Solved Very slow running laptop. no sure why
- Thread starter stevow
- Start date
Well I got google chrome to work, however; a window popped up that said "unsupported extensions disabled........it may have been added without your knowledge." It was that
PrivDog name again. Is this a problem because when I hit the 'ok, got it' prompt, google chrome shut down and the 'your computer shut down unexpectedly etc etc. with the black screen appeared. Now I have chrome up again and I have msn homepage up with the chrome in the below task bar along with IE's symbol.
Ok now I X'd out the page and goggle chrome disappeared. I hit 'set as default browser' and OK 3 times.
Now what?
PrivDog name again. Is this a problem because when I hit the 'ok, got it' prompt, google chrome shut down and the 'your computer shut down unexpectedly etc etc. with the black screen appeared. Now I have chrome up again and I have msn homepage up with the chrome in the below task bar along with IE's symbol.
Ok now I X'd out the page and goggle chrome disappeared. I hit 'set as default browser' and OK 3 times.
Now what?
OK, Broni,
A little info for you and then I'll resume the next scan. I remember noticing in one of the scans that both COmodo and Windows Firewall were enabled. Didn't think anything of it and when I went to W's firewall it was indeed enabled too. Don't know if they were in conflict.
Anyway.....
SO I did uninstalled Comodo and Shazam! Something I didn't notice was the IE icon in the taskbar was also in Comodo Sandbox. That must be why IE would not load. Well now I have both IE and Chrome on my taskbar and working. If this will cause the laptop to run a pinch slower(?) I'll rid Chrome since all my favorites are in IE. Does it matter?
Also, I know Comodo is a great tool with the double sided wall, but I was getting tired of it always popping up prompting me. The scans were a pain due to this. What are you thoughts just going with WIndows Firewall and forgetting Comodo? I want good security, but I think Comodo's prompting is why IE and Chrome ended up Sandboxed by being confused on what series of GREEN buttons to push. It was a pain.
Going to resume the next scan.
thanks!
A little info for you and then I'll resume the next scan. I remember noticing in one of the scans that both COmodo and Windows Firewall were enabled. Didn't think anything of it and when I went to W's firewall it was indeed enabled too. Don't know if they were in conflict.
Anyway.....
SO I did uninstalled Comodo and Shazam! Something I didn't notice was the IE icon in the taskbar was also in Comodo Sandbox. That must be why IE would not load. Well now I have both IE and Chrome on my taskbar and working. If this will cause the laptop to run a pinch slower(?) I'll rid Chrome since all my favorites are in IE. Does it matter?
Also, I know Comodo is a great tool with the double sided wall, but I was getting tired of it always popping up prompting me. The scans were a pain due to this. What are you thoughts just going with WIndows Firewall and forgetting Comodo? I want good security, but I think Comodo's prompting is why IE and Chrome ended up Sandboxed by being confused on what series of GREEN buttons to push. It was a pain.
Going to resume the next scan.
thanks!
Security Scan.....I post the next scan in a new reply.
Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 5.0
Java 7 Update 67
Adobe Reader 10.1.11 Adobe Reader out of Date!
Google Chrome 34.0.1847.137
Google Chrome 37.0.2062.120
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````
Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 5.0
Java 7 Update 67
Adobe Reader 10.1.11 Adobe Reader out of Date!
Google Chrome 34.0.1847.137
Google Chrome 37.0.2062.120
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````
Farbar Service Scanner Version: 21-07-2014
Ran by steve (administrator) on 17-09-2014 at 14:26:53
Running from "C:\Users\steve\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
Ran by steve (administrator) on 17-09-2014 at 14:26:53
Running from "C:\Users\steve\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
The eset scan just finished and it took over 3 hrs. The Report said "No Threats Found". I was on the phone and I don't know if there was a report or not. I clicked ok and Eset disappeared.
I don't see Eset in the downloaded files, sooooo I guess it's good to go?
Also the TFC cleaned 2800+ mb's. And I unistalled ATF.
If I have to rescan Eset for a file to post I"ll have to do it Thur cause I'm done for the day.
Please advise.
I don't see Eset in the downloaded files, sooooo I guess it's good to go?
Also the TFC cleaned 2800+ mb's. And I unistalled ATF.
If I have to rescan Eset for a file to post I"ll have to do it Thur cause I'm done for the day.
Please advise.
Broni
Posts: 56,041 +516
Update Adobe Reader
You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
=============================
Your computer is clean
1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.
Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
Once finished a logfile will be created. You don't have to attach it to your next reply.
2. Make sure Windows Updates are current.
3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).
8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642
12. Please, let me know, how your computer is doing.
You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
=============================
Your computer is clean
1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
- Activate UAC (optional; some users prefer to keep it off)
- Remove disinfection tools
- Create registry backup
- Purge System Restore
- Reset system settings
Once finished a logfile will be created. You don't have to attach it to your next reply.
2. Make sure Windows Updates are current.
3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).
8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642
12. Please, let me know, how your computer is doing.
Delfix said be patient. IT's done already. Cool.
I'll dump Shockwave.
Huh, my next question was going to be the HP Support Assistant, which has had the ! warning up since before I started this thread. I looked down and It's now gone I guess since Delfix. Perfect!
I'll do the other recommendations above.
btw, I know how I got infected. It was WiFi in Fresno, CA at my son's Indoor State Track Championships. I hadn't used this laptop in months and while I was updating avast etc I'm sure that's how it started. I really didn't have time to mess with the PC. Fastforward to mid May when I went to another out of town track meet and again at the hotel I tried updating and everything went slow slow slow.
Just now Malwarebytes window popped up and blocked a malicious attempt. Cool!
I'll do the rest tomorrow and browse around and I get back to you on how everything is going.
Thanks a million, Broni!
Catch up in a few days.
I'll dump Shockwave.
Huh, my next question was going to be the HP Support Assistant, which has had the ! warning up since before I started this thread. I looked down and It's now gone I guess since Delfix. Perfect!
I'll do the other recommendations above.
btw, I know how I got infected. It was WiFi in Fresno, CA at my son's Indoor State Track Championships. I hadn't used this laptop in months and while I was updating avast etc I'm sure that's how it started. I really didn't have time to mess with the PC. Fastforward to mid May when I went to another out of town track meet and again at the hotel I tried updating and everything went slow slow slow.
Just now Malwarebytes window popped up and blocked a malicious attempt. Cool!
I'll do the rest tomorrow and browse around and I get back to you on how everything is going.
Thanks a million, Broni!
Catch up in a few days.
Morning,.
Some interesting bit of info, I went to hit Malware scan for the heck of it and clicked Avast on accident, a window popped up and said it's detected crud on my browser and needs cleanup. I haven't touched this laptop since my last post and thought it was odd. I left it connected to the net via cat 5 and turned the laptop off.
It didn't say what the problem was, however, it did have a log which I'll post for the heck of it.
I then clicked for more info and that click sent me straight to Avast forums and found out that many have had this same warning and allowed the browser cleanup and boy are they mad. It erased business files, Adobe, games and other programs.
It probably doesn't mean anything, but
*********** here's the paste *************************************
18.09.2014 06:08:41 (TID: 5228)
Product version: 9.0.2022.257
Microsoft IE
Install Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Version: 9.11.9600.17280
Mozilla Firefox Browser
Browser not found
Google Chrome Browser
Version: 37.0.2062.120
Install Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Profile Path: C:\Users\steve\AppData\Local\Google\Chrome\User Data\
Google Chrome Profiles
Name: Default Path: C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default
Opera Browser
Browser not found
Google Chrome
Extensions
Profile: Default
ID: bepbmhgboaologfdajaanbcjmnhjmhfn Name: Google Voice Search Hotword (Beta)
ID: blpcfgokakmgnkcojhhkbfbldkacnbeo Name: YouTube
ID: cmaiofennmphjldldcpphcechfnnohja Name: PrivDog
ID: coobgpohoikkiipiblmjeljniedjpjpf Name: Google Search
ID: gomekmidlodglbbmalcneegieacbdmki Name: avast! Online Security
ID: nmmhkkegccagdldgiimedpiccmgmieda Name: Google Wallet
ID: pjkljhegncpnkpknbcohdijeoejaedia Name: Gmail
Google Chrome
Homepages
Profile: Default
Url : http://us.yahoo.com?fr=fpc-comodo
Url : http://www.msn.com/?pc=U146H&ocid=U146HDHP
Search Engines
Profile: Default
Name : ask
Url : http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Microsoft IE
Extensions
ID: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} Name: QuickTime Object
ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Name: Adobe PDF Link Helper
ID: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} Name: Windows Media Player
ID: {2318c2b1-4965-11d4-9b18-009027a5cd4f} Name: Google Toolbar
ID: {2933bf90-7b36-11d2-b20e-00c04f983e60} Name: XML DOM Document
ID: {3050f819-98b5-11cf-bb82-00aa00bdce0b} Name: HtmlDlgSafeHelper Class
ID: {4063be15-3b08-470d-a0d5-b37161cffd69} Name: QuickTime Object
ID: {48123bc4-99d9-11d1-a6b3-00c04fd91555} Name: XML Document
ID: {5852f5ed-8bf4-11d4-a245-0080c6f74284} Name: isInstalled Class
ID: {6bf52a52-394a-11d3-b153-00c04f79faa6} Name: Windows Media Player
ID: {7530bfb8-7293-4d34-9923-61a11451afc5} Name: OnlineScanner Control
ID: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} Name: Java(tm) Plug-In SSV Helper
ID: {8856f961-340a-11d0-a96b-00c04fd705a2} Name: Microsoft Web Browser
ID: {88d96a05-f192-11d4-a65f-0040963251e5} Name: XML DOM Document 6.0
ID: {88d96a0a-f192-11d4-a65f-0040963251e5} Name: XML HTTP 6.0
ID: {8ad9c840-044e-11d1-b3e9-00805f499d93} Name: Java Plug-in 10.67.2
ID: {8dcb7100-df86-4384-8842-8fa844297b3f} Name: Bing Bar
ID: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} Name: avast! Online Security
ID: {9421dd08-935f-4701-a9ca-22df90ac4ea6} Name: Easy Photo Print
ID: {ca8a9780-280d-11cf-a24d-444553540000} Name: Adobe PDF Reader
ID: {cafeefac-dec7-0000-0001-abcdeffedcba} Name: Deployment Toolkit
ID: {cd3afa76-b84f-48f0-9393-7edc34128127} Name: AUDIO__MP3 Moniker Class
ID: {cd3afa88-b84f-48f0-9393-7edc34128127} Name: VIDEO__AVI Moniker Class
ID: {cd3afa8f-b84f-48f0-9393-7edc34128127} Name: VIDEO__X_MS_ASF Moniker Class
ID: {cd3afa94-b84f-48f0-9393-7edc34128127} Name: VIDEO__X_MS_WMV Moniker Class
ID: {cd3afa9a-b84f-48f0-9393-7edc34128127} Name: VIDEO__QUICKTIME Moniker Class
ID: {d2517915-48ce-4286-970f-921e881b8c5c} Name: Windows Live ID Sign-in Control
ID: {d27cdb6e-ae6d-11cf-96b8-444553540000} Name: Shockwave Flash Object
ID: {d719897a-b07a-4c0c-aea9-9b663a28dfcb} Name: iTunesDetector Class
ID: {dbc80044-a445-435b-bc74-9c25c1c588a9} Name: Java(tm) Plug-In 2 SSV Helper
ID: {de4af3b0-f4d4-11d3-b41a-0050da2e6c21} Name: QuickTimeCheck Class
ID: {dfeaf541-f3e1-4c24-acac-99c30715084a} Name: Microsoft Silverlight
ID: {ed8c108e-4349-11d2-91a4-00c04f7969e8} Name: XML HTTP Request
ID: {f5078f32-c551-11d3-89b9-0000f81fe221} Name: XML DOM Document 3.0
ID: {f5078f35-c551-11d3-89b9-0000f81fe221} Name: XML HTTP 3.0
ID: {f6d90f11-9c73-11d3-b32e-00c04f990bb4} Name: XML DOM Document
ID: {f6d90f16-9c73-11d3-b32e-00c04f990bb4} Name: XML HTTP
ID: {fb16e5c3-a9e2-47a2-8efc-319e775e62cc} Name: PrivDog Extension
Microsoft IE
Homepages
Profile: HKCU
Url : http://g.msn.com/HPNOT/1
Search Engines
Profile: HKCU
Name : Bing
Url : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
Google Chrome
Homepages
Profile: Default
Url : http://us.yahoo.com?fr=fpc-comodo
Url : http://www.msn.com/?pc=U146H&ocid=U146HDHP
Search Engines
Profile: Default
Name : ask
Url : http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Microsoft IE
Homepages
Profile: HKCU
Url : http://g.msn.com/HPNOT/1
Search Engines
Profile: HKCU
Name : Bing
Url : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
BCURequest:
GlobalStat
ProductLanguage : en
OSLanguage : en-us
Location : en-us
OSType : 6.1
IsStandalone : 0
Version : 9.0.2022.257
PartnerId : avastbcl
Priority : 10
Google Chrome:
IsDefault: 0
Homepages
Url: http://us.yahoo.com?fr=fpc-comodo
Url: http://www.msn.com/?pc=U146H&ocid=U146HDHP
Search Engines
Url: http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Extensions
ID: bepbmhgboaologfdajaanbcjmnhjmhfn Name: Google Voice Search Hotword (Beta)
ID: blpcfgokakmgnkcojhhkbfbldkacnbeo Name: YouTube
ID: cmaiofennmphjldldcpphcechfnnohja Name: PrivDog
ID: coobgpohoikkiipiblmjeljniedjpjpf Name: Google Search
ID: gomekmidlodglbbmalcneegieacbdmki Name: avast! Online Security
ID: nmmhkkegccagdldgiimedpiccmgmieda Name: Google Wallet
ID: pjkljhegncpnkpknbcohdijeoejaedia Name: Gmail
Microsoft IE:
IsDefault: 1
Homepages
Url: http://g.msn.com/HPNOT/1
Search Engines
Url: http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
Extensions
ID: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} Name: QuickTime Object
ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Name: Adobe PDF Link Helper
ID: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} Name: Windows Media Player
ID: {2318c2b1-4965-11d4-9b18-009027a5cd4f} Name: Google Toolbar
ID: {2933bf90-7b36-11d2-b20e-00c04f983e60} Name: XML DOM Document
ID: {3050f819-98b5-11cf-bb82-00aa00bdce0b} Name: HtmlDlgSafeHelper Class
ID: {4063be15-3b08-470d-a0d5-b37161cffd69} Name: QuickTime Object
ID: {48123bc4-99d9-11d1-a6b3-00c04fd91555} Name: XML Document
ID: {5852f5ed-8bf4-11d4-a245-0080c6f74284} Name: isInstalled Class
ID: {6bf52a52-394a-11d3-b153-00c04f79faa6} Name: Windows Media Player
ID: {7530bfb8-7293-4d34-9923-61a11451afc5} Name: OnlineScanner Control
ID: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} Name: Java(tm) Plug-In SSV Helper
ID: {8856f961-340a-11d0-a96b-00c04fd705a2} Name: Microsoft Web Browser
ID: {88d96a05-f192-11d4-a65f-0040963251e5} Name: XML DOM Document 6.0
ID: {88d96a0a-f192-11d4-a65f-0040963251e5} Name: XML HTTP 6.0
ID: {8ad9c840-044e-11d1-b3e9-00805f499d93} Name: Java Plug-in 10.67.2
ID: {8dcb7100-df86-4384-8842-8fa844297b3f} Name: Bing Bar
ID: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} Name: avast! Online Security
ID: {9421dd08-935f-4701-a9ca-22df90ac4ea6} Name: Easy Photo Print
ID: {ca8a9780-280d-11cf-a24d-444553540000} Name: Adobe PDF Reader
ID: {cafeefac-dec7-0000-0001-abcdeffedcba} Name: Deployment Toolkit
ID: {cd3afa76-b84f-48f0-9393-7edc34128127} Name: AUDIO__MP3 Moniker Class
ID: {cd3afa88-b84f-48f0-9393-7edc34128127} Name: VIDEO__AVI Moniker Class
ID: {cd3afa8f-b84f-48f0-9393-7edc34128127} Name: VIDEO__X_MS_ASF Moniker Class
ID: {cd3afa94-b84f-48f0-9393-7edc34128127} Name: VIDEO__X_MS_WMV Moniker Class
ID: {cd3afa9a-b84f-48f0-9393-7edc34128127} Name: VIDEO__QUICKTIME Moniker Class
ID: {d2517915-48ce-4286-970f-921e881b8c5c} Name: Windows Live ID Sign-in Control
ID: {d27cdb6e-ae6d-11cf-96b8-444553540000} Name: Shockwave Flash Object
ID: {d719897a-b07a-4c0c-aea9-9b663a28dfcb} Name: iTunesDetector Class
ID: {dbc80044-a445-435b-bc74-9c25c1c588a9} Name: Java(tm) Plug-In 2 SSV Helper
ID: {de4af3b0-f4d4-11d3-b41a-0050da2e6c21} Name: QuickTimeCheck Class
ID: {dfeaf541-f3e1-4c24-acac-99c30715084a} Name: Microsoft Silverlight
ID: {ed8c108e-4349-11d2-91a4-00c04f7969e8} Name: XML HTTP Request
ID: {f5078f32-c551-11d3-89b9-0000f81fe221} Name: XML DOM Document 3.0
ID: {f5078f35-c551-11d3-89b9-0000f81fe221} Name: XML HTTP 3.0
ID: {f6d90f11-9c73-11d3-b32e-00c04f990bb4} Name: XML DOM Document
ID: {f6d90f16-9c73-11d3-b32e-00c04f990bb4} Name: XML HTTP
ID: {fb16e5c3-a9e2-47a2-8efc-319e775e62cc} Name: PrivDog Extension
BCUResponse:
OfferId : ID_US_EN_IE_DD
TemplateId: TPL_DROPDOWN
BCUConfig
RrescanDelay : 0
CacheIntervalPos : 259200
CacheIntervalNeg : 259200
CmsTimeout : 5000
BCUProviders
ID: TPL_YAHOO9_IE_US Name: Yahoo! (Avast)
ID: TPL_BING02_ALL Name: Microsoft (Bing)
ID: PID_DEFAULT Name: Default Settings
Google Chrome:
IsProviderModified: 1
Extensions
ID: bepbmhgboaologfdajaanbcjmnhjmhfn Rating: 5 InternalId: 5200
ID: blpcfgokakmgnkcojhhkbfbldkacnbeo Rating: 5 InternalId: 5040
ID: cmaiofennmphjldldcpphcechfnnohja Rating: 5 InternalId: 8000
ID: coobgpohoikkiipiblmjeljniedjpjpf Rating: 5 InternalId: 1
ID: gomekmidlodglbbmalcneegieacbdmki Rating: 5 InternalId: 8000
ID: nmmhkkegccagdldgiimedpiccmgmieda Rating: 5 InternalId: 5200
ID: pjkljhegncpnkpknbcohdijeoejaedia Rating: 5 InternalId: 8000
Microsoft IE:
IsProviderModified: 0
Extensions
ID: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} Rating: 5 InternalId: 8000
ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Rating: 5 InternalId: 8000
ID: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} Rating: 5 InternalId: 8000
ID: {2318c2b1-4965-11d4-9b18-009027a5cd4f} Rating: 4 InternalId: 5210
ID: {2933bf90-7b36-11d2-b20e-00c04f983e60} Rating: 5 InternalId: 1
ID: {3050f819-98b5-11cf-bb82-00aa00bdce0b} Rating: 5 InternalId: 8000
ID: {4063be15-3b08-470d-a0d5-b37161cffd69} Rating: 5 InternalId: 8000
ID: {48123bc4-99d9-11d1-a6b3-00c04fd91555} Rating: 5 InternalId: 8000
ID: {5852f5ed-8bf4-11d4-a245-0080c6f74284} Rating: 5 InternalId: 8000
ID: {6bf52a52-394a-11d3-b153-00c04f79faa6} Rating: 5 InternalId: 8000
ID: {7530bfb8-7293-4d34-9923-61a11451afc5} Rating: 5 InternalId: 8000
ID: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} Rating: 5 InternalId: 1
ID: {8856f961-340a-11d0-a96b-00c04fd705a2} Rating: 5 InternalId: 5200
ID: {88d96a05-f192-11d4-a65f-0040963251e5} Rating: 5 InternalId: 8000
ID: {88d96a0a-f192-11d4-a65f-0040963251e5} Rating: 5 InternalId: 8000
ID: {8ad9c840-044e-11d1-b3e9-00805f499d93} Rating: 5 InternalId: 8000
ID: {8dcb7100-df86-4384-8842-8fa844297b3f} Rating: 4 InternalId: 5210
ID: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} Rating: 5 InternalId: 1
ID: {9421dd08-935f-4701-a9ca-22df90ac4ea6} Rating: 5 InternalId: 8000
ID: {ca8a9780-280d-11cf-a24d-444553540000} Rating: 5 InternalId: 8000
ID: {cafeefac-dec7-0000-0001-abcdeffedcba} Rating: 5 InternalId: 8000
ID: {cd3afa76-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {cd3afa88-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {cd3afa8f-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {cd3afa94-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {cd3afa9a-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {d2517915-48ce-4286-970f-921e881b8c5c} Rating: 5 InternalId: 5200
ID: {d27cdb6e-ae6d-11cf-96b8-444553540000} Rating: 5 InternalId: 8000
ID: {d719897a-b07a-4c0c-aea9-9b663a28dfcb} Rating: 5 InternalId: 8000
ID: {dbc80044-a445-435b-bc74-9c25c1c588a9} Rating: 5 InternalId: 1
ID: {de4af3b0-f4d4-11d3-b41a-0050da2e6c21} Rating: 5 InternalId: 8000
ID: {dfeaf541-f3e1-4c24-acac-99c30715084a} Rating: 5 InternalId: 5200
ID: {ed8c108e-4349-11d2-91a4-00c04f7969e8} Rating: 5 InternalId: 8000
ID: {f5078f32-c551-11d3-89b9-0000f81fe221} Rating: 5 InternalId: 8000
ID: {f5078f35-c551-11d3-89b9-0000f81fe221} Rating: 5 InternalId: 8000
ID: {f6d90f11-9c73-11d3-b32e-00c04f990bb4} Rating: 5 InternalId: 8000
ID: {f6d90f16-9c73-11d3-b32e-00c04f990bb4} Rating: 5 InternalId: 8000
ID: {fb16e5c3-a9e2-47a2-8efc-319e775e62cc} Rating: 4 InternalId: 8000
Detected a potential browser protector:B328A9B6B1B3D5FC618F4777F9F59C8C2A9882A13B27352F8B84AC3118E7FB07 {
"runKeys" : {
"EEventManager" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\EEventManager=\"c:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe\""
},
"runningProcess" : {
"EEventManager.exe" : {
"CompanyName" : "SEIKO EPSON CORPORATION",
"FileDescription" : "EEventManager Application",
"FileVersion" : "2, 4, 0, 0",
"Path" : "c:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe",
"ProductVersion" : "2, 4, 0, 0",
"md5" : "1568FF282E268082C67CF0C3EBCC9179"
}
}
}
Detected a potential browser protector: {
"uninstallInfo" : {
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" : {
"DisplayName" : "Google Toolbar for Internet Explorer",
"Publisher" : "Google Inc.",
"UninstallString" : "\"c:\\program files (x86)\\google\\google toolbar\\component\\googletoolbarmanager_8ca8b41417e66deb.exe\" /uninstall"
}
}
}
Detected a potential browser protector: {
"Services" : {
"hpCMSrv" : {
"Description" : "manages all hp embedded network connectivities.",
"DisplayName" : "hp connection manager 4 service",
"FileInfo" : {
"Path" : "\"c:\\program files (x86)\\hewlett-packard\\hp connection manager\\hpcmsrv.exe\"",
"md5" : ""
}
}
},
"runKeys" : {
"HPConnectionManager" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\HPConnectionManager=c:\\program files (x86)\\hewlett-packard\\hp connection manager\\hpcmdelaystart.exe"
}
}
Detected a potential browser protector: {
"Services" : {
"osppsvc" : {
"Description" : "office software protection platform service (unlocalized description)",
"DisplayName" : "office software protection platform",
"FileInfo" : {
"Path" : "\"c:\\program files\\common files\\microsoft shared\\officesoftwareprotectionplatform\\osppsvc.exe\"",
"md5" : ""
}
}
}
}
Detected a potential browser protector:7C48EE1A65128379B289594C52460C88748A19392048FA6A9D4A94EA3515BEF9 {
"runKeys" : {
"SanDiskSecureAccess_Manager.exe" : "HKU\\S-1-5-21-1841257022-2671936595-635105210-1001\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\SanDiskSecureAccess_Manager.exe=c:\\users\\steve\\appdata\\roaming\\sandisk\\sandisksecureaccess_manager.exe"
},
"runningProcess" : {
"SanDiskSecureAccess_Manager.exe" : {
"CompanyName" : "Dmailer S.A.",
"FileDescription" : "RunSanDiskSecureAccess_Win",
"FileVersion" : "1.0.18715",
"Path" : "c:\\users\\steve\\appdata\\roaming\\sandisk\\sandisksecureaccess_manager.exe",
"ProductVersion" : "1.0.18715",
"md5" : "4FA71F5DC71BFECEB96184989715E4A2"
}
}
}
Google Chrome
Homepages
Profile: Default
Url : http://us.yahoo.com?fr=fpc-comodo
Url : http://www.msn.com/?pc=U146H&ocid=U146HDHP
Search Engines
Profile: Default
Name : ask
Url : http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Microsoft IE
Homepages
Profile: HKCU
Url : http://g.msn.com/HPNOT/1
Search Engines
Profile: HKCU
Name : Bing
Url : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
Search Engines
Profile: Default
Name : ask
Url : http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Search Engines
Profile: HKCU
Name : Bing
Url : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
Some interesting bit of info, I went to hit Malware scan for the heck of it and clicked Avast on accident, a window popped up and said it's detected crud on my browser and needs cleanup. I haven't touched this laptop since my last post and thought it was odd. I left it connected to the net via cat 5 and turned the laptop off.
It didn't say what the problem was, however, it did have a log which I'll post for the heck of it.
I then clicked for more info and that click sent me straight to Avast forums and found out that many have had this same warning and allowed the browser cleanup and boy are they mad. It erased business files, Adobe, games and other programs.
It probably doesn't mean anything, but
*********** here's the paste *************************************
18.09.2014 06:08:41 (TID: 5228)
Product version: 9.0.2022.257
Microsoft IE
Install Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Version: 9.11.9600.17280
Mozilla Firefox Browser
Browser not found
Google Chrome Browser
Version: 37.0.2062.120
Install Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Profile Path: C:\Users\steve\AppData\Local\Google\Chrome\User Data\
Google Chrome Profiles
Name: Default Path: C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default
Opera Browser
Browser not found
Google Chrome
Extensions
Profile: Default
ID: bepbmhgboaologfdajaanbcjmnhjmhfn Name: Google Voice Search Hotword (Beta)
ID: blpcfgokakmgnkcojhhkbfbldkacnbeo Name: YouTube
ID: cmaiofennmphjldldcpphcechfnnohja Name: PrivDog
ID: coobgpohoikkiipiblmjeljniedjpjpf Name: Google Search
ID: gomekmidlodglbbmalcneegieacbdmki Name: avast! Online Security
ID: nmmhkkegccagdldgiimedpiccmgmieda Name: Google Wallet
ID: pjkljhegncpnkpknbcohdijeoejaedia Name: Gmail
Google Chrome
Homepages
Profile: Default
Url : http://us.yahoo.com?fr=fpc-comodo
Url : http://www.msn.com/?pc=U146H&ocid=U146HDHP
Search Engines
Profile: Default
Name : ask
Url : http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Microsoft IE
Extensions
ID: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} Name: QuickTime Object
ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Name: Adobe PDF Link Helper
ID: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} Name: Windows Media Player
ID: {2318c2b1-4965-11d4-9b18-009027a5cd4f} Name: Google Toolbar
ID: {2933bf90-7b36-11d2-b20e-00c04f983e60} Name: XML DOM Document
ID: {3050f819-98b5-11cf-bb82-00aa00bdce0b} Name: HtmlDlgSafeHelper Class
ID: {4063be15-3b08-470d-a0d5-b37161cffd69} Name: QuickTime Object
ID: {48123bc4-99d9-11d1-a6b3-00c04fd91555} Name: XML Document
ID: {5852f5ed-8bf4-11d4-a245-0080c6f74284} Name: isInstalled Class
ID: {6bf52a52-394a-11d3-b153-00c04f79faa6} Name: Windows Media Player
ID: {7530bfb8-7293-4d34-9923-61a11451afc5} Name: OnlineScanner Control
ID: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} Name: Java(tm) Plug-In SSV Helper
ID: {8856f961-340a-11d0-a96b-00c04fd705a2} Name: Microsoft Web Browser
ID: {88d96a05-f192-11d4-a65f-0040963251e5} Name: XML DOM Document 6.0
ID: {88d96a0a-f192-11d4-a65f-0040963251e5} Name: XML HTTP 6.0
ID: {8ad9c840-044e-11d1-b3e9-00805f499d93} Name: Java Plug-in 10.67.2
ID: {8dcb7100-df86-4384-8842-8fa844297b3f} Name: Bing Bar
ID: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} Name: avast! Online Security
ID: {9421dd08-935f-4701-a9ca-22df90ac4ea6} Name: Easy Photo Print
ID: {ca8a9780-280d-11cf-a24d-444553540000} Name: Adobe PDF Reader
ID: {cafeefac-dec7-0000-0001-abcdeffedcba} Name: Deployment Toolkit
ID: {cd3afa76-b84f-48f0-9393-7edc34128127} Name: AUDIO__MP3 Moniker Class
ID: {cd3afa88-b84f-48f0-9393-7edc34128127} Name: VIDEO__AVI Moniker Class
ID: {cd3afa8f-b84f-48f0-9393-7edc34128127} Name: VIDEO__X_MS_ASF Moniker Class
ID: {cd3afa94-b84f-48f0-9393-7edc34128127} Name: VIDEO__X_MS_WMV Moniker Class
ID: {cd3afa9a-b84f-48f0-9393-7edc34128127} Name: VIDEO__QUICKTIME Moniker Class
ID: {d2517915-48ce-4286-970f-921e881b8c5c} Name: Windows Live ID Sign-in Control
ID: {d27cdb6e-ae6d-11cf-96b8-444553540000} Name: Shockwave Flash Object
ID: {d719897a-b07a-4c0c-aea9-9b663a28dfcb} Name: iTunesDetector Class
ID: {dbc80044-a445-435b-bc74-9c25c1c588a9} Name: Java(tm) Plug-In 2 SSV Helper
ID: {de4af3b0-f4d4-11d3-b41a-0050da2e6c21} Name: QuickTimeCheck Class
ID: {dfeaf541-f3e1-4c24-acac-99c30715084a} Name: Microsoft Silverlight
ID: {ed8c108e-4349-11d2-91a4-00c04f7969e8} Name: XML HTTP Request
ID: {f5078f32-c551-11d3-89b9-0000f81fe221} Name: XML DOM Document 3.0
ID: {f5078f35-c551-11d3-89b9-0000f81fe221} Name: XML HTTP 3.0
ID: {f6d90f11-9c73-11d3-b32e-00c04f990bb4} Name: XML DOM Document
ID: {f6d90f16-9c73-11d3-b32e-00c04f990bb4} Name: XML HTTP
ID: {fb16e5c3-a9e2-47a2-8efc-319e775e62cc} Name: PrivDog Extension
Microsoft IE
Homepages
Profile: HKCU
Url : http://g.msn.com/HPNOT/1
Search Engines
Profile: HKCU
Name : Bing
Url : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
Google Chrome
Homepages
Profile: Default
Url : http://us.yahoo.com?fr=fpc-comodo
Url : http://www.msn.com/?pc=U146H&ocid=U146HDHP
Search Engines
Profile: Default
Name : ask
Url : http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Microsoft IE
Homepages
Profile: HKCU
Url : http://g.msn.com/HPNOT/1
Search Engines
Profile: HKCU
Name : Bing
Url : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
BCURequest:
GlobalStat
ProductLanguage : en
OSLanguage : en-us
Location : en-us
OSType : 6.1
IsStandalone : 0
Version : 9.0.2022.257
PartnerId : avastbcl
Priority : 10
Google Chrome:
IsDefault: 0
Homepages
Url: http://us.yahoo.com?fr=fpc-comodo
Url: http://www.msn.com/?pc=U146H&ocid=U146HDHP
Search Engines
Url: http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Extensions
ID: bepbmhgboaologfdajaanbcjmnhjmhfn Name: Google Voice Search Hotword (Beta)
ID: blpcfgokakmgnkcojhhkbfbldkacnbeo Name: YouTube
ID: cmaiofennmphjldldcpphcechfnnohja Name: PrivDog
ID: coobgpohoikkiipiblmjeljniedjpjpf Name: Google Search
ID: gomekmidlodglbbmalcneegieacbdmki Name: avast! Online Security
ID: nmmhkkegccagdldgiimedpiccmgmieda Name: Google Wallet
ID: pjkljhegncpnkpknbcohdijeoejaedia Name: Gmail
Microsoft IE:
IsDefault: 1
Homepages
Url: http://g.msn.com/HPNOT/1
Search Engines
Url: http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
Extensions
ID: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} Name: QuickTime Object
ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Name: Adobe PDF Link Helper
ID: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} Name: Windows Media Player
ID: {2318c2b1-4965-11d4-9b18-009027a5cd4f} Name: Google Toolbar
ID: {2933bf90-7b36-11d2-b20e-00c04f983e60} Name: XML DOM Document
ID: {3050f819-98b5-11cf-bb82-00aa00bdce0b} Name: HtmlDlgSafeHelper Class
ID: {4063be15-3b08-470d-a0d5-b37161cffd69} Name: QuickTime Object
ID: {48123bc4-99d9-11d1-a6b3-00c04fd91555} Name: XML Document
ID: {5852f5ed-8bf4-11d4-a245-0080c6f74284} Name: isInstalled Class
ID: {6bf52a52-394a-11d3-b153-00c04f79faa6} Name: Windows Media Player
ID: {7530bfb8-7293-4d34-9923-61a11451afc5} Name: OnlineScanner Control
ID: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} Name: Java(tm) Plug-In SSV Helper
ID: {8856f961-340a-11d0-a96b-00c04fd705a2} Name: Microsoft Web Browser
ID: {88d96a05-f192-11d4-a65f-0040963251e5} Name: XML DOM Document 6.0
ID: {88d96a0a-f192-11d4-a65f-0040963251e5} Name: XML HTTP 6.0
ID: {8ad9c840-044e-11d1-b3e9-00805f499d93} Name: Java Plug-in 10.67.2
ID: {8dcb7100-df86-4384-8842-8fa844297b3f} Name: Bing Bar
ID: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} Name: avast! Online Security
ID: {9421dd08-935f-4701-a9ca-22df90ac4ea6} Name: Easy Photo Print
ID: {ca8a9780-280d-11cf-a24d-444553540000} Name: Adobe PDF Reader
ID: {cafeefac-dec7-0000-0001-abcdeffedcba} Name: Deployment Toolkit
ID: {cd3afa76-b84f-48f0-9393-7edc34128127} Name: AUDIO__MP3 Moniker Class
ID: {cd3afa88-b84f-48f0-9393-7edc34128127} Name: VIDEO__AVI Moniker Class
ID: {cd3afa8f-b84f-48f0-9393-7edc34128127} Name: VIDEO__X_MS_ASF Moniker Class
ID: {cd3afa94-b84f-48f0-9393-7edc34128127} Name: VIDEO__X_MS_WMV Moniker Class
ID: {cd3afa9a-b84f-48f0-9393-7edc34128127} Name: VIDEO__QUICKTIME Moniker Class
ID: {d2517915-48ce-4286-970f-921e881b8c5c} Name: Windows Live ID Sign-in Control
ID: {d27cdb6e-ae6d-11cf-96b8-444553540000} Name: Shockwave Flash Object
ID: {d719897a-b07a-4c0c-aea9-9b663a28dfcb} Name: iTunesDetector Class
ID: {dbc80044-a445-435b-bc74-9c25c1c588a9} Name: Java(tm) Plug-In 2 SSV Helper
ID: {de4af3b0-f4d4-11d3-b41a-0050da2e6c21} Name: QuickTimeCheck Class
ID: {dfeaf541-f3e1-4c24-acac-99c30715084a} Name: Microsoft Silverlight
ID: {ed8c108e-4349-11d2-91a4-00c04f7969e8} Name: XML HTTP Request
ID: {f5078f32-c551-11d3-89b9-0000f81fe221} Name: XML DOM Document 3.0
ID: {f5078f35-c551-11d3-89b9-0000f81fe221} Name: XML HTTP 3.0
ID: {f6d90f11-9c73-11d3-b32e-00c04f990bb4} Name: XML DOM Document
ID: {f6d90f16-9c73-11d3-b32e-00c04f990bb4} Name: XML HTTP
ID: {fb16e5c3-a9e2-47a2-8efc-319e775e62cc} Name: PrivDog Extension
BCUResponse:
OfferId : ID_US_EN_IE_DD
TemplateId: TPL_DROPDOWN
BCUConfig
RrescanDelay : 0
CacheIntervalPos : 259200
CacheIntervalNeg : 259200
CmsTimeout : 5000
BCUProviders
ID: TPL_YAHOO9_IE_US Name: Yahoo! (Avast)
ID: TPL_BING02_ALL Name: Microsoft (Bing)
ID: PID_DEFAULT Name: Default Settings
Google Chrome:
IsProviderModified: 1
Extensions
ID: bepbmhgboaologfdajaanbcjmnhjmhfn Rating: 5 InternalId: 5200
ID: blpcfgokakmgnkcojhhkbfbldkacnbeo Rating: 5 InternalId: 5040
ID: cmaiofennmphjldldcpphcechfnnohja Rating: 5 InternalId: 8000
ID: coobgpohoikkiipiblmjeljniedjpjpf Rating: 5 InternalId: 1
ID: gomekmidlodglbbmalcneegieacbdmki Rating: 5 InternalId: 8000
ID: nmmhkkegccagdldgiimedpiccmgmieda Rating: 5 InternalId: 5200
ID: pjkljhegncpnkpknbcohdijeoejaedia Rating: 5 InternalId: 8000
Microsoft IE:
IsProviderModified: 0
Extensions
ID: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} Rating: 5 InternalId: 8000
ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Rating: 5 InternalId: 8000
ID: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} Rating: 5 InternalId: 8000
ID: {2318c2b1-4965-11d4-9b18-009027a5cd4f} Rating: 4 InternalId: 5210
ID: {2933bf90-7b36-11d2-b20e-00c04f983e60} Rating: 5 InternalId: 1
ID: {3050f819-98b5-11cf-bb82-00aa00bdce0b} Rating: 5 InternalId: 8000
ID: {4063be15-3b08-470d-a0d5-b37161cffd69} Rating: 5 InternalId: 8000
ID: {48123bc4-99d9-11d1-a6b3-00c04fd91555} Rating: 5 InternalId: 8000
ID: {5852f5ed-8bf4-11d4-a245-0080c6f74284} Rating: 5 InternalId: 8000
ID: {6bf52a52-394a-11d3-b153-00c04f79faa6} Rating: 5 InternalId: 8000
ID: {7530bfb8-7293-4d34-9923-61a11451afc5} Rating: 5 InternalId: 8000
ID: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} Rating: 5 InternalId: 1
ID: {8856f961-340a-11d0-a96b-00c04fd705a2} Rating: 5 InternalId: 5200
ID: {88d96a05-f192-11d4-a65f-0040963251e5} Rating: 5 InternalId: 8000
ID: {88d96a0a-f192-11d4-a65f-0040963251e5} Rating: 5 InternalId: 8000
ID: {8ad9c840-044e-11d1-b3e9-00805f499d93} Rating: 5 InternalId: 8000
ID: {8dcb7100-df86-4384-8842-8fa844297b3f} Rating: 4 InternalId: 5210
ID: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} Rating: 5 InternalId: 1
ID: {9421dd08-935f-4701-a9ca-22df90ac4ea6} Rating: 5 InternalId: 8000
ID: {ca8a9780-280d-11cf-a24d-444553540000} Rating: 5 InternalId: 8000
ID: {cafeefac-dec7-0000-0001-abcdeffedcba} Rating: 5 InternalId: 8000
ID: {cd3afa76-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {cd3afa88-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {cd3afa8f-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {cd3afa94-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {cd3afa9a-b84f-48f0-9393-7edc34128127} Rating: 5 InternalId: 8000
ID: {d2517915-48ce-4286-970f-921e881b8c5c} Rating: 5 InternalId: 5200
ID: {d27cdb6e-ae6d-11cf-96b8-444553540000} Rating: 5 InternalId: 8000
ID: {d719897a-b07a-4c0c-aea9-9b663a28dfcb} Rating: 5 InternalId: 8000
ID: {dbc80044-a445-435b-bc74-9c25c1c588a9} Rating: 5 InternalId: 1
ID: {de4af3b0-f4d4-11d3-b41a-0050da2e6c21} Rating: 5 InternalId: 8000
ID: {dfeaf541-f3e1-4c24-acac-99c30715084a} Rating: 5 InternalId: 5200
ID: {ed8c108e-4349-11d2-91a4-00c04f7969e8} Rating: 5 InternalId: 8000
ID: {f5078f32-c551-11d3-89b9-0000f81fe221} Rating: 5 InternalId: 8000
ID: {f5078f35-c551-11d3-89b9-0000f81fe221} Rating: 5 InternalId: 8000
ID: {f6d90f11-9c73-11d3-b32e-00c04f990bb4} Rating: 5 InternalId: 8000
ID: {f6d90f16-9c73-11d3-b32e-00c04f990bb4} Rating: 5 InternalId: 8000
ID: {fb16e5c3-a9e2-47a2-8efc-319e775e62cc} Rating: 4 InternalId: 8000
Detected a potential browser protector:B328A9B6B1B3D5FC618F4777F9F59C8C2A9882A13B27352F8B84AC3118E7FB07 {
"runKeys" : {
"EEventManager" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\EEventManager=\"c:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe\""
},
"runningProcess" : {
"EEventManager.exe" : {
"CompanyName" : "SEIKO EPSON CORPORATION",
"FileDescription" : "EEventManager Application",
"FileVersion" : "2, 4, 0, 0",
"Path" : "c:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe",
"ProductVersion" : "2, 4, 0, 0",
"md5" : "1568FF282E268082C67CF0C3EBCC9179"
}
}
}
Detected a potential browser protector: {
"uninstallInfo" : {
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" : {
"DisplayName" : "Google Toolbar for Internet Explorer",
"Publisher" : "Google Inc.",
"UninstallString" : "\"c:\\program files (x86)\\google\\google toolbar\\component\\googletoolbarmanager_8ca8b41417e66deb.exe\" /uninstall"
}
}
}
Detected a potential browser protector: {
"Services" : {
"hpCMSrv" : {
"Description" : "manages all hp embedded network connectivities.",
"DisplayName" : "hp connection manager 4 service",
"FileInfo" : {
"Path" : "\"c:\\program files (x86)\\hewlett-packard\\hp connection manager\\hpcmsrv.exe\"",
"md5" : ""
}
}
},
"runKeys" : {
"HPConnectionManager" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\HPConnectionManager=c:\\program files (x86)\\hewlett-packard\\hp connection manager\\hpcmdelaystart.exe"
}
}
Detected a potential browser protector: {
"Services" : {
"osppsvc" : {
"Description" : "office software protection platform service (unlocalized description)",
"DisplayName" : "office software protection platform",
"FileInfo" : {
"Path" : "\"c:\\program files\\common files\\microsoft shared\\officesoftwareprotectionplatform\\osppsvc.exe\"",
"md5" : ""
}
}
}
}
Detected a potential browser protector:7C48EE1A65128379B289594C52460C88748A19392048FA6A9D4A94EA3515BEF9 {
"runKeys" : {
"SanDiskSecureAccess_Manager.exe" : "HKU\\S-1-5-21-1841257022-2671936595-635105210-1001\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\SanDiskSecureAccess_Manager.exe=c:\\users\\steve\\appdata\\roaming\\sandisk\\sandisksecureaccess_manager.exe"
},
"runningProcess" : {
"SanDiskSecureAccess_Manager.exe" : {
"CompanyName" : "Dmailer S.A.",
"FileDescription" : "RunSanDiskSecureAccess_Win",
"FileVersion" : "1.0.18715",
"Path" : "c:\\users\\steve\\appdata\\roaming\\sandisk\\sandisksecureaccess_manager.exe",
"ProductVersion" : "1.0.18715",
"md5" : "4FA71F5DC71BFECEB96184989715E4A2"
}
}
}
Google Chrome
Homepages
Profile: Default
Url : http://us.yahoo.com?fr=fpc-comodo
Url : http://www.msn.com/?pc=U146H&ocid=U146HDHP
Search Engines
Profile: Default
Name : ask
Url : http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Microsoft IE
Homepages
Profile: HKCU
Url : http://g.msn.com/HPNOT/1
Search Engines
Profile: HKCU
Name : Bing
Url : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
Search Engines
Profile: Default
Name : ask
Url : http://websearch.ask.com/redirect?c...pn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Search Engines
Profile: HKCU
Name : Bing
Url : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
Hi Broni!
All is perfect and PC is still running fast. (y)(y)
Question: I know Malwarebytes has always had the free home edition, but the one I downloaded per your link has run out. So I went to their site to download the free home version and it does not allow. It keeps telling me my trial is over. I uninstalled all Malwarebyte programs dating back to 2011 and tried 2 more times and it still recognizes me and says my trial is expired. Perhaps they no longer offer the free home version?
Any idea? If I have to pay for a home version I will, but a buddy told me the same thing happened to him and his pc savvy brother did find a free version online.
thanks again for all your help.
steve
All is perfect and PC is still running fast. (y)(y)
Question: I know Malwarebytes has always had the free home edition, but the one I downloaded per your link has run out. So I went to their site to download the free home version and it does not allow. It keeps telling me my trial is over. I uninstalled all Malwarebyte programs dating back to 2011 and tried 2 more times and it still recognizes me and says my trial is expired. Perhaps they no longer offer the free home version?
Any idea? If I have to pay for a home version I will, but a buddy told me the same thing happened to him and his pc savvy brother did find a free version online.
thanks again for all your help.
steve
Similar threads
Latest posts
-
HighPoint opens pre-orders for PCIe Gen 5 Rocket RAID card capable of 56 GB/s- Shawn Knight replied
-
Apple Vision Pro is facing declining interest and sales among consumers- Lew Zealand replied
-
As cloud computing evolves, Amazon's AWS looks for its role in generative AI- Bob O'Donnell replied
