Jump to content

me82

Members
  • Content Count

    208
  • Joined

  • Last visited

About me82

  • Rank
    Member

Previous Fields

  • System Specifications:
    windows xp SP2 cdrw dvdrw intel hd
  1. me82

    vpn and browser vpn

    I am using a vpn for windows laptop. I am using opera 54 version I just started not to use opera built in vpn proxy. So My question is i don't have to use 2 vpns right. when i did an ip leak test and turned off opera vpn proxy, it revealed my vpn ip and not my actual ip address .Is that good?
  2. i have onekey optimizer program came installed on my laptop with windows 8.1. I ran a checkup and it says battery status good and then it has battery has been in use for a longtime calibration as soon as possible is recommended. it also says i can optimize the hard drive the boot partion, , power performance and a lot of other things ,but i'm not going to do. But is it safe to calibrate the battery.
  3. ok I see where there is a patch for some of the issues with malwarebytes
  4. I will hold off on doing the zemana antimalware
  5. My browsers are fine now, its just the new malwarebytes, When i did 2 scans a couple of days ago and deleted what it found restarted the computer , and open browser it showed index file . and then reset browswers it shows normal.
  6. what about my browsers not opening normally after i run a scan in malwarebytes Do i have to disable malwarebytes first then open my browser
  7. Fix result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016 Ran by Owner (20-12-2016 21:20:52) Run:1 Running from C:\Users\Owner\Desktop Loaded Profiles: Owner (Available Profiles: Owner) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: C:\Users\Owner\AppData\Local\Temp\libeay32.dll C:\Users\Owner\AppData\Local\Temp\msvcr120.dll C:\Users\Owner\AppData\Local\Temp\sqlite3.dll ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> " ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> " EmptyTemp: Hosts: End ***************** Restore point was successfully created. Processes closed successfully. C:\Users\Owner\AppData\Local\Temp\libeay32.dll => moved successfully C:\Users\Owner\AppData\Local\Temp\msvcr120.dll => moved successfully C:\Users\Owner\AppData\Local\Temp\sqlite3.dll => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully. C:\Users\Public\Desktop\Google Chrome.lnk => Shortcut argument removed successfully. C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6407355 B Java, Flash, Steam htmlcache => 456 B Windows/system/drivers => 812787576 B Edge => 0 B Chrome => 386651845 B Firefox => 204182951 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B
  8. when i installed the adblocker it went away from the homepage. (Safeseach) From tomsguide.com it said to Press and hold Windows key and R (Win+R) Copy and paste: %systemroot%\System32\GroupPolicy/Machine Delete : Registry.pol Restart the computer. and this link https://www.techsupportall.com/how-to-remove-safesearch-net-homepage-removal-help/
  9. dditional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016 Ran by Owner (20-12-2016 16:42:48) Running from C:\Users\Owner\Desktop Windows 7 Professional Service Pack 1 (X64) (2016-10-31 18:12:56) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-961524124-1411212058-1041103660-500 - Administrator - Disabled) Guest (S-1-5-21-961524124-1411212058-1041103660-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-961524124-1411212058-1041103660-1002 - Limited - Enabled) Owner (S-1-5-21-961524124-1411212058-1041103660-1001 - Administrator - Enabled) => C:\Users\Owner ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.181.14 - Adobe Systems Incorporated) Dell System Detect (HKU\S-1-5-21-961524124-1411212058-1041103660-1001\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell) Gigabyte Wireless LAN Card (HKLM-x32\...\{2C564A58-BD28-4926-95E1-EC7812FCA44F}) (Version: 1.00.0000 - Gigabyte) Google Chrome (HKLM-x32\...\{16C1182D-6E13-3989-A4BC-360B106D5C4E}) (Version: 54.0.2840.71 - Google, Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Malwarebytes version 3.0.4.1269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla) OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation) Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0FF23161-EB9E-4AB3-93EC-E0C5F6A10961} - System32\Tasks\{0BC15F45-0E9A-4980-B72C-8F0726195EB6} => pcalua.exe -a "C:\Users\Owner\Desktop\Dell driver software\PROSet.exe" -d "C:\Users\Owner\Desktop\Dell driver software" Task: {21D0A833-C8DA-416E-9F39-466C7976A40B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-31] (Google Inc.) Task: {32E4A7E2-E17E-4190-B103-4CB7EC80D21E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-31] (Google Inc.) Task: {8A4E1E6B-F689-47C4-AB88-0FDE06508D23} - System32\Tasks\{18A18759-B6F5-4E7F-B704-7492ACD8B881} => pcalua.exe -a C:\Users\Owner\Desktop\PROSet.exe -d C:\Users\Owner\Desktop (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> " ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> " ==================== Loaded Modules (Whitelisted) ============== 2016-12-17 12:51 - 2016-11-29 06:27 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2016-12-17 12:51 - 2016-11-29 06:27 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-12-17 12:51 - 2016-11-29 06:27 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2016-12-17 12:51 - 2016-11-08 09:46 - 00693248 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-961524124-1411212058-1041103660-1001\...\dell.com -> dell.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-961524124-1411212058-1041103660-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [sPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [sPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [{866803FD-2C6D-4482-8773-1BED7A76011E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9E10EE46-C05B-437E-96F5-8E56D6E5B315}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F4EF756C-B155-4620-93A2-5370AE5D94F5}] => C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe FirewallRules: [{225C20D6-FB3D-47A7-B85B-3F1695D86273}] => C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe FirewallRules: [{94FAB7E2-3330-46AF-BCE3-28EC66D42C41}] => C:\Program Files (x86)\SrpnFiles\downloader.exe FirewallRules: [{F9300FBC-C47A-4721-BDAF-1A873F9361A8}] => C:\Program Files (x86)\SrpnFiles\downloader.exe FirewallRules: [{0AC08974-A0D6-4E54-A31A-6F6A1C009353}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 31-10-2016 13:13:08 Windows Update 31-10-2016 13:59:39 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 05-11-2016 12:22:07 Installed Intel® Network Connections. 05-11-2016 12:46:04 Installed Gigabyte Wireless LAN Card 05-11-2016 15:19:55 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 05-11-2016 15:22:46 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 05-11-2016 15:25:13 Installed OpenOffice 4.1.3 05-11-2016 17:21:51 Installed Kaspersky Anti-Virus 2010. 14-11-2016 20:02:31 Revo Uninstaller's restore point - Kaspersky Anti-Virus 2010 14-11-2016 20:19:08 Windows Update 14-11-2016 23:10:21 Windows Update 17-12-2016 12:35:49 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/20/2016 03:21:17 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005). Error: (12/20/2016 02:52:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/19/2016 10:36:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/19/2016 06:30:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005). Error: (12/19/2016 05:38:36 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005). Error: (12/19/2016 05:02:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/17/2016 01:01:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/17/2016 11:47:55 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005). Error: (12/17/2016 11:20:59 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/14/2016 09:04:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (12/19/2016 10:33:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (12/19/2016 10:33:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (12/19/2016 10:33:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (12/17/2016 11:40:46 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Event-ID 2001 Error: (12/17/2016 11:35:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. Error: (12/17/2016 11:34:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. Error: (12/17/2016 11:33:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. Error: (12/17/2016 11:32:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. Error: (12/17/2016 11:31:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. Error: (12/17/2016 11:30:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. ==================== Memory info =========================== Processor: Intel® Pentium® 4 CPU 2.80GHz Percentage of memory in use: 53% Total physical RAM: 2038.15 MB Available physical RAM: 942.88 MB Total Virtual: 4076.3 MB Available Virtual: 2643.93 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.43 GB) (Free:53.41 GB) NTFS Drive f: () (Fixed) (Total:74.44 GB) (Free:74.35 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: FC78FC78) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: 41AB2316) Partition 1: (Not Active) - (Size=55 MB) - (Type=DE) Partition 2: (Active) - (Size=74.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  10. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016 Ran by Owner (administrator) on OWNER-PC (20-12-2016 16:41:33) Running from C:\Users\Owner\Desktop Loaded Profiles: Owner (Available Profiles: Owner) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2786768 2016-11-29] (Malwarebytes) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{9D69391E-5B78-4298-B9EB-3BDF78BF7400}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKU\S-1-5-21-961524124-1411212058-1041103660-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\pmwkzvnz.default-1482205545460 [2016-12-20] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2016-12-20] CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-05] CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-05] CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-05] CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-05] CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-05] CHR Extension: (Fair Ads (by STANDS)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gagfkmknmijppikpcikmbbkdkhggcmge [2016-12-20] CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-05] CHR Extension: (Fair AdBlocker (by STANDS)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2016-12-20] CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-05] CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-05] CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2016-11-29] () R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-17] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2016-12-20] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2016-12-20] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-20] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2016-12-20] (Malwarebytes) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-20 16:41 - 2016-12-20 16:42 - 00006779 _____ C:\Users\Owner\Desktop\FRST.txt 2016-12-20 16:41 - 2016-12-20 16:41 - 00000000 ____D C:\FRST 2016-12-20 16:39 - 2016-12-20 16:39 - 02420224 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe 2016-12-19 22:45 - 2016-12-19 22:45 - 00000000 ____D C:\Users\Owner\Desktop\Old Firefox Data 2016-12-19 22:02 - 2016-12-19 22:33 - 00000000 ____D C:\AdwCleaner 2016-12-19 21:59 - 2016-12-19 22:00 - 03910208 _____ C:\Users\Owner\Downloads\adwcleaner(2).exe 2016-12-17 13:07 - 2016-12-17 13:07 - 05659917 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix.exe 2016-12-17 12:52 - 2016-12-20 14:51 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2016-12-17 12:52 - 2016-12-20 14:51 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2016-12-17 12:52 - 2016-12-17 12:52 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2016-12-17 12:51 - 2016-12-20 14:51 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-12-17 12:51 - 2016-12-20 14:51 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-12-17 12:51 - 2016-12-17 12:51 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2016-12-17 12:51 - 2016-12-17 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2016-12-17 12:51 - 2016-12-17 12:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-12-17 12:51 - 2016-12-17 12:51 - 00000000 ____D C:\Program Files\Malwarebytes 2016-12-17 12:51 - 2016-11-29 06:27 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys 2016-12-17 12:33 - 2016-12-17 12:33 - 01631928 _____ (Malwarebytes) C:\Users\Owner\Downloads\JRT.exe 2016-12-14 21:06 - 2016-12-20 00:19 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Mozilla 2016-12-11 01:14 - 2016-12-19 22:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-20 14:58 - 2009-07-13 23:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-20 14:58 - 2009-07-13 23:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-20 14:50 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-19 22:34 - 2016-10-31 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-17 13:09 - 2016-11-03 16:21 - 00000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics 2016-12-17 12:58 - 2016-10-31 13:55 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-17 12:58 - 2016-10-31 13:55 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-17 12:58 - 2016-10-31 13:20 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-12-17 12:58 - 2016-10-31 13:19 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-12-17 12:58 - 2016-10-31 13:15 - 00001447 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-12-17 12:58 - 2016-10-31 13:15 - 00001413 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2016-12-17 12:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf 2016-12-17 12:00 - 2016-10-31 13:54 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 12:00 - 2016-10-31 13:53 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-17 11:46 - 2016-11-14 20:00 - 00001945 _____ C:\Windows\epplauncher.mif 2016-12-11 01:16 - 2016-11-03 07:45 - 00000000 ____D C:\Users\Owner\AppData\Local\Google 2016-12-10 23:45 - 2009-07-14 00:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI ==================== Files in the root of some directories ======= 2016-11-05 15:04 - 2016-11-05 15:04 - 0000000 _____ () C:\Users\Owner\AppData\Local\{17C1B774-83E0-4D5B-9952-55D0E7B5581A} Some files in TEMP: ==================== C:\Users\Owner\AppData\Local\Temp\libeay32.dll C:\Users\Owner\AppData\Local\Temp\msvcr120.dll C:\Users\Owner\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-12-19 22:33 ==================== End of FRST.txt ============================
  11. This (stands) adblocker for google does wonders
  12. I did a search on internet to get off the safesearch toolbar but it requires going in the registry deleting the safeseach entries pol file, and i don't want to go in the registry and mess up my computer. Even though the toolbar doesn't show anymore that doesn't mean its off my computer right?
  13. I am using a pc that was upgraded from xp to windows pro 7 and i did a scan on it using junkware first and it didn't get much off computer, then i downloaded malwarebytes the free version but it has trial version. it got some malware off when i restarted my pc and opened up google chrome the index file came up not normal google screen so i reset google and it shows normal again. This happens whenever i do a malwarebytes scan where just the index file come . It happened in firefox too and i had to go in settings and refresh firefox. Also the safesearch toolbar did not get removed in google chrome , I tried adware removal tool as well and i it took off was ask.com and aol.com. So i went in google extensions and downloaded adblocker( Stands) And went to google homepage and the safesearch toolbar does not show anymore because of the adblocker
  14. me82

    ssd in old pc

    What would be the best size ssd to get in an dell dimension e310 pc with windows 7 ? and is it supposed to be internal.
  15. The connectors are not like those
×