We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
slow pc should we buy a laptop - advice pls.
Options
Comments
-
Please run COMBOFIX
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Shut down your anti virus
Follow the simple instructions it gives
Post the COMPLETE log it creates here (Split into sections if need be) ~ if there are loads of 'SNAPSHOT' pages then leave them out
If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download
(If no log comes up or you lose it, COMBOFIX.TXT can be found in C drive)
Arghhhhh - ok, I have clicked on the link - clicked run, run then it comes up error and when I right click no renaming option there.0 -
Ram isn't the problem then, is it still painfully slow, and what is slow?!!
> . !!!! ----> .0 -
Ram isn't the problem then, is it still painfully slow, and what is slow?
It's like it freezes
Can take up to 6 minutes just to start up and when we're on the internet it can take upto 8 miuntes just to open a site sometimes - going from one site to another it just seems to freeze.
virtual memory is running low warning appears aswell.
Thank for your help.0 -
-
Are you using a router? Do you need all the aol software?
Does it take 6 minutes to startup now?
What are your virtual memory settings in control panel, system, advanced, performance settings, advanced, virtual memory?
Uninstall avast4 and replace with avast5 if you haven't already.!!
> . !!!! ----> .0 -
Are you using a router? Do you need all the aol software?
Does it take 6 minutes to startup now?
What are your virtual memory settings in control panel, system, advanced, performance settings, advanced, virtual memory?
Uninstall avast4 and replace with avast5 if you haven't already.
The VM is 288MB.0 -
change it to system managed, or increase the minimum to 756
to stop ctfmon running, control panel, regional and language options,languages, details, advanced, tick the Turn off advanced text services, ok
to stop mdnsresponder running, http://download.gizmoproject.com/jas...OffBonjour.exe
If you have a router, you don't need all this aol stuff running
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
also uninstall fast browser search
http://help.fastbrowsersearch.com/
R3 - URLSearchHook: AOL Broadband Toolbar Search Class - {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AOL Broadband Toolbar Loader - {776a9d06-e178-4aa0-aee4-b4de3a64ad28} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstan ce.dll
O3 - Toolbar: AOL Broadband Toolbar - {e6ed7f95-e571-4f81-8757-5eb11252703d} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {3B5E9B23-7537-4601-A9E8-FA0D956DEA16} (csauie1 Control) - http://www.couponreport.net/ftp/v3123/csauie1.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.truprint.co.uk/TruprintActivia.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1154461900500
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} (Bonusprint Image Uploader Version 6.x Control) - http://webalbum.bonusprint.com/ukipc...eUploader6.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.asda-photo.co.uk/wpp/asda...pcuploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
do you use messenger? if not, delete these
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe!!
> . !!!! ----> .0 -
Dont click to run. Click to SAVE
THEN rename it (Before actually saving it)
Then run the newly saved and renamed filePlease run COMBOFIX
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Shut down your anti virus
Follow the simple instructions it gives
Post the COMPLETE log it creates here (Split into sections if need be) ~ if there are loads of 'SNAPSHOT' pages then leave them out
If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download
(If no log comes up or you lose it, COMBOFIX.TXT can be found in C drive)
ComboFix 10-08-28.02 - Ed 30/08/2010 16:13:00.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.703.408 [GMT 1:00]
Running from: c:\documents and settings\Ed\My Documents\QWERTY.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Ed\Application Data\alot
c:\documents and settings\Ed\Application Data\alot\Button_0\Button_0.xml
c:\documents and settings\Ed\Application Data\alot\Button_0\Button_0.xml.backup
c:\documents and settings\Ed\Application Data\alot\Button_1\Button_1.xml
c:\documents and settings\Ed\Application Data\alot\Button_1\Button_1.xml.backup
c:\documents and settings\Ed\Application Data\alot\Button_2\Button_2.xml
c:\documents and settings\Ed\Application Data\alot\Button_2\Button_2.xml.backup
c:\documents and settings\Ed\Application Data\alot\Button_3\Button_3.xml
c:\documents and settings\Ed\Application Data\alot\Button_3\Button_3.xml.backup
c:\documents and settings\Ed\Application Data\alot\Button_4\Button_4.xml
c:\documents and settings\Ed\Application Data\alot\Button_4\Button_4.xml.backup
c:\documents and settings\Ed\Application Data\alot\Button_5\Button_5.xml
c:\documents and settings\Ed\Application Data\alot\Button_5\Button_5.xml.backup
c:\documents and settings\Ed\Application Data\alot\Button_6\Button_6.xml
c:\documents and settings\Ed\Application Data\alot\Button_6\Button_6.xml.backup
c:\documents and settings\Ed\Application Data\alot\Button_7\Button_7.xml
c:\documents and settings\Ed\Application Data\alot\Button_7\Button_7.xml.backup
c:\documents and settings\Ed\Application Data\alot\Button_8\Button_8.xml
c:\documents and settings\Ed\Application Data\alot\Button_8\Button_8.xml.backup
c:\documents and settings\Ed\Application Data\alot\Button_9\Button_9.xml
c:\documents and settings\Ed\Application Data\alot\Button_9\Button_9.xml.backup
c:\documents and settings\Ed\Application Data\alot\configurator\configurator.xml
c:\documents and settings\Ed\Application Data\alot\configurator\configurator.xml.backup
c:\documents and settings\Ed\Application Data\alot\contextMenu\contextMenu.xml
c:\documents and settings\Ed\Application Data\alot\contextMenu\contextMenu.xml.backup
c:\documents and settings\Ed\Application Data\alot\postInstallLayout\postInstallLayout.xml
c:\documents and settings\Ed\Application Data\alot\postInstallLayout\postInstallLayout.xml.backup
c:\documents and settings\Ed\Application Data\alot\products\products.xml
c:\documents and settings\Ed\Application Data\alot\products\products.xml.backup
c:\documents and settings\Ed\Application Data\alot\Resources\BrowserSearch\alot_search_defend.html
c:\documents and settings\Ed\Application Data\alot\Resources\BrowserSearch\images\favicon.ico
c:\documents and settings\Ed\Application Data\alot\Resources\Button_0\images\alot_logo_button.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_0\images\alot_logo_button.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_1\images\alot_search_button.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_1\images\alot_search_button.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_2\images\default_1008_alot_map_widget_default.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_2\images\default_1008_alot_map_widget_default.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_3\images\default_1182_alot_map_guides.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_3\images\default_1182_alot_map_guides.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_4\images\clear.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_4\images\cloudy.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_4\images\default_1007_alot_weather_widget.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_4\images\default_1007_alot_weather_widget.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_4\images\mcloud.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_4\images\nclear.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_4\images\nmcloud.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_4\images\pcloud.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_4\images\shower.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_5\images\default_1272_alot_map_travel.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_5\images\default_1272_alot_map_travel.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_6\images\default_1724_alot_mus_mymusic.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_6\images\default_1724_alot_mus_mymusic.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_7\images\default_2018_compass.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_7\images\default_2018_compass.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_8\images\2259_icon.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_8\images\2259_icon.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_8\images\default_2258_alot_ref_resources.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_8\images\default_2258_alot_ref_resources.png
c:\documents and settings\Ed\Application Data\alot\Resources\Button_9\images\default_1795_default_1795_alot_configure.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Button_9\images\default_1795_default_1795_alot_configure.png
c:\documents and settings\Ed\Application Data\alot\Resources\contextMenu\images\alot_icon.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\contextMenu\images\alot_icon.png
c:\documents and settings\Ed\Application Data\alot\Resources\contextMenu\images\alot_logo_button.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\contextMenu\images\alot_logo_button.png
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\domains.dat
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\alot_brand.png
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\alot_splitter.png
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\discover.png
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\spinner.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_bottom.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_btnconfig0.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_btnconfig1.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_btnrefresh0.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_btnrefresh1.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_caption.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_error_close.bmp
c:\documents and settings\Ed\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp
c:\documents and settings\Ed\Application Data\alot\TimerManager\TimerManager.xml
c:\documents and settings\Ed\Application Data\alot\TimerManager\TimerManager.xml.backup
c:\documents and settings\Ed\Application Data\alot\toolbar.xml
c:\documents and settings\Ed\Application Data\alot\toolbar.xml.backup
c:\documents and settings\Ed\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml
c:\documents and settings\Ed\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml.backup
c:\documents and settings\Ed\Application Data\alot\ToolbarSearch\ToolbarSearch.xml
c:\documents and settings\Ed\Application Data\alot\Updater\Updater.xml
c:\documents and settings\Ed\Application Data\alot\Updater\Updater.xml.backup
c:\documents and settings\Kerry\Application Data\alot
c:\program files\Fast Browser Search
c:\program files\Fast Browser Search\IE\1.bat
c:\program files\Fast Browser Search\IE\about.html
c:\program files\Fast Browser Search\IE\affid.dat
c:\program files\Fast Browser Search\IE\basis.xml
c:\program files\Fast Browser Search\IE\BHO.dll
c:\program files\Fast Browser Search\IE\ClearRecycleBin.exe
c:\program files\Fast Browser Search\IE\error.html
c:\program files\Fast Browser Search\IE\FBSPlugin.dll
c:\program files\Fast Browser Search\IE\fbsProtection.xml
c:\program files\Fast Browser Search\IE\FbsSearchProvider.xml
c:\program files\Fast Browser Search\IE\FbsSearchProviderIE8.exe
c:\program files\Fast Browser Search\IE\icons.bmp
c:\program files\Fast Browser Search\IE\info.txt
c:\program files\Fast Browser Search\IE\local.xml
c:\program files\Fast Browser Search\IE\MTWBtoolbar.html
c:\program files\Fast Browser Search\IE\search.bmp
c:\program files\Fast Browser Search\IE\SearchGuardPlus.exe
c:\program files\Fast Browser Search\IE\SearchGuardPlus.ico
c:\program files\Fast Browser Search\IE\SGPU.ico
c:\program files\Fast Browser Search\IE\sgpUpdater.exe
c:\program files\Fast Browser Search\IE\sgpUpdater.xml
c:\program files\Fast Browser Search\IE\SGPUpdaterS.exe
c:\program files\Fast Browser Search\IE\tbhelper.dll
c:\program files\Fast Browser Search\IE\tbs_include_script_003175.js
c:\program files\Fast Browser Search\IE\tbs_include_script_005064.js
c:\program files\Fast Browser Search\IE\tbs_include_script_012817.js
c:\program files\Fast Browser Search\IE\Toolbar Help.htm
c:\program files\Fast Browser Search\IE\uninstall.exe
c:\program files\Fast Browser Search\IE\uninstalSGP.exe
c:\program files\Fast Browser Search\IE\uninstalSGPU.exe
c:\program files\Fast Browser Search\IE\update.exe
c:\program files\Fast Browser Search\IE\version.txt
c:\program files\SGPSA
c:\program files\SGPSA\BHO.dll
C:\Thumbs.db
.
((((((((((((((((((((((((( Files Created from 2010-07-28 to 2010-08-30 )))))))))))))))))))))))))))))))
.
2010-08-29 20:16 . 2010-08-29 20:16 388096 ----a-r- c:\documents and settings\Ed\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-08-29 20:16 . 2010-08-29 20:16
d
w- c:\program files\TrendMicro
2010-08-29 13:11 . 2010-08-29 13:11
d
w- c:\documents and settings\Ed\Application Data\Malwarebytes
2010-08-29 13:11 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-29 13:11 . 2010-08-29 13:11
d
w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-29 13:11 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-29 13:11 . 2010-08-29 13:11
d
w- c:\program files\Malwarebytes' Anti-Malware
2010-08-29 12:28 . 2010-08-29 12:43
d
w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-08-29 12:28 . 2010-08-29 20:31
d
w- c:\program files\Defraggler
2010-08-29 12:22 . 2010-08-29 20:24
d
w- c:\program files\CCleaner
2010-08-29 10:26 . 2010-08-29 10:26
d
w- c:\program files\FileHippo.com
2010-08-21 17:41 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-08-21 17:41 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-08-20 14:38 . 2010-06-01 17:37 221568
w- c:\windows\system32\MpSigStub.exe
2010-08-20 14:30 . 2010-08-20 14:30
d
w- c:\documents and settings\Ed\Local Settings\Application Data\AOL Broadband Toolbar
2010-08-20 09:37 . 2010-08-20 09:37
d
w- c:\windows\system32\scripting
2010-08-20 09:37 . 2010-08-20 09:37
d
w- c:\windows\l2schemas
2010-08-20 09:37 . 2010-08-20 09:37
d
w- c:\windows\system32\en
2010-08-20 09:37 . 2010-08-20 09:37
d
w- c:\windows\system32\bits
2010-08-20 09:12 . 2010-08-20 09:12
d
w- c:\windows\EHome
2010-08-18 14:09 . 2010-08-18 14:09
d
w- C:\b362877db45f0d0d142b06e2
2010-08-18 14:02 . 2010-08-18 14:03
d
w- c:\program files\AOL Broadband Toolbar
2010-08-18 14:02 . 2010-08-18 14:02
d
w- c:\documents and settings\All Users\Application Data\AOL Broadband Toolbar
2010-08-18 14:02 . 2010-08-18 14:02
d
w- c:\program files\Common Files\Software Update Utility
2010-08-18 14:00 . 2010-08-18 14:00
d
w- c:\documents and settings\All Users\Application Data\AOL OCP
2010-08-18 14:00 . 2010-08-18 14:00
d
w- c:\windows\aolshare
2010-08-18 13:42 . 2010-08-18 13:42
d
w- c:\windows\system32\XPSViewer
2010-08-18 13:42 . 2010-08-18 13:42
d
w- c:\program files\MSBuild
2010-08-18 13:41 . 2010-08-18 13:41
d
w- c:\program files\Reference Assemblies
2010-08-18 13:41 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-08-18 13:40 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-08-18 13:40 . 2008-07-06 12:06 117760
w- c:\windows\system32\prntvpt.dll
2010-08-18 13:40 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-08-18 13:40 . 2008-07-06 10:50 597504
w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-08-18 13:40 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-08-18 13:40 . 2008-07-06 12:06 575488
w- c:\windows\system32\xpsshhdr.dll
2010-08-18 13:40 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-08-18 13:40 . 2008-07-06 12:06 1676288
w- c:\windows\system32\xpssvcs.dll
2010-08-18 13:40 . 2010-08-18 13:41
d
w- C:\d34395bd8cfe481fc47f1f99
2010-08-18 13:26 . 2008-04-14 00:12 69120
w- c:\windows\system32\wlanapi.dll
2010-08-18 13:26 . 2004-08-03 21:29 25471
w- c:\windows\system32\drivers\watv10nt.sys
2010-08-18 13:26 . 2004-08-03 21:29 22271
w- c:\windows\system32\drivers\watv06nt.sys
2010-08-18 13:24 . 2010-08-18 13:24 128392 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\afix\afixlang_uk.exe
2010-08-18 13:23 . 2008-04-14 00:12 3901
w- c:\windows\system32\drivers\siint5.dll
2010-08-18 13:23 . 2010-08-18 13:23 1477656 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\ocp\ocpinst.exe
2010-08-18 13:22 . 2008-04-14 00:12 76800
w- c:\windows\system32\qutil.dll
2010-08-18 13:22 . 2010-08-18 13:22 127224 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\afix\afixlang.exe
2010-08-18 13:22 . 2008-04-14 00:12 62464
w- c:\windows\system32\qcliprov.dll
2010-08-18 13:22 . 2008-04-14 00:12 291328
w- c:\windows\system32\qagentrt.dll
2010-08-18 13:22 . 2008-04-14 00:12 150528
w- c:\windows\system32\qagent.dll
2010-08-18 13:22 . 2008-04-14 00:12 144384
w- c:\windows\system32\onex.dll
2010-08-18 13:21 . 2010-08-18 13:21
d
w- c:\program files\MSXML 6.0
2010-08-18 13:21 . 2004-08-03 21:29 1897408
w- c:\windows\system32\drivers\nv4_mini.sys
2010-08-18 13:21 . 2008-04-14 00:12 4274816
w- c:\windows\system32\nv4_disp.dll
2010-08-18 13:21 . 2004-08-04 12:00 403 -c----w- c:\windows\system32\dllcache\npdrmv2.zip
2010-08-18 13:21 . 2004-08-04 12:00 22060 -c----w- c:\windows\system32\dllcache\npds.zip
2010-08-18 13:18 . 2008-04-14 00:12 33792
w- c:\windows\system32\mmcperf.exe
2010-08-18 13:17 . 2008-04-14 00:11 106496
w- c:\windows\system32\mmcfxcommon.dll
2010-08-18 13:17 . 2008-04-14 00:11 397312
w- c:\windows\system32\mmcex.dll
2010-08-18 13:17 . 2008-04-14 00:11 184320
w- c:\windows\system32\microsoft.managementconsole.dll
2010-08-18 13:17 . 2008-04-14 00:11 86016
w- c:\windows\system32\mdmxsdk.dll
2010-08-18 13:17 . 2004-08-03 21:41 11868
w- c:\windows\system32\drivers\mdmxsdk.sys
2010-08-18 13:17 . 2010-08-18 13:17
d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-08-18 13:16 . 2008-04-14 00:11 37376
w- c:\windows\system32\l2gpstore.dll
2010-08-18 13:16 . 2008-04-14 00:11 61440
w- c:\windows\system32\kmsvc.dll
2010-08-18 13:16 . 2008-04-14 00:09 6144
w- c:\windows\system32\kbdpash.dll
2010-08-18 13:16 . 2008-04-14 00:09 6144
w- c:\windows\system32\kbdnepr.dll
2010-08-18 13:16 . 2008-04-14 00:09 6144
w- c:\windows\system32\kbdiultn.dll
2010-08-18 13:16 . 2008-04-14 00:09 6144
w- c:\windows\system32\kbdbhc.dll
2010-08-18 13:15 . 2008-04-14 00:11 81920
w- c:\windows\system32\ieencode.dll
2010-08-18 13:15 . 2004-08-03 21:41 1041536
w- c:\windows\system32\drivers\hsfdpsp2.sys
2010-08-18 13:15 . 2004-08-03 21:41 685056
w- c:\windows\system32\drivers\hsfcxts2.sys
2010-08-18 13:15 . 2008-04-14 00:11 32285
w- c:\windows\system32\hsfcisp2.dll
2010-08-18 13:15 . 2004-08-03 21:41 220032
w- c:\windows\system32\drivers\hsfbs2s2.sys
2010-08-18 13:13 . 2008-04-14 00:11 9216
w- c:\windows\system32\dot3dlg.dll
2010-08-18 13:13 . 2008-04-14 00:11 650752
w- c:\windows\system32\dot3ui.dll
2010-08-18 13:13 . 2008-04-14 00:11 57856
w- c:\windows\system32\dot3cfg.dll
2010-08-18 13:13 . 2008-04-14 00:11 56320
w- c:\windows\system32\dot3msm.dll
2010-08-18 13:13 . 2008-04-14 00:11 39936
w- c:\windows\system32\dot3gpclnt.dll
2010-08-18 13:13 . 2008-04-14 00:11 132096
w- c:\windows\system32\dot3svc.dll
2010-08-18 13:13 . 2008-04-14 00:11 26112
w- c:\windows\system32\dot3api.dll
2010-08-18 13:13 . 2008-04-14 00:12 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2010-08-18 13:13 . 2008-04-14 00:11 39936
w- c:\windows\system32\dimsroam.dll
2010-08-18 13:13 . 2008-04-14 00:11 19456
w- c:\windows\system32\dimsntfy.dll
2010-08-18 13:13 . 2008-04-14 00:11 48640
w- c:\windows\system32\dhcpqec.dll
2010-08-18 13:13 . 2008-04-14 00:11 12800
w- c:\windows\system32\credssp.dll
2010-08-18 13:11 . 2008-04-14 00:11 3775
w- c:\windows\system32\drivers\adv11nt5.dll
2010-08-18 13:11 . 2008-04-14 00:11 3711
w- c:\windows\system32\drivers\adv09nt5.dll
2010-08-18 13:11 . 2008-04-14 00:11 3135
w- c:\windows\system32\drivers\adv08nt5.dll
2010-08-18 13:11 . 2008-04-14 00:11 4255
w- c:\windows\system32\drivers\adv01nt5.dll
2010-08-18 13:11 . 2008-04-14 00:11 3967
w- c:\windows\system32\drivers\adv02nt5.dll
2010-08-18 13:11 . 2008-04-14 00:11 3647
w- c:\windows\system32\drivers\adv07nt5.dll
2010-08-18 13:11 . 2008-04-14 00:11 3615
w- c:\windows\system32\drivers\adv05nt5.dll
2010-08-18 13:11 . 2008-04-14 00:11 136192
w- c:\windows\system32\aaclient.dll
2010-08-17 12:02 . 2010-08-20 09:33
d
w- c:\windows\ServicePackFiles
2010-08-17 12:00 . 2010-08-21 20:10
d
w- c:\windows\ie8updates
2010-08-17 11:30 . 2010-06-21 15:27 354304 -c----w- c:\windows\system32\dllcache\srv.sys
2010-08-17 11:30 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-08-17 11:30 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-08-17 11:29 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-08-17 11:29 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-08-17 11:29 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-08-17 11:28 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-08-17 11:28 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-08-17 11:28 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-08-17 11:28 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-08-17 11:28 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-08-17 11:28 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-08-17 11:28 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-08-17 11:28 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-08-17 11:28 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-08-17 11:28 . 2010-04-27 13:59 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-08-17 11:28 . 2010-04-28 02:25 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-08-17 11:28 . 2010-04-27 13:05 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-08-17 11:27 . 2010-06-24 12:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-08-17 11:27 . 2010-06-24 12:21 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-08-17 11:27 . 2010-06-24 12:21 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-08-17 11:27 . 2010-06-24 12:21 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-08-17 11:27 . 2010-06-24 12:21 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-08-17 11:27 . 2010-06-24 12:21 1986560 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-08-17 11:27 . 2010-06-24 16:51 11077120 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-08-17 11:26 . 2010-02-12 10:03 293376
w- c:\windows\system32\browserchoice.exe
2010-08-17 11:21 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-08-17 11:20 . 2008-05-03 11:55 2560
w- c:\windows\system32\xpsp4res.dll
2010-08-17 11:20 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe0 -
and...
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-29 12:28 . 2008-05-25 13:04
d
w- c:\program files\Yahoo!
2010-08-22 19:12 . 2010-04-25 17:07
d
w- c:\program files\Google
2010-08-22 18:19 . 2006-09-11 14:20
d
w- c:\program files\Common Files\Adobe
2010-08-22 17:09 . 2006-08-15 15:54 42944 ----a-w- c:\documents and settings\Ed\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-21 20:00 . 2007-08-24 18:50
d
w- c:\program files\Microsoft Works
2010-08-21 17:43 . 2008-10-02 13:25
d
w- c:\program files\AOL 9.0 VR
2010-08-20 15:56 . 2008-10-02 13:25
d
w- c:\documents and settings\All Users\Application Data\AOL
2010-08-20 09:42 . 2006-08-01 18:25 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-08-18 14:05 . 2008-10-02 13:40
d
w- c:\documents and settings\Ed\Application Data\AOL
2010-08-18 14:03 . 2006-08-01 19:37
d
w- c:\program files\Common Files\AOL
2010-08-18 14:00 . 2008-10-02 13:25
d
w- c:\program files\Common Files\aolshare
2010-08-18 13:23 . 2010-08-18 13:23 590496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\muinst\muinst.exe
2010-08-18 13:23 . 2010-08-18 13:23 8851288 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\acs\acssetup.exe
2010-08-18 13:23 . 2010-08-18 13:23 54608 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\parcon\AOLParconLink.exe
2010-08-18 13:23 . 2010-08-18 13:23 97064 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\sm\sminstlp.exe
2010-08-18 13:23 . 2010-08-18 13:22 1370448 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\waol-uk-0.4334.30.3.exe
2010-08-18 13:22 . 2010-08-18 13:20 37418288 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\noneCodesignFilesBundle.exe
2010-08-18 13:20 . 2010-08-18 13:20 15712 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\ocp\ocpchk.dll
2010-08-18 13:20 . 2010-08-18 13:20 223152 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\afix\wsfinst.exe
2010-08-18 13:20 . 2010-08-18 13:20 142040 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\aolload\alsetup.exe
2010-08-18 13:20 . 2010-08-18 13:20 75104 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\ocp\instSup.dll
2010-08-18 13:20 . 2010-08-18 13:20 175264 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\sm\stmninst.exe
2010-08-18 13:20 . 2010-08-18 13:20 66896 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.4334.30.3\comps\vwpt\VPPrePop.exe
2010-08-18 13:20 . 2008-10-03 18:52
d
w- c:\documents and settings\All Users\Application Data\AOL Downloads
2010-07-24 16:53 . 2010-04-03 18:42
d
w- c:\documents and settings\Kerry\Application Data\Canon Easy-WebPrint EX
2010-06-30 12:31 . 2004-08-04 12:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2004-08-04 12:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-04 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-04 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2006-08-01 18:23 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-04 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2008-03-17 13:31 . 2008-03-17 13:31 0 ----a-w- c:\program files\temp01
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAMMON_JL2005A]
c:\program files\JL2005A\cam_mon [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\%FP%Friendly fts.exe]
2003-05-06 09:28 72192 ----a-w- c:\program files\VoyagerTest\fts.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
2008-10-09 15:07 70440 ----a-r- c:\program files\Common Files\AOL\acs\AOLDial.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BBaolToolRun]
2005-03-23 15:27 88839 ----a-w- c:\program files\VoyagerModem105Drivers\ModemDriversInstall.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2010-02-12 10:03 293376
w- c:\windows\system32\browserchoice.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-27 02:10 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-03-18 01:40 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DSLAGENTEXE]
2003-08-19 12:47 16384
w- c:\program files\BT Voyager 105 ADSL Modem\dslagent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DSLSTATEXE]
2003-06-28 15:10 1658965
w- c:\program files\BT Voyager 105 ADSL Modem\dslstat.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HorngTech4D]
2002-07-31 09:37 69632 ----a-w- c:\progra~1\MOUSES~1\bally4d.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2007-05-25 17:16 42032 ----a-w- c:\program files\Common Files\AOL\1222953954\ee\aolsoftware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2002-12-10 00:19 188416 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-10-28 20:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 23:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2006-08-01 19:39 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2006-09-25 18:19 19977256 ----a-w- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-02-22 03:25 144784 ----a-w- c:\program files\Java\jre1.6.0_05\bin\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AOL 9.0 VR\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\1222953954\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R3 MouseCmn;Mouse Driver;c:\windows\system32\drivers\Ms2KFlt.sys [19/06/2010 14:55 6144]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);c:\windows\system32\drivers\sis7012.sys [13/08/2007 11:18 267136]
S3 JL2005;JL2005A Toy Camera;c:\windows\system32\drivers\toywdm.sys [28/12/2008 16:15 86797]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - RSVP
.
Contents of the 'Scheduled Tasks' folder
2010-03-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:34]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.aol.co.uk
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
DPF: {3B5E9B23-7537-4601-A9E8-FA0D956DEA16} - hxxp://www.couponreport.net/ftp/v3123/csauie1.cab
DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} - hxxp://webalbum.bonusprint.com/ukipc01/downloads//ImageUploader6.cab
FF - ProfilePath - c:\documents and settings\Ed\Application Data\Mozilla\Firefox\Profiles\ho2sz5cv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.co.uk/aol/search?query={searchTerms}&invocationType=tb50-ff-aolbbTB50CL-chromesbox-en-uk
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.co.uk
FF - prefs.js: keyword.URL - hxxp://search.aol.co.uk/aol/search?invocationType=tb50-ff-aolbbTB50CL-ab-en-uk&query=
FF - plugin: c:\documents and settings\Ed\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdbplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - falsec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHANS REMOVED - - - -
Toolbar-Locked - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-Cmaudio - cmicnfg.cpl
AddRemove-Adobe AIR - c:\program files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe
AddRemove-com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 - c:\program files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
AddRemove-SiS7012 - c:\program files\SiS7012\Uninst\uninst2k.exe PCI\VEN_1039&DEV_7012
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-30 16:29
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-08-30 16:35:57
ComboFix-quarantined-files.txt 2010-08-30 15:35
Pre-Run: 52,058,238,976 bytes free
Post-Run: 52,344,475,648 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - E778522D1DF998BA5823231E449B99C60 -
change it to system managed, or increase the minimum to 756
to stop ctfmon running, control panel, regional and language options,languages, details, advanced, tick the Turn off advanced text services, ok
to stop mdnsresponder running, http://download.gizmoproject.com/jas...OffBonjour.exe
If you have a router, you don't need all this aol stuff running
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
also uninstall fast browser search
R3 - URLSearchHook: AOL Broadband Toolbar Search Class - {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AOL Broadband Toolbar Loader - {776a9d06-e178-4aa0-aee4-b4de3a64ad28} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstan ce.dll
O3 - Toolbar: AOL Broadband Toolbar - {e6ed7f95-e571-4f81-8757-5eb11252703d} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {3B5E9B23-7537-4601-A9E8-FA0D956DEA16} (csauie1 Control) - http://www.couponreport.net/ftp/v3123/csauie1.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.truprint.co.uk/TruprintActivia.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1154461900500
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} (Bonusprint Image Uploader Version 6.x Control) - http://webalbum.bonusprint.com/ukipc...eUploader6.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.asda-photo.co.uk/wpp/asda...pcuploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
do you use messenger? if not, delete these
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Yes I have a router and no I don't use messenger. Thanks for this, how do I uninstall the fast browser search?0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244K Work, Benefits & Business
- 598.9K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards