Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: HELP!!! Can someone who knows HJT logs, please take a look at the log below and  (Read 10863 times)

0 Members and 1 Guest are viewing this topic.

SwineSlayer

    Topic Starter


    Greenhorn

    • Experience: Familiar
    • OS: Windows Vista
    Just ran this log this evening.

    The main issue is that the HP Pavillion that I am using had to have a hard drive change out several months ago.  Lately, if I run the computer with a regular "boot up" I may get five minutes use out of it before it locks up tighter than a drum.  I have run just abouut every anti spyware program I have in my fle which is rather extensive - all to no avail.

    Thanks in advance for taking the time to review this log.

    Best Regards,

    SwineSlayer

    log deleted by Allan
    « Last Edit: May 18, 2013, 03:44:50 AM by Allan »

    Allan

    • Moderator

    • Mastermind
    • Thanked: 1260
    • Experience: Guru
    • OS: Windows 10
    1) HJT logs are old school and useless these days. If you suspect malware, Please follow the instructions in the following link and post your logs in the thread you create (NOT in this thread):
    http://www.computerhope.com/forum/index.php/topic,46313.0.html

    2) When you boot to safe mode, does the system work normally?

    SwineSlayer

      Topic Starter


      Greenhorn

      • Experience: Familiar
      • OS: Windows Vista
      Allan,

      Thanks for taking a look at my post.

      Still working all items in point #1 in your response. I will post all logs at once. NO, I am not sure it is malware.  I have run just about all I can on the computer and if I start the computer on a regular boot, I have about five minutes before it shuts down.

      As for posting to a new thread, no idea how to do it so I will continue to add to this if acceptable.  I have found that no matter where I post a log on any of these sites it is the wrong place or what not, so if OK, I will stay with this.

      As for computer working OK in "Safe Mode" - yes, it works without any issues so far.

      Thank you again for taking the time to review and advise.  I greatly appreciate it.

      Allan

      • Moderator

      • Mastermind
      • Thanked: 1260
      • Experience: Guru
      • OS: Windows 10
      I'll post your logs and move this to the appropriate place.


      Malwarebytes Anti-Malware 1.75.0.1300
      www.malwarebytes.org

      Database version: v2013.05.18.06

      Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking)
      Internet Explorer 9.0.8112.16421
      Howard :: HOWARD-PC [administrator]

      5/18/2013 2:52:22 PM
      mbam-log-2013-05-18 (14-52-22).txt

      Scan type: Quick scan
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
      Scan options disabled: P2P
      Objects scanned: 250297
      Time elapsed: 5 minute(s), 38 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      (end)

      CLEANING COMPLETE - (2.188 secs)
      ------------------------------------------------------------------------------------------
      3.01 MB removed.
      Secure file deletion enabled - Complex Overwrite (7 passes)
      ------------------------------------------------------------------------------------------

      Details of files deleted
      ------------------------------------------------------------------------------------------
      Windows Explorer - Thumbnail Cache   3,080 KB   6 files   
      ------------------------------------------------------------------------------------------
      C:\Users\Howard\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db   1 KB
      C:\Users\Howard\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db   1,024 KB
      C:\Users\Howard\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db   1 KB
      C:\Users\Howard\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db   2,048 KB
      C:\Users\Howard\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db   8 KB
      C:\Users\Howard\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db   1 KB

      .
      UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
      IF REQUESTED, ZIP IT UP & ATTACH IT
      .
      DDS (Ver_2012-11-20.01)
      .
      Microsoft® Windows Vista™ Home Premium
      Boot Device: \Device\HarddiskVolume1
      Install Date: 1/17/2013 4:49:52 PM
      System Uptime: 5/18/2013 12:45:36 PM (3 hours ago)
      .
      Motherboard: Quanta |  | 30D1
      Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-60 | Socket S1 | 2000/200mhz
      .
      ==== Disk Partitions =========================
      .
      C: is FIXED (NTFS) - 466 GiB total, 331.044 GiB free.
      D: is CDROM ()
      .
      ==== Disabled Device Manager Items =============
      .
      Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
      Description: NVIDIA nForce Networking Controller
      Device ID: PCI\VEN_10DE&DEV_054C&SUBSYS_30CF103C&REV_A2\3&2411E6FE&0&50
      Manufacturer: NVIDIA
      Name: NVIDIA nForce Networking Controller
      PNP Device ID: PCI\VEN_10DE&DEV_054C&SUBSYS_30CF103C&REV_A2\3&2411E6FE&0&50
      Service: NVENETFD
      .
      ==== System Restore Points ===================
      .
      .
      ==== Installed Programs ======================
      .
      Active@ ISO Burner
      Adobe Flash Player 11 ActiveX
      Adobe Flash Player 11 Plugin
      Adobe Reader XI (11.0.03)
      AOL Toolbar
      AOL Uninstaller (Choose which Products to Remove)
      Apple Application Support
      Apple Mobile Device Support
      Apple Software Update
      Atheros Driver Installation Program
      avast! Free Antivirus
      BlackBerry Desktop Software 7.1
      BlackBerry® Media Sync
      Bonjour
      Canon CanoScan Toolbox 4.1
      CCleaner
      Comodo Dragon
      COMODO Internet Security
      Compatibility Pack for the 2007 Office system
      Conexant HD Audio
      D3DX10
      Driver Genius Professional Edition
      File Shredder 2.5
      FileASSASSIN
      foobar2000 v1.2.5
      Google Chrome
      Google Earth
      Google Talk Plugin
      Google Update Helper
      HDAUDIO Soft Data Fax Modem with SmartCP
      Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
      Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
      HP Photo Creations
      HP Quick Launch Buttons 6.40 H2
      iCloud
      Internet Explorer (Enable DEP)
      iTunes
      Java 7 Update 21
      Java Auto Updater
      Junk Mail filter update
      magicJack
      Malwarebytes Anti-Malware version 1.75.0.1300
      Mesh Runtime
      Microsoft .NET Framework 3.5 SP1
      Microsoft .NET Framework 4 Client Profile
      Microsoft Application Error Reporting
      Microsoft Fix it Center
      Microsoft IntelliType Pro 8.2
      Microsoft Office File Validation Add-In
      Microsoft Office Professional Edition 2003
      Microsoft Research AutoCollage 2008 version 1.1
      Microsoft Silverlight
      Microsoft SQL Server 2005 Compact Edition [ENU]
      Microsoft VC9 runtime libraries
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
      Mozilla Firefox 20.0.1 (x86 en-US)
      Mozilla Maintenance Service
      MSVCRT
      MSXML 4.0 SP2 (KB927978)
      MSXML 4.0 SP2 (KB954430)
      MSXML 4.0 SP2 (KB973688)
      NetWaiting
      Nitro Reader 3
      NVIDIA Drivers
      PrimoPDF -- brought to you by Nitro PDF Software
      QuickTime
      Realtek High Definition Audio Driver
      Revo Uninstaller 1.94
      Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
      Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
      Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
      Segoe UI
      Smart Defrag 2
      Spotify
      Synaptics Pointing Device Driver
      The KMPlayer (remove only)
      Tilt Mouse 4 (Ver 0.01)
      Trend Micro RUBotted 2.0 Beta
      Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
      Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
      Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
      Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
      VC 9.0 Runtime
      VIA Velocity Family Gigabit Ethernet Adapter
      Viewpoint Media Player
      Walgreens PhotoShow Express
      Windows 7 Upgrade Advisor
      Windows Live Communications Platform
      Windows Live Essentials
      Windows Live Family Safety
      Windows Live ID Sign-in Assistant
      Windows Live Installer
      Windows Live Mail
      Windows Live Mesh
      Windows Live Mesh ActiveX Control for Remote Connections
      Windows Live MIME IFilter
      Windows Live Movie Maker
      Windows Live Photo Common
      Windows Live Photo Gallery
      Windows Live PIMT Platform
      Windows Live Remote Client
      Windows Live Remote Client Resources
      Windows Live Remote Service
      Windows Live Remote Service Resources
      Windows Live SOXE
      Windows Live SOXE Definitions
      Windows Live UX Platform
      Windows Live UX Platform Language Pack
      Windows Live Writer
      Windows Live Writer Resources
      WinPcap 4.1.1
      Word to PDF Convert 5.25
      ZoneAlarm LTD Toolbar
      .
      ==== End Of File ===========================

      Thank you for your time and attention.


      SwineSlayer

        Topic Starter


        Greenhorn

        • Experience: Familiar
        • OS: Windows Vista
        And where would that "appropriate place" be?

        SuperDave

        • Malware Removal Specialist


        • Genius
        • Thanked: 1020
        • Certifications: List
        • Experience: Expert
        • OS: Windows 10
        Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

        1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
        2. The fixes are specific to your problem and should only be used for this issue on this machine.
        3. If you don't know or understand something, please don't hesitate to ask.
        4. Please DO NOT run any other tools or scans while I am helping you.
        5. It is important that you reply to this thread. Do not start a new topic.
        6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
        7. Absence of symptoms does not mean that everything is clear.

        If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
        *************************************************************************
        Please download AdwCleaner by Xplode onto your Desktop.
        • Please close all open programs and internet browsers.
        • Double click on adwcleaner.exe to run the tool.
        • Click on Delete.
        • Confirm each time with OK
        • Your computer will be rebooted automatically. A text file will open after the restart.
        • Please post the content of that logfile in your reply.
        • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
        *********************************************
        Please download Junkware Removal Tool to your desktop.

        Warning! Once the scan is complete JRT will shut down your browser with NO warning.

        Shut down your protection software now to avoid potential conflicts.

        •Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

        •Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

        •The tool will open and start scanning your system.

        •Please be patient as this can take a while to complete depending on your system's specifications.

        •On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

        •Copy and Paste the JRT.txt log into your next message.
        *************************************************
        Download Security Check by screen317 from one of the following links and save it to your desktop.

        Link 1
        Link 2

        * Double-click Security Check.bat
        * Follow the on-screen instructions inside of the black box.
        * A Notepad document should open automatically called checkup.txt
        * Post the contents of that document in your next reply.

        Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
        Windows 8 and Windows 10 dual boot with two SSD's

        SwineSlayer

          Topic Starter


          Greenhorn

          • Experience: Familiar
          • OS: Windows Vista
          Super Dave,

          Thanks for stepping in as was getting no where exept even more frustrated.

          I want to make it clear that the computer I am using is the one with the issue.  I can only run in "Safe Mode" because if I run in a regular boot mode, I may have three to five minutes before the machine locks up.  Therefore, everything I am doing is in Safe Mode. Before I waste any more of your time and mine, will running these requested scans in Safe Mode have a different result? 

          As you have no doubt reviewed the logs already submitted, can you tell if the fan is running or not and the temp of the CPU? I cannot hear the fan running; however, the heat build up on the bottom of the machine is not that great and I would not expect it to be in such a short time.

          I appreciate your working with me on this/these issue(s). Again, before wasting any more of each others time, is the Safe Mode operation acceptable or not?

          Thanks,

          SwineSlayer

          SuperDave

          • Malware Removal Specialist


          • Genius
          • Thanked: 1020
          • Certifications: List
          • Experience: Expert
          • OS: Windows 10
          Quote
          Therefore, everything I am doing is in Safe Mode. Before I waste any more of your time and mine, will running these requested scans in Safe Mode have a different result?
          I suspect that this is a heating problem.Please download and run a scan with SpeedFan. The reason why it doesn't shut down in Safe Mode is because only minimum services are running.
          Windows 8 and Windows 10 dual boot with two SSD's

          SwineSlayer

            Topic Starter


            Greenhorn

            • Experience: Familiar
            • OS: Windows Vista
            Have tried to download "Speed Fan" from several different locations.  None will work.  A pop up asks if the driver is installed.  It says that it is on the log; however, cannot get past that issue therefore unable to run.  Thank God I live in a one story house or this computer would be on it way to pavement several floors below.....

            SuperDave

            • Malware Removal Specialist


            • Genius
            • Thanked: 1020
            • Certifications: List
            • Experience: Expert
            • OS: Windows 10
            Have tried to download "Speed Fan" from several different locations.  None will work.  A pop up asks if the driver is installed.  It says that it is on the log; however, cannot get past that issue therefore unable to run.  Thank God I live in a one story house or this computer would be on it way to pavement several floors below.....
            Can you download it on another computer and transfer it to your computer?
            Windows 8 and Windows 10 dual boot with two SSD's

            SwineSlayer

              Topic Starter


              Greenhorn

              • Experience: Familiar
              • OS: Windows Vista
              SD,

              Below please find a copy of the JRT scan.  I will forward the other two when completed.  The JRT scan was run in Safe Mode and I will try and run the other scans via regular boot.

              Thanks.

              SwineSlayer

              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
              Junkware Removal Tool (JRT) by Thisisu
              Version: 4.9.4 (05.06.2013:1)
              OS: Windows Vista (TM) Home Premium x86
              Ran by Howard on Tue 05/21/2013 at  9:21:20.27
              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




              ~~~ Services

              Successfully stopped: [Service] browserprotect
              Successfully deleted: [Service] browserprotect



              ~~~ Registry Values

              Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page



              ~~~ Registry Keys

              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\mixidj
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\totalrecipesearch_14ei
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\search settings
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}
              Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0021804.BHO
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0021804.BHO
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3298573
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{05AF0AD6-7102-4BCF-8730-CAB7AEAB6E17}
              Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
              Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
              Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
              Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
              Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"



              ~~~ Files

              Successfully deleted: [File] "C:\end"
              Successfully deleted: [File] C:\eula.1028.txt
              Successfully deleted: [File] C:\eula.1031.txt
              Successfully deleted: [File] C:\eula.1033.txt
              Successfully deleted: [File] C:\eula.1036.txt
              Successfully deleted: [File] C:\eula.1040.txt
              Successfully deleted: [File] C:\eula.1041.txt
              Successfully deleted: [File] C:\eula.1042.txt
              Successfully deleted: [File] C:\eula.2052.txt
              Successfully deleted: [File] C:\install.res.1028.dll
              Successfully deleted: [File] C:\install.res.1031.dll
              Successfully deleted: [File] C:\install.res.1033.dll
              Successfully deleted: [File] C:\install.res.1036.dll
              Successfully deleted: [File] C:\install.res.1040.dll
              Successfully deleted: [File] C:\install.res.1041.dll
              Successfully deleted: [File] C:\install.res.1042.dll
              Successfully deleted: [File] C:\install.res.2052.dll
              Successfully deleted: [File] C:\install.res.3082.dll



              ~~~ Folders

              Successfully deleted: [Folder] "C:\ProgramData\babylon"
              Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
              Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
              Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
              Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
              Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
              Successfully deleted: [Folder] "C:\ProgramData\viewpoint"
              Successfully deleted: [Folder] "C:\ProgramData\wincert"
              Successfully deleted: [Folder] "C:\Users\Howard\AppData\Roaming\babylon"
              Successfully deleted: [Folder] "C:\Users\Howard\AppData\Roaming\opencandy"
              Successfully deleted: [Folder] "C:\Users\Howard\appdata\local\babylon"
              Successfully deleted: [Folder] "C:\Users\Howard\appdata\local\conduit"
              Successfully deleted: [Folder] "C:\Users\Howard\appdata\local\coupon companion plugin"
              Successfully deleted: [Folder] "C:\Users\Howard\appdata\local\ilivid"
              Successfully deleted: [Folder] "C:\Users\Howard\appdata\locallow\conduit"
              Successfully deleted: [Folder] "C:\Program Files\browserprotect"
              Successfully deleted: [Folder] "C:\Program Files\conduit"
              Successfully deleted: [Folder] "C:\Program Files\driver-soft"
              Successfully deleted: [Folder] "C:\Program Files\mixidj"
              Successfully deleted: [Folder] "C:\Program Files\search results toolbar"
              Successfully deleted: [Folder] "C:\Program Files\viewpoint"
              Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot"
              Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
              Successfully deleted: [Folder] "C:\ai_recyclebin"
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{037E1F0E-08AF-4A75-8146-1B54365400D6}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{0852317F-0665-406D-9B99-CF48B10C4F00}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{12551B0B-2AF5-4148-B648-1858D4CB8B33}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{24CC1CE8-501F-4EBE-B051-38D04D68D27C}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{29AEF431-AE97-4829-8BA5-BCB6BA0FF4E5}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{36F08147-8B63-47CF-AAA2-4BB37FBFF583}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{475DC22D-ED46-4999-A25F-1A4631B7319A}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{60754F16-E1A7-4B6A-A893-2B7FB02B2FA0}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{8735DDC8-8D45-47BD-AD12-71CE474000D9}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{ABB5C42C-796C-43D5-A41A-038F1A72E20E}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{AE9BD801-AB39-4479-8647-DFEB9FFD56CC}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{C62453F3-3654-4960-838A-FC61F5E832A4}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{F1557824-C339-45A2-8CE5-8E565134D31A}
              Successfully deleted: [Empty Folder] C:\Users\Howard\appdata\local\{F9842B64-E2F3-4D74-986C-76EF874E19E1}
              Successfully deleted: [Folder] "C:\ProgramData\ask"



              ~~~ FireFox

              Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\search_results.xml"
              Successfully deleted: [File] C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\bqm8qhci.default-1362589089732\user.js
              Successfully deleted: [File] C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\bqm8qhci.default-1362589089732\bprotector_extensions.sqlite
              Successfully deleted: [File] "C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\bqm8qhci.default-1362589089732\extensions\[email protected]"
              Successfully deleted: [File] C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\bqm8qhci.default-1362589089732\extensions\[email protected]
              Successfully deleted: [Folder] C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\bqm8qhci.default-1362589089732\jetpack
              Successfully deleted: [Folder] C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\bqm8qhci.default-1362589089732\extensions\staged
              Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
              Successfully deleted the following from C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\bqm8qhci.default-1362589089732\prefs.js

              user_pref("CT3298573_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1369067411169,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
              user_pref("browser.search.defaultthis.engineName", "MixiDJ V37 Customized Web Search");
              user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&CUI=UN30100869021999146&UM=2&SearchSource=3&q={searchTerms}");
              user_pref("extensions.brandthunder.websearchplus", false);
              user_pref("extensions.browserprotect.searchProvide rExceptions", "hxxp://en.wikipedia.org/wiki/Special:Search;hxxp://search.yahoo.com/search;hxxp://www.answers.com/main/ntquery
              user_pref("extensions.browserprotect.urlBarExcepti ons", "hxxp://www.google.com;hxxp://search.yahoo.com;hxxp://search.live.com;hxxp://en.wikipedia.org;chrome://*;chrome://brows
              user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio
              user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.
              user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_product_name", "Updater By SweetPacks");
              Emptied folder: C:\Users\Howard\AppData\Roaming\mozilla\firefox\profiles\bqm8qhci.default-1362589089732\minidumps [12 files]



              ~~~ Event Viewer Logs were cleared





              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
              Scan was completed on Tue 05/21/2013 at  9:23:10.55
              End of JRT log
              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

              SwineSlayer

                Topic Starter


                Greenhorn

                • Experience: Familiar
                • OS: Windows Vista
                Results of second requested scan.

                SS

                 UNSUPPORTED OPERATING SYSTEM! ABORTED!

                SuperDave

                • Malware Removal Specialist


                • Genius
                • Thanked: 1020
                • Certifications: List
                • Experience: Expert
                • OS: Windows 10
                Any luck taking the temperature with SpeedFan?
                Windows 8 and Windows 10 dual boot with two SSD's