Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser freezing, lagging, generally terribly slow


  • This topic is locked This topic is locked
7 replies to this topic

#1 Simply Nick

Simply Nick

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:06:04 AM

Posted 26 March 2013 - 10:22 AM

Previous thread - Please read the responses so you know what I've done so far!

 

I have followed the Preparation Guide, but still decided to open a thread.

 

My browser, Google Chrome, has the need to..

- Freeze for no apparent reason, taking it about 5-10 seconds before closing a tab

- Loading (sometimes) the sites I enter very slowly.

- Radio stations getting interruptions at times

- Sounds continuing (Youtube, Twitch) for a short duration after going back to previous location on the website. 

 

My laptop was bought about 3 years ago. It's getting old, but it still performs well for it's age. I have never suffered these problems until recently. I do not know what is wrong.

 

Here are the DDS logs.

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.15.2
Run by Nicklas at 16:08:51 on 2013-03-26
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.45.1030.18.3071.1312 [GMT 1:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\System Control Manager\MSIService.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
C:\windows\system32\DRIVERS\o2flash.exe
C:\windows\system32\PnkBstrA.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Users\Nicklas\AppData\Local\Akamai\netsession_win.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Users\Nicklas\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\DllHost.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.127\deploy\LoLLauncher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.253\deploy\LolClient.exe
C:\Users\Nicklas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicklas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicklas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicklas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicklas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicklas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicklas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicklas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\svchost.exe -k Akamai
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\svchost.exe -k bthsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
uDefault_Page_URL = hxxp://www.msi.com
mStart Page = hxxp://www.google.com
uProxyOverride = 127.0.0.1:9421;<local>;*.local
uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
uURLSearchHooks: {6d8d66f3-14fc-4736-a096-fac0ea66289c} - <orphaned>
uURLSearchHooks: {90b49673-5506-483e-b92b-ca0265bd9ca8} - <orphaned>
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Uniblue RegistryBooster2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [OpenGl] c:\users\nicklas\appdata\roaming\opencl\OpenCl.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\users\nicklas\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "c:\users\nicklas\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTAgent.exe" -autorun
uRun: [Akamai NetSession Interface] "c:\users\nicklas\appdata\local\akamai\netsession_win.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [MGSysCtrl] c:\program files\system control manager\MGSysCtrl.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Everything] "c:\program files\everything\Everything.exe" -startup
StartupFolder: c:\users\nicklas\appdata\roaming\micros~1\windows\startm~1\programs\startup\screen~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-System: EnableLUA = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files\sweetim\toolbars\internet explorer\resources\menuext.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 193.162.153.164 194.239.134.83
TCP: Interfaces\{17C5E30B-9C75-46FE-BD0A-8AE616557D8C} : DHCPNameServer = 89.150.129.22 89.150.129.10
TCP: Interfaces\{7228B3DF-D7A3-4CE7-9D30-350F50C1C2A5} : DHCPNameServer = 193.162.153.164 194.239.134.83
TCP: Interfaces\{7228B3DF-D7A3-4CE7-9D30-350F50C1C2A5}\752425D233430383 : DHCPNameServer = 89.150.129.22 89.150.129.10
TCP: Interfaces\{7AB46BF5-A035-4E50-B215-A2B15F698749} : DHCPNameServer = 193.162.153.164 194.239.134.83
TCP: Interfaces\{7AB46BF5-A035-4E50-B215-A2B15F698749}\5565D255375627 : DHCPNameServer = 192.168.132.10 195.231.241.25
TCP: Interfaces\{7AB46BF5-A035-4E50-B215-A2B15F698749}\95F455355454D275946494 : DHCPNameServer = 194.239.10.172
TCP: Interfaces\{9E4CCE2D-8F80-46D4-8ACF-A11C7C4D32FF} : DHCPNameServer = 193.162.153.164 194.239.134.83
TCP: Interfaces\{A8E5DA83-355E-4EF9-BC1C-9047DCF17D59} : DHCPNameServer = 193.162.153.164 194.239.134.83
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\nicklas\appdata\roaming\mozilla\firefox\profiles\f5980m1t.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.b1.org/?bsrc=4hfxr&chid=c162341
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\npjpi170_15.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\nicklas\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\nicklas\appdata\local\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\users\nicklas\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\hi-rez studios\HiPatchService.exe [2012-4-22 8704]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-14 20992]
R2 IAANTMON;Intel® Matrix Storage Event Monitor;c:\program files\intel\intel matrix storage manager\IAANTmon.exe [2009-11-19 354840]
R2 Micro Star SCM;Micro Star SCM;c:\program files\system control manager\MSIService.exe [2009-11-19 160768]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2009-8-26 59904]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2009-7-14 52768]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2009-7-10 42400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2009-11-19 17408]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\drivers\enecirhid.sys [2009-8-26 11776]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\drivers\enecirhidma.sys [2009-8-26 5632]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-5 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-10-20 6114816]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-21 52224]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\razer\razer game booster\driver\WinRing0.sys [2012-11-13 14416]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-23 47128]
S4 RsFx0105;RsFx0105 Driver;c:\windows\system32\drivers\RsFx0105.sys [2011-9-22 238696]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2011-9-22 370024]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2074-05-07 17:38:48 203576 ------w- c:\program files\microsoft games\age of empires iii\autopatcher2.exe
2013-03-26 07:33:25 -------- d-----w- c:\users\nicklas\appdata\local\{7790E5DB-3FD3-4E25-9291-5B1001FAF99A}
2013-03-25 07:31:57 -------- d-----w- c:\users\nicklas\appdata\local\{44561175-AADC-43A2-9163-512F44B517D8}
2013-03-24 06:08:50 -------- d-----w- c:\users\nicklas\appdata\roaming\JAM Software
2013-03-24 06:08:49 -------- d-----w- c:\program files\JAM Software
2013-03-24 06:07:36 -------- d-----w- c:\program files\Everything
2013-03-24 04:39:35 7108640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5900bfe2-cecd-4753-bfa0-3eb3d6a48f3b}\mpengine.dll
2013-03-24 04:14:00 -------- d-----w- c:\users\nicklas\appdata\local\{F4E660FE-1B88-4663-B0F5-A634ED96F06E}
2013-03-23 09:37:04 -------- d-----w- c:\program files\ESET
2013-03-23 09:31:02 192 ----a-w- c:\windows\DeleteOnReboot.bat
2013-03-23 09:25:46 -------- d-----w- C:\TDSSKiller_Quarantine
2013-03-23 07:10:36 -------- d-----w- c:\users\nicklas\appdata\local\{9B844030-7A59-4CD4-9F67-5DC2FDC38453}
2013-03-22 00:45:51 -------- d-----w- c:\users\nicklas\appdata\local\{AE00A92E-B48D-4ECC-BA9E-D4596F5EEA31}
2013-03-21 00:09:25 -------- d-----w- c:\users\nicklas\appdata\local\{4C4ECF41-6E9F-4086-B874-EAD4727401D6}
2013-03-19 05:30:34 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-19 05:30:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-19 05:28:07 -------- d-----w- c:\users\nicklas\appdata\local\{079D0CD1-30A8-4AF5-BB2D-7D41FBDB2A87}
2013-03-19 04:49:06 -------- d-----w- c:\users\nicklas\appdata\roaming\ParetoLogic
2013-03-19 04:49:06 -------- d-----w- c:\users\nicklas\appdata\roaming\DriverCure
2013-03-19 04:46:33 -------- d-----w- c:\programdata\ParetoLogic
2013-03-19 04:46:33 -------- d-----w- c:\program files\ParetoLogic
2013-03-11 08:12:02 -------- d-----w- c:\windows\ta
2013-03-03 14:31:36 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M  ====================
.
2013-03-13 13:27:35 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-13 13:27:35 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-03 14:31:20 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-03 14:31:20 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-03 16:56:37 12872 ----a-w- c:\windows\system32\bootdelete.exe
.
============= FINISH: 16:10:49,69 ===============
 
I have an USB Drive laying around so I can save whatever I need to save, in case I need to re-install windows or restore to factory.

Attached Files


Edited by Simply Nick, 26 March 2013 - 10:24 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:04 AM

Posted 27 March 2013 - 08:54 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM. Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

    For complete or visual instructions on installing and running Malwarebytes Anti-Malware please read this link

    Post back with the Malwarebytes Anti-Malware log once it's complete.
    ===

    Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
    Link 1
    Link 2

    IMPORTANT !!! Save ComboFix.exe to your Desktop

    1. Close any open browsers.
    2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    3. Do not install any other programs until this if fixed.


    How to : Disable Anti-virus and Firewall...
    http://www.bleepingcomputer.com/forums/topic114351.html

    Double click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

    Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

    Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
    ===

    Third party programs if not up to date can be the cause of infiltration an infection.

    Please run this security check for my review.

    Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document. ===

    Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

    Please download AdwCleaner
  • by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
    Please post the logs DO NOT ATTACH THEM, for my review. Let me know what problem persists.
  • [/list]


#3 Simply Nick

Simply Nick
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:06:04 AM

Posted 27 March 2013 - 10:00 AM

Malwarebytes

====================================================================

 

 

Skanningstype: Hurtig skanning
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 226160
Tid gået: 13 minut(ter), 11 sekund(er)
 
Hukommelses Processorer Inficeret: 0
(Ingen skadelige objekter blev fundet)
 
Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)
 
Registreringsdatabasenøgler Inficeret: 0
(Ingen skadelige objekter blev fundet)
 
Registreringsdatabaseværdier Inficeret: 0
(Ingen skadelige objekter blev fundet)
 
Registreringsdatabasedata Objekter Inficeret: 0
(Ingen skadelige objekter blev fundet)
 
Inficerede Mapper: 0
(Ingen skadelige objekter blev fundet)
 
Inficerede Filer: 0
(Ingen skadelige objekter blev fundet)
 
(færdig)
 

 

 

 

ComboFix

====================================================================

 

 

ComboFix 13-03-27.01 - Nicklas 27-03-2013  15:32:27.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.45.1030.18.3071.1929 [GMT 1:00]
Kører fra: c:\users\Nicklas\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Dannede nyt systemgendannelsespunkt
.
.
(((((((((((((((((((((((((((((((((((((((   Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Nicklas\AppData\Local\assembly\tmp
c:\users\Nicklas\AppData\Roaming\OpenCl
c:\users\Nicklas\AppData\Roaming\OpenCl\OpenCl.exe
c:\users\Nicklas\AppData\Roaming\windows
c:\users\Nicklas\AppData\Roaming\windows\Logger
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Tjenester   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NEWDRIVER
-------\Service_NEWDRIVER
.
.
(((((((((((((((((((((((((((((   Filer skabt fra 2013-02-27 til 2013-03-27  )))))))))))))))))))))))))))))))))))
.
.
2074-05-07 17:38 . 2006-11-21 19:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2013-03-27 14:39 . 2013-03-27 14:44 -------- d-----w- c:\users\Nicklas\AppData\Local\temp
2013-03-27 14:39 . 2013-03-27 14:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-24 04:39 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5900BFE2-CECD-4753-BFA0-3EB3D6A48F3B}\mpengine.dll
2013-03-23 09:31 . 2013-03-23 09:31 192 ----a-w- c:\windows\DeleteOnReboot.bat
2013-03-23 09:25 . 2013-03-23 09:25 -------- d-----w- C:\TDSSKiller_Quarantine
2013-03-19 05:30 . 2013-03-19 05:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-19 05:30 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-19 04:49 . 2013-03-19 04:49 -------- d-----w- c:\users\Nicklas\AppData\Roaming\ParetoLogic
2013-03-19 04:49 . 2013-03-19 04:49 -------- d-----w- c:\users\Nicklas\AppData\Roaming\DriverCure
2013-03-19 04:46 . 2013-03-19 05:02 -------- d-----w- c:\programdata\ParetoLogic
2013-03-19 04:46 . 2013-03-19 04:46 -------- d-----w- c:\program files\ParetoLogic
2013-03-11 08:12 . 2013-03-21 07:18 -------- d-----w- c:\windows\ta
2013-03-03 14:31 . 2013-03-03 14:31 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 13:27 . 2013-01-09 19:54 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-13 13:27 . 2013-01-09 19:54 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-03 14:31 . 2012-05-19 18:55 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-03 14:31 . 2010-09-20 18:27 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-17 00:28 . 2010-08-30 18:03 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-03 16:56 . 2012-12-10 18:29 12872 ----a-w- c:\windows\system32\bootdelete.exe
.
.
(((((((((((((((((((((((((((((((((((   Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"Facebook Update"="c:\users\Nicklas\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-10-26 138096]
"Akamai NetSession Interface"="c:\users\Nicklas\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2009-08-28 2072576]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"Everything"="c:\program files\Everything\Everything.exe" [2009-03-13 602624]
.
c:\users\Nicklas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Screen Clipper and Launcher til OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CineForm Status.lnk]
backup=c:\windows\pss\CineForm Status.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 10.lnk]
backup=c:\windows\pss\Snagit 10.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Nicklas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4M8LUBN1S3V6B
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl
.
R2 XAMPP;XAMPP Service;c:\xampp\service.exe [x]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [x]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\Razer\Razer Game Booster\Driver\WinRing0.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [x]
S2 IAANTMON;Intel® Matrix Storage Event Monitor;c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [x]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ   Akamai
.
Indhold af mappen 'Planlagte Opgaver'
.
2013-03-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 13:27]
.
2013-03-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2325770114-712837776-4098428128-1000Core.job
- c:\users\Nicklas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-26 16:18]
.
2013-03-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2325770114-712837776-4098428128-1000UA.job
- c:\users\Nicklas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-26 16:18]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-12 19:15]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-12 19:15]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2325770114-712837776-4098428128-1000Core.job
- c:\users\Nicklas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-08 20:26]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2325770114-712837776-4098428128-1000UA.job
- c:\users\Nicklas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-08 20:26]
.
2013-03-20 c:\windows\Tasks\RegCure Pro.job
- c:\program files\ParetoLogic\RegCure Pro\RegCurePro.exe [2012-10-22 20:06]
.
.
------- Yderligere scanning -------
.
ustart page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>;*.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
FF - ProfilePath - c:\users\Nicklas\AppData\Roaming\Mozilla\Firefox\Profiles\f5980m1t.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.b1.org/?bsrc=4hfxr&chid=c162341
.
- - - - TOMME GENVEJE FJERNET - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
URLSearchHooks-{6d8d66f3-14fc-4736-a096-fac0ea66289c} - (no file)
URLSearchHooks-{90b49673-5506-483e-b92b-ca0265bd9ca8} - (no file)
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
URLSearchHooks-{7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{6D8D66F3-14FC-4736-A096-FAC0EA66289C} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
WebBrowser-{7473B6BD-4691-4744-A82B-7854EB3D70B6} - (no file)
HKCU-Run-Uniblue RegistryBooster2 - c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
HKCU-Run-OpenGl - c:\users\Nicklas\AppData\Roaming\OpenCl\OpenCl.exe
HKCU-Run-DAEMON Tools Pro Agent - c:\program files\DAEMON Tools Pro\DTAgent.exe
SafeBoot-BsScanner
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-SmartDraw VP - c:\smartd~1\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_ca0e279.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hi-Rez Studios\HiPatchService.exe
c:\windows\system32\taskhost.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\MySQL\MySQL Server 5.5\bin\mysqld.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Gennemført tid: 2013-03-27  15:48:09 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2013-03-27 14:48
.
Pre-Kørsel: 129.718.382.592 byte ledig
Post-Kørsel: 130.862.718.976 byte ledig
.
- - End Of File - - D426F245930FF8FA207CDFB7A7D23ABE
 
 
 
 

Security Check

====================================================================

 

It opened as change.log and not checkup.txt

I could not find any checkup.txt files

 

====================================================================

 

 

 
Notepad++ v5.9.3 new features and fixed bugs:
 
1.  Update Scintilla to 2.27.
2.  Make Recent File List totally customizable.
3.  Add Vertical File Switcher feature.
4.  Add active folding area highlighting feature (only for box and circle mode).
5.  Detect the absence of Scintilla.
6.  Add 2 plugins messages NPPM_GETLANGUAGENAME & NPPM_GETLANGUAGEDESC.
7.  Fix "Replace all" feature hangs on the Regular Expression '$'.
8.  Fix wrong result returned by NPPM_GETLANGUAGENAME.
 
 
Notepad++ v5.9.2 fixed bugs:
 
1.  Fix the Clipboard History crash issue while no data in Clipboard.
2.  Fix the local directory installation option ignored issue in Installer.
3.  Reduce the recent file history width to 32 characters.
 
 
Notepad++ v5.9.1 new features:
 
1.  Add Character Insertion Panel.
2.  Add Clipboard History feature.
3.  Add find characters in range feature.
 
 
Notepad++ v5.9 new features and fixed bugs (from v5.8.7):
 
1.  Update Scintilla from 2.21 to 2.25
2.  New feature: Non-greedy regular expression (Scintilla).
3.  Add Copy/Cut/Paste Binary Content feature.
4.  Add "paste HTML content" and "paste RTF content" commands.
5.  Fix the inverse of title and message for some MessageBox.
6.  Add "Remove Unmarked Lines" command.
7.  Add "Column Mode Tip" to notice users the usage of column mode in Notepad++.
8.  Make stream comment of php/javascript foldable.
 
 
Included plugins (Unicode):
 
1.  Spell Checker v1.3.3
2.  NppFTP 0.23
3.  NppExport v0.2.8
4.  Plugin Manager 0.9.3.1
5.  Converter 3.0
 
 
 
Included plugins (ANSI):
 
1.  TextFX v0.25
2.  NppExec v0.4.1
3.  Spell Checker v1.3.3
4.  NppExport v0.2.8
5.  Light Explorer v1.6
6.  Compare Plugin 1.5.5
7.  Plugin Manager 0.9.3.1
 
 
 
 
 

AdwCleaner

====================================================================

 
***** [Servicer] *****
 
 
***** [Filer / Mapper] *****
 
Mapper Slettet : C:\Users\Nicklas\AppData\LocalLow\Conduit
Slettet på genstart : C:\Users\Nicklas\AppData\Roaming\Mozilla\Firefox\Profiles\f5980m1t.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}
 
***** [Registeret] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
[OK] Registeret er rent.
 
-\\ Mozilla Firefox v3.6.17 (da)
 
Filer : C:\Users\Nicklas\AppData\Roaming\Mozilla\Firefox\Profiles\f5980m1t.default\prefs.js
 
[OK] Filen er ren.
 
-\\ Google Chrome v25.0.1364.172
 
Filer : C:\Users\Nicklas\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] Filen er ren.
 
-\\ Opera v12.2.1578.0
 
Filer : C:\Users\Nicklas\AppData\Roaming\Opera\Opera\operaprefs.ini
 
[OK] Filen er ren.
 
*************************
 
AdwCleaner[S1].txt - [48636 octets] - [23/03/2013 10:30:53]
AdwCleaner[S2].txt - [1223 octets] - [27/03/2013 16:01:53]
 
########## EOF - C:\AdwCleaner[S2].txt - [1283 octets] ##########

Edited by Simply Nick, 27 March 2013 - 10:04 AM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:04 AM

Posted 27 March 2013 - 10:33 AM

Security Check
====================================================================

It opened as change.log and not checkup.txt
I could not find any checkup.txt files

Notepad++ v5.9.3 new features and fixed bugs:

1. Update Scintilla to 2.27.
2. Make Recent File List totally customizable.
3. Add Vertical File Switcher feature. ETC...

This was not the log I expected.

Can you please run the Security Check program. Right Click on the .exe file and run as an Administrator.

===

How is the computer performing?

#5 Simply Nick

Simply Nick
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:06:04 AM

Posted 27 March 2013 - 11:22 AM

Security Check
====================================================================

It opened as change.log and not checkup.txt
I could not find any checkup.txt files

Notepad++ v5.9.3 new features and fixed bugs:

1. Update Scintilla to 2.27.
2. Make Recent File List totally customizable.
3. Add Vertical File Switcher feature. ETC...

This was not the log I expected.

Can you please run the Security Check program. Right Click on the .exe file and run as an Administrator.

===

How is the computer performing?

 

 

 Results of screen317's Security Check version 0.99.61  
 Windows 7 Service Pack 1 x86   
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.70.0.1100  
 JavaFX 2.1.0    
 Java™ 6 Update 29  
 Java 7 Update 15  
 Java version out of Date! 
 Adobe Flash Player 11.6.602.180  
 Mozilla Firefox (3.6.17) Firefox out of Date!  
 Google Chrome 25.0.1364.152  
 Google Chrome 25.0.1364.172  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
================
 
It has actually improved!
Everything loads in a split second! I can open/close tabs without freezing now.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:04 AM

Posted 27 March 2013 - 12:34 PM

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

If present remove the old version(s) of Java using the Add/Remove Programs applet.


Java 6 Update 29
Java 7 Update 15



Java 7 update 10 introduced important new security controls
You can read about it here.
http://nakedsecurity.sophos.com/2012/12/19/java-7-update-10-introduces-important-new-security-controls/

Note
Java security update installs Ask Toolbar by default -- a single click in a multi-step installer.
http://www.benedelman.org/images/iac-jan13/ask-iac-011613-small.png
I suggest that your un-check the box "Install the Ask Toolbar" before proceeding.
===

Chrome issued an update yesterday. You should get it.
===

If all is well:

Time for some housekeeping
  • The following will implement some cleanup procedures as well as reset System Restore points:
  • Click Start > Run and copy/paste the following bold text into the Run box and click OK:
  • ComboFix /Uninstall
  • ===

    To remove AdwCleaner.

    Please double click on AdwCleaner.exe to run the tool.
    Click on Uninstall.
    Confirm with Yes.

    If you decide to keep the AdwCleaner tool make sure to delete your version and download the latest before running it.

    Delete the other tools we used.
    You can Keep the DDS tool as most forum will ask to see a log before suggesting a fix.

    Surf Safely, and Think Prevention!
    ===


#7 Simply Nick

Simply Nick
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:06:04 AM

Posted 27 March 2013 - 05:52 PM

Thanks a lot. All programs used have been successfully removed and java has been updated.



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:04 AM

Posted 28 March 2013 - 07:57 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users