaps a little help with my home computer would rock! I'll try to download OTL.
  • 0

Advertisements


#2
Lauriek1970

Lauriek1970

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Cannot download OTL. My computer says that the internet site cannot be found.
  • 0

#3
Lauriek1970

Lauriek1970

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
I got OTL to download, but it will not run. It says that it is not a valid WIN32 app
  • 0

#4
Lauriek1970

Lauriek1970

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
My computer is also telling me that I'm running low on disc space.
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi what is the operating system i.e. XP, Vista, 7 or 8 ?

Can you get to safe mode with networking ?
  • 0

#6
Lauriek1970

Lauriek1970

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
it's Windows 7 and I'm not sure but I probably can.
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK windows 7 64 or 32 bit ..

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#8
Lauriek1970

Lauriek1970

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
I'm not sure if it's 64 or 32. How do I find out?
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
download both then try them, only one will run, the correct one :)
  • 0

#10
Lauriek1970

Lauriek1970

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
I think that I downloaded the wrong thing. I did get an OTL log. I'm still trying to find the Farbar recovery scan tool
  • 0

Advertisements


#11
Lauriek1970

Lauriek1970

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Ok, it's 64, I got it. Thank you for helping me
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is it running ?
  • 0

#13
Lauriek1970

Lauriek1970

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-09-2013 05
Ran by martin (administrator) on MARTIN-PC on 15-09-2013 14:35:05
Running from C:\Users\martin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DLCICATS] - rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\DLCItime.dll,RunDLLEntry
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM-x32\...\Runonce: [Del465928] - cmd.exe /Q /D /c del "C:\Users\martin\AppData\Local\Temp\0.del" [x]
HKCU\...\Run: [Desktop Software] - C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini [1082 2011-12-10] ()
HKCU\...\Run: [Spotify] - C:\Users\martin\AppData\Roaming\Spotify\Spotify.exe [7880664 2012-11-16] (Spotify Ltd)
HKCU\...\Run: [Facebook Update] - C:\Users\martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKCU\...\Run: [ComcastAntispyClient] - C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe [1589208 2009-08-19] ()
HKCU\...\Run: [Spotify Web Helper] - C:\Users\martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-16] (Spotify Ltd)
HKCU\...\Run: [Driver Detective] - C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [3547032 2013-01-25] (PC Drivers Headquarters)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Runonce: [Del465928] - cmd.exe /Q /D /c del "C:\Users\martin\AppData\Local\Temp\0.del"
HKLM-x32\...\Run: [PDVDDXSrv] - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-02-26] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [Guffins Search Scope Monitor] - C:\PROGRA~2\Guffins\bar\1.bin\u4srchmn.exe [42536 2012-04-04] (MindSpark)
HKLM-x32\...\Run: [Guffins Browser Plugin Loader] - C:\Program Files (x86)\Guffins\bar\1.bin\u4brmon.exe [30096 2012-04-04] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe [442536 2008-11-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2285232 2013-09-15] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
URLSearchHook: (No Name) - {2b2505fa-fd68-0144-9128-cd617bdca8c2} - No File
URLSearchHook: (No Name) - {c3d3840c-12ea-4461-a61d-190555fecc82} - No File
URLSearchHook: (No Name) - {6ec5b552-6d23-4e05-a153-32aa26f7d9e8} - No File
SearchScopes: HKLM-x32 - {9a3b19bb-9b55-4dd7-b8a2-fb2bad65cc3b} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearsh...q={searchTerms}
SearchScopes: HKLM-x32 - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT3001705
SearchScopes: HKCU - DefaultScope {389EC28A-98F6-457C-AB2A-E7D17AAE4801} URL = http://search.condui...530354926232173
SearchScopes: HKCU - Comcast URL = http://search.xfinit...art_tech_search
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...s}&locale=en_US
SearchScopes: HKCU - {23D26D10-2706-4A75-A817-C9000D86DFAF} URL = http://search.yahoo....p={SearchTerms}
SearchScopes: HKCU - {389EC28A-98F6-457C-AB2A-E7D17AAE4801} URL = http://search.condui...530354926232173
SearchScopes: HKCU - {9a3b19bb-9b55-4dd7-b8a2-fb2bad65cc3b} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearsh...q={searchTerms}
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {A531D99C-5A22-449b-83DA-872725C6D0ED} URL = http://search.alot.c...on=1.3.4000.0(B)
BHO: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO-x32: XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
BHO-x32: FLV Runner B Toolbar - {6ec5b552-6d23-4e05-a153-32aa26f7d9e8} - C:\Program Files (x86)\FLV_Runner_B\prxtbFLV_.dll (Conduit Ltd.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Toolbar BHO - {a916eefe-6a17-4d7d-a131-2738b260bb55} - C:\Program Files (x86)\Guffins\bar\1.bin\u4bar.dll (MindSpark)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: SocialRibbons LP2 - {AE92E5DE-20F7-9934-D515-7BE13880A842} - C:\Program Files (x86)\SocialRibbons LP2\Toolbar.dll ()
BHO-x32: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO-x32: DCA BHO - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll (Compete, Inc.)
BHO-x32: Updater For XFIN_PORTAL - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)
BHO-x32: Search Assistant BHO - {d6a34acb-76fa-4a14-88ea-5d54797a2028} - C:\Program Files (x86)\Guffins\bar\1.bin\u4SrcAs.dll (MindSpark)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll No File
Toolbar: HKLM-x32 - XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
Toolbar: HKLM-x32 - Guffins - {de2fdf7c-2637-4ba3-b427-3fce2d331db5} - C:\Program Files (x86)\Guffins\bar\1.bin\u4bar.dll (MindSpark)
Toolbar: HKLM-x32 - FLV Runner B Toolbar - {6ec5b552-6d23-4e05-a153-32aa26f7d9e8} - C:\Program Files (x86)\FLV_Runner_B\prxtbFLV_.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {6EC5B552-6D23-4E05-A153-32AA26F7D9E8} - No File
Toolbar: HKCU - No Name - {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll (AVG Secure Search)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\xq7i7vev.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://mysearch.avg.com/?cid={F10619E3-5288-4CD0-B268-4102EFFF5245}&mid=d5cdbd70105747d3a9e0d16daec8a549-aeae14a2561c21edb54e2c4bd90b1f739c7ef486&lang=en&ds=co011&pr=sa&d=2013-09-15 14:20:06&v=15.4.0.5&pid=safeguard&sg=0&sap=hp
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @ei.MapsGalaxy_39.com/Plugin - C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\NP39EISB.dll (MapsGalaxy)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @Guffins.com/Plugin - C:\Program Files (x86)\Guffins\bar\1.bin\NPu4Stub.dll (MindSpark)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\martin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: No Name - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\xq7i7vev.default\Extensions\[email protected]
FF Extension: No Name - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\xq7i7vev.default\Extensions\{0df7b3bb-9581-44bb-835f-061a29ec8a46}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Guffins\bar\1.bin
FF Extension: Guffins - C:\Program Files (x86)\Guffins\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.4.0.5
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.4.0.5

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dblenjbcjgmfggkdngpkgpohpkikcjpj] - C:\Users\martin\AppData\Local\Temp\dblenjbcjgmfggkdngpkgpohpkikcjpj.crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\15.4.0.5\avg.crx

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-01-02] ()
S2 AntiSpywareService; C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()
S2 dlci_device; C:\Windows\system32\dlcicoms.exe [566152 2006-12-07] ( )
S2 FOXOSDService; C:\Program Files (x86)\DELL\OSD\OSDSvr.exe [65536 2008-12-22] ()
S2 GuffinsService; C:\PROGRA~2\Guffins\bar\1.bin\u4barsvc.exe [42504 2012-04-04] (COMPANYVERS_NAME)
S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-11] (Symantec Corporation)
S2 vToolbarUpdater15.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [1616048 2013-09-15] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-09-15] (AVG Technologies)
R0 FXOSDDRV; C:\Windows\System32\DRIVERS\FxOSDdrv64.sys [15448 2008-11-28] (Foxconn Group)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 Msrscawwaks; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

7510-09-28 19:00 - 7510-09-28 19:00 - 00000000 ____D C:\Windows.old
2013-09-15 14:31 - 2013-09-15 14:31 - 00000000 ____D C:\FRST
2013-09-15 14:30 - 2013-09-15 14:30 - 01951146 _____ (Farbar) C:\Users\martin\Downloads\FRST64.exe
2013-09-15 14:29 - 2013-09-15 14:30 - 01084055 _____ (Farbar) C:\Users\martin\Downloads\FRST.exe
2013-09-15 14:22 - 2013-09-15 14:22 - 00074024 _____ C:\Users\martin\Downloads\OTL.Txt
2013-09-15 14:22 - 2013-09-15 14:22 - 00069340 _____ C:\Users\martin\Downloads\Extras.Txt
2013-09-15 14:20 - 2013-09-15 14:20 - 00000000 ____D C:\Users\martin\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-09-15 14:20 - 2013-09-15 14:19 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-09-15 14:19 - 2013-09-15 14:20 - 00003725 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-09-15 14:19 - 2013-09-15 14:20 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-09-15 14:19 - 2013-09-15 14:19 - 00001112 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-09-15 14:19 - 2013-09-15 14:19 - 00000000 ____D C:\Users\martin\AppData\Roaming\DSite
2013-09-15 14:19 - 2013-09-15 14:19 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-09-15 14:19 - 2013-09-15 14:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-09-15 14:18 - 2013-09-15 14:18 - 00745328 _____ C:\Users\martin\Downloads\ZipOpenerSetup.exe
2013-09-15 14:13 - 2013-09-15 14:14 - 00602112 _____ (OldTimer Tools) C:\Users\martin\Downloads\OTL.exe
2013-09-01 22:33 - 2013-09-01 22:33 - 00000000 ____D C:\Users\martin\AppData\Roaming\InstallShield
2013-08-28 18:53 - 2013-08-28 18:53 - 00481755 _____ C:\Users\martin\Desktop\lila'sbc.jpeg
2013-08-25 08:39 - 2013-08-25 08:39 - 00010831 _____ C:\Users\martin\Desktop\monthly budget.xlsx
2013-08-24 19:32 - 2013-08-24 19:32 - 00000000 ____D C:\Users\martin\AppData\Local\{146976C3-7EA9-42AC-8D17-9B19CBD38BD5}
2013-08-18 11:00 - 2013-08-18 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

7510-09-28 19:00 - 7510-09-28 19:00 - 00000000 ____D C:\Windows.old
2013-09-15 14:31 - 2013-09-15 14:31 - 00000000 ____D C:\FRST
2013-09-15 14:30 - 2013-09-15 14:30 - 01951146 _____ (Farbar) C:\Users\martin\Downloads\FRST64.exe
2013-09-15 14:30 - 2013-09-15 14:29 - 01084055 _____ (Farbar) C:\Users\martin\Downloads\FRST.exe
2013-09-15 14:28 - 2010-10-02 18:53 - 01769837 _____ C:\Windows\WindowsUpdate.log
2013-09-15 14:22 - 2013-09-15 14:22 - 00074024 _____ C:\Users\martin\Downloads\OTL.Txt
2013-09-15 14:22 - 2013-09-15 14:22 - 00069340 _____ C:\Users\martin\Downloads\Extras.Txt
2013-09-15 14:20 - 2013-09-15 14:20 - 00000000 ____D C:\Users\martin\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-09-15 14:20 - 2013-09-15 14:19 - 00003725 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-09-15 14:20 - 2013-09-15 14:19 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-09-15 14:19 - 2013-09-15 14:20 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-09-15 14:19 - 2013-09-15 14:19 - 00001112 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-09-15 14:19 - 2013-09-15 14:19 - 00000000 ____D C:\Users\martin\AppData\Roaming\DSite
2013-09-15 14:19 - 2013-09-15 14:19 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-09-15 14:19 - 2013-09-15 14:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-09-15 14:18 - 2013-09-15 14:18 - 00745328 _____ C:\Users\martin\Downloads\ZipOpenerSetup.exe
2013-09-15 14:18 - 2009-07-13 22:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-15 14:14 - 2013-09-15 14:13 - 00602112 _____ (OldTimer Tools) C:\Users\martin\Downloads\OTL.exe
2013-09-15 14:12 - 2010-10-02 18:58 - 00000000 ____D C:\Users\martin
2013-09-15 11:12 - 2011-04-19 22:08 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-15 11:12 - 2010-10-02 18:59 - 00000000 ___RD C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-15 11:12 - 2010-10-02 18:59 - 00000000 ___RD C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-15 11:12 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2013-09-15 11:12 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-12 03:07 - 2013-08-14 03:01 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 03:01 - 2012-04-22 17:18 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C00865B2-E860-4FF2-B3B2-2F2536CD29AD}
2013-09-12 03:00 - 2012-03-22 19:11 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-834785317-2334666246-2197150166-1001UA.job
2013-09-12 03:00 - 2011-12-08 11:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-11 21:21 - 2013-03-14 19:31 - 00004432 _____ C:\Windows\System32\Tasks\PC Checkup 3 Weekly Scan
2013-09-11 17:57 - 2012-03-22 19:11 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-834785317-2334666246-2197150166-1001Core.job
2013-09-11 17:44 - 2013-03-14 18:33 - 00000366 _____ C:\Windows\Tasks\Driver Robot.job
2013-09-10 18:59 - 2009-07-13 21:51 - 00130972 _____ C:\Windows\setupact.log
2013-09-10 15:46 - 2011-12-08 11:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-10 15:46 - 2011-12-08 11:52 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-10 15:46 - 2011-09-30 16:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-09 19:37 - 2009-07-13 21:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 19:37 - 2009-07-13 21:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-03 07:49 - 2010-10-07 22:20 - 00000000 ____D C:\Users\martin\AppData\Local\Adobe
2013-09-03 07:47 - 2013-03-11 14:59 - 00000000 ____D C:\Users\martin\AppData\Roaming\Skype
2013-09-03 07:46 - 2012-02-07 11:04 - 00000000 ____D C:\Users\martin\AppData\Roaming\Spotify
2013-09-03 07:45 - 2013-03-11 14:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-03 07:43 - 2010-10-02 19:42 - 00616664 _____ C:\Windows\PFRO.log
2013-09-03 07:43 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-01 22:34 - 2010-10-02 19:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-01 22:33 - 2013-09-01 22:33 - 00000000 ____D C:\Users\martin\AppData\Roaming\InstallShield
2013-09-01 22:33 - 2013-03-14 19:15 - 00000000 ____D C:\Program Files (x86)\Creative
2013-09-01 22:31 - 2013-03-21 12:39 - 00667109 _____ C:\alotserviceruntime.log
2013-09-01 22:29 - 2010-10-02 19:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-08-31 19:36 - 2011-12-08 21:09 - 00000000 ____D C:\Users\martin\AppData\Local\CrashDumps
2013-08-31 19:32 - 2013-03-14 19:31 - 00000000 ____D C:\Program Files (x86)\Norton PC Checkup 3.0
2013-08-28 18:53 - 2013-08-28 18:53 - 00481755 _____ C:\Users\martin\Desktop\lila'sbc.jpeg
2013-08-25 08:39 - 2013-08-25 08:39 - 00010831 _____ C:\Users\martin\Desktop\monthly budget.xlsx
2013-08-24 19:32 - 2013-08-24 19:32 - 00000000 ____D C:\Users\martin\AppData\Local\{146976C3-7EA9-42AC-8D17-9B19CBD38BD5}
2013-08-18 20:37 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-08-18 12:51 - 2012-06-28 19:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 11:00 - 2013-08-18 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\martin\AppData\Local\Temp\oi_{244C5366-4FAC-4947-9842-2C92E191C0FC}.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 21:14

==================== End Of Log ============================
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Download the attached fixlist.txt to the same location as FRST
[attachment=66532:fixlist.txt]
Run FRST as before and press Fix
On completion reboot to normal windows and run the following OTL scan

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    dir "%systemdrive%\*" /S /A:L /C
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#15
Lauriek1970

Lauriek1970

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
the scan is running
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP