A number of viruses removed by Malwarebytes, but problems not resolved

[LOL]

Computer has been running pretty slow, particularly online. I ran malwarebytes and it identified and removed several viruses, but not much has improved. Internet Explorer is barely working at all - keeps having error messages and having to close. Firefox is only slightly better. It runs, but is painfully slow moving from one page to the next.

 

Unfortunately I did run c cleaner and Old Timer TFC to see if cleaning out junk and temporary files would help. It didn't, though both removed rather a lot. I see from your pinned instructions that this might not have been helpful.

 

Here are the logs from the Farbar tool. I'd be grateful for any help you can give.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-11-2014 01
Ran by Norma (administrator) on NORMA-PC on 16-11-2014 16:05:41
Running from C:\Users\Norma\Downloads
Loaded Profile: Norma (Available profiles: Norma)
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Registration\GregHSRW.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-08-20] (AVAST Software)
HKU\S-1-5-21-2061290426-1330879846-2013246735-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_enGB411GB411
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_enGB411GB411
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpIdfPlugin.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Norma\AppData\Roaming\Mozilla\Firefox\Profiles\30pbpk6y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @ei.UtilityChest_49.com/Plugin -> C:\Program Files\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor8.0; c:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [169312 2009-10-09] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-07-21] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [106488 2014-07-21] (AVAST Software)
S3 GameConsoleService; C:\Program Files\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [238328 2009-10-10] (WildTangent, Inc.)
R2 Greg_Service; C:\Program Files\Packard Bell\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-08] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-21] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-21] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270752 2014-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-21] ()
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-13] (Microsoft Corporation)
S3 EUCR; C:\Windows\system32\drivers\EUCR6SK.SYS [82384 2010-03-02] (ENE Technology Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 16:05 - 2014-11-16 16:07 - 00009039 _____ () C:\Users\Norma\Downloads\FRST.txt
2014-11-16 16:04 - 2014-11-16 16:05 - 00000000 ____D () C:\FRST
2014-11-16 16:03 - 2014-11-16 16:03 - 01108992 _____ (Farbar) C:\Users\Norma\Downloads\FRST.exe
2014-11-16 14:56 - 2014-11-16 15:18 - 00006867 _____ () C:\Windows\IE11_main.log
2014-11-15 23:36 - 2014-11-16 14:38 - 00000112 _____ () C:\Windows\setupact.log
2014-11-15 23:36 - 2014-11-15 23:36 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-15 22:46 - 2014-11-15 22:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-15 22:42 - 2014-11-15 22:42 - 04976456 _____ (Piriform Ltd) C:\Users\Norma\Downloads\ccsetup419.exe
2014-11-15 16:20 - 2014-10-18 01:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-14 17:32 - 2014-08-12 01:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-14 17:25 - 2014-08-21 06:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-14 17:25 - 2014-08-21 06:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-14 00:52 - 2014-11-14 01:00 - 00000000 ____D () C:\AdwCleaner
2014-11-13 23:53 - 2014-11-16 14:40 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-13 23:51 - 2014-11-13 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-13 23:51 - 2014-11-13 23:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-13 23:51 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-13 23:51 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-13 22:51 - 2014-10-14 01:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 22:49 - 2014-10-10 00:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 22:49 - 2014-10-03 01:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 22:49 - 2014-10-03 01:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 22:49 - 2014-10-03 01:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 22:49 - 2014-10-03 01:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 22:49 - 2014-10-03 01:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 22:49 - 2014-09-19 09:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-13 22:49 - 2014-09-19 09:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 22:49 - 2014-09-19 09:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 22:49 - 2014-09-19 09:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 22:49 - 2014-09-19 09:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 22:49 - 2014-09-19 09:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 22:49 - 2014-09-19 09:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 22:43 - 2014-11-13 22:43 - 00006576 ____N () C:\bootsqm.dat
2014-11-13 21:19 - 2014-11-05 17:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 21:18 - 2014-11-05 17:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 21:18 - 2014-11-05 17:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 21:18 - 2014-10-26 00:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 21:18 - 2014-10-26 00:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 21:18 - 2014-10-26 00:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 21:18 - 2014-10-26 00:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 21:18 - 2014-10-26 00:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 21:18 - 2014-10-25 01:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 21:17 - 2014-10-26 00:36 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 21:17 - 2014-10-26 00:35 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 21:17 - 2014-10-26 00:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 21:17 - 2014-10-26 00:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 21:17 - 2014-10-26 00:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 21:17 - 2014-10-26 00:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-13 21:17 - 2014-10-26 00:34 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 21:17 - 2014-10-26 00:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 21:17 - 2014-10-26 00:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 21:17 - 2014-10-26 00:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 21:17 - 2014-10-26 00:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 21:17 - 2014-10-26 00:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 21:17 - 2014-10-26 00:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 21:17 - 2014-10-25 23:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-11-13 21:16 - 2014-10-14 01:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 21:16 - 2014-10-14 01:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 21:16 - 2014-10-14 01:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 21:16 - 2014-10-14 01:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 21:16 - 2014-10-14 01:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-10 19:04 - 2014-11-10 19:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-09 10:44 - 2014-11-11 20:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-10-18 11:43 - 2014-10-18 11:43 - 00000000 ____D () C:\Users\Norma\AppData\Local\Macromedia
2014-10-18 11:26 - 2014-10-18 11:26 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-18 11:25 - 2014-11-16 15:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 11:25 - 2014-11-11 20:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-18 11:25 - 2014-11-11 20:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 15:43 - 2009-07-14 04:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-16 15:43 - 2009-07-14 04:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-16 15:42 - 2011-02-24 21:11 - 00000000 ____D () C:\Users\Norma\AppData\Local\CrashDumps
2014-11-16 15:39 - 2010-06-15 00:52 - 01079208 _____ () C:\Windows\WindowsUpdate.log
2014-11-16 14:39 - 2009-07-14 04:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 00:14 - 2011-06-07 23:08 - 00000000 ___RD () C:\Users\Norma\Desktop\Security
2014-11-15 23:44 - 2010-05-05 11:12 - 00393022 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-15 23:30 - 2014-06-16 22:29 - 00000000 ____D () C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-11-15 23:28 - 2014-06-16 22:28 - 00000000 ____D () C:\Program Files\Sophos
2014-11-15 22:56 - 2007-07-12 01:49 - 00000000 ____D () C:\Windows\Panther
2014-11-15 18:11 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-14 17:03 - 2009-07-14 04:33 - 00339336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-14 17:00 - 2014-05-07 17:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-14 01:51 - 2010-05-05 11:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 01:36 - 2013-07-19 16:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 01:30 - 2011-01-01 10:02 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 23:52 - 2011-06-07 22:55 - 00000000 ____D () C:\Users\Norma\AppData\Roaming\Malwarebytes
2014-11-13 23:51 - 2011-06-07 22:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-13 23:51 - 2011-06-07 22:55 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-11-12 08:53 - 2014-03-04 18:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-28 06:35 - 2011-02-20 12:53 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-18 11:26 - 2010-12-29 21:27 - 00000000 ____D () C:\Users\Norma\AppData\Local\Adobe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-16 10:53

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-11-2014 01
Ran by Norma at 2014-11-16 16:08:11
Running from C:\Users\Norma\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510gm_Help (Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_starter (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.5.2002.1115 - Alps Electric)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.29 - Atheros Communications Inc.)
avast! Internet Security (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Bejeweled 2 Deluxe (Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (Version: 2.2.0.82 - WildTangent) Hidden
Bob the Builder Can-Do-Zoo (Version: 2.2.0.82 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Chicken Invaders 3 - Revenge of the Yolk (Version: 2.2.0.82 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
ENE USB Card Reader Driver (HKLM\...\F3C7F6463C419D1D216961B5B81E2FE534986562) (Version: 5.89.0.66 - ENE)
Escape Rosecliff Island (Version: 2.2.0.82 - WildTangent) Hidden
Faerie Solitaire (Version: 2.2.0.82 - WildTangent) Hidden
FATE - The Traitor Soul (Version: 2.2.0.82 - WildTangent) Hidden
HP IDF Software (HKLM\...\{974025B1-769B-49E9-817C-C638ABE8F372}) (Version: 11.15.1000 - Hewlett-Packard Company)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3002 - Packard Bell)
Insaniquarium Deluxe (Version: 2.2.0.82 - WildTangent) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Jewel Quest (Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 3 (Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: 4.0.8 - Packard Bell)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Packard Bell Game Console (Version:  - WildTangent) Hidden
Packard Bell Games (HKLM\...\WildTangent packardbell Master Uninstall) (Version: 1.0.0.80 - WildTangent)
Packard Bell InfoCentre (HKLM\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell Power Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3002 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Packard Bell)
Packard Bell Registration (HKLM\...\Packard Bell Registration) (Version: 1.02.3006 - Packard Bell)
Packard Bell Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Packard Bell)
Peggle (Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (Version: 2.2.0.82 - WildTangent) Hidden
Polar Pool (Version: 2.2.0.82 - WildTangent) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6066 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.91 (HKLM\...\Revo Uninstaller) (Version: 1.91 - VS Revo Group)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Video Web Camera (HKLM\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 5.0.1.0 - liteon)
Virtual Families (Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - A New Home (Version: 2.2.0.82 - WildTangent) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM\...\Packard Bell Welcome Center) (Version: 1.01.3002 - Packard Bell)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahtzee (Version: 2.2.0.82 - WildTangent) Hidden
Zuma Deluxe (Version: 2.2.0.82 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

31-10-2014 20:25:52 Windows Update
01-11-2014 13:59:16 Windows Update
02-11-2014 09:15:22 Windows Update
02-11-2014 14:39:57 Windows Update
04-11-2014 18:29:19 Windows Update
05-11-2014 08:50:59 Windows Update
06-11-2014 17:09:36 Windows Update
07-11-2014 18:22:28 Windows Update
09-11-2014 10:18:01 Windows Update
10-11-2014 18:46:48 Windows Update
11-11-2014 20:25:49 Windows Update
14-11-2014 01:27:42 Windows Update
15-11-2014 10:58:11 Windows Modules Installer
15-11-2014 20:00:06 Windows Update
15-11-2014 21:29:32 Windows Update
15-11-2014 23:10:03 Revo Uninstaller's restore point - Sophos Virus Removal Tool
15-11-2014 23:14:44 Revo Uninstaller's restore point - Sophos Virus Removal Tool
16-11-2014 14:52:28 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:04 - 2009-06-10 21:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {D1F9C5AA-4BDA-484A-8D6B-4B7E5DC7F5B5} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-07-21] (AVAST Software)
Task: {D81313B3-1C58-4793-9783-B3928E456459} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {E295260C-FF64-4CE5-9A45-8E417BA3D34F} - System32\Tasks\{7BD24BE9-407D-452C-A793-1599F03B4BA5} => Iexplore.exe http://ui.skype.com/ui/0/4.1.0.179.370/en/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {FB0A7198-A871-402C-AF60-BA96357492F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-11] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-07-21 20:52 - 2014-07-21 20:52 - 00301152 _____ () C:\Program Files\Alwil Software\Avast5\aswProperty.dll
2014-11-15 17:54 - 2014-11-15 17:54 - 02903040 _____ () C:\Program Files\Alwil Software\Avast5\defs\14111501\algo.dll
2014-11-16 14:44 - 2014-11-16 14:44 - 02903040 _____ () C:\Program Files\Alwil Software\Avast5\defs\14111600\algo.dll
2014-07-21 20:52 - 2014-07-21 20:52 - 19329904 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2014-11-10 19:04 - 2014-11-10 19:06 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Norma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acer ePower Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint2K\Apoint.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LManager => C:\Program Files\Launch Manager\LManager.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2061290426-1330879846-2013246735-500 - Administrator - Disabled)
Guest (S-1-5-21-2061290426-1330879846-2013246735-501 - Limited - Disabled)
Norma (S-1-5-21-2061290426-1330879846-2013246735-1000 - Administrator - Enabled) => C:\Users\Norma

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/16/2014 03:42:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17148, time stamp: 0x544c16cd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x13ac
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/16/2014 03:41:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17148, time stamp: 0x544c16cd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1448
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/16/2014 03:39:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 33.1.0.5423, time stamp: 0x545c0a59
Faulting module name: mozalloc.dll, version: 33.1.0.5423, time stamp: 0x545be5ee
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x1308
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (11/16/2014 03:39:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.0.5423 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d98

Start Time: 01d001abe06f022e

Termination Time: 1470

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: aed786e9-6da6-11e4-813b-88ae1d127725

Error: (11/16/2014 00:06:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17148, time stamp: 0x544c16cd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x614
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/16/2014 00:06:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17148, time stamp: 0x544c16cd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0xb08
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/16/2014 00:04:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17148, time stamp: 0x544c16cd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0xe5c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/16/2014 00:04:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17148, time stamp: 0x544c16cd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x468
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/16/2014 00:03:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17148, time stamp: 0x544c16cd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0xed8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/16/2014 00:03:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17148, time stamp: 0x544c16cd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0xee4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (11/16/2014 03:37:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7.

Error: (11/16/2014 03:37:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Software Protection service failed to start due to the following error:
%%1053

Error: (11/16/2014 03:37:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

Error: (11/16/2014 03:32:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

Error: (11/16/2014 03:30:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

Error: (11/16/2014 02:50:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (11/16/2014 02:39:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (11/15/2014 11:36:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (11/15/2014 09:38:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (11/15/2014 09:37:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-03-04 01:17:39.223
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Atom CPU N450 @ 1.66GHz
Percentage of memory in use: 82%
Total physical RAM: 1013.1 MB
Available physical RAM: 174.67 MB
Total Pagefile: 2434.78 MB
Available Pagefile: 1208.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1914.59 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:135.94 GB) (Free:98.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: BDBD5BA8)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=135.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

 

Thanks

 

Norma

[MrCharlie]

Welcome to the forum. (Do what you can)

General P2P/Piracy Warning:

 

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

2. If you have illegal/cracked software (MS Office, Adobe Products), cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

1. Please run a Threat Scan with Malwarebytes

Start Malwarebytes 2.0..........

Click on Settings > Detection and Protection > Non-Malware Protection > PUP (Potentially Unwanted Program) detections > Make sure it's set to Treat detections as malware

Same for PUM (Potentially Unwanted Modifications)

Quarantine all that's found

Post the log (save the log as a .txt file not .xml)

Then......

2. Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Wait for the Prescan to finish

Click Scan to scan the system.

When the scan completes > Don't Fix anything! > Click on the Report Button and post the Report back here.

Don't run any other options, they're not all bad!!!!!!!

RogueKiller logs will also be located here:

%programdata%/RogueKiller/Logs <-------W7

C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <-------XP

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running. Create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear".

------->Your topic will be closed if you haven't replied within 3 days!<--------

If I don't respond within 24 hours, please send me a PM

[LOL]

Hi MrCharlie, Many thanks for your assistance

 

I've done as you asked and the logs are below

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16/11/2014
Scan Time: 20:20:37
Logfile: Malwarebytes Log.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.16.05
Rootkit Database: v2014.11.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Norma

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 291706
Time Elapsed: 23 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

RogueKiller V10.0.6.0 [Nov 13 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Norma [Administrator]
Mode : Scan -- Date : 11/16/2014  21:51:41

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-2061290426-1330879846-2013246735-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://home.bt.com/  -> Found
[PUM.StartMenu] HKEY_USERS\S-1-5-21-2061290426-1330879846-2013246735-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> Found
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD1600BEVT-22A23T0 +++++
--- User ---
[MBR] bb78c3317fca385c8ba4048e43e6a283
[bSP] 686818fc42b5893c09b487e08ce273d9 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 13319 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 27278370 | Size: 101 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 27487215 | Size: 139205 MB
User = LL1 ... OK
User = LL2 ... OK
 

[MrCharlie]

There's not much showing in the logs.
I see you ran AdwCleaner, did you run JRT???

If not............

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

=======================
 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

 

Please permanently disable Windows Defender, you have AVAST running and having two anti-virus programs running on a system only causes poor performance, conflicts and spotty protection.

How to Disable Defender

Dangers of running 2 anti-virus programs

=======================

You can always reset any browser that's being a problem.

http://www.howtogeek.com/171924/how-to-reset-your-web-browser-to-its-default-settings/

MrC

[LOL]

Hi,

 

I've tried everything in your last post - a copy of the JRT log is below

 

The fact that two anti-virus programs were running sounded promising - I thought Windows Defender was disabled. I followed your instruction to close it, but disappointingly this doesn't seem to have made any noticable difference

 

I re-set both browsers (IE & Firefox). At first this seemed to have made at least a small improvement. I turned-off and re-booted. I  waited until the desktop was open then left it another 3-4 minutes to try to ensure that all start-up process was complete, then I clicked on Firefox. It took about one minute forty-five seconds for the browser window to open. Once open it was v slow

 

I closed this down and a couple of minutes later launched IE. It seemed to be going ok for a few seconds and then I got the following error message (this is the original problem I was having with IE)

 

"Internet Explorer has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available"

 

It closed, but no further information came through. I tried to open it again and the same thing happened

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Starter x86
Ran by Norma on 17/11/2014 at 18:24:10.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{0C398276-CABC-4FDA-86C8-BF2E58CC8B36}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{1470DD10-2750-4776-880B-596897D12A07}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{18956F84-AF62-4C64-83CB-B38929288904}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{1980D750-BB9E-4CAE-BE81-3B5E5701AFEA}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{20EE4B77-A50E-48A2-A29E-D12CE8F831A7}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{3E93A319-1D46-4587-8131-5D7C65D6DA79}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{5B853424-08FB-47E7-A721-03F8E5567DE1}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{783B0864-5040-40AA-9516-8DFEE1DAF6AE}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{8F7DECE8-0E9F-448D-B359-59F315A6835B}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{90801478-3B7E-4EB6-B193-F31D26C7FBE6}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{93232B18-A2B1-47EA-9630-ECAE99ED78E3}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{AB629AA1-1FF4-454D-8A5E-DC7014BF3D9A}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{C5C72EBE-658D-46D2-AF41-9F56AE2C147A}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{C624BF38-208A-4A77-814B-5B81420134E5}
Successfully deleted: [Empty Folder] C:\Users\Norma\appdata\local\{E7D0557A-65F8-430F-BEAC-A5BAF1672B52}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/11/2014 at 18:37:12.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

It seems like the tools aren't really finding much wrong, but any other ideas would be appreciated

 

Norma

[MrCharlie]

Give this a try:

Download zoek.exe to your Desktop:

http://hijackthis.nl/smeenk/

Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications Here

http://www.bleepingcomputer.com/forums/topic114351.html

On Windows Vista, 7, and 8, right-click Zoek.exe and select: Run as Administrator

Give it a few seconds to appear

Next, copy/paste the entire script inside the codebox below to the input field of Zoek:

autoclean;

emptyalltemp;

emptyclsid;

Now...

Close any open programs.

Click the Run script button, and wait. It takes a few minutes to run.

When the tool finishes, the zoek-results.log is opened in Notepad.

The log is also found on the systemdrive, normally C:\

If a reboot is needed, the log is opened after the reboot.

MrC

[LOL]

Hi,

Here is the log from Zoek

 

Zoek.exe v5.0.0.0 Updated 16-November-2014
Tool run by Norma on 19/11/2014 at  1:05:14.93.
Microsoft Windows 7 Starter  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Norma\Downloads\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

19/11/2014 01:13:47 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2061290426-1330879846-2013246735-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Norma\Downloads\456_189_182444monthlysavings9912347lp.pdf deleted
C:\Windows\system32\config\systemprofile\Searches deleted
"C:\Users\Norma\AppData\Local\{8080774B-D335-4643-B249-C41310281906}" deleted
"C:\Users\Norma\AppData\Local\{9862EC6D-8E8D-4714-8AAF-FA1A96C1C81D}" deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Norma\AppData\Roaming\Mozilla\Firefox\Profiles\e9696u54.default-1416269746444
67D325B5AEB28E381B84E8DE1A90C7A8    - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll -    Shockwave Flash
893BF7D2261C56C24F813405D9D018E0    - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll -    Silverlight Plug-In
AE84791D996D1F05A2446B0C447D937A    - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll -    Adobe Acrobat
AE84791D996D1F05A2446B0C447D937A    - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll -    Adobe Acrobat
AC421A44DE902F2627F1E63793ED89CD    - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -    Windows Live? Photo Gallery
8DA2ED6B04EA33F2EAE8BA883F903729    - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll -    Microsoft® Silverlight


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://home.bt.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://home.bt.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown  Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2061290426-1330879846-2013246735-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully
HKEY_USERS\S-1-5-21-2061290426-1330879846-2013246735-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully

==== Empty IE Cache ======================

C:\Users\Norma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Norma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Norma\AppData\Local\Mozilla\Firefox\Profiles\e9696u54.default-1416269746444\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6 folders=1 122330 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Norma\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Norma\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 19/11/2014 at  7:56:15.76 ======================
 

 

Norma

[MrCharlie]

Is there any improvement???

 

MrC

[LOL]

 No, nothing noticable

 

Both browsers (IE & Firefox) are still having the same problems. Both taking a minute plus to launch. Running slow. Firefox I have to close after a few minutes because "a script is running slow or has stopped working". IE still closes after a short while "Internet Explorer has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available".

 

N

[MrCharlie]

Try re-installing IE 10:

http://support.microsoft.com/kb/318378

 

MrC

[LOL]

Hi,

 

This doesn't seem to be possible. The IE 10 download page doesn't seem to exist any longer.  Everything I tried points to using IE11 instead. However the IE 11setup has failed several times. I don't know whether this is because this machine is only using Windows 7 Starter?

[MrCharlie]

See if this page works: (I can't tell because I'm using XP pro and is not supported any longer)

http://www.microsoft.com/en-us/download/internet-explorer.aspx

or here:

http://filehippo.com/download_internet_explorer_windows_7/14434/

MrC

[LOL]

Hi MrC,

I managed to download a copy of IE 10 from the second link, but it wouldn't load as the setup program says that a later version of IE is already installed. Reading on the net, it seems that a lot of folk are haviong difficulty upgrading Windows 7 Starter to IE version11.

 

You don't seem to be able to find any evidence of an infection, so as there isn't much data on this machine, I think that unless you have a better idea, I'll just reset it back to factory settings and see if that resolves the issues. I only use it for web browsing, so it's pretty useless with the browsers behaving as they are.

 

Can you advise how I remove the programs such as Zoek, JRT etc.?

 

Thanks

 

N

[MrCharlie]

OK.........

Download Delfix from here and save it to your desktop.

• Ensure Remove disinfection tools is checked.
• Click the Run button.

Any other programs or logs you can manually delete. (right click.....Delete)
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.
The rest you can manually delete.

MrC

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!