slow pc

View previous topic View next topic Go down

slow pc

Post by Denny978 on Wed 08 Jan 2014, 11:32 am

My computer is running real slow wondering if i have something goin on

# AdwCleaner v3.016 - Report created 07/01/2014 at 19:18:16
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dennis - PC1
# Running from : C:\Users\dennis\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweettunes_search.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\sweettunes_search.xml
File Found : C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Found : C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Found : C:\Users\dennis\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Found : C:\Users\dennis\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
File Found : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\searchplugins\Conduit.xml
File Found : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\searchplugins\Search_Results.xml
File Found : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\user.js
File Found : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
Folder Found : C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dijfdbekpkjfjnpgckjffjdneiabdnnn
Folder Found : C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Found : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\Extensions\{4d1c06bd-ec83-4ad6-ada2-877ebcaaad2e}
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Limbas
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\Conduit
Folder Found C:\Users\dennis\AppData\Local\Babylon
Folder Found C:\Users\dennis\AppData\Local\Conduit
Folder Found C:\Users\dennis\AppData\Local\Ilivid Player
Folder Found C:\Users\dennis\AppData\Local\NativeMessaging
Folder Found C:\Users\dennis\AppData\Local\PutLockerDownloader
Folder Found C:\Users\dennis\AppData\Local\Searchprotect
Folder Found C:\Users\dennis\AppData\LocalLow\Conduit
Folder Found C:\Users\dennis\AppData\LocalLow\Limbas
Folder Found C:\Users\dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Found C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\CT3311873
Folder Found C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\SweetPacksToolbarData
Folder Found C:\Users\dennis\AppData\Roaming\Searchprotect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

ran this the other day quick scan

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-03 20:22:36
-----------------------------
20:22:36.602 OS Version: Windows x64 6.1.7601 Service Pack 1
20:22:36.602 Number of processors: 4 586 0x502
20:22:36.602 ComputerName: PC1 UserName:
20:22:37.709 Initialize success
20:23:11.562 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000050
20:23:11.562 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 11
20:23:13.590 Disk 0 MBR read successfully
20:23:13.590 Disk 0 MBR scan
20:23:13.590 Disk 0 Windows VISTA default MBR code
20:23:13.590 Service scanning
20:23:14.510 Modules scanning
20:23:14.510 Disk 0 trace - called modules:
20:23:14.526 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
20:23:14.526 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003b82060]
20:23:14.526 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa80036ef6a0]
20:23:14.541 5 amdxata.sys[fffff880011347a8] -> nt!IofCallDriver -> \Device\00000050[0xfffffa80039a19c0]
20:23:14.557 Scan finished successfully
20:23:37.473 Disk 0 MBR has been saved successfully to "C:\Users\dennis\Documents\MBR.dat"
20:23:37.505 The log file has been saved successfully to "C:\Users\dennis\Documents\aswMBR.txt"


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-11 12:58:33
-----------------------------
12:58:33.316 OS Version: Windows x64 6.1.7601 Service Pack 1
12:58:33.316 Number of processors: 4 586 0x502
12:58:33.316 ComputerName: PC1 UserName:
12:58:34.713 Initialize success
12:59:06.136 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000056
12:59:06.138 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 11
12:59:08.172 Disk 0 MBR read successfully
12:59:08.174 Disk 0 MBR scan
12:59:08.175 Disk 0 Windows VISTA default MBR code
12:59:08.177 Service scanning
12:59:09.040 Modules scanning
12:59:09.042 Disk 0 trace - called modules:
12:59:09.045 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
12:59:09.047 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80071c0060]
12:59:09.050 3 CLASSPNP.SYS[fffff8800197d43f] -> nt!IofCallDriver -> [0xfffffa8006a2a6a0]
12:59:09.052 5 amdxata.sys[fffff8800106d7a8] -> nt!IofCallDriver -> \Device\00000056[0xfffffa80070e69c0]
12:59:09.055 Scan finished successfully
13:02:30.248 Disk 0 MBR has been saved successfully to "C:\Users\dennis\Documents\MBR.dat"
13:02:30.253 The log file has been saved successfully to "C:\Users\dennis\Documents\aswMBR.txt"

running full scan now

Denny978

Rookie Surfer
Rookie Surfer

Posts : 133
Joined : 2009-02-03
Operating System : windows xp

View user profile

Back to top Go down

Re: slow pc

Post by Denny978 on Wed 08 Jan 2014, 1:01 pm

Malwarebytes Anti-Malware 1.75.0.1300
[You must be registered and logged in to see this link.]

Database version: v2014.01.07.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
dennis :: PC1 [administrator]

1/7/2014 7:22:38 PM
MBAM-log-2014-01-07 (21-00-47).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 422847
Time elapsed: 1 hour(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> No action taken.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\dennis\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Denny978

Rookie Surfer
Rookie Surfer

Posts : 133
Joined : 2009-02-03
Operating System : windows xp

View user profile

Back to top Go down

Re: slow pc

Post by Denny978 on Wed 08 Jan 2014, 1:08 pm

Am i supposed to use the clean function in adwcleaner?

Denny978

Rookie Surfer
Rookie Surfer

Posts : 133
Joined : 2009-02-03
Operating System : windows xp

View user profile

Back to top Go down

Re: slow pc

Post by Denny978 on Wed 08 Jan 2014, 1:12 pm

Results of screen317's Security Check version 0.99.78
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.0
Java(TM) 6 Update 27
Java(TM) 7 Update 5
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader 10.1.1 Adobe Reader out of Date!
Mozilla Firefox (26.0)
Google Chrome 31.0.1650.63
Google Chrome 32.0.1700.72
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 34% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

Denny978

Rookie Surfer
Rookie Surfer

Posts : 133
Joined : 2009-02-03
Operating System : windows xp

View user profile

Back to top Go down

Re: slow pc

Post by Superdave on Thu 09 Jan 2014, 6:52 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Remove the Adware:

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete or Clean.
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

*********************************************
Please run Malwarebytes Anti-Malware again. Make sure that everything is checked, and click Remove Selected.

*************************************************
Please download Junkware Removal Tool to your desktop.

Warning! Once the scan is complete JRT will shut down your browser with NO warning.

Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.
*****************************************
Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.


First Verify your Java Version

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the Sun Java Runtime Environment.

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download JavaRa and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
**************************************
Please defrag you hard drive soon. This could be one of the causes of the slowness. (SSD means Solid State Drive.) I you need help with this, please let me know.
*****************************************
Looking over your log it seems you don't have any antivirus software.

Before we continue download and install a free antivirus.

Remember to only install one antivirus!

1) Avast! Home Edition
2) AVG Free Edition
3) Avira AntiVir Personal
4) MicroSoft Security Essentials All versions and all languages.
5) Comodo Antivirus (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) PC Tools AntiVirus Free Edition

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: slow pc

Post by Denny978 on Thu 09 Jan 2014, 10:12 am

# AdwCleaner v3.016 - Report created 08/01/2014 at 18:08:23
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dennis - PC1
# Running from : C:\Users\dennis\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\Limbas
Folder Deleted : C:\Users\dennis\AppData\Local\Babylon
Folder Deleted : C:\Users\dennis\AppData\Local\Conduit
Folder Deleted : C:\Users\dennis\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\dennis\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\dennis\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\dennis\AppData\Local\Searchprotect
Folder Deleted : C:\Users\dennis\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\dennis\AppData\LocalLow\Limbas
Folder Deleted : C:\Users\dennis\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\SweetPacksToolbarData
Folder Deleted : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\CT3311873
Folder Deleted : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\Extensions\{4d1c06bd-ec83-4ad6-ada2-877ebcaaad2e}
Folder Deleted : C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Deleted : C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dijfdbekpkjfjnpgckjffjdneiabdnnn
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\searchplugins\Conduit.xml
File Deleted : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\sweettunes_search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweettunes_search.xml
File Deleted : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\user.js
File Deleted : C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\dennis\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Users\dennis\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\dijfdbekpkjfjnpgckjffjdneiabdnnn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dijfdbekpkjfjnpgckjffjdneiabdnnn
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3311873
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A56F0339-DC99-42AA-97D2-645AA143A026}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A56F0339-DC99-42AA-97D2-645AA143A026}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{053E92CE-326D-4BC7-BCCA-4061DB230BF4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{810F2240-725F-4E2E-BB48-4BA4896DA8DD}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Limbas
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Limbas
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Limbas Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\rlyanaob.default\prefs.js ]

Line Deleted : user_pref("CT3311873.FF19Solved", "true");
Line Deleted : user_pref("CT3311873.UserID", "UN79552109910732270");
Line Deleted : user_pref("CT3311873.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3311873.fullUserID", "UN79552109910732270.IN.20131218215944");
Line Deleted : user_pref("CT3311873.installDate", "18/12/2013 21:59:45");
Line Deleted : user_pref("CT3311873.installSessionId", "{163F76AB-3809-4316-928F-04E0928761E8}");
Line Deleted : user_pref("CT3311873.installSp", "TRUE");
Line Deleted : user_pref("CT3311873.installerVersion", "1.8.1.4");
Line Deleted : user_pref("CT3311873.keyword", "true");
Line Deleted : user_pref("CT3311873.originalHomepage", "hxxp://search.conduit.com/Results.aspx?ctid=CT3315039&searchsource=55&UM=2&");
Line Deleted : user_pref("CT3311873.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3311873.originalSearchEngine", "Limbas Search");
Line Deleted : user_pref("CT3311873.originalSearchEngineName", "Limbas Search");
Line Deleted : user_pref("CT3311873.searchRevert", "false");
Line Deleted : user_pref("CT3311873.searchUninstallUserMode", "2");
Line Deleted : user_pref("CT3311873.searchUserMode", "2");
Line Deleted : user_pref("CT3311873.smartbar.homepage", "true");
Line Deleted : user_pref("CT3311873.toolbarInstallDate", "18-12-2013 21:59:44");
Line Deleted : user_pref("CT3311873.versionFromInstaller", "10.23.0.722");
Line Deleted : user_pref("CT3311873.xpeMode", "0");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3311873&octid=CT3311873&SearchSource=61&CUI=UN79552109910732270&UM=2&UP=SPFC4A69FD-550C-435F-AA5E-CA3074A07BC7");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/Results.aspx?ctid=CT3315039&searchsource=69&UM=2&");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "Limbas Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311873&CUI=UN79552109910732270&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.order.1", "Search Results");
Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112091");
Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "e8271977000000000000842b2bb414f5");
Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "e8271977000000000000842b2bb414f5");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15454");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112091&babsrc=NT_ss&mntrId=e8271977000000000000842b2bb414f5");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:58:52");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.crossrider.bic", "13db342616e184c73020c991a716f655");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311873&SearchSource=2&CUI=UN79552109910732270&UM=2&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3311873");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3311873&CUI=UN79552109910732270&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3311873&octid=CT3311873&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311873&SearchSource=2&CUI=UN79552109910732270&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3311873");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3311873");
Line Deleted : user_pref("smartbar.machineId", "DUAHFAUF4UQ07JQUJLGVD26/RTH7IUKODAUJYTBNFTPXOGRQSNVYPXEGERY7WNVQZAX5ZPXX13X7/GSNEIZGEQ");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3311873&CUI=UN79552109910732270&UM=2&SearchSource=13");
Line Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.SearchBoxLogo", "");
Line Deleted : user_pref("sweetim.toolbar.SearchBoxText", "");
Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.defaultProvider", "");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.created", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.newtab.url", "hxxp://home.sweetim.com/?src=97&barid=$toolbar_id;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://tbsrv1.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;&flavour=$flavr;");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://([You must be registered and logged in to see this link.]
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://([You must be registered and logged in to see this link.]
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Deleted : user_pref("sweetim.toolbar.search.external", "Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{549A5DA3-97FC-11E2-BE46-842B2BB414F5}");
Line Deleted : user_pref("sweetim.toolbar.urls.afteruninstall", "hxxp://www.sweetim.com/uninstallbar.asp?barid=$toolbar_id;");
Line Deleted : user_pref("sweetim.toolbar.urls.contactus", "hxxp://www.sweetim.com/help_contact.asp");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://www.sweetim.com");
Line Deleted : user_pref("sweetim.toolbar.urls.privacy", "hxxp://www.sweetim.com/eula.html#privacy");
Line Deleted : user_pref("sweetim.toolbar.urls.searchpage", "hxxp://search.sweetim.com/search.asp?barid=$toolbar_id;");
Line Deleted : user_pref("sweetim.toolbar.urls.uninstall", "hxxp://lp.sweetim.com/SweetPacksBundleUninstaller/");
Line Deleted : user_pref("sweetim.toolbar.version", "1.12.0.0");

-\\ Google Chrome v

[ File : C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [21123 octets] - [07/01/2014 19:18:16]
AdwCleaner[R1].txt - [21063 octets] - [07/01/2014 21:07:44]
AdwCleaner[R2].txt - [21124 octets] - [08/01/2014 18:07:54]
AdwCleaner[S0].txt - [21016 octets] - [08/01/2014 18:08:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21077 octets] ##########

Denny978

Rookie Surfer
Rookie Surfer

Posts : 133
Joined : 2009-02-03
Operating System : windows xp

View user profile

Back to top Go down

Re: slow pc

Post by Denny978 on Thu 09 Jan 2014, 10:20 am

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by dennis on Wed 01/08/2014 at 18:14:13.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1520215798-2880908322-1214140557-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211141126}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211141126}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{03E5C163-61D4-4E67-BB31-9F43CACA3F5F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{ac205b4b-7c51-4460-aa3b-0be50d523235}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{ac205b4b-7c51-4460-aa3b-0be50d523235}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\dennis\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\dennis\appdata\local\{176CB6FC-6569-44FC-8E82-D11FF4E8D566}
Successfully deleted: [Empty Folder] C:\Users\dennis\appdata\local\{6DACB762-BC53-4357-B3D1-0669D89B059C}
Successfully deleted: [Empty Folder] C:\Users\dennis\appdata\local\{92E89B32-0A4B-4586-BD4B-176FC1A3ED7E}
Successfully deleted: [Empty Folder] C:\Users\dennis\appdata\local\{DEBBA9AF-AD69-4AB9-88B3-CA0A6BD8FB4C}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\dennis\AppData\Roaming\mozilla\firefox\profiles\rlyanaob.default\minidumps [146 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/08/2014 at 18:19:34.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Denny978

Rookie Surfer
Rookie Surfer

Posts : 133
Joined : 2009-02-03
Operating System : windows xp

View user profile

Back to top Go down

Re: slow pc

Post by Denny978 on Thu 09 Jan 2014, 10:21 am


We are unable to verify if Java is currently installed and enabled in your browser.

If you have installed Java and there is an error with the verification, there could be a configuration issue (eg. browser, Java control panel, security settings). Try restarting your browser before trying to verify the installation again.

Denny978

Rookie Surfer
Rookie Surfer

Posts : 133
Joined : 2009-02-03
Operating System : windows xp

View user profile

Back to top Go down

Re: slow pc

Post by Superdave on Thu 09 Jan 2014, 10:38 am

Were you able to run MBAM and clean the infections?

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: slow pc

Post by Sponsored content Today at 7:49 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum