Text only | Text with Images

LandzDown Forum

Security => Analysis and Malware Removal => Topic started by: Gale_Tx on January 30, 2014, 02:13:50 PM

Title: Slooow computer, Flash problem?
Post by: Gale_Tx on January 30, 2014, 02:13:50 PM
Tks, Paddy for directing me to the right place.  I keep getting a pop-up about a Flash problem and I can't get it resolved. Shortly afterwards, my computer is so slow it's barely crawling.  Hope you can help me. TIA.  I'm not sure how to disable any script blocker, but here's the info requested:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by larry at 7:43:38 on 2014-01-30
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8173.6482 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Users\larry\AppData\LocalLow\alotservice\alotservice.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Online Games Manager\ogmservice.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
C:\Users\larry\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\splwow64.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyServer = hxxp=127.0.0.1:49162;https=127.0.0.1:49162
uProxyOverride = <-loopback>
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: ALOT Appbar Helper: {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} -
BHO: VideoFileDownload: {9194649F-7143-4308-90C1-D6A35B0E354E} -
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: ALOT Appbar: {A531D99C-5A22-449b-83DA-872725C6D0ED} -
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
uRun: [AmazonMP3DownloaderHelper] C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
uRun: [iLivid] "C:\Users\larry\AppData\Local\iLivid\iLivid.exe" -autorun
uRun: [Amazon Cloud Player] "C:\Users\larry\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
uRun: [BrowserSafeguard] "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: RestrictRun = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: RestrictRun = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.shockwave.com/content/bookwormadventures/sis/popcaploader_v10_en.cab
TCP: NameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{A7D6E798-21E6-4DBB-9446-C0298F0F7CB3} : DHCPNameServer = 75.75.76.76 75.75.75.75
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on January 30, 2014, 02:15:11 PM

FF - ProfilePath - C:\Users\larry\AppData\Roaming\Mozilla\Firefox\Profiles\07vbiqdk.default-1382562802549\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll
FF - plugin: C:\Users\larry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-4-27 21616]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-10-16 46368]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AlotService;ALOT Update Service;C:\Users\larry\AppData\LocalLow\alotservice\alotservice.exe [2012-5-24 255880]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-27 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2012-4-27 68136]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 134944]
R2 ogmservice;Online Games Manager;C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2013-8-8 559552]
R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-11-1 67584]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-1-10 1772056]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-4-27 46136]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-7-28 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-7-28 79104]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-27 565352]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AODDriver;AODDriver;C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2010-3-12 52280]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-4-27 30528]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 McAfee ScanAndRepair Svc;McAfee ScanAndRepair Svc;C:\Program Files (x86)\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe [2012-1-12 695640]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-10-6 19456]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-7-29 31800]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-4-16 15712]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-10-6 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-10-6 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-10-6 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-29 1255736]
.
=============== Created Last 30 ================
.
2014-01-29 14:28:30   --------   d-----w-   C:\Users\larry\AppData\Roaming\ParetoLogic
2014-01-29 14:28:30   --------   d-----w-   C:\Users\larry\AppData\Roaming\DriverCure
2014-01-29 14:27:59   --------   d-----w-   C:\ProgramData\ParetoLogic
2014-01-23 19:26:35   965000   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AD156E12-C2E5-4000-9B94-19DE6314B023}\gapaengine.dll
2014-01-23 19:26:05   10315576   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{954620FD-9F08-469F-B2FB-36F817E05188}\mpengine.dll
2014-01-22 14:45:26   --------   d-----w-   C:\AdwCleaner
2014-01-20 17:58:47   10315576   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-19 17:26:25   --------   d-----w-   C:\ProgramData\Oracle
2014-01-19 17:25:59   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 16:09:49   53248   ----a-w-   C:\Windows\System32\drivers\usbehci.sys
2014-01-15 16:09:49   325120   ----a-w-   C:\Windows\System32\drivers\usbport.sys
2014-01-15 16:09:48   99840   ----a-w-   C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 16:09:48   7808   ----a-w-   C:\Windows\System32\drivers\usbd.sys
2014-01-15 16:09:48   343040   ----a-w-   C:\Windows\System32\drivers\usbhub.sys
2014-01-15 16:09:48   30720   ----a-w-   C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 16:09:48   25600   ----a-w-   C:\Windows\System32\drivers\usbohci.sys
2014-01-15 16:09:46   3156480   ----a-w-   C:\Windows\System32\win32k.sys
2014-01-15 16:09:43   376768   ----a-w-   C:\Windows\System32\drivers\netio.sys
2013-12-31 22:55:51   --------   d-----w-   C:\SUPERDelete
.
==================== Find3M  ====================
.
2014-01-30 13:05:50   25640   ----a-w-   C:\Windows\gdrv.sys
2014-01-19 07:33:29   270496   ------w-   C:\Windows\System32\MpSigStub.exe
2014-01-15 16:05:58   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 16:05:58   692616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-26 10:19:07   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07   66048   ----a-w-   C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39   139264   ----a-w-   C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09   111616   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57   708608   ----a-w-   C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02   5769216   ----a-w-   C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16   553472   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12   4243968   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16   1995264   ----a-w-   C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06   1928192   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57   2334208   ----a-w-   C:\Windows\System32\wininet.dll
2013-11-26 06:33:33   1820160   ----a-w-   C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20   417792   ----a-w-   C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34   465920   ----a-w-   C:\Windows\System32\WMPhoto.dll
2013-11-22 00:31:36   46368   ----a-w-   C:\Windows\System32\drivers\avgtpx64.sys
2013-11-12 02:23:09   2048   ----a-w-   C:\Windows\System32\tzres.dll
2013-11-12 02:07:29   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
.
============= FINISH:  7:44:06.26 ===============
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on January 30, 2014, 02:16:45 PM
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 4/27/2012 11:02:58 AM
System Uptime: 1/30/2014 7:05:23 AM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. |  | GA-970A-D3
Processor: AMD FX(tm)-4100 Quad-Core Processor             | Socket M2 | 3600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 861.414 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 427.821 GiB free.
F: is Removable
Y: is CDROM ()
Z: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP361: 1/6/2014 8:06:13 AM - Windows Backup
RP362: 1/7/2014 8:51:37 AM - Windows Update
RP363: 1/12/2014 7:00:20 PM - Windows Backup
RP364: 1/13/2014 12:20:39 PM - Windows Update
RP365: 1/15/2014 2:45:57 PM - Windows Update
RP366: 1/19/2014 11:24:12 AM - Installed Java 7 Update 51
RP367: 1/20/2014 10:26:04 AM - Windows Backup
RP368: 1/20/2014 11:58:30 AM - Windows Update
RP369: 1/23/2014 1:25:32 PM - Windows Update
RP370: 1/27/2014 9:21:29 AM - Windows Backup
.
==== Installed Programs ======================
.
@BIOS
Adobe Flash Player 11 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player 12.0
Advertising Center
Amazon Cloud Player
Amazon MP3 Downloader 1.0.18
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD AVIVO64 Codecs
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
Apple Software Update
AutoGreen B10.1021.1
AVG SafeGuard toolbar
Barn Yarn Collector's Edition
Belarc Advisor 8.2
Bookworm Deluxe
BrowserSafeguard
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Chicktionary
Compatibility Pack for the 2007 Office system
Corel PaintShop Pro X5
Criminal Investigation Agents: Petrodollars
Dream Inn: The Driftwood
Easy Tune 6 B11.1124.1
EasySaver B9.1214.1
Etron USB3.0 Host Controller
EZ Fonts
Farmington Tales
Farmscapes™ Collector's Edition
Fishdom H2O - Hidden Odyssey
Flip Words 2
GameFly
Gardenscapes 2 Collector's Edition
Golden Trails 2: The Lost Legacy
Google Earth
Google Update Helper
HydraVision
ICA
ImagXpress
IPM_PSP_COM
IrfanView (remove only)
Java 7 Update 51
Java Auto Updater
LightScribe System Software
Little Shop - Memories
Menu Templates - Starter Kit
Microsoft .NET Framework 4 Client Profile
Microsoft Office XP Professional
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Movie Templates - Starter Kit
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery Case Files: Huntsville
Nero 9 Essentials
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero CoverDesigner
Nero DiscSpeed
Nero DriveSpeed
Nero Express Help
Nero InfoTool
Nero Installer
Nero Online Upgrade
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
Nero Vision
Nero Vision Help
NeroExpress
neroxml
ON_OFF Charge B11.1102.1
Online Games Manager v1.21
OpenOffice 4.0.0
PDFCreator
PSPPContent
PSPPHelp
PSPPro64
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Revo Uninstaller 1.94
Revo Uninstaller Pro 2.5.9
Royal Envoy Campaign for the Crown Collector's Edition
Royal Envoy™
Royal Envoy™ 2 Collector's Edition
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Settings Alerter
Setup
Shared C Run-time for x64
SUPERAntiSpyware
swMSM
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
.
==== Event Viewer Messages From Past Week ========
.
1/30/2014 7:05:50 AM, Error: Service Control Manager [7000]  - The AODDriver4.2 service failed to start due to the following error:  The system cannot find the file specified.
1/26/2014 12:49:13 PM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 252.
.
==== End Of File ===========================
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on January 30, 2014, 02:22:27 PM
Forgot to add this:
Results of screen317's Security Check version 0.99.79 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled! 
Microsoft Security Essentials   
Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````[/u]
Java 7 Update 51 
  Adobe Flash Player 12.0.0.43 Flash Player out of Date! 
Adobe Reader XI 
Mozilla Firefox (26.0)
````````Process Check: objlist.exe by Laurent````````[/u] 
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Online Games Manager ogmservice.exe   
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````[/u]
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on January 30, 2014, 08:09:42 PM
Hi, Gale_Tx.  Welcome back! 

Contrary to what is shown in SystemCheck (which hasn't been updated yet), you have the most recent version of Flash Player installed.  So, let's take care of the malware on your computer and then see if you are still having problems with Flash Player.

1.  Please download Malwarebytes' Anti-Malware to your desktop from here (http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/dl/7/).

** Note **

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

2.  Please follow these instructions carefully.  Download ComboFix from the following location:  Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on January 31, 2014, 07:36:44 PM
Hiya, Corrine, so glad to see you again :mrgreen: I'm doing this one at a time so I don't get lost.  I'm so glad you guys are here  :smiley: Here's the MBAM results:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.31.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
larry :: HOME1 [administrator]

1/31/2014 1:20:13 PM
mbam-log-2014-01-31 (13-20-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217269
Time elapsed: 6 minute(s), 17 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> 2760 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 10
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BrowserSafeguard (PUP.Optional.BrowserSafeGuard.A) -> Data: "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0Z1N1J -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 8
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> Delete on reboot.
C:\Program Files (x86)\Browsersafeguard\Resources (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\DefaultTab\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\CT3316243 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 51
C:\Users\larry\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\6201.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\7E06.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\86FB.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\AEC5.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\air8DBE.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\D47D.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\F86B.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\nsk51CB.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmp50DF.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmp6635.exe (PUP.Optional.Amonetize.AS) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmp6F99.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmp8119.exe (PUP.Optional.Amonetize.AS) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmpA9FE.exe (PUP.Optional.Amonetize.AS) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmpB392.exe (PUP.Optional.Amonetize.AS) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\is1275519350\1039260_Setup.EXE (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\OCS9DA2.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\CandyInstaller.exe (PUP.Optional.Freemium.A) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\Express_Installer.exe (PUP.Optional.OptimumInstaller.A) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\Microsoft%20Office%202010(1).exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\Microsoft%20Office%202010.exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\SoftonicDownloader_for_microsoft-office-2007-service-pack-2.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer\xmllite.dll (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer\isxdl.dll (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer\PCPerformer.dll (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer\PCPerformer.exe (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\ewebstorewrapper.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> Delete on reboot.
C:\Program Files (x86)\Browsersafeguard\install.log (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\makecert.exe (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\TrustedRoot.cer (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\certutil.exe (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\libnspr4.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\libplc4.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\libplds4.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\nss3.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\smime3.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\softokn3.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\CT3316243\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on January 31, 2014, 07:55:42 PM
One new problem. After completing MBAM instructions and restarting, I get this page that says The proxy server isn't responding, couldn't get it fixed, so I'm here on FF.  Off to finish my assignment.
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on January 31, 2014, 08:18:47 PM
ComboFix 14-01-29.01 - larry 01/31/2014  14:05:21.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8173.6140 [GMT -6:00]
Running from: c:\users\larry\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\larry\AppData\Roaming\Microsoft\Windows\Recent\How to Overcome Candida Naturally.url
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AlotService
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-28 to 2014-01-31  )))))))))))))))))))))))))))))))
.
.
2014-01-31 19:10 . 2014-01-31 19:10   --------   d-----w-   c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-31 19:10 . 2013-04-04 20:50   25928   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-01-30 18:19 . 2013-12-04 03:28   10315576   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C439429-3EE5-4C03-B976-FDD6DD2C77FE}\mpengine.dll
2014-01-29 14:28 . 2014-01-29 14:28   --------   d-----w-   c:\users\larry\AppData\Roaming\ParetoLogic
2014-01-29 14:28 . 2014-01-29 14:28   --------   d-----w-   c:\users\larry\AppData\Roaming\DriverCure
2014-01-29 14:27 . 2014-01-29 14:32   --------   d-----w-   c:\programdata\ParetoLogic
2014-01-23 19:26 . 2013-10-23 21:08   965000   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AD156E12-C2E5-4000-9B94-19DE6314B023}\gapaengine.dll
2014-01-23 19:26 . 2013-12-04 03:28   10315576   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-22 14:45 . 2014-01-22 14:46   --------   d-----w-   C:\AdwCleaner
2014-01-19 17:26 . 2014-01-19 17:26   --------   d-----w-   c:\programdata\Oracle
2014-01-19 17:26 . 2014-01-19 17:26   --------   d-----w-   c:\program files (x86)\Common Files\Java
2014-01-19 17:25 . 2013-12-19 03:09   96168   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 16:09 . 2013-11-27 01:41   53248   ----a-w-   c:\windows\system32\drivers\usbehci.sys
2014-01-15 16:09 . 2013-11-27 01:41   325120   ----a-w-   c:\windows\system32\drivers\usbport.sys
2014-01-15 16:09 . 2013-11-27 01:41   343040   ----a-w-   c:\windows\system32\drivers\usbhub.sys
2014-01-15 16:09 . 2013-11-27 01:41   99840   ----a-w-   c:\windows\system32\drivers\usbccgp.sys
2014-01-15 16:09 . 2013-11-27 01:41   25600   ----a-w-   c:\windows\system32\drivers\usbohci.sys
2014-01-15 16:09 . 2013-11-27 01:41   30720   ----a-w-   c:\windows\system32\drivers\usbuhci.sys
2014-01-15 16:09 . 2013-11-27 01:41   7808   ----a-w-   c:\windows\system32\drivers\usbd.sys
2014-01-15 16:09 . 2013-11-26 10:32   3156480   ----a-w-   c:\windows\system32\win32k.sys
2014-01-15 16:09 . 2013-11-26 11:40   376768   ----a-w-   c:\windows\system32\drivers\netio.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-31 20:10 . 2012-04-28 03:41   25640   ----a-w-   c:\windows\gdrv.sys
2014-01-19 07:33 . 2010-11-21 03:27   270496   ------w-   c:\windows\system32\MpSigStub.exe
2014-01-15 20:46 . 2012-06-29 13:26   86054176   ----a-w-   c:\windows\system32\MRT.exe
2014-01-15 16:05 . 2012-04-30 18:49   71048   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 16:05 . 2012-04-30 18:49   692616   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 11:54 . 2013-12-12 20:50   23183360   ----a-w-   c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 20:50   2724864   ----a-w-   c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 20:50   4096   ----a-w-   c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 20:50   66048   ----a-w-   c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 20:50   48640   ----a-w-   c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 20:50   2764288   ----a-w-   c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 20:50   53760   ----a-w-   c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 20:50   33792   ----a-w-   c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 20:50   2724864   ----a-w-   c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 20:50   574976   ----a-w-   c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 20:50   139264   ----a-w-   c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 20:50   111616   ----a-w-   c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 20:50   708608   ----a-w-   c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 20:50   218624   ----a-w-   c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 20:50   5769216   ----a-w-   c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 20:50   553472   ----a-w-   c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 20:50   4243968   ----a-w-   c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 20:50   1995264   ----a-w-   c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 20:50   12996608   ----a-w-   c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 20:50   1928192   ----a-w-   c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 20:50   2334208   ----a-w-   c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 20:50   1395200   ----a-w-   c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 20:50   817664   ----a-w-   c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 20:50   1820160   ----a-w-   c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-12 15:26   417792   ----a-w-   c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 15:26   465920   ----a-w-   c:\windows\system32\WMPhoto.dll
2013-11-22 00:31 . 2013-10-16 12:55   46368   ----a-w-   c:\windows\system32\drivers\avgtpx64.sys
2013-11-15 23:26 . 2013-11-15 23:26   940032   ----a-w-   c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-15 23:26 . 2013-11-15 23:26   194048   ----a-w-   c:\windows\SysWow64\elshyph.dll
2013-11-15 23:26 . 2013-11-15 23:26   71680   ----a-w-   c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-15 23:26 . 2013-11-15 23:26   645120   ----a-w-   c:\windows\SysWow64\jsIntl.dll
2013-11-15 23:26 . 2013-11-15 23:26   62464   ----a-w-   c:\windows\SysWow64\tdc.ocx
2013-11-15 23:26 . 2013-11-15 23:26   61952   ----a-w-   c:\windows\SysWow64\iesetup.dll
2013-11-15 23:26 . 2013-11-15 23:26   454656   ----a-w-   c:\windows\SysWow64\vbscript.dll
2013-11-15 23:26 . 2013-11-15 23:26   34816   ----a-w-   c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-15 23:26 . 2013-11-15 23:26   337408   ----a-w-   c:\windows\SysWow64\html.iec
2013-11-15 23:26 . 2013-11-15 23:26   24576   ----a-w-   c:\windows\SysWow64\licmgr10.dll
2013-11-15 23:26 . 2013-11-15 23:26   235008   ----a-w-   c:\windows\system32\elshyph.dll
2013-11-15 23:26 . 2013-11-15 23:26   182272   ----a-w-   c:\windows\SysWow64\msls31.dll
2013-11-15 23:26 . 2013-11-15 23:26   151552   ----a-w-   c:\windows\SysWow64\iexpress.exe
2013-11-15 23:26 . 2013-11-15 23:26   139264   ----a-w-   c:\windows\SysWow64\wextract.exe
2013-11-15 23:26 . 2013-11-15 23:26   1051136   ----a-w-   c:\windows\SysWow64\mshtmlmedia.dll
2013-11-15 23:26 . 2013-11-15 23:26   112128   ----a-w-   c:\windows\SysWow64\ieUnatt.exe
2013-11-15 23:26 . 2013-11-15 23:26   942592   ----a-w-   c:\windows\system32\jsIntl.dll
2013-11-15 23:26 . 2013-11-15 23:26   90112   ----a-w-   c:\windows\system32\SetIEInstalledDate.exe
2013-11-15 23:26 . 2013-11-15 23:26   86016   ----a-w-   c:\windows\SysWow64\iesysprep.dll
2013-11-15 23:26 . 2013-11-15 23:26   86016   ----a-w-   c:\windows\system32\RegisterIEPKEYs.exe
2013-11-15 23:26 . 2013-11-15 23:26   74240   ----a-w-   c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-15 23:26 . 2013-11-15 23:26   61952   ----a-w-   c:\windows\SysWow64\MshtmlDac.dll
2013-11-15 23:26 . 2013-11-15 23:26   52224   ----a-w-   c:\windows\system32\msfeedsbs.dll
2013-11-15 23:26 . 2013-11-15 23:26   51200   ----a-w-   c:\windows\SysWow64\ieetwproxystub.dll
2013-11-15 23:26 . 2013-11-15 23:26   48640   ----a-w-   c:\windows\SysWow64\mshtmler.dll
2013-11-15 23:26 . 2013-11-15 23:26   48640   ----a-w-   c:\windows\system32\mshtmler.dll
2013-11-15 23:26 . 2013-11-15 23:26   36352   ----a-w-   c:\windows\SysWow64\imgutil.dll
2013-11-15 23:26 . 2013-11-15 23:26   247808   ----a-w-   c:\windows\system32\msls31.dll
2013-11-15 23:26 . 2013-11-15 23:26   195584   ----a-w-   c:\windows\system32\msrating.dll
2013-11-15 23:26 . 2013-11-15 23:26   13312   ----a-w-   c:\windows\SysWow64\mshta.exe
2013-11-15 23:26 . 2013-11-15 23:26   13312   ----a-w-   c:\windows\system32\msfeedssync.exe
2013-11-15 23:26 . 2013-11-15 23:26   131072   ----a-w-   c:\windows\system32\IEAdvpack.dll
2013-11-15 23:26 . 2013-11-15 23:26   111616   ----a-w-   c:\windows\SysWow64\IEAdvpack.dll
2013-11-15 23:26 . 2013-11-15 23:26   105984   ----a-w-   c:\windows\system32\iesysprep.dll
2013-11-15 23:26 . 2013-11-15 23:26   84992   ----a-w-   c:\windows\system32\mshtmled.dll
2013-11-15 23:26 . 2013-11-15 23:26   83968   ----a-w-   c:\windows\system32\MshtmlDac.dll
2013-11-15 23:26 . 2013-11-15 23:26   81408   ----a-w-   c:\windows\system32\icardie.dll
2013-11-15 23:26 . 2013-11-15 23:26   774144   ----a-w-   c:\windows\system32\jscript.dll
2013-11-15 23:26 . 2013-11-15 23:26   77312   ----a-w-   c:\windows\system32\tdc.ocx
2013-11-15 23:26 . 2013-11-15 23:26   626176   ----a-w-   c:\windows\system32\msfeeds.dll
2013-11-15 23:26 . 2013-11-15 23:26   62464   ----a-w-   c:\windows\system32\pngfilt.dll
2013-11-15 23:26 . 2013-11-15 23:26   616104   ----a-w-   c:\windows\system32\ieapfltr.dat
2013-11-15 23:26 . 2013-11-15 23:26   548352   ----a-w-   c:\windows\system32\vbscript.dll
2013-11-15 23:26 . 2013-11-15 23:26   48128   ----a-w-   c:\windows\system32\imgutil.dll
2013-11-15 23:26 . 2013-11-15 23:26   453120   ----a-w-   c:\windows\system32\dxtmsft.dll
2013-11-15 23:26 . 2013-11-15 23:26   413696   ----a-w-   c:\windows\system32\html.iec
2013-11-15 23:26 . 2013-11-15 23:26   40448   ----a-w-   c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-15 23:26 . 2013-11-15 23:26   30208   ----a-w-   c:\windows\system32\licmgr10.dll
2013-11-15 23:26 . 2013-11-15 23:26   296960   ----a-w-   c:\windows\system32\dxtrans.dll
2013-11-15 23:26 . 2013-11-15 23:26   263376   ----a-w-   c:\windows\system32\iedkcs32.dll
2013-11-15 23:26 . 2013-11-15 23:26   243200   ----a-w-   c:\windows\system32\webcheck.dll
2013-11-15 23:26 . 2013-11-15 23:26   235520   ----a-w-   c:\windows\system32\url.dll
2013-11-15 23:26 . 2013-11-15 23:26   167424   ----a-w-   c:\windows\system32\iexpress.exe
2013-11-15 23:26 . 2013-11-15 23:26   147968   ----a-w-   c:\windows\system32\occache.dll
2013-11-15 23:26 . 2013-11-15 23:26   143872   ----a-w-   c:\windows\system32\wextract.exe
2013-11-15 23:26 . 2013-11-15 23:26   13824   ----a-w-   c:\windows\system32\mshta.exe
2013-11-15 23:26 . 2013-11-15 23:26   135680   ----a-w-   c:\windows\system32\iepeers.dll
2013-11-15 23:26 . 2013-11-15 23:26   1228800   ----a-w-   c:\windows\system32\mshtmlmedia.dll
2013-11-15 23:26 . 2013-11-15 23:26   101376   ----a-w-   c:\windows\system32\inseng.dll
2013-11-12 02:23 . 2013-12-12 15:26   2048   ----a-w-   c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-12 15:26   2048   ----a-w-   c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-09-14 393216]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" [2014-01-26 6563608]
"AmazonMP3DownloaderHelper"="c:\users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-04-05 397632]
"Amazon Cloud Player"="c:\users\larry\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2013-12-12 3145536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-01-10 2530840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 bliohipk;bliohipk;c:\windows\system32\drivers\bliohipk.sys;c:\windows\SYSNATIVE\drivers\bliohipk.sys
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on January 31, 2014, 08:52:03 PM
Hi, Gale_Tx.

I'm not seeing anything other than PUPs in the Malwarebytes log and don't see how that could have affected your IE proxy settings.  See if the instructions at Change proxy server settings in Internet Explorer (http://windows.microsoft.com/en-us/windows/change-internet-explorer-proxy-server-settings#1TC=windows-7) help.

Please go here (http://www.eset.com/onlinescan/) to run an on-line scan from ESET.

Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on February 02, 2014, 04:45:34 PM
Corrine, Not sure why, but before I had a chance to implement your instructions, IE started working again. Tks.
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on February 02, 2014, 06:49:53 PM
If everything is back to normal, please do the following:

1.  Remove SystemCheck from your desktop.

2.  Update Adobe Flash Player:

Non-IE (Opera, Firefox, Etc.):  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_12_plugin.exe
Windows XP, Vista and 7:  Flash Player For Internet Explorer 7, 8, 9, 10, 11:  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_12_active_x.exe

3.  Please do the following to implement cleanup procedures and also to reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall

Note: In the event you wish to contribute to the ongoing development of ComboFix, the developer is accepting donations via PayPal (https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=combofix%40live%2ecom&item_name=ComboFix&no_shipping=0&no_note=1&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8).


Please refer to the Safe Computing Practices and other recommendations in this updated copy of "So how did I get infected in the first place?" (http://securitygarden.blogspot.com/p/blog-page.html).
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on February 04, 2014, 05:19:51 PM
Thank you sooooo very much, Corrine.  You guys are the best!  One last question do I keep malware bytes on my computer? 
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on February 04, 2014, 10:58:16 PM
The choice is yours as to whether you want to keep Malwarebytes installed.  Personally, I use Malwarebytes PRO.  The current version is a one-time life-time license fee ($24.95 for a lifetime license).  However, when Version 2 is released, the PRO version will be a subscription.  What is nice though, is that the version 1x PRO license will be honored for the life of v2.   
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on February 08, 2014, 10:04:40 PM
Tks, Corrine. I bought MBAM for Larry's computer.  The dreaded flash pop-up started again in FF and it stopped working altogether.  When trying to download the Flash update, it says it can't continue 'til FF is closed, FF isn't open, I'm using IE. No problem downloading it in IE.   Another thing I can't post on this site on IE.  Hellllp! 
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on February 09, 2014, 12:04:53 AM
Lucky Larry!   :thumbsup:

Oh, my!  Problems with both Firefox and IE. 

Flash Player:

Since you were having a problem with Flash Player when you originally posted, I thing the best thing would be to completely uninstall Flash Player.  Adobe has instructions here:  Uninstall Flash Player | Windows (http://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.html).

You'll then need to download and reinstall Flash Player.  Depending on which browser you use to get the installer, you will need to make sure to get the current version for the other browser.  Note:  Be sure to UNCHECK the Optional Offer to install the McAfee Security Scan Plus and any other additional extras offered. 

Download Flash Player from here:  http://get.adobe.com/flashplayer/
Verify installation with both browsers here:  http://www.adobe.com/software/flash/about/

Posting here with IE:

What happens when you try to post here at LzD with IE?  Do you get any kind of error message?
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on February 09, 2014, 02:51:24 PM
Good morning.  I was able to uninstall Flash from IE, but I get the same message telling me to close FF which isn't open to complete the uninstall on Firefox.   Sooo very frustrating.

About replying here @ Lanzdown, I posted this on IE, it seems early in the day IE works fine. But as the day progresses like yesterday when I tried to reply here, I get the page that says 'this page doesn't exist' or something to that effect. 
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on February 09, 2014, 03:28:24 PM
Try launching Task Manager (Ctrl+Shift+Esc).  Look at the list of Processes for Firefox, Plugin-Container.exe for Firefox and FlashPlayerPlugin_etc.  If still running, click to select and then click End Process.  Now try installing for Firefox.
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on February 11, 2014, 08:38:14 PM
Corrine, there's nothing about FF on my task manager.  *insert twilight theme*
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on February 11, 2014, 08:56:12 PM
Grabbing at straws: 

Click Firefox > Add-ons > Plugins.  Is Shockwave Flash listed?  The current version is 12.0.0.44.

Have you shut down/restarted the computer since uninstalling Flash Player and attempting the update for Firefox?  If not, try that, being sure to attempt the update before launching Firefox after the restart.
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on February 14, 2014, 06:24:19 PM
I have the latest version of Flash.  How do I find out if FF is current in updates?  Again, I couldn't reply on IE, goes to a page that says 'page cannot be displayed'.  Grrrrrr!     :cry:
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on February 14, 2014, 07:56:50 PM
Firefox version 27.0.1 was released yesterday.  Select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox." 
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on February 18, 2014, 02:27:05 PM
I have the latest Firefox.  Maybe the computer will outgrow Flash like kids outgrow things.  Hey, a girl can dream.  If you've reached the last straw I don't blame you.  I'll use IE and possibly download Safari as a back-up.  I'm certainly out of straws.  Tks, Corrine, it's always a pleasant experience to visit all of you wonderful peeps here @ Landzdown. 
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on February 18, 2014, 04:10:57 PM
Looking back through your logs, I had one thought, although I don't hold much promise that it will help with Flash.  The ComboFix log shows "locked" registry keys, which merely means that permission to delete the key is denied.  The code I have included below is merely to "unlock" the registry keys for Flash.  I had you uninstall ComboFix before the issue with Flash Player came up so you'll need to download ComboFix to your desktop again. 

Please follow these instructions carefully.  Download ComboFix from the following location:  Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

Custom CFScript

Note: The following instructions were created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Code Select

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.


Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on February 26, 2014, 09:07:25 PM
Oh my word!  Corrine, I'm really confused on this one. I can't get the box you posted to save as CFScript in Notebook. Duh!  Anyway, I ran combofix the old way.  Hope I didn't destroy my computer.  *shiver*.  Here are the results.  Note that I couldn't get superspyware to disengage.   :uhm:



ComboFix 14-02-24.02 - larry 02/26/2014  14:33:09.2.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8173.6333 [GMT -6:00]
Running from: c:\users\larry\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-26 to 2014-02-26  )))))))))))))))))))))))))))))))
.
.
2014-02-26 20:38 . 2014-02-26 20:38   --------   d-----w-   c:\users\hedev\AppData\Local\temp
2014-02-26 20:38 . 2014-02-26 20:38   --------   d-----w-   c:\users\Default\AppData\Local\temp
2014-02-26 17:07 . 2014-02-26 17:07   75888   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FC00432B-4F13-45D9-AC48-A7019E2EC3AE}\offreg.dll
2014-02-26 16:53 . 2014-02-06 09:01   10536864   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FC00432B-4F13-45D9-AC48-A7019E2EC3AE}\mpengine.dll
2014-02-25 16:32 . 2014-02-25 16:32   --------   d-----w-   c:\windows\Migration
2014-02-23 19:17 . 2014-02-23 19:16   1031560   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{53F29213-A8C6-4996-AF8C-7AA007368394}\gapaengine.dll
2014-02-23 19:17 . 2014-02-06 09:01   10536864   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-12 10:54 . 2013-12-06 02:30   2048   ----a-w-   c:\windows\system32\msxml3r.dll
2014-01-31 19:10 . 2014-01-31 19:10   --------   d-----w-   c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-31 19:10 . 2013-04-04 20:50   25928   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-01-29 14:28 . 2014-01-29 14:28   --------   d-----w-   c:\users\larry\AppData\Roaming\ParetoLogic
2014-01-29 14:28 . 2014-01-29 14:28   --------   d-----w-   c:\users\larry\AppData\Roaming\DriverCure
2014-01-29 14:27 . 2014-01-29 14:32   --------   d-----w-   c:\programdata\ParetoLogic
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-26 00:24 . 2012-04-28 03:41   25640   ----a-w-   c:\windows\gdrv.sys
2014-02-21 17:32 . 2012-04-30 18:49   71048   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 17:32 . 2012-04-30 18:49   692616   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-15 18:51 . 2012-06-29 13:26   88567024   ----a-w-   c:\windows\system32\MRT.exe
2014-01-19 07:33 . 2010-11-21 03:27   270496   ------w-   c:\windows\system32\MpSigStub.exe
2013-12-19 03:09 . 2014-01-19 17:25   96168   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-09-14 393216]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" [2014-01-26 6563608]
"AmazonMP3DownloaderHelper"="c:\users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-04-05 397632]
"Amazon Cloud Player"="c:\users\larry\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2013-12-12 3145536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 bliohipk;bliohipk;c:\windows\system32\drivers\bliohipk.sys;c:\windows\SYSNATIVE\drivers\bliohipk.sys
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on February 26, 2014, 11:11:24 PM
Please move ComboFix from the Downloads folder to the Desktop.  So, instead of being located at c:\users\larry\Downloads\ComboFix.exe, ComboFix will be located at C:\Users\larry\Desktop\ComboFix.exe.  Then try the script I provided.
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on March 05, 2014, 02:50:29 PM
YeeeeHaaawww!  I'm pretty proud of myself for figuring out how to do this....... FINALLY!......   :dance:

Without further ado:

ComboFix 14-03-04.03 - larry 03/05/2014   8:35.4.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8173.6204 [GMT -6:00]
Running from: c:\users\larry\Downloads\ComboFix.exe
Command switches used :: c:\users\larry\Desktop\cfscript.txt
AV: Microsoft Security Essentials *Disabled/Outdated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Outdated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2014-02-05 to 2014-03-05  )))))))))))))))))))))))))))))))
.
.
2014-03-05 14:38 . 2014-03-05 14:38   --------   d-----w-   c:\users\Public\AppData\Local\temp
2014-03-05 14:38 . 2014-03-05 14:38   --------   d-----w-   c:\users\hedev\AppData\Local\temp
2014-03-05 14:38 . 2014-03-05 14:38   --------   d-----w-   c:\users\Default\AppData\Local\temp
2014-02-26 21:11 . 2014-02-06 09:01   10536864   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CF0B1DAB-B664-4EDB-8BC2-CC1828617C2E}\mpengine.dll
2014-02-25 16:32 . 2014-02-25 16:32   --------   d-----w-   c:\windows\Migration
2014-02-23 19:17 . 2014-02-23 19:16   1031560   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{53F29213-A8C6-4996-AF8C-7AA007368394}\gapaengine.dll
2014-02-23 19:17 . 2014-02-06 09:01   10536864   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-12 10:54 . 2013-12-06 02:30   2048   ----a-w-   c:\windows\system32\msxml3r.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-05 12:58 . 2012-04-28 03:41   25640   ----a-w-   c:\windows\gdrv.sys
2014-02-21 17:32 . 2012-04-30 18:49   71048   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 17:32 . 2012-04-30 18:49   692616   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-15 18:51 . 2012-06-29 13:26   88567024   ----a-w-   c:\windows\system32\MRT.exe
2014-01-19 07:33 . 2010-11-21 03:27   270496   ------w-   c:\windows\system32\MpSigStub.exe
2013-12-19 03:09 . 2014-01-19 17:25   96168   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{85F5CF95-EC8F-49fc-BB3F-38C79455CBA2}]
c:\program files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9194649F-7143-4308-90C1-D6A35B0E354E}]
c:\program files (x86)\OApps\bho_project.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{A531D99C-5A22-449b-83DA-872725C6D0ED}"= "c:\program files (x86)\alotappbar\bin\ALOTHelper.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{a531d99c-5a22-449b-83da-872725c6d0ed}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-09-14 393216]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" [2014-01-26 6563608]
"AmazonMP3DownloaderHelper"="c:\users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-04-05 397632]
"Amazon Cloud Player"="c:\users\larry\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2013-12-12 3145536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 bliohipk;bliohipk;c:\windows\system32\drivers\bliohipk.sys;c:\windows\SYSNATIVE\drivers\bliohipk.sys
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on March 06, 2014, 06:06:21 PM
Sorry for the delay in responding.  I needed to compare the last log with what was shown previously because I'm seeing the return of files removed previously.  Please do the following:

1.  Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/) to your desktop.

Note:  A few seconds after landing on the above link, depending on the browser you are using, you will see the following:
2.  Please download AdwCleaner (http://[url=http://www.bleepingcomputer.com/download/adwcleaner/dl/125/) by Xplode onto your Desktop. 

Note:  A few seconds after landing on the above link, depending on the browser you are using, you will see the following:
IMPORTANT
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on March 07, 2014, 02:52:55 PM
I failed to save JRT to my desktop, when the report popped up I saved it to my desktop.  After thoroughly looking for it everywhere on both my C and D drive I can't find it.  I ran it again and of course, it was clean.  Is there any way to retrieve that file?  So sorry.

Here's the AdWare info:

# AdwCleaner v3.020 - Report created 07/03/2014 at 08:08:25
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : larry - HOME1
# Running from : C:\Users\larry\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\larry\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\larry\AppData\Roaming\iPumper
Folder Deleted : C:\Users\larry\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\larry\Desktop\Tutorials
File Deleted : C:\alotserviceruntime.log
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\larry\AppData\Roaming\Mozilla\Firefox\Profiles\07vbiqdk.default-1382562802549\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Windows\System32\Tasks\BitGuard

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
Key Deleted : HKCU\Software\948dd0b66eec45
Key Deleted : HKLM\SOFTWARE\948dd0b66eec45
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85F5CF95-EC8F-49FC-BB3F-38C79455CBA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A531D99C-5A22-449B-83DA-872725C6D0ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{85F5CF95-EC8F-49FC-BB3F-38C79455CBA2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A531D99C-5A22-449B-83DA-872725C6D0ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{85F5CF95-EC8F-49FC-BB3F-38C79455CBA2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{343263AB-D732-4066-A274-4A487A07F108}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C42103E4-7D10-4CC9-B2B4-C546BCCF8706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A531D99C-5A22-449B-83DA-872725C6D0ED}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\alotservice
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\Software\alotAppbar
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\Trymedia Systems

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\larry\AppData\Roaming\Mozilla\Firefox\Profiles\07vbiqdk.default-1382562802549\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\larry\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [16752 octets] - [22/01/2014 08:45:32]
AdwCleaner[R1].txt - [5582 octets] - [07/03/2014 08:05:19]
AdwCleaner[S0].txt - [361 octets] - [22/01/2014 08:46:14]
AdwCleaner[S1].txt - [5316 octets] - [07/03/2014 08:08:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5376 octets] ##########
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on March 07, 2014, 06:07:23 PM
No, the JRT log was overwritten so it cannot be retrieved.  However, as you can see, there a lot more was removed even after running JRT.

Please let me know how your computer is now and then I'll provide instructions for removing the tools we used.
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on March 10, 2014, 05:53:17 PM
I'm afraid that the Shockwave Flash is still there.  It says 'shockwave flash may be busy or it may have stopped responding. You can stop the plugin now...."  It only happens in Firefox.  I'd like to get completely get rid of FF and download another browser.  Is that feasible?  IE is still working fine.

Thank you for your patience and help.  It's greatly appreciated.  You guys are the best!   
Title: Re: Slooow computer, Flash problem?
Post by: MikeW on March 13, 2014, 12:28:34 PM
Hi Gale_Tx

If its any help to you to decided which browser to use I have used IE for many years and are very happy with it. So as FF is giving you so much trouble, uninstall it and use IE for a test run and see how you like it.
Title: Re: Slooow computer, Flash problem?
Post by: winchester73 on March 13, 2014, 02:51:04 PM
+1  :thumbsup:
Title: Re: Slooow computer, Flash problem?
Post by: Gale_Tx on March 17, 2014, 11:56:24 PM
Thank you all so much!  I like IE, been using forever, I just like a back-up.  I'm going to do some research to get everything Firefox off of my computer.  Again, I appreciate y'all very much.
Title: Re: Slooow computer, Flash problem?
Post by: Corrine on March 18, 2014, 12:25:01 AM
Since you only have a problem with Flash Player (and you aren't alone), just keep FF updated with security updates so you have it as a backup and continue using IE. 
Text only | Text with Images