Jump to content

mrstkdsd

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Ok, ran the FRST again. see attached. FRST-monday.txt Addition-monday.txt
  2. Sorry for multiple posts, but I can't figure out how to edit my posts. One more problem: we are back to having to force the shutdown. If we just go to start/shutdown, it will turn off the monitor but not the computer.
  3. Not sure if it makes a difference, but it usually starts with the clicking sound, then the other things follow.
  4. Ok, so.....it is running fine except it is still doing a few things it shouldn't: This happens mostly when the computer goes idle for a few minutes, but has also done this while active -- the program buttons (when you click start nothing is in the list) all disappear, same for the desktop icons except the recycle bin. The fan also comes on but the computer does not seem hot, and occasionally there is a sort of clicking sound in the computer? This usually all happens together or one after the other. It didn't do any of this prior, so not sure what the problem is. Any thoughts?
  5. Well, it seems to be fine so far; it shut down like it is supposed to, haha. Before we had to hold the button to force a shutdown. We are away from the computer right now, but will check again when we finish our errands, etc. I will post again to let you know for sure. Thank you very much; I appreciate your help. Cynthia
  6. had to try twice to get the full run. this is run #2: Zoek.exe v5.0.0.0 Updated 31-07-2014 Tool run by mrstkdsd on Sat 08/02/2014 at 12:48:01.69. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\mrstkdsd\Desktop\zoek(1).exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-08-02-185018.log 417 bytes ==== System Restore Info ====================== 8/2/2014 12:49:25 PM Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3533568318-2771338714-460311181-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-3533568318-2771338714-460311181-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C8E19848-715B-43FF-AE7F-16A475C51915} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\atrustsd\AppData\Roaming\Mozilla\Firefox\Profiles\n32p15yb.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20140802_1258_.backup ProfilePath: C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default ---- Lines CT2559647 removed from prefs.js ---- user_pref("CT2559647..clientLogIsEnabled", true); user_pref("CT2559647..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); user_pref("CT2559647..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); user_pref("CT2559647.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); user_pref("CT2559647.AppTrackingLastCheckTime", "Wed May 11 2011 12:11:33 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.CTID", "CT2559647"); user_pref("CT2559647.CurrentServerDate", "14-5-2011"); user_pref("CT2559647.DialogsAlignMode", "LTR"); user_pref("CT2559647.DialogsGetterLastCheckTime", "Fri Apr 22 2011 22:36:40 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.DownloadReferralCookieData", ""); user_pref("CT2559647.ExternalComponentPollDate129404749084494749", "Sat May 14 2011 07:20:04 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.ExternalComponentPollDate129404791544181654", "Sat May 14 2011 07:20:04 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.ExternalComponentPollDate129413165572169584", "Sat May 14 2011 07:20:04 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.FirstServerDate", "23-4-2011"); user_pref("CT2559647.FirstTime", true); user_pref("CT2559647.FirstTimeFF3", true); user_pref("CT2559647.FixPageNotFoundErrors", true); user_pref("CT2559647.GroupingServerCheckInterval", 1440); user_pref("CT2559647.GroupingServiceUrl", "http://grouping.services.conduit.com/"); user_pref("CT2559647.HasUserGlobalKeys", true); user_pref("CT2559647.Initialize", true); user_pref("CT2559647.InitializeCommonPrefs", true); user_pref("CT2559647.InstallationAndCookieDataSentCount", 3); user_pref("CT2559647.InstallationType", "UnknownIntegration"); user_pref("CT2559647.InstalledDate", "Fri Apr 22 2011 22:36:39 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.IsGrouping", false); user_pref("CT2559647.IsMulticommunity", false); user_pref("CT2559647.IsOpenThankYouPage", false); user_pref("CT2559647.IsOpenUninstallPage", false); user_pref("CT2559647.LanguagePackLastCheckTime", "Fri May 13 2011 12:11:23 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.LanguagePackReloadIntervalMM", 1440); user_pref("CT2559647.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); user_pref("CT2559647.LastLogin_3.3.3.2", "Thu May 12 2011 21:28:58 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.LastLogin_3.3.5.1", "Sat May 14 2011 06:35:04 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.LatestVersion", "3.3.3.2"); user_pref("CT2559647.Locale", "en"); user_pref("CT2559647.MCDetectTooltipHeight", "83"); user_pref("CT2559647.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); user_pref("CT2559647.MCDetectTooltipWidth", "295"); user_pref("CT2559647.SearchFromAddressBarIsInit", true); user_pref("CT2559647.SearchInNewTabEnabled", true); user_pref("CT2559647.SearchInNewTabIntervalMM", 1440); user_pref("CT2559647.SearchInNewTabLastCheckTime", "Fri May 13 2011 12:11:22 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); user_pref("CT2559647.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"); user_pref("CT2559647.ServiceMapLastCheckTime", "Fri May 13 2011 08:45:27 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.SettingsLastCheckTime", "Fri May 13 2011 08:45:28 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.SettingsLastUpdate", "1304242869"); user_pref("CT2559647.ThirdPartyComponentsInterval", 504); user_pref("CT2559647.ThirdPartyComponentsLastCheck", "Fri Apr 22 2011 22:36:37 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.ThirdPartyComponentsLastUpdate", "1246786978"); user_pref("CT2559647.TrusteLinkUrl", "http://trust.conduit.com/CT2559647"); user_pref("CT2559647.UserID", "UN28115087088355806"); user_pref("CT2559647.ValidationData_Search", 0); user_pref("CT2559647.ValidationData_Toolbar", 2); user_pref("CT2559647.alertChannelId", "952537"); user_pref("CT2559647.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrl user_pref("CT2559647.globalFirstTimeInfoLastCheckTime", "Fri May 13 2011 22:14:09 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.isAppTrackingManagerOn", true); user_pref("CT2559647.myStuffEnabled", true); user_pref("CT2559647.myStuffPublihserMinWidth", 400); user_pref("CT2559647.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID" user_pref("CT2559647.myStuffServiceIntervalMM", 1440); user_pref("CT2559647.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF user_pref("CT2559647.oldAppsList", "129126535051871363,129126535052027614,129404749084494749,129404755851369183,129404791544181654,129404755877931833, user_pref("CT2559647.testingCtid", ""); user_pref("CT2559647.toolbarAppMetaDataLastCheckTime", "Fri May 13 2011 08:45:29 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.toolbarContextMenuLastCheckTime", "Fri Apr 22 2011 22:36:40 GMT-0700 (Pacific Daylight Time)"); user_pref("CT2559647.usagesFlag", 2); user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2559647"); user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2559647", "\"0\""); user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2559647", "\"634402944764300000\""); user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2559647/CT2559647", "\"1304242869\""); user_pref("CommunityToolbar.ToolbarsList", "CT2559647"); user_pref("CommunityToolbar.ToolbarsList2", "CT2559647"); ---- Lines conduit removed from prefs.js ---- user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com"); user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com"); user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/657446/653307/US", "\"0\""); user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/US", "\"0\""); user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/952537/948310/US", "\"0\""); user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2260173", "\"0\""); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg=="); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"803651ba7facb1:0\""); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\""); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.5.1", "\"80ee9485875dcc1:0\""); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\""); user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2260173", "\"634485749189530000\""); user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000"); user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000"); user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=CT2260173&octid=CT2260173", "\"1312887586\""); user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2260173/CT2260173", "\"1311168869\""); user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634410529136300000\""); user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"634492029952000000\""); ---- Lines WebSearch modified from prefs.js ---- user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,support@ancestry.com:1.0.0.1,{635abd67-4fe9-1b23-4f01-e679fa7484c1 ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultthis.engineName", "Swag Bucks Customized Web Search"); ---- Lines CommunityToolbar removed from prefs.js ---- user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun May 15 2011 08:38:05 GMT-0700 (Pacific Daylight Time)"); user_pref("CommunityToolbar.alert.alertEnabled", true); user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Aug 24 2011 08:14:13 GMT-0700 (Pacific Daylight Time)"); user_pref("CommunityToolbar.alert.locale", "en"); user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Aug 24 2011 08:02:29 GMT-0700 (Pacific Daylight Time)"); user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); user_pref("CommunityToolbar.alert.showTrayIcon", false); user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); user_pref("CommunityToolbar.alert.userId", "8a70a9ed-e15d-4d75-8792-20514df98079"); user_pref("CommunityToolbar.EngineHiddenByUser", true); user_pref("CommunityToolbar.EngineOwner", ""); user_pref("CommunityToolbar.EngineOwnerGuid", ""); user_pref("CommunityToolbar.EngineOwnerToolbarId", ""); user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed May 11 2011 12:11:21 GMT-0700 (Pacific Daylight Time)"); user_pref("CommunityToolbar.globalUserId", "e593dede-a9ee-4b2b-8b53-8aa39b1a7277"); user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); user_pref("CommunityToolbar.IsEngineShown", true); user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2260173"); user_pref("CommunityToolbar.OriginalEngineOwner", ""); user_pref("CommunityToolbar.OriginalEngineOwnerGuid", ""); user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", ""); user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties"); ---- Lines ffxtbr modified from prefs.js ---- user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,support@ancestry.com:1.0.0.1,{635abd67-4fe9-1b23-4f01-e679fa7484c1 ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- user_20140802_1258_.backup prefs_20140802_1258_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Coupons deleted C:\PROGRA~2\W3i deleted C:\PROGRA~2\MyWebSearch deleted C:\PROGRA~3\W3i deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons deleted C:\Users\mrstkdsd\Searches deleted C:\Users\atrustsd\AppData\LocalLow\MyWebSearch deleted C:\Users\mrstkdsd\AppData\LocalLow\Coupons.com deleted C:\Users\mrstkdsd\AppData\LocalLow\MyWebSearch deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\SET53A9.tmp deleted C:\Windows\Syswow64\SET5466.tmp deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default\extensions\firefox@ghostery.com.xpi deleted C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default\jetpack deleted C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default\CT2559647 deleted C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default\extensions\{37153479-1976-43c3-a1ee-557513977b64} deleted C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default\conduit deleted "C:\Windows\Installer\8e86876.msi" deleted "C:\Users\mrstkdsd\AppData\Roaming\Amazon" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{1DD9AC48-0855-4AE7-9934-159B4377FFA2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [06/23/2014 08:15 AM] ==== Firefox Extensions ====================== ProfilePath: C:\Users\atrustsd\AppData\Roaming\Mozilla\Firefox\Profiles\n32p15yb.default - Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi ProfilePath: C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default - Clickamp;Clean - %ProfilePath%\extensions\clickclean@hotcleaner.com - Ancestry.com Advanced Image Viewer - %ProfilePath%\extensions\support@ancestry.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default FB5621842FDABF9F8359775573498FBC - C:\Users\mrstkdsd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash 06C0E62DE26FBC4F174A91F4B70C45F7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit) D1041C1505FEDBBA27529AB1B57450B8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealPlayer Video Downloader for PepperFlash (32-bit) D0D8A5784C6260EE1C1EA58A9576F652 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealPlayer Video Downloader (32-bit) 5CB01CF141E021DAAE96991A5BA57944 - C:\Users\mrstkdsd\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer DD31F0C436E4F5E6FA9783FF8A80ADC1 - C:\Users\mrstkdsd\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 1864B052CFFD84437442AD84FD1BA10A - C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default\extensions\support@ancestry.com\plugins\npImgCtl.dll - Ancestry.com Image Viewer Plugin ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[06/10/2014 05:54 PM] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt" "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{F6C86359-8FC2-43E7-BA54-F488B9DFCD0C}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {F6C86359-8FC2-43E7-BA54-F488B9DFCD0C} Bing Url="http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3533568318-2771338714-460311181-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_USERS\S-1-5-21-3533568318-2771338714-460311181-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F0BC1E8FB762504AA32AF229E84401C deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.1 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1F0BC1E8FB762504AA32AF229E84401C deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Remote Solution deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\atrustsd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\atrustsd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\atrustsd\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\atrustsd\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\mrstkdsd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\mrstkdsd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\mrstkdsd\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\atrustsd\AppData\Local\Mozilla\Firefox\Profiles\n32p15yb.default\Cache emptied successfully C:\Users\atrustsd\AppData\Roaming\Mozilla\Firefox\Profiles\n32p15yb.default\personas\cache emptied successfully C:\Users\mrstkdsd\AppData\Local\Mozilla\Firefox\Profiles\jiop53qm.default\Cache emptied successfully C:\Users\mrstkdsd\AppData\Roaming\Mozilla\Firefox\Profiles\jiop53qm.default\personas\cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=550 folders=187 23169886 bytes) ==== Empty Temp Folders ====================== C:\Users\atrustsd\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\mrstkdsd\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\mrstkdsd\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sat 08/02/2014 at 13:05:57.63 ======================
  7. Thank you. I have re-run the FRST as you requested. Attached is the first run and 2nd run. Cynthia Addition-1st run.txt addition FRST 2nd run.txt
  8. I posted yesterday in the wrong forum section about running malwarebytes on husbandj's computer, which found and removed 2 trojans and 300+ PUPs, but computer is not running correctly. Advice was to run the FRST scan (I reran the malwarebytes scan first and it didn't find anything). Results are attached. Thanks in advance. CynthiaAddition-malware results.txt
  9. Thank you very much for your response. I wasn't sure where to post for help. Will follow your advice. Thanks again.
  10. My husband installed malwarebytes on his work computer and it found a couple of trojans and over 300 PUPs. He had the software remove them and now the computer doesn't work right. He said he tried a system restore but it was not successful. Any suggestions as to what we can do to correct the problem? Thanks in advance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.