1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Can't Uninstall ASPCA we-care

Discussion in 'Virus & Other Malware Removal' started by patmac, Nov 10, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. patmac

    patmac Thread Starter

    Joined:
    May 14, 2004
    Messages:
    881
    Hi,
    Searched in TSG for this and still not sure if this is a virus or just pain-in-butt-ware.
    I tried uninstalling it from Control Panel with no luck.
    My search turned up a thread that required the use of Combofix, which tells me the TSG volunteer thought of this ASPCA thing as fairly intrusive.
    Any help will be appreciated.
    Thanks for your time.

    ps. presently no outstanding BIG PC function issues, although, I'm bringing back to life a 3 year old PC that was idled due to problems.....
     
  2. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,831
    Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

    See the screenshot where the proper download buttons are highlighted
    [​IMG]

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and double click on this icon on your desktop:

    [​IMG]

    You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.


    [​IMG]
     
  3. patmac

    patmac Thread Starter

    Joined:
    May 14, 2004
    Messages:
    881
    As I stated, I've been doing some work on this PC bringing it back from an idle state. There were a lot of virus/malware on it when I first started. I can supply logs from the utilities I used if need be.

    # AdwCleaner v3.011 - Report created 10/11/2013 at 16:14:33
    # Updated 03/11/2013 by Xplode
    # Operating System : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
    # Username : Dixie - DIXIE-PC
    # Running from : C:\Users\Dixie\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    [#] Service Deleted : Updater Service for StartNow Toolbar

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\ProgramData\Viewpoint
    Folder Deleted : C:\ProgramData\WeCareReminder
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
    Folder Deleted : C:\Program Files\Ask.com
    Folder Deleted : C:\Program Files\Delta
    Folder Deleted : C:\Program Files\Tencent
    Folder Deleted : C:\Program Files\Common Files\Software Update Utility
    Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
    Folder Deleted : C:\Users\Dixie\AppData\Local\Babylon
    Folder Deleted : C:\Users\Dixie\AppData\Local\OpenCandy
    Folder Deleted : C:\Users\Dixie\AppData\Local\PackageAware
    Folder Deleted : C:\Users\Dixie\AppData\LocalLow\AskToolbar
    Folder Deleted : C:\Users\Dixie\AppData\LocalLow\BabylonToolbar
    Folder Deleted : C:\Users\Dixie\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Dixie\AppData\LocalLow\FunWebProducts
    Folder Deleted : C:\Users\Dixie\AppData\LocalLow\MyWebSearch
    Folder Deleted : C:\Users\Dixie\AppData\LocalLow\PriceGong
    Folder Deleted : C:\Users\Dixie\AppData\LocalLow\Search Settings
    Folder Deleted : C:\Users\Dixie\AppData\Roaming\Media Finder
    Folder Deleted : C:\Users\Dixie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediafinder.com
    Folder Deleted : C:\Users\Dixie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]
    Folder Deleted : C:\Users\Dixie\AppData\Roaming\Tencent
    Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\[email protected]
    Folder Deleted : C:\Users\Dixie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
    File Deleted : C:\Program Files\Mozilla Firefox\Components\AskHPRFF.js
    File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
    File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
    File Deleted : C:\Users\Dixie\AppData\Roaming\Mozilla\Firefox\Profiles\27oct4gy.default\searchplugins\Askcom.xml
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
    File Deleted : C:\Users\Dixie\AppData\Roaming\Mozilla\Firefox\Profiles\27oct4gy.default\searchplugins\Conduit.xml
    File Deleted : C:\Users\Dixie\AppData\Roaming\Mozilla\Firefox\Profiles\27oct4gy.default\searchplugins\mywebsearch.xml
    File Deleted : C:\Users\Dixie\AppData\Roaming\Mozilla\Firefox\Profiles\27oct4gy.default\user.js
    File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F5A89FE-8D3E-49A1-A670-25CD8118FEBB}
    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F5A89FE-8D3E-49A1-A670-25CD8118FEBB}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
    Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
    Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
    Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Key Deleted : HKLM\SOFTWARE\Classes\MF
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9C23CD1-6DA9-4E0B-8367-C6F9F1F78BAF}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E908B145-C847-4E85-B315-07E2E70DECF8}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Key Deleted : HKCU\Software\Ask.com
    Key Deleted : HKCU\Software\Delta
    Key Deleted : HKCU\Software\MediaFinder
    Key Deleted : HKCU\Software\TENCENT
    Key Deleted : HKCU\Software\wecarereminder
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKCU\Software\Zugo
    Key Deleted : HKCU\Software\AppDataLow\AskBarDis
    Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
    Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
    Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
    Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
    Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
    Key Deleted : HKLM\Software\AskToolbar
    Key Deleted : HKLM\Software\AVG Secure Search
    Key Deleted : HKLM\Software\Babylon
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\Search Settings
    Key Deleted : HKLM\Software\TENCENT
    Key Deleted : HKLM\Software\Viewpoint
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\CC94835868BCA58489B0D79DE655BCB1
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

    ***** [ Browsers ] *****

    -\\ Internet Explorer v8.0.6001.19088

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Restore]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

    -\\ Mozilla Firefox v20.0 (en-US)

    [ File : C:\Users\Dixie\AppData\Roaming\Mozilla\Firefox\Profiles\27oct4gy.default\prefs.js ]

    Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Line Deleted : user_pref("CommunityToolbar.alert.userId", "{db8263eb-69ba-4f87-89f8-b73a3b70e59b}");
    Line Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
    Line Deleted : user_pref("aol_toolbar.search.searchtype", "web");
    Line Deleted : user_pref("aol_toolbar.searchHook.keepSearchSettings", false);
    Line Deleted : user_pref("aol_toolbar.surf.date", "1");
    Line Deleted : user_pref("aol_toolbar.surf.lastDate", "2");
    Line Deleted : user_pref("aol_toolbar.surf.lastMonth", "11");
    Line Deleted : user_pref("aol_toolbar.surf.lastYear", "2008");
    Line Deleted : user_pref("aol_toolbar.surf.mURL", "");
    Line Deleted : user_pref("aol_toolbar.surf.mURLh", "0");
    Line Deleted : user_pref("aol_toolbar.surf.mURLw", "0");
    Line Deleted : user_pref("aol_toolbar.surf.mURLx", "0");
    Line Deleted : user_pref("aol_toolbar.surf.mURLy", "0");
    Line Deleted : user_pref("aol_toolbar.surf.milestone", "-1");
    Line Deleted : user_pref("aol_toolbar.surf.month", "1");
    Line Deleted : user_pref("aol_toolbar.surf.prevMonth", "0");
    Line Deleted : user_pref("aol_toolbar.surf.total", "1");
    Line Deleted : user_pref("aol_toolbar.surf.week", "1");
    Line Deleted : user_pref("aol_toolbar.surf.year", "1");
    Line Deleted : user_pref("bearsharemediabar.Var1", "0");
    Line Deleted : user_pref("bearsharemediabar.Var10", "0");
    Line Deleted : user_pref("bearsharemediabar.Var2", "0");
    Line Deleted : user_pref("bearsharemediabar.Var3", "0");
    Line Deleted : user_pref("bearsharemediabar.Var4", "0");
    Line Deleted : user_pref("bearsharemediabar.Var5", "0");
    Line Deleted : user_pref("bearsharemediabar.Var6", "0");
    Line Deleted : user_pref("bearsharemediabar.Var7", "0");
    Line Deleted : user_pref("bearsharemediabar.Var8", "0");
    Line Deleted : user_pref("bearsharemediabar.Var9", "0");
    Line Deleted : user_pref("bearsharemediabar.firstlaunch", "0");
    Line Deleted : user_pref("bearsharemediabar.guid", "%7B5196A9BB-E525-1322-41D7-3197C2CD38CA%7D");
    Line Deleted : user_pref("bearsharemediabar.popupblockedcnt", "3");
    Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
    Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
    Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}");
    Line Deleted : user_pref("browser.search.order.1", "Ask.com");
    Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?babsrc=HP_ss&affID=101067&mntrId=a4a1c5b2000000000000001d60862b2e");
    Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
    Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
    Line Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
    Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=101067");
    Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 7);
    Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
    Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true);
    Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", true);
    Line Deleted : user_pref("extensions.BabylonToolbar.id", "a4a1c5b2000000000000001d60862b2e");
    Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15378");
    Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
    Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 7);
    Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1723:00:53");
    Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");
    Line Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
    Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
    Line Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
    Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
    Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 67235825);
    Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
    Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
    Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
    Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
    Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
    Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
    Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
    Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1723:00:53");
    Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101067");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "a4a1c5b2000000000000001d60862b2e");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "a4a1c5b2000000000000001d60862b2e");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15378");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
    Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1723:00:53");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
    Line Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
    Line Deleted : user_pref("extensions.asktb.cbid", "FM");
    Line Deleted : user_pref("extensions.asktb.config-updated", false);
    Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}");
    Line Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
    Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=FWV5&o=14193&locale=en_US&apn_uid=0105AC30-AEBF-4C3F-BEC6-B94C305C480A&apn_ptnrs=FM&apn_sau[...]
    Line Deleted : user_pref("extensions.asktb.first-restart-after-config-update", true);
    Line Deleted : user_pref("extensions.asktb.fresh-install", false);
    Line Deleted : user_pref("extensions.asktb.guid", "0105AC30-AEBF-4C3F-BEC6-B94C305C480A");
    Line Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
    Line Deleted : user_pref("extensions.asktb.if", "su");
    Line Deleted : user_pref("extensions.asktb.l", "dis");
    Line Deleted : user_pref("extensions.asktb.last-config-req", "1301954857972");
    Line Deleted : user_pref("extensions.asktb.locale", "en_US");
    Line Deleted : user_pref("extensions.asktb.o", "14193");
    Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
    Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
    Line Deleted : user_pref("extensions.asktb.r", "2");
    Line Deleted : user_pref("extensions.asktb.sa", "YES");
    Line Deleted : user_pref("extensions.asktb.saguid", "04C29179-2D7D-4E0F-B52A-41A5D69B9D76");
    Line Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}");
    Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
    Line Deleted : user_pref("extensions.asktb.search-suggestions-uri", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}");
    Line Deleted : user_pref("extensions.asktb.silent-upgrade", true);
    Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
    Line Deleted : user_pref("extensions.asktb.themeid", "");
    Line Deleted : user_pref("extensions.asktb.version", "5.11.3.15590");
    Line Deleted : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.1,[email protected]:7,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.[...]
    Line Deleted : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=ZKfox000&ptb=_HFuCcxKOdmy33yS03dxuA");
    Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
    Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2706&invocationType=tb50fftrab&query=");
    Line Deleted : user_pref("extentions.y2layers.installId", "b6bc9963-d47a-4fcd-9b9a-c23b15530a00");

    -\\ Google Chrome v30.0.1599.101

    [ File : C:\Users\Dixie\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [25502 octets] - [10/11/2013 16:05:47]
    AdwCleaner[S0].txt - [25950 octets] - [10/11/2013 16:14:33]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26011 octets] ##########
     
  4. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,831
    That cleared a lot

    next lets see what this finds
    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  5. patmac

    patmac Thread Starter

    Joined:
    May 14, 2004
    Messages:
    881
    JRT "detected a bad module", I answered "yes" to "reboot now"? To delete it. Would it have been better to reboot later, so it would show in the log?

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.8 (11.05.2013:1)
    OS: Windows Vista (TM) Home Premium x86
    Ran by Dixie on Sun 11/10/2013 at 17:01:27.91
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\81337c0da4b761d40a4cb3380f57ae88
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\81337c0da4b761d40a4cb3380f57ae88
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{e21c554a-6135-4608-aa3b-e35d00645fe1}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EA4B13CA-FDBF-E716-8E65-65F1231BD0D7}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
    Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



    ~~~ Files

    Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll"
    Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\Dixie\appdata\locallow\blubster toolbar"
    Successfully deleted: [Folder] "C:\Program Files\coupons"
    Successfully deleted: [Folder] "C:\Program Files\software informer"



    ~~~ FireFox

    Successfully deleted: [File] C:\user.js
    Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\bearsharewebsearch.xml"
    Successfully deleted: [File] C:\Users\Dixie\AppData\Roaming\mozilla\firefox\profiles\27oct4gy.default\searchplugins\bearsharewebsearch.xml
    Successfully deleted: [File] C:\Users\Dixie\AppData\Roaming\mozilla\firefox\profiles\27oct4gy.default\searchplugins\bing-zugo.xml
    Successfully deleted the following from C:\Users\Dixie\AppData\Roaming\mozilla\firefox\profiles\27oct4gy.default\prefs.js

    user_pref("[email protected]", true);
    Emptied folder: C:\Users\Dixie\AppData\Roaming\mozilla\firefox\profiles\27oct4gy.default\minidumps [155 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 11/10/2013 at 17:06:02.12
    Computer was rebooted
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  6. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,831
    hopefully that should have cleared most of the junk out
    What problems ( if any) are you still having
     
  7. patmac

    patmac Thread Starter

    Joined:
    May 14, 2004
    Messages:
    881
    As I stated in Post#1, things were alot better ( now even better, seeing what you removed ) and no major funtional issues yet ( been turned on and running for only a couple days ).
    I still see and can't uninstall ASPCA Reminder. I have the feeling you have seen this before, just in case you haven't, I'm attaching the pop up windows I get when trying to uninstall it from Control Panel.
    So, since this machine really has only been running a couple days, I'm not sure if I'm entirely clean, but, I would like to take care of the ASPCA thing.
    Thanks
     

    Attached Files:

  8. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,831
    did you check the box & then press "remove the reminder"
     
  9. patmac

    patmac Thread Starter

    Joined:
    May 14, 2004
    Messages:
    881
    That worked. I'm sure I tried that before, but after reboot it was back.
    OK. so, I see this machine has Windows Defender ( not turned on right now ), any thoughts about what I should run on this Vista machine?
    Thanks
     
  10. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,831
    What antivirus do you use
    lets see what this shows us is still there

    Download to Desktop: DDS by sUBs from one of the below locations

    http://download.bleepingcomputer.com/sUBs/dds.com
    http://download.bleepingcomputer.com/sUBs/dds.exe

    double click DDS to run it
    Make sure there is a check mark in DDS txt
    place a check mark in the attach.txt box and then press start

    Do not select any other options unless specifically told to

    When complete, DDS.txt will openand attach.txt will be minimized on your taskbar, click on it to open it

    Save both reports to your desktop.
    DDS.txt
    Attach.txt

    post the contents of both logs back here.
     
  11. patmac

    patmac Thread Starter

    Joined:
    May 14, 2004
    Messages:
    881
    I downloaded DDS yesterday to my desktop anticipating I would be requested to run it. When I ran it today, it ran in silent mode for some reason, but still produced the two logs. I plan on going over to the Vista forum to tidy-up un-needed apps and startup......

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume3
    Install Date: 10/28/2007 7:22:07 AM
    System Uptime: 11/11/2013 7:43:15 AM (3 hours ago)
    .
    Motherboard: Dell Inc. | | 0RY206
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ | Socket AM2 | 2100/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 223 GiB total, 121.208 GiB free.
    D: is FIXED (NTFS) - 10 GiB total, 5.131 GiB free.
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP2183: 11/10/2013 11:44:16 AM - after initial work
    RP2184: 11/10/2013 12:13:46 PM - after mbam rootkit check
    RP2185: 11/10/2013 12:18:14 PM - Windows Update
    RP2186: 11/10/2013 12:48:18 PM - Removed AVG 2011
    RP2187: 11/10/2013 7:22:25 PM - Removed ASPCA Reminder V7F+AU by We-Care.com
    RP2188: 11/10/2013 7:26:01 PM - Removed ASPCA Reminder V7F+AU by We-Care.com
    RP2189: 11/10/2013 7:28:51 PM - Removed ASPCA Reminder V7F+AU by We-Care.com
    RP2190: 11/11/2013 7:37:22 AM - Removed ASPCA Reminder V7F+AU by We-Care.com
    .
    ==== Installed Programs ======================
    .
    3ivx MPEG-4 5.0.3 (remove only)
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 8.1.3
    AIM 6
    AIM Toolbar
    AIO_CDA_ProductContext
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft PhotoImpression 5
    avast! Free Antivirus
    BlackBerry Device Software Updater
    Bonjour
    Browser Address Error Redirector
    BufferChm
    Compatibility Pack for the 2007 Office system
    Coupon Printer for Windows
    D4200
    D4200_Help
    Dell DataSafe Online
    Dell Support Center
    Dell System Customization Wizard
    DellSupport
    DeviceDiscovery
    DeviceManagementQFolder
    dj_sf_ProductContext
    dj_sf_software
    dj_sf_software_req
    ESET Online Scanner v3
    eSupportQFolder
    Facebook Plug-In
    FlipShare
    Games, Music, & Photos Launcher
    Google Chrome
    Google Update Helper
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Deskjet Printer Driver Software 9.0
    HP Imaging Device Functions 9.0
    HP Photosmart Essential 2.01
    HP Photosmart Essential2.01
    HP Smart Web Printing
    HP Solution Center 9.0
    HP Update
    HPProductAssistant
    HPSSupply
    iTunes
    Java 7 Update 7
    Java Auto Updater
    Java(TM) 6 Update 22
    Java(TM) 6 Update 23
    Java(TM) SE Runtime Environment 6
    Macromedia Shockwave Player
    Malwarebytes Anti-Malware version 1.75.0.1300
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 3.5 SP1
    Microsoft Encarta Encyclopedia Standard 2006
    Microsoft Money 2006
    Microsoft Office Word Viewer 2003
    Microsoft Silverlight
    Microsoft Streets & Trips 2006
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Word 2002
    Microsoft Works
    Microsoft Works Suite 2006 Setup Launcher
    Microsoft Works Suite Add-in for Microsoft Word
    Mobile Mouse Server
    MobileMe Control Panel
    Move Media Player
    Mozilla Firefox 20.0 (x86 en-US)
    Mozilla Maintenance Service
    Mozilla Thunderbird (3.0)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB941833)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nuclear Coffee - DiscRipper
    NVIDIA Display Control Panel
    NVIDIA Drivers
    NVIDIANetworkDiagnostic
    OpenOffice.org 3.3
    Paint.NET v3.36
    PanoStandAlone
    Product Documentation Launcher
    PSSWCORE
    PVSonyDll
    QuickTime
    Realtek High Definition Audio Driver
    Roxio Creator Audio
    Roxio Creator BDAV Plugin
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator DE
    Roxio Creator Tools
    Roxio Express Labeler
    Roxio MyDVD DE
    Roxio Update Manager
    SDFormatter
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    SolutionCenter
    Sonic Activation Module
    Status
    SUPERAntiSpyware
    Switch Sound File Converter
    TBS WMP Plug-in
    Toolbox
    TrayApp
    UnloadSupport
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    User's Guides
    VideoToolkit01
    WebReg
    Works Upgrade
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/11/2013 7:47:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
    11/11/2013 7:47:30 AM, Error: Service Control Manager [7023] - The Pml Driver HPZ12 service terminated with the following error: The specified module could not be found.
    11/11/2013 7:47:30 AM, Error: Service Control Manager [7023] - The Net Driver HPZ12 service terminated with the following error: The specified module could not be found.
    11/11/2013 7:47:30 AM, Error: Service Control Manager [7000] - The Photoshop Elements Device Connect service failed to start due to the following error: The system cannot find the file specified.
    11/11/2013 7:47:30 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    11/11/2013 7:47:30 AM, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
    11/11/2013 7:47:30 AM, Error: Service Control Manager [7000] - The Adobe Active File Monitor service failed to start due to the following error: The system cannot find the file specified.
    .
    ==== End Of File ===========================


    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 10.7.2
    Run by Dixie at 10:43:15 on 2013-11-11
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1022.326 [GMT -5:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Disabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\dlbccoms.exe
    C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxps://www.google.com/
    mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
    BHO: HP Print Clips: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hp\smart web printing\hpswp_framework.dll
    BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
    BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: AIM Toolbar: {61539ECD-CC67-4437-A03C-9AACCBD14326} - c:\program files\aim toolbar\aimtb.dll
    TB: BearShare MediaBar: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} -
    TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
    TB: BearShare MediaBar: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} -
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [ROC_ROC_JAN2013_AV] c:\users\dixie\appdata\roaming\avg january 2013 campaign\ROC_JAN2013_AV.exe /PROMPT --mid eef3fc518d5969db7ee63f2381c8340d-09b8b9d5b609811485e79b3397480494bb9fa5f8
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [dscactivate] c:\dell\dsca.exe 3
    mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVDNkQtS1JORjQtOUhSWEotQUtUSzMtTFI2UFEtTkpTQUg"&"inst=NzctMTg2Mjc4NDQxMy1VOTArMS1UUCsxLVBMKzgtU1AxKzEtU1AxVEIrMS1TVVArMi1TUDFTMisxLUREVCswLUREMTArMS1TVDEwQVBQKzEtUDEwTTEyQysxLVRCTisxLUZVSSsyLVAxME1IKzEtVEJWVVBHKzEyLVAxME1HT0ZGKzEtVEJDVisxLUMxMFUrMTExMy1GMTBVMTMrMS1GMTBVMTNWKzEtRjEwVTEzUyszLUNJRDY1KzE"&"prod=90"&"ver=10.0.1427
    StartupFolder: c:\users\dixie\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\airmou~1.lnk - c:\program files\air mouse\air mouse\Air Mouse.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &AIM Toolbar Search - c:\programdata\aim toolbar\ietoolbar\resources\en-us\local\search.html
    IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
    IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
    IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
    IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{350641B0-898F-4D29-99CA-436A4B1CF266} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{3EB6AD1B-456A-4305-ACE8-8A902F504B1D} : DHCPNameServer = 192.168.1.1
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\30.0.1599.101\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\dixie\appdata\roaming\mozilla\firefox\profiles\27oct4gy.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff10.dll
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff5.dll
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff6.dll
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff7.dll
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff8.dll
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff9.dll
    FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
    FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
    FF - plugin: c:\users\dixie\appdata\roaming\facebook\npfbplugin_1_0_3.dll
    FF - plugin: c:\users\dixie\appdata\roaming\move networks\plugins\npqmp071503000010.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
    FF - plugin: c:\windows\system32\npDeployJava1.dll
    FF - plugin: c:\windows\system32\npmproxy.dll
    FF - ExtSQL: !HIDDEN! 2009-09-02 03:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-11-9 49944]
    R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-11-9 178304]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-1-14 774392]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2013-1-14 403440]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-10-10 120088]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-1-14 35656]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-1-14 70384]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-1-14 50344]
    R2 dlbc_device;dlbc_device;c:\windows\system32\dlbccoms.exe -service --> c:\windows\system32\dlbccoms.exe -service [?]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-2-19 45848]
    S2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\photoshopelementsfileagent.exe --> c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [?]
    S2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\adobe\photoshop elements 3.0\photoshopelementsdeviceconnect.exe --> c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsDeviceConnect.exe [?]
    .
    =============== Created Last 30 ================
    .
    2013-11-10 21:54:59 -------- d-----w- c:\windows\ERUNT
    2013-11-10 21:05:42 -------- d-----w- C:\AdwCleaner
    2013-11-10 16:50:48 105176 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2013-11-10 16:50:48 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
    2013-11-10 16:49:12 75992 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2013-11-09 23:28:17 -------- d-----w- c:\program files\ESET
    2013-11-09 23:23:36 -------- d-----w- c:\users\dixie\appdata\roaming\AVAST Software
    2013-11-09 18:32:41 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
    2013-11-09 18:32:41 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2013-11-09 14:25:11 -------- d-----w- c:\users\dixie\appdata\roaming\SUPERAntiSpyware.com
    2013-11-09 14:24:56 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2013-11-09 14:24:56 -------- d-----w- c:\program files\SUPERAntiSpyware
    2013-11-09 03:50:42 650936 ----a-w- c:\programdata\microsoft\ehome\packages\sportstemplate\sportstemplatecore\Microsoft.MediaCenter.Sports.UI.dll
    2013-11-09 01:34:01 -------- d-----w- c:\users\dixie\appdata\roaming\TuneUp Software
    .
    ==================== Find3M ====================
    .
    2013-11-09 18:37:54 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-11-09 18:37:52 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2013-11-09 18:37:49 43152 ----a-w- c:\windows\avastSS.scr
    .
    ============= FINISH: 10:44:22.30 ===============
     
  12. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,831
    you have Avast antivirus installed so no need for windows defender to be active
    You also have some left over AVG entries that need dealing with

    use the AVG uninstaller to remove all left overs
    http://www.avg.com/gb-en/utilities

    I will ask one of the TA's who specialise in updating etc to offer you advice about what needs updating and there are quite a few outdated programs there
     
  13. patmac

    patmac Thread Starter

    Joined:
    May 14, 2004
    Messages:
    881
    I'll stick with Avast.
    Ran the AVG remover, after the restart, it said it needed to restart?? Which it did, again...
    Should I start a new thread in the Vista forum asking for update/startup help?

    Something to note, not sure what it means, but ever since I checked the "remove reminder" box for ASPCA, the boot time at restart has increased to 7 or 8 minutes, from 3 or 4 minutes prior. It's a definite increase because during the work you did, I had to restart a bunch of times, so I'm really aware of it. When the restart gets to the black screen with the narrow rectangular box at the bottom of the screen with the moving green bars in it, the bars stop moving, for two or three minutes, then go, then stop. They start and keep moving when there's activity on the hard drive.
     
  14. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,831
    removing the ASPCA reminder won't have done anything to the boot time
    somebody will reply in this topic to help you with the updates and cut down on any start upload
     
  15. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,629
    patmac:

    According to your AdwCleaner log in post #3, your computer is running Windows Vista Home Premium Service Pack 1 32-bit.
    Why hasn't it been upgraded to Service Pack 2 which was released in May 2009?

    -----------------------------------------------------------

    According to your DDS log in post #11, you appear to have a Dell Inspiron 531 or Dell Inspiron 531S desktop.
    Which one do you have, and what's the 7-character "service tag" number on it?

    -----------------------------------------------------------

    Concerning your list of installed programs:

    Adobe Reader 8.1.3 needs to be updated to version 11.0.05

    Java 7 Update 7 needs to be updated to version Java 7 Update 45(1.7.0.45)

    Java(TM) SE Runtime Environment 6
    Java(TM) 6 Update 22
    Java(TM) 6 Update 23
    all need to be uninstalled.

    Mozilla Firefox 20.0 needs to be updated to version 25.0
    If you no longer use this browser, uninstall it instead.

    OpenOffice.org 3.3.0 needs to be updated to Apache OpenOffice 4.0.1
    If you no longer use this suite, uninstall it instead.

    There are a LOT of other outdated and probably unused and unneeded programs and add-ons in your computer.
    Some serious "decluttering" is in order.

    -----------------------------------------------------------
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1112666