PDA

View Full Version : Computer and internet run slow. Please help. New thread with link.


jeromez48
2014-04-03, 23:41
Here is the link to my previous thread. There is also one prior to this in the same thread.

http://forums.spybot.info/showthread.php?70394-Computer-and-internet-run-slow-Please-help

As per instructions, I ran:
ERUNT
dds - here is the text.doc
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.51.2
Run by Administrator at 14:37:08 on 2014-04-03
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.757 [GMT -4:00]
.
AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *Enabled*
.
============== Running Processes ================
.
C:\Program Files\XFINITY Computer Performance Tool\SDCService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\Administrator\Desktop\Defense & Stuff\Stuff\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\XFINITY Computer Performance Tool\sdccont.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Norton Security Suite\Engine\21.2.0.38\N360.exe
C:\Program Files\Norton Security Suite\Engine\21.2.0.38\N360.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k NetworkService
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\21.2.0.38\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\21.2.0.38\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\21.2.0.38\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\21.2.0.38\coieplg.dll
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [A24802D8E0033B87C7A71FBB6D39DEF74469BA10._service_run] "c:\documents and settings\administrator\local settings\application data\google\chrome\application\chrome.exe" --type=service
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [MakiwaraNotify] "c:\program files\xfinity computer performance tool\sdccont.exe" /dummy /cfg "c:\program files\xfinity computer performance tool\uiframework\common\PCPowerCare.xml" /notificationtoaster /mutexname notificationtoaster /hideWindow
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRun: [Google Update] "c:\windows\system32\config\systemprofile\local settings\application data\google\update\GoogleUpdate.exe" /c
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\erunt autobackup.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\autorunsdisabled\yahoo! widgets.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\microsoft office.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\status monitor.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autorunsdisabled\brother bprsp.lnk - c:\windows\installer\{8040527f-dd74-4b45-8a06-c4bf145b6c76}\BrSupSsp.exe_44686FC076524EF5975EF92EE48E2958.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\wcieactivex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\wcieactivex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\wcieactivex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\wcieactivex\AcroIEFavClient.dll/AcroIECapture.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} - hxxp://www.comcastsupport.com/sdccommon/download/tgctlsr.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1300239196265
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1351669012296
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A3E4C69B-1693-4756-BE77-38F8EC366770} : DHCPNameServer = 192.168.1.1
Notify: igfxcui - igfxsrvc.dll
Notify: SDWinLogon - <no file>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1502000.026\symds.sys [2014-4-2 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1502000.026\symefa.sys [2014-4-2 936152]
R1 BHDrvx86;BHDrvx86;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\bashdefs\20140319.001\BHDrvx86.sys [2014-3-18 1098968]
R1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\n360\1502000.026\ccsetx86.sys [2014-4-2 127064]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1502000.026\ironx86.sys [2014-4-2 206936]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\documents and settings\administrator\desktop\defense & stuff\stuff\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-9-19 250200]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-3-28 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-3-28 857912]
R2 Motorola Device Manager;Motorola Device Manager Service;c:\program files\motorola mobility\motorola device manager\MotoHelperService.exe [2013-11-15 137528]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\21.2.0.38\n360.exe [2014-4-2 265040]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-6-1 369152]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2014-3-30 1042272]
R2 XFINITY Computer Performance Tool;XFINITY Computer Performance Tool;c:\program files\xfinity computer performance tool\sdcService.exe [2012-11-5 406976]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2014-3-31 108120]
R3 IDSxpx86;IDSxpx86;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\ipsdefs\20140402.001\IDSXpx86.sys [2014-4-2 383120]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-3-28 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-3-28 107736]
R3 NAVENG;NAVENG;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\virusdefs\20140403.002\NAVENG.SYS [2014-4-3 93272]
R3 NAVEX15;NAVEX15;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\virusdefs\20140403.002\NAVEX15.SYS [2014-4-3 1612376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2014-3-30 3921880]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2014-3-30 171416]
S3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2013-11-22 249856]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2013-11-26 6272]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2014-3-28 50648]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2013-11-26 21376]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys --> c:\windows\system32\drivers\motccgpfl.sys [?]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2013-11-26 23936]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2013-11-26 11264]
S3 PTHSBUS;PANTECH Handset USB Composite Device Driver (UDP);c:\windows\system32\drivers\pthsbus.sys --> c:\windows\system32\drivers\PTHSBUS.sys [?]
S3 PTHSMDM;PANTECH Handset Drivers (UDP);c:\windows\system32\drivers\pthsmdm.sys --> c:\windows\system32\drivers\PTHSMDM.sys [?]
S3 PTHSVSP;PANTECH Handset Diagnostic Serial Port (UDP);c:\windows\system32\drivers\pthsvsp.sys --> c:\windows\system32\drivers\PTHSVSP.sys [?]
S3 ssmirrdr;ssmirrdr;c:\windows\system32\drivers\ssmirrdr.sys [2012-10-8 10112]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S4 57935899;57935899; [x]
S4 RapportIaso;RapportIaso;\??\c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys --> c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys [?]
S4 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
.
=============== File Associations ===============
.
ShellExec: FRONTPG.EXE: edit=c:\progra~1\micros~3\office\FRONTPG.EXE
.
=============== Created Last 30 ================
.
2014-04-03 16:04:46 -------- d-----w- C:\FRST
2014-04-03 02:51:20 936152 ----a-w- c:\windows\system32\drivers\n360\1502000.026\symefa.sys
2014-04-03 02:51:20 447704 ----a-w- c:\windows\system32\drivers\n360\1502000.026\symnets.sys
2014-04-03 02:51:20 423256 ----a-w- c:\windows\system32\drivers\n360\1502000.026\symtdi.sys
2014-04-03 02:51:20 384728 ----a-w- c:\windows\system32\drivers\n360\1502000.026\symtdiv.sys
2014-04-03 02:51:20 367704 ----a-r- c:\windows\system32\drivers\n360\1502000.026\symds.sys
2014-04-03 02:51:20 32344 ----a-r- c:\windows\system32\drivers\n360\1502000.026\srtspx.sys
2014-04-03 02:51:20 21520 ----a-r- c:\windows\system32\drivers\n360\1502000.026\symelam.sys
2014-04-03 02:51:19 664280 ----a-w- c:\windows\system32\drivers\n360\1502000.026\srtsp.sys
2014-04-03 02:51:19 206936 ----a-r- c:\windows\system32\drivers\n360\1502000.026\ironx86.sys
2014-04-03 02:51:19 127064 ----a-r- c:\windows\system32\drivers\n360\1502000.026\ccsetx86.sys
2014-04-03 02:50:45 30068 ----a-w- c:\windows\system32\drivers\n360\1502000.026\symvtcer.dat
2014-04-03 02:50:45 -------- d-----w- c:\windows\system32\drivers\n360\1502000.026
2014-03-30 04:56:45 18968 ----a-w- c:\windows\system32\sdnclean.exe
2014-03-28 19:09:43 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-28 19:08:04 50648 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-03-28 19:08:04 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-28 19:08:03 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-03-28 16:50:08 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2014-03-18 16:15:18 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-03-18 16:15:18 13312 ------w- c:\windows\system32\xp_eos.exe
.
==================== Find3M ====================
.
2014-03-31 20:13:57 2526 ----a-w- c:\windows\system32\regHiveData.bin
2014-03-11 22:12:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 22:12:27 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-24 11:46:36 920064 ----a-w- c:\windows\system32\wininet.dll
2014-02-24 11:45:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-24 11:45:57 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-02-24 11:45:42 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-24 10:54:21 385024 ----a-w- c:\windows\system32\html.iec
2014-02-07 02:01:37 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55:04 562688 ----a-w- c:\windows\system32\qedit.dll
2014-01-06 19:23:36 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2014-01-04 03:13:05 420864 ----a-w- c:\windows\system32\vbscript.dll
.
============= FINISH: 14:38:48.50 ===============

Attach file is zipped, below under attachments.

Here is aswMBR log:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-04-03 15:16:05
-----------------------------
15:16:05.921 OS Version: Windows 5.1.2600 Service Pack 3
15:16:05.921 Number of processors: 1 586 0x207
15:16:05.921 ComputerName: HOME-88B26076E7 UserName: Administrator
15:16:09.390 Initialize success
15:29:11.750 AVAST engine defs: 14040301
15:29:47.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:29:47.453 Disk 0 Vendor: WDC_WD800BB-75CAA0 16.06V16 Size: 76293MB BusType: 3
15:29:47.640 Disk 0 MBR read successfully
15:29:47.640 Disk 0 MBR scan
15:29:47.671 Disk 0 Windows XP default MBR code
15:29:47.671 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76285 MB offset 63
15:29:47.687 Disk 0 scanning sectors +156232125
15:29:47.859 Disk 0 scanning C:\WINDOWS\system32\drivers
15:30:08.171 Service scanning
15:30:10.593 Service BHDrvx86 C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx86.sys **LOCKED** 5
15:30:12.265 Service ccSet_N360 C:\WINDOWS\system32\drivers\N360\1502000.026\ccSetx86.sys **LOCKED** 5
15:30:14.968 Service eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys **LOCKED** 5
15:30:15.625 Service EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
15:30:19.921 Service IDSxpx86 C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140402.001\IDSxpx86.sys **LOCKED** 5
15:30:25.765 Service NAVENG C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140403.002\NAVENG.SYS **LOCKED** 5
15:30:26.156 Service NAVEX15 C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140403.002\NAVEX15.SYS **LOCKED** 5
15:30:34.828 Service SRTSPX C:\WINDOWS\system32\drivers\N360\1502000.026\SRTSPX.SYS **LOCKED** 5
15:30:35.703 Service SymDS C:\WINDOWS\system32\drivers\N360\1502000.026\SYMDS.SYS **LOCKED** 5
15:30:36.171 Service SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS **LOCKED** 5
15:30:36.312 Service SymIRON C:\WINDOWS\system32\drivers\N360\1502000.026\Ironx86.SYS **LOCKED** 5
15:30:36.453 Service SYMTDI C:\WINDOWS\System32\Drivers\N360\1502000.026\SYMTDI.SYS **LOCKED** 5
15:30:42.703 Modules scanning
15:30:54.984 Disk 0 trace - called modules:
15:30:55.000 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
15:30:55.000 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3bfab8]
15:30:55.015 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a3cad98]
15:30:55.484 AVAST engine scan C:\WINDOWS
15:31:14.906 AVAST engine scan C:\WINDOWS\system32
15:36:55.703 AVAST engine scan C:\WINDOWS\system32\drivers
15:37:24.531 AVAST engine scan C:\Documents and Settings\Administrator
16:12:58.468 AVAST engine scan C:\Documents and Settings\All Users
16:17:11.234 Scan finished successfully
16:19:30.703 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
16:19:30.750 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBRlog.txt"
Juliet
2014-04-04, 02:44
Hi and welcome.

Do you still have Farbar Recovery Scan Tool on your desktop?

If yes let's proceed.


Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)



start
CHR HKLM\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx [2012-12-27]
CHR HKCU\...\Chrome\Extension: [afbcibndhffhhbokgpbpecjmejjcgcej] - C:\Documents and Settings\Administrator\Local Settings\Application Data\CRE\afbcibndhffhhbokgpbpecjmejjcgcej.crx [2013-01-20]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\DOCUME~1\ADMINI~1\LOCALS~1\APPLIC~1\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:829C9EE6
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
Reboot:
end

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system


~~~~~~~~~~~~~~~~~~~~~

AdwCleaner by Xplode

Click on this link to download : ADWCleaner (http://www.bleepingcomputer.com/download/adwcleaner/)
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.


Close all open windows and browsers.



Right click the AdwCleaner icon http://i1059.photobucket.com/albums/t432/cinjo23/RightClickonAdwCleanerIcon.jpg on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.

*****
https://dl.dropbox.com/u/73555776/AdwCleaner.GIF


Click the Scan button and wait for the scan to finish.
After the Scan has finished the window may or may not show what it found and above the progress bar you will see Pending. Please uncheck elements you don't want to remove. Please don't delete anything at this time.
Click the Report button to get the log
Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.
NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why (http://www.im-infected.com/hijacker/isearch-avg-comsearch-hijacker.html) and Here (http://nojesusnopeas.blogspot.com/2012/08/sorry-but-avg-secure-search-is-malware.html). You can always Reinstall (http://www.avg.com/us-en/secure-search) it.

~~~~~~~~~~~~~~~~~~~~~~~~

http://imageshack.us/a/img841/7292/thisisujrt.gif
Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/) to your desktop.
Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message.


Please post:
fixlist.txt
C:\AdwCleaner\AdwCleaner[R0].txt
JRT.txt
jeromez48
2014-04-04, 10:30
Hello Juliet and Tashi. Thanks so much for your hard work. The FRST tool worked so fast I thought it had failed!

Also, please be aware that my primary browser is Google Chrome. I only use IE occasionally.

Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Administrator at 2014-04-04 02:13:32
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal

================== Search: "fixlist.txt" ===================

C:\Documents and Settings\Administrator\Desktop\fixlist.txt
[2014-04-04 02:12] - [2014-04-04 02:12] - 0000950 ____A () 1d72d921577a65942d5ca8c4fb377f10

=== End Of Search ===

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by Administrator at 2014-04-04 02:17:35 Run:1
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
CHR HKLM\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx [2012-12-27]
CHR HKCU\...\Chrome\Extension: [afbcibndhffhhbokgpbpecjmejjcgcej] - C:\Documents and Settings\Administrator\Local Settings\Application Data\CRE\afbcibndhffhhbokgpbpecjmejjcgcej.crx [2013-01-20]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\DOCUME~1\ADMINI~1\LOCALS~1\APPLIC~1\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:829C9EE6
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
Reboot:
end
*****************

HKLM\SOFTWARE\Google\Chrome\Extensions\edmgmpmklgfbohogafcfobonnkogchec => Key deleted successfully.
C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej => Key deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\CRE\afbcibndhffhhbokgpbpecjmejjcgcej.crx => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf => Key deleted successfully.
C:\DOCUME~1\ADMINI~1\LOCALS~1\APPLIC~1\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key deleted successfully.
HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
C:\Documents and Settings\All Users\Application Data\TEMP => ":5C321E34" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":829C9EE6" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":D1B5B4F1" ADS removed successfully.


The system needed a reboot.

==== End of Fixlog ====

# AdwCleaner v3.023 - Report created 04/04/2014 at 02:39:18
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - HOME-88B26076E7
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a3ulizkr.default\Extensions\torntv2@torntv.com.xpi
File Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
File Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal
File Found : C:\WINDOWS\system32\conduitEngine.tmp
File Found : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Found C:\Documents and Settings\Administrator\Application Data\blekko
Folder Found C:\Documents and Settings\Administrator\Application Data\pccustubinstaller
Folder Found C:\Documents and Settings\Administrator\Application Data\registry mechanic
Folder Found C:\Documents and Settings\Administrator\Local Settings\Application Data\apn
Folder Found C:\Documents and Settings\Administrator\Local Settings\Application Data\visi_coupon
Folder Found C:\Documents and Settings\All Users\Application Data\~0
Folder Found C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Found C:\Documents and Settings\All Users\Application Data\Systweak
Folder Found C:\Documents and Settings\NetworkService\Application Data\adawaretb

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\855da8cb368b846
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\claro
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Fast Free Converter
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\Uniblue

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a3ulizkr.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5441 octets] - [04/04/2014 02:39:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5501 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Fri 04/04/2014 at 2:59:56.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-790525478-2025429265-725345543-500\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211141126}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\system32\conduitengine.tmp"
Successfully deleted: [File] "C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\boost_interprocess"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\systweak"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\blekko"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\pccustubinstaller"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\registry mechanic"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\adawarebp"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\apn"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\cre"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\visi_coupon"
Successfully deleted: [Folder] "C:\Program Files\coupons"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 04/04/2014 at 3:15:54.98
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thanks again!
Juliet
2014-04-04, 13:42
your welcome!

Let's open AdwCleaner-by Xplode


Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner.txt as well.

Please post this log when done. Also, update me on how the computer is at the moment.
jeromez48
2014-04-04, 17:21
:heart:Good morning Juliet,

Computer boots up and shuts down much more quickly. Outlook displays mail much faster. Internet is still slow loading 1st page of the day, then speeds up. Page loading is MUCH faster. Got a message on Google Chrome/cnn.com "Shockwave isn't responding" with a checkbox to shut it off. MOST Important, though, is that audio and video are FINALLY synced. Youtube worked beautifully!!!

Thanks a million!

Jerry


# AdwCleaner v3.023 - Report created 04/04/2014 at 09:40:21
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - HOME-88B26076E7
# Running from : C:\Documents and Settings\Administrator\Desktop\Defense\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[x] Not Deleted : C:\Documents and Settings\All Users\Application Data\~0
Folder Deleted : C:\Documents and Settings\NetworkService\Application Data\adawaretb
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a3ulizkr.default\Extensions\torntv2@torntv.com.xpi
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKCU\Software\855da8cb368b846
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\claro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Fast Free Converter
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a3ulizkr.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5581 octets] - [04/04/2014 02:39:18]
AdwCleaner[R1].txt - [3399 octets] - [04/04/2014 09:36:55]
AdwCleaner[S0].txt - [3371 octets] - [04/04/2014 09:40:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3431 octets] ##########
Juliet
2014-04-04, 20:18
Sounds like good news to me!

Let's try this for ShockWave

https://support.google.com/chrome/answer/2445333?hl=en
Adobe Shockwave plug-in

[x] Not Deleted : C:\Documents and Settings\All Users\Application Data\~0
See if you can locate this file, just see whats in it.??


Important information regarding Windows XP
http://forums.whatthetech.com/index.php?showtopic=127901


We need to check for remnants.


Please Run TFC by OldTimer to clear temporary files:

Download TFC from here http://oldtimer.geekstogo.com/TFC.exe
and save it to your desktop.

Close any open programs and Internet browsers.
Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
Please be patient as clearing out temp files may take a while.
Once it completes you may be prompted to restart your computer, please do so.
Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The scanner below is very thorough, don't be alarmed if you see it finding things beccause I actually expect to see it find files in quarantine.

Go here (http://go.eset.com/us/online-scanner) to run an online scanner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activeX control to install
Click Start Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
When the scan completes, press the LIST OF THREATS FOUND button
Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
Include the contents of this report in your next reply.
Press the BACK button.
Press Finish
jeromez48
2014-04-05, 20:32
:heart:Hello Juliet,

I hope you are enjoying this beautiful day.

I tried the Shockwave suggestion you made. When I looked at the plugin on the Chrome list, I found it was enabled, so I disabled and then re-enabled it. There were also enabled plugins for Firefox, mozilla, and other browsers. Should I disable them?

Unfortunately, when I then tried my browser, I got a message saying Shockwave crashed. I also noticed that on my add or remove program list, Shockwave is listed there under Adobe. Do I need to do something with it there?

I assume Shockwave has something to do with audio and video sync because they are out of sync again.

As per your request, I located: C:\Documents and Settings\All Users\Application Data\~0. It is an empty folder. The reason it wasn't deleted is because I thought it was important and unchecked it when cleaning the system. Should I delete the folder?

I ran OldTimer and it seemed to remove a lot of temp files.

When it came to ESET, I mistakenly downloaded the trial version instead of the online version. When I used the online version, it found no threats. However, before going to the Spybot forum, I had used Malwarebytes and purged a number of threats from its quarantine. Maybe that is why no threats were found, in addition to the thorough cleanings you have already had me do. Eset took over 2 hours to run.

A thumbnail named Thumbs.db has appeared on my desktop. ???

Please advise.

Thanks,
Jerry
Juliet
2014-04-06, 04:57
:heart:Hello Juliet,

I hope you are enjoying this beautiful day.

I tried the Shockwave suggestion you made. When I looked at the plugin on the Chrome list, I found it was enabled, so I disabled and then re-enabled it. There were also enabled plugins for Firefox, mozilla, and other browsers. Should I disable them?

Unfortunately, when I then tried my browser, I got a message saying Shockwave crashed. I also noticed that on my add or remove program list, Shockwave is listed there under Adobe. Do I need to do something with it there?

I assume Shockwave has something to do with audio and video sync because they are out of sync again.

As per your request, I located: C:\Documents and Settings\All Users\Application Data\~0. It is an empty folder. The reason it wasn't deleted is because I thought it was important and unchecked it when cleaning the system. Should I delete the folder?

I ran OldTimer and it seemed to remove a lot of temp files.

When it came to ESET, I mistakenly downloaded the trial version instead of the online version. When I used the online version, it found no threats. However, before going to the Spybot forum, I had used Malwarebytes and purged a number of threats from its quarantine. Maybe that is why no threats were found, in addition to the thorough cleanings you have already had me do. Eset took over 2 hours to run.

A thumbnail named Thumbs.db has appeared on my desktop. ???

Please advise.

Thanks,
Jerry
I am so sorry it took me so long to get back, my 4 year old has run a fever most of the day and I just couldn't let him out of my sight.

plugins enabled or disabled is up to you, if your troubleshooting, turn 1 on at a time to see if one is the cause of the issue.

Let's try this and see if the Shockwave issue can be resolved:

Please download and install the latest version from the links below:

Adobe Flash Player 12.0.0.77 Final for (Internet Explorer) (http://download.macromedia.com/pub/flashplayer/current/support/install_flash_player_ax.exe)
Adobe Flash Player 12.0.0.77 Final for (Firefox, Safari, Opera) (http://download.macromedia.com/pub/flashplayer/current/support/install_flash_player.exe)
Note: Your browsers should be closed before proceeding with the installation process.

************************

C:\Documents and Settings\All Users\Application Data\~0 if it's empty it's not hurting anything one way or another, generally for space people empty out the un-needed.

I've heard Eset taking up to 8 hours before.....ran it on mine once and sat for 4 hours.

Thumb.db is a index of the thumbnails that are displayed in image folders and or any folder that has an image in it.

If you turn off Show All Files and or turn off Show System files and or check Hide system files (don't remember what the option is called) you won't see them.

You can delete the Thumbs.db files and it won't be recreated unless you go back to that folder and View the files as Thumbnails. DT.ini will be recreated by the system no matter what you do.

***************
How's the computer now?

Please run this security check for my review.

Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe).

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
jeromez48
2014-04-06, 07:48
:oreo: An oreo for your little one! I hope he/she feels better soon. (Been there, done that)

I tried to use the shockwave link you suggested, but I got a 404 message. I went to Adobe directly and it said I needed an update so I did that. Then I went to the chrome plugins list and disabled anything that didn't say IE or Chrome.

The page loaded somewhat faster but the audio and video are way out of sync.

I ran security check 317. Here are the results:

Results of screen317's Security Check version 0.99.81
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton Security Suite
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
JavaFX 2.1.1
Java 7 Update 51
Adobe Flash Player 12.0.0.77
Adobe Reader XI
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 2%
````````````````````End of Log``````````````````````

When I looked through the program files, I noticed a few anti-virus or adware folders with tiny bits of data (kB's).
Should I delete them?

Thanks again for all your help!!!
Jerry
Juliet
2014-04-06, 14:15
https://support.google.com/youtube/answer/58134?hl=en
Read over that link and see if it helps.

Let's check a setting
Open Firefox:
"Options> Advanced> General> Use hardware acceleration when available"

May also need to check driver updates for the computer.



We can remove quarantine folders and tools now we used.

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Run FRST/FRST64 and press the Fix button just once and wait.
no needed to post the log this time.



start
DeleteQuarantine:
end

~~~~~~~~~~~~~~`

Download Delfix from here (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix)
Ensure Remove disinfection tools is ticked
Also tick:
Create registry backup
Purge system restore
http://www.hdrcgb.org.uk/g2g/delfix.jpg

Click Run


Any other tools and files found can simply be deleted or uninstall via Add/Remove Programs in the Control Panel etc.
jeromez48
2014-04-06, 19:46
Hello Juliet,

I used the FRST tool and the Delfix tool as you suggested. No problems.

As far as the audio/video sync problem, I have not been clear.

Youtube works perfectly. It is others that have streaming that has problems. CNN, NBC, Comcast sports, etc., are the ones out of sync.

I do not have Firefox and have never used it.

The Google support page seems to be for those who make their own videos. I do not. I do not have any of the editing programs it refers to.

Sorry if I confused you.

Happy Sunday,

Jerry
jeromez48
2014-04-06, 20:09
Hello Juliet,

I found this log, which I think is what you were looking for.

[i] 14-03-30 01:21:15 Quarantine Start purge items older than 3/31/2014...
[i] 14-03-30 01:21:32 Quarantine Purged Yontoo.Pagerage: All detected items of product - 2014-03-28 13:54:08
[i] 14-03-30 01:21:32 Quarantine Purged Windows: All detected items of product - 2014-03-28 14:52:56
[i] 14-03-30 01:21:32 Quarantine Purged Windows: All detected items of product - 2014-03-28 13:54:18
[i] 14-03-30 01:21:32 Quarantine Purged Windows.OpenWith: All detected items of product - 2014-03-28 13:54:18
[i] 14-03-30 01:21:32 Quarantine Purged Windows Media SDK: All detected items of product - 2014-03-28 13:54:56
[i] 14-03-30 01:21:33 Quarantine Purged Windows Media SDK: All detected items of product - 2014-03-28 13:54:18
[i] 14-03-30 01:21:33 Quarantine Purged Windows Explorer: All detected items of product - 2014-03-28 14:52:56
[i] 14-03-30 01:21:33 Quarantine Purged Windows Explorer: All detected items of product - 2014-03-28 13:54:18
[i] 14-03-30 01:21:33 Quarantine Purged Win32.Downloader.gen: All detected items of product - 2014-03-28 13:54:10
[i] 14-03-30 01:21:33 Quarantine Purged WebTrends live: All detected items of product - 2014-03-28 13:54:11
[i] 14-03-30 01:21:33 Quarantine Purged W3i.IQ5.fraud: All detected items of product - 2014-03-28 13:54:10
[i] 14-03-30 01:21:33 Quarantine Purged USTechSupport.MyCleanPC: All detected items of product - 2014-03-28 13:54:11
[i] 14-03-30 01:21:33 Quarantine Purged Statcounter: All detected items of product - 2014-03-28 13:54:12
[i] 14-03-30 01:21:33 Quarantine Purged myPCBackup: All detected items of product - 2014-03-28 13:54:11
[i] 14-03-30 01:21:33 Quarantine Purged MS Search Assistant: All detected items of product - 2014-03-28 13:54:18
[i] 14-03-30 01:21:33 Quarantine Purged MS Regedit: All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS Office 9.0: All detected items of product - 2014-03-30 01:05:27
[i] 14-03-30 01:21:33 Quarantine Purged MS Office 9.0: All detected items of product - 2014-03-28 13:54:13
[i] 14-03-30 01:21:33 Quarantine Purged MS Office 9.0 (Word): All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS Office 9.0 (Start Assistant): All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS Office 9.0 (Excel): All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS Office 11.0 (Picture Manager): All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS Office 11.0 (Outlook): All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS Media Player: All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS Management Console: All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS Frontpage: All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS DirectInput: All detected items of product - 2014-03-28 14:52:55
[i] 14-03-30 01:21:33 Quarantine Purged MS DirectInput: All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS DirectDraw: All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:33 Quarantine Purged MS Direct3D: All detected items of product - 2014-03-28 13:54:17
[i] 14-03-30 01:21:34 Quarantine Purged MediaPlex: All detected items of product - 2014-03-30 01:05:22
[i] 14-03-30 01:21:34 Quarantine Purged MediaPlex: All detected items of product - 2014-03-30 00:59:17
[i] 14-03-30 01:21:34 Quarantine Purged MediaPlex: All detected items of product - 2014-03-28 13:54:12
[i] 14-03-30 01:21:34 Quarantine Purged Macromedia.FlashPlayer.Cookies: All detected items of product - 2014-03-28 13:54:11
[i] 14-03-30 01:21:34 Quarantine Purged Internet Explorer: All detected items of product - 2014-03-28 13:54:14
[i] 14-03-30 01:21:34 Quarantine Purged iCrossRider: All detected items of product - 2014-03-28 13:54:11
[i] 14-03-30 01:21:34 Quarantine Purged History: All detected items of product - 2014-03-30 01:08:39
[i] 14-03-30 01:21:34 Quarantine Purged History: All detected items of product - 2014-03-30 01:06:18
[i] 14-03-30 01:21:34 Quarantine Purged History: All detected items of product - 2014-03-28 14:52:56
[i] 14-03-30 01:21:34 Quarantine Purged History: All detected items of product - 2014-03-28 13:54:19
[i] 14-03-30 01:21:34 Quarantine Purged DoubleClick: All detected items of product - 2014-03-30 01:05:23
[i] 14-03-30 01:21:34 Quarantine Purged DoubleClick: All detected items of product - 2014-03-30 00:59:18
[i] 14-03-30 01:21:34 Quarantine Purged DoubleClick: All detected items of product - 2014-03-28 13:54:11
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 14:54:23
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 14:53:10
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 14:52:55
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 14:01:43
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 13:59:23
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 13:58:58
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 13:58:08
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 13:57:37
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 13:56:58
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 13:55:51
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 13:54:55
[i] 14-03-30 01:21:34 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-28 13:54:06
[i] 14-03-30 01:21:34 Quarantine Purged Cookie: All detected items of product - 2014-03-30 01:08:39
[i] 14-03-30 01:21:35 Quarantine Purged Cookie: All detected items of product - 2014-03-30 01:05:27
[i] 14-03-30 01:21:35 Quarantine Purged Common Dialogs: All detected items of product - 2014-03-28 13:54:13
[i] 14-03-30 01:21:35 Quarantine Purged Claro.Toolbar: All detected items of product - 2014-03-28 13:54:06
[i] 14-03-30 01:21:35 Quarantine Purged CasaleMedia: All detected items of product - 2014-03-30 01:05:24
[i] 14-03-30 01:21:35 Quarantine Purged CasaleMedia: All detected items of product - 2014-03-30 00:59:19
[i] 14-03-30 01:21:35 Quarantine Purged Cache: All detected items of product - 2014-03-30 01:08:39
[i] 14-03-30 01:21:35 Quarantine Purged Cache: All detected items of product - 2014-03-30 01:06:18
[i] 14-03-30 01:21:35 Quarantine Purged Cache: All detected items of product - 2014-03-28 14:52:56
[i] 14-03-30 01:21:35 Quarantine Purged Cache: All detected items of product - 2014-03-28 13:54:18
[i] 14-03-30 01:21:35 Quarantine Purged BurstMedia: All detected items of product - 2014-03-28 13:54:12
[i] 14-03-30 01:21:35 Quarantine Purged Babylon.Toolbar: All detected items of product - 2014-03-28 14:52:55
[i] 14-03-30 01:21:35 Quarantine Purged Babylon.Toolbar: All detected items of product - 2014-03-28 13:54:05
[i] 14-03-30 01:21:35 Quarantine Purged Ask.MyGlobalSearch: All detected items of product - 2014-03-28 13:54:11
[i] 14-03-30 01:21:35 Quarantine Purged Ad.SupremeSavings: All detected items of product - 2014-03-28 13:54:08
[i] 14-03-30 01:21:35 Quarantine Purged Ad.GiantSavings: All detected items of product - 2014-03-28 13:54:08
[i] 14-03-30 01:21:35 Quarantine Purged 1ClickDownload: All detected items of product - 2014-03-28 13:54:08
[i] 14-03-30 01:21:36 Quarantine Finished purge items older than 3/31/2014.
[i] 14-03-30 01:29:10 Quarantine Start purge selected items...
[i] 14-03-30 01:29:15 Quarantine Purged History: All detected items of product - 2014-03-30 01:28:22
[i] 14-03-30 01:29:19 Quarantine Purged Cookie: All detected items of product - 2014-03-30 01:28:21
[i] 14-03-30 01:29:22 Quarantine Purged Cache: All detected items of product - 2014-03-30 01:28:21
[i] 14-03-30 01:29:22 Quarantine Finished purge selected items.
[i] 14-04-02 14:49:59 Quarantine Start purge selected items...
[i] 14-04-02 14:50:06 Quarantine Purged Windows: All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:06 Quarantine Purged Windows: All detected items of product - 2014-04-01 01:37:47
[i] 14-04-02 14:50:06 Quarantine Purged Windows: All detected items of product - 2014-03-31 23:57:54
[i] 14-04-02 14:50:06 Quarantine Purged Windows: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:06 Quarantine Purged Windows.OpenWith: All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:06 Quarantine Purged Windows.OpenWith: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:06 Quarantine Purged Windows Media SDK: All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:06 Quarantine Purged Windows Media SDK: All detected items of product - 2014-03-31 23:57:55
[i] 14-04-02 14:50:06 Quarantine Purged Windows Media SDK: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:06 Quarantine Purged Windows Explorer: All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:06 Quarantine Purged Windows Explorer: All detected items of product - 2014-04-01 01:37:48
[i] 14-04-02 14:50:06 Quarantine Purged Windows Explorer: All detected items of product - 2014-03-31 23:57:54
[i] 14-04-02 14:50:06 Quarantine Purged Windows Explorer: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:06 Quarantine Purged MS Office 9.0: All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:06 Quarantine Purged MS Office 9.0 (Excel): All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:06 Quarantine Purged MS Office 9.0 (Excel): All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:06 Quarantine Purged MS DirectInput: All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:06 Quarantine Purged MS DirectInput: All detected items of product - 2014-04-01 01:37:47
[i] 14-04-02 14:50:06 Quarantine Purged MS DirectInput: All detected items of product - 2014-03-31 23:57:54
[i] 14-04-02 14:50:06 Quarantine Purged MS DirectInput: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:06 Quarantine Purged MS DirectDraw: All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:06 Quarantine Purged MS DirectDraw: All detected items of product - 2014-04-01 01:37:47
[i] 14-04-02 14:50:06 Quarantine Purged MS DirectDraw: All detected items of product - 2014-03-31 23:57:54
[i] 14-04-02 14:50:06 Quarantine Purged MS DirectDraw: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:06 Quarantine Purged MS Direct3D: All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:06 Quarantine Purged MS Direct3D: All detected items of product - 2014-03-31 23:57:54
[i] 14-04-02 14:50:06 Quarantine Purged MS Direct3D: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:06 Quarantine Purged MediaPlex: All detected items of product - 2014-03-31 23:57:53
[i] 14-04-02 14:50:06 Quarantine Purged MediaPlex: All detected items of product - 2014-03-30 12:54:13
[i] 14-04-02 14:50:06 Quarantine Purged History: All detected items of product - 2014-04-02 14:44:37
[i] 14-04-02 14:50:06 Quarantine Purged History: All detected items of product - 2014-04-01 01:37:48
[i] 14-04-02 14:50:06 Quarantine Purged History: All detected items of product - 2014-03-31 23:57:55
[i] 14-04-02 14:50:06 Quarantine Purged History: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:06 Quarantine Purged FastClick: All detected items of product - 2014-04-02 14:44:35
[i] 14-04-02 14:50:06 Quarantine Purged FastClick: All detected items of product - 2014-03-31 23:57:54
[i] 14-04-02 14:50:06 Quarantine Purged DoubleClick: All detected items of product - 2014-04-02 14:44:32
[i] 14-04-02 14:50:06 Quarantine Purged DoubleClick: All detected items of product - 2014-03-31 23:57:52
[i] 14-04-02 14:50:06 Quarantine Purged DoubleClick: All detected items of product - 2014-03-30 12:54:13
[i] 14-04-02 14:50:06 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-04-02 14:47:41
[i] 14-04-02 14:50:06 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-04-02 14:46:04
[i] 14-04-02 14:50:07 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-04-02 14:44:32
[i] 14-04-02 14:50:07 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-04-01 01:37:47
[i] 14-04-02 14:50:07 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-31 23:58:08
[i] 14-04-02 14:50:07 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-31 23:57:52
[i] 14-04-02 14:50:07 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-30 12:55:45
[i] 14-04-02 14:50:07 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-30 12:55:05
[i] 14-04-02 14:50:07 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-30 12:54:31
[i] 14-04-02 14:50:07 Quarantine Purged Delta.Toolbar: All detected items of product - 2014-03-30 12:54:12
[i] 14-04-02 14:50:07 Quarantine Purged Cookie: All detected items of product - 2014-04-02 14:44:37
[i] 14-04-02 14:50:07 Quarantine Purged Cookie: All detected items of product - 2014-04-01 01:37:48
[i] 14-04-02 14:50:07 Quarantine Purged Cookie: All detected items of product - 2014-03-31 23:57:55
[i] 14-04-02 14:50:07 Quarantine Purged Cookie: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:07 Quarantine Purged CasaleMedia: All detected items of product - 2014-04-02 14:44:35
[i] 14-04-02 14:50:07 Quarantine Purged Cache: All detected items of product - 2014-04-02 14:44:36
[i] 14-04-02 14:50:07 Quarantine Purged Cache: All detected items of product - 2014-04-01 01:37:48
[i] 14-04-02 14:50:07 Quarantine Purged Cache: All detected items of product - 2014-03-31 23:57:55
[i] 14-04-02 14:50:07 Quarantine Purged Cache: All detected items of product - 2014-03-30 12:54:14
[i] 14-04-02 14:50:07 Quarantine Purged BurstMedia: All detected items of product - 2014-03-31 23:57:54
[i] 14-04-02 14:50:07 Quarantine Finished purge selected items.

Thanks,
Jerry
Juliet
2014-04-06, 20:11
All I can do is try to research for the problem.

http://forums.comcast.com/t5/Channels-and-Programming/Problems-with-NBC-Olympics-streaming/td-p/1364331
1. Please make sure you are running the most recent version of flash. To confirm, please go to this page to download the most recent version:
http://get.adobe.com/flashplayer/

2. Navigate your browser to: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html



3. Make sure "Allow third-party Flash content to store data on your computer" and "Store common Flash components to reduce download times" options are both checked.



4. Move the "Specify the amount of disk space..." slider to 100 KB.



5. Navigate your browser to: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html



6. Clear the Flash Player Cache by pushing the "Delete all sites" button.

7. Make sure your third party cookies are enabled:
INTERNET EXPLORER (FOR PC USERS)

-->Click on Tools

--> Internet Options

--> Privacy Tab

--> Click the Advanced button in center of page

--> Make sure the radio button next to Accept is checked below “First-party Cookies” and “Third-party Cookies”

--> Click “OK”

CHROME BROWSER (FOR PC USERS)

Click on the wrench at the top right of the screen

--> Settings

--> Scroll to bottom of page and click on “Show Advanced Settings”

--> Privacy – Click on “Content Settings”

--> Cookies – Check “Allow local data to be set” also make sure “Block third-party cookies and site data” IS NOT CHECKED.

--> Click “ok” at bottom of page.

8. Close your browser and then reopen your browser.
jeromez48
2014-04-07, 01:38
Hello Juliet,

I have followed your instructions. Here is a log:

Your Google Chrome browser already includes Adobe® Flash® Player built-in.
Google Chrome will automatically update when new versions of Flash Player
are available.

http://forums.comcast.com/t5/Channel...g/td-p/1364331 -
This has only to do with problems related to Olympics streaming. And all it says is Comcast will open a ticket. Typical Comcast.

When I got to the "delete all sites" button Flash player, there was a huge amount of sites. It took a while for them to delete. Everything else was already set as you recommended.

The video/audio problem is partially solved. Although it is still out of sync, it's not as bad and the audio no longer sounds as if it is still "under water."

Task manager shows 100% CPU use, with various high percentages used by several different listings of Chrome. Nothing else shows much usage. Hmmmm????

Thanks,

Jerry
Juliet
2014-04-07, 02:09
reboot and let's see what it does.
jeromez48
2014-04-07, 06:47
:sad: Hello Juliet,

I hate to say it, but rebooting seems to have returned the old problems. Audio/video WAY out of sync, audio sounds like it's under water.

I would try uninstalling/reinstalling Chrome, but it's the same on IE.

So frustrating. Your patience and persistence is amazing.

Thanks,
Jerry:confused:
Juliet
2014-04-07, 13:40
Wish I had a direct answer to this, I don't.

Let me supply you with articles to read over with the hope one will fix yours.

http://www.sevenforums.com/sound-audio/41681-audio-distorted-tinny-sounds-like-its-underwater.html
http://www.sevenforums.com/sound-audio/16627-windows-7-sound-distortion.html

http://www.sevenforums.com/sound-audio/288162-sound-randomly-garbled-underwater.html
Juliet
2014-04-07, 13:47
Let's try to disable start ups to prevent to many items running in the background

Download HijackThis

Go Here (http://www.bleepingcomputer.com/download/hijackthis/dl/90/) to download HijackThis program
Save HijackThis to your desktop.
Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
copy and paste hijackthis report into the topic
jeromez48
2014-04-07, 17:40
Hi Juliet,

I went to the sites you suggested. It seems they want to sell something that either fixes the registry or updates the drivers. I was on the windows update site just recently and it didn't want to update any drivers. I think your fixes checked the registry. Am I right? The company (same for both fixes) is called RegCurePro.

Do you know anything about them? Their page states they are a gold application developer for Windows.

Once again, thanks for all your help!!!!

Jerry
Juliet
2014-04-07, 20:03
Windows7 forum doesn't try to sell anything. What I saw were instructions to settle issues like your describing. And, I would never tell anyone to download and use RegCurePro, thats a tool we tell people to remove.
jeromez48
2014-04-07, 20:17
Hello Juliet,

Thanks for your prompt reply! I appreciate your advice and will re-read the forums to see if I can help myself.

I will continue to keep you updated!

Kind regards,

Jerry:)
Juliet
2014-04-07, 21:47
:2thumb:
jeromez48
2014-04-10, 22:00
:laugh: Hello Juliet,

Both my internet and computer speeds are much improved. However, I still have a problem with Shockwave crashing and audio/video sync.

Do you think it would help if I uninstalled and reinstalled Chrome? If so, are the favorites and settings stored in the cloud or do I need to back them up?

Thanks,
Jerry
Juliet
2014-04-10, 22:21
Let's try this

to reset Chrome back to defaults to completely clear out what is going on.

We can keep the bookmarks by exporting them - Export Bookmarks (http://support.google.com/chrome/bin/answer.py?hl=en&answer=96816)


Then I need you to go Google Sync (https://www.google.com/settings/chrome/sync) and sign into your account

scroll down untill you see the "Stop and Clear" button and click on button

At the prompt click on "Ok"

Now we need to uninstall chrome

I want you to uninstall Chrome and if asked about user data or settings then remove this also restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome (https://www.google.com/intl/en/chrome/browser/)

After you have Chrome reinstalled please check things out and let me know how it is doing.
Juliet
2014-04-21, 16:00
Glad we could help. :)http://i204.photobucket.com/albums/bb106/Juliet702/sparkle.gif

Since this issue appears resolved ... this Topic is closed.