Solved The old multiple dllhost.exe again

[TheDaver]

ComboFix Scan Results follow:
Zoek.exe v5.0.0.0 Updated 13-01-2015
Tool run by Dianne C. Greene on Tue 01/13/2015 at 13:45:19.92.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Dianne C. Greene\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
1/13/2015 1:46:40 PM Zoek.exe System Restore Point Created Succesfully.
==== Empty Folders Check ======================
C:\Program Files\CrossLoop deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Pure Networks deleted successfully
C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP deleted successfully
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Documents and Settings\Dianne C. Greene\Application Data\AdobeUM deleted successfully
C:\Documents and Settings\Dianne C. Greene\Application Data\Malwarebytes deleted successfully
C:\Documents and Settings\Dianne C. Greene\Local Settings\Application Data\NOS deleted successfully
==== Batch Command(s) Run By Tool======================

==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
====== C:\DOCUME~1\DIANNE~1.GRE\LOCALS~1\Temp ====
====== Java Cache =====
====== C:\WINDOWS\system32 =====
2015-01-13 00:54:14 2E8EE30A29AD149DD94283AE64C7B6F4 701616 ----a-w- C:\WINDOWS\System32\FlashPlayerApp.exe
2015-01-13 00:54:13 2EB0D3528698E825AC3E31F20FEC5FF7 71344 ----a-w- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
====== C:\WINDOWS\system32\drivers =====
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Documents and Settings\Dianne C. Greene\Application Data ======
====== C:\Documents and Settings\Dianne C. Greene ======
2015-01-11 18:42:53 F92CE6E6B3A0AB75E48D9A6BE9DDB550 16448208 ----a-w- C:\Documents and Settings\Dianne C. Greene\Desktop\mbar-1.08.2.1001.exe
2015-01-09 23:33:29 BA4E79B5A1287A0522A68C0BFF73EDCA 1115648 ----a-w- C:\Documents and Settings\Dianne C. Greene\Desktop\FRST.exe
====== C: exe-files ==
2015-01-13 01:01:28 92ABBC6E52E32F8F66684F90BF4A25CE 1295360 ----a-w- C:\RECYCLER\S-1-5-21-3185998156-573555425-3388748354-1006\Dc70.exe
2015-01-13 01:01:05 92ABBC6E52E32F8F66684F90BF4A25CE 1295360 ----a-w- C:\RECYCLER\S-1-5-21-3185998156-573555425-3388748354-1006\Dc69.exe
2015-01-13 00:59:00 92ABBC6E52E32F8F66684F90BF4A25CE 1295360 ----a-w- C:\RECYCLER\S-1-5-21-3185998156-573555425-3388748354-1006\Dc68.exe
2015-01-13 00:54:14 2E8EE30A29AD149DD94283AE64C7B6F4 701616 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-11 18:51:39 FAB83053CAE661446491946824E843CC 821560 ----a-w- C:\Documents and Settings\Dianne C. Greene\Desktop\mbar\Plugins\fixdamage.exe
2015-01-11 18:51:39 EACCC127C05090878AC0153FA17C4E65 54072 ----a-w- C:\Documents and Settings\Dianne C. Greene\Desktop\mbar\mbamdor.exe
2015-01-11 18:51:39 2E65369E31EC7B7C95ABCD5516A06B5F 1216824 ----a-w- C:\Documents and Settings\Dianne C. Greene\Desktop\mbar\mbar.exe
2015-01-11 18:48:39 F92CE6E6B3A0AB75E48D9A6BE9DDB550 16448208 ----a-w- C:\RECYCLER\S-1-5-21-3185998156-573555425-3388748354-1006\Dc66.exe
2015-01-11 18:42:53 F92CE6E6B3A0AB75E48D9A6BE9DDB550 16448208 ----a-w- C:\Documents and Settings\Dianne C. Greene\Desktop\mbar-1.08.2.1001.exe
2015-01-11 18:38:55 F92CE6E6B3A0AB75E48D9A6BE9DDB550 16448208 ----a-w- C:\RECYCLER\S-1-5-21-3185998156-573555425-3388748354-1006\Dc67.exe
2015-01-09 23:33:29 BA4E79B5A1287A0522A68C0BFF73EDCA 1115648 ----a-w- C:\Documents and Settings\Dianne C. Greene\Desktop\FRST.exe
2015-01-09 23:33:23 05EE8B7DE7067EC38D232FE84B5BE9C1 1115648 ----a-w- C:\Documents and Settings\Dianne C. Greene\Local Settings\Temporary Internet Files\Content.IE5\5N4Y95MY\FRST[2].exe
2015-01-09 23:04:39 05EE8B7DE7067EC38D232FE84B5BE9C1 1115648 ----a-w- C:\Documents and Settings\Dianne C. Greene\Local Settings\Temporary Internet Files\Content.IE5\5N4Y95MY\FRST[1].exe
2015-01-09 22:42:18 05EE8B7DE7067EC38D232FE84B5BE9C1 1115648 ----a-w- C:\Documents and Settings\Dianne C. Greene\Local Settings\Temporary Internet Files\Content.IE5\WMHDY8UH\FRST[1].exe
2015-01-09 22:35:08 05EE8B7DE7067EC38D232FE84B5BE9C1 1115648 ----a-w- C:\Documents and Settings\Dianne C. Greene\Local Settings\Temporary Internet Files\Content.IE5\5A1GK9P2\FRST[1].exe
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-3185998156-573555425-3388748354-1006\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"DellSystemDetect"="C:\Documents and Settings\Dianne C. Greene\Local Settings\Apps\2.0\T68XO419.TOJ\6EAW5B42.AOM\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe"
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe"
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
"HPHmon04"="C:\WINDOWS\system32\hphmon04.exe"
"HPHUPD04"="C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe"
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall"
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"DellSystemDetect"="C:\Documents and Settings\Dianne C. Greene\Local Settings\Apps\2.0\T68XO419.TOJ\6EAW5B42.AOM\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DVDLauncher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HostManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLSoftware"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\AOL\\1168037022\\ee\\AOLSoftware.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM Startup]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSScheduler]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MimBoot]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MMTray]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MsnMsgr]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RealTray]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\updateMgr]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Dianne C. Greene^Start Menu^Programs^Startup^TrueAssistant.lnk]
"path"="C:\\Documents and Settings\\Dianne C. Greene\\Start Menu\\Programs\\Startup\\TrueAssistant.lnk"
"backup"="C:\\WINDOWS\\pss\\TrueAssistant.lnkStartup"
"command"="C:\\PROGRA~1\\TRUEAS~1\\TRUEAS~1.EXE "
"item"="TrueAssistant"

==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job --a------ C:\Program Files\Windows Live Toolbar\MSNTBUP.exe [10/19/2007 11:20 AM]
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job --a------ C:\WINDOWS\system32\xp_eos.exe [02/25/2014 05:59 PM]
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job --a------ C:\WINDOWS\system32\xp_eos.exe [02/25/2014 05:59 PM]
==== Firefox Start and Search pages ======================
ProfilePath: C:\Documents and Settings\DIANNE~1.GRE\Application Data\Mozilla\Firefox\Profiles\youalgip.default
user_pref("browser.startup.homepage", "about:blank");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2" [01/12/2015 08:50 AM]
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Dianne C. Greene\Application Data\Mozilla\Firefox\Profiles\youalgip.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
8EF356DA145F60C3F11DF7EF03B97449 - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll - Adobe Acrobat
B6737AA36FCEDE7BF9388DE6701AE9CD - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 6.5
9ED81B731902191778517F2695D62BCF - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 6.5
A4BF90BA709310BF83954495310D0F38 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 6.5
37E215BB29D9FB8558E68CF1DEF5D13B - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 6.5
F1010BDE52CB7BC4D99CBC90C41058B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 6.5
A65D93ECA146EB7017EE8297A95011E0 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 6.5
BCDFF548F7D31A2BCF1CF98DA7EB5445 - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll - MetaStream 3 Plugin

==== IE Start and Search Settings ======================
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE"
"Default_Page_URL"="http://www.dell4me.com/myway"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Home_Page"="http://www.dell.com"
"Help_Page"="http://support.dell.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6035942D-8937-4C00-8B7B-09E975380F11}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC"
{6035942D-8937-4C00-8B7B-09E975380F11} Google Url="http://www.google.com/search?q={sea...ource}&ie={inputEncoding?}&oe={outputEncoding?}"
{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Norton Safe Search Url="http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis"
{b0441a0e-a49a-4e16-afc1-74ecced1921f} Ask Web Search Url="http://search.tb.ask.com/search/GGm...&n=780c9ed5&psa=&st=sb&searchfor={searchTerms}"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== After Reboot ======================
==== Deleting Files / Folders ======================
"C:\Documents and Settings\Dianne C. Greene\Application Data\Share-to-Web Upload Folder" deleted
==== EOF on Tue 01/13/2015 at 13:53:42.37 ======================+

 

[argus]

How's your computer behaving now?

 

[TheDaver]

How's your computer behaving now?

No change. Computer still runs slow. Takes forever to bring up IE and Outlook. Would Memcheck or Chkdsk show anything?

 

[argus]

Maybe it hardware problem, the system is clean.

 

[argus]

We'll run another test.

Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Follow the prompts and click Scan.
• When finished, please click Clean.
• Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.

 

[TheDaver]

If the system is clean, why are there 3 instances of dllhost.exe ? Also, where are you located?

 

[argus]

http://www.neuber.com/taskmanager/process/dllhost.exe.html

 

[argus]

FRST search

Once again we shall use FRST for additional checks. Re-run FRST/FRST64 the same way:

• Copy dllhost.exe into the Search: field in FRST then click the Search Files button.
• FRST will search your computer for files and when finished it will produce a log Search.txt in the same directory the tool is run.
• Please attach it to your reply.

 

[TheDaver]

FRST search

Once again we shall use FRST for additional checks. Re-run FRST/FRST64 the same way:

• Copy dllhost.exe into the Search: field in FRST then click the Search Files button.
• FRST will search your computer for files and when finished it will produce a log Search.txt in the same directory the tool is run.
• Please attach it to your reply.

I will run AdwCleaner and FRST again. Why would I run FRST64 is this is a 32 bit machine?

 

[argus]

x86 (32 bit machine)

 

[TheDaver]

Below find results of AdwCleaner:
# AdwCleaner v4.107 - Report created 14/01/2015 at 09:38:58
# Updated 07/01/2015 by Xplode
# Database : 2014-12-21.4 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Dianne C. Greene - DIANNE-DELL
# Running from : C:\Documents and Settings\Dianne C. Greene\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\AOL Toolbar
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Documents and Settings\Dianne C. Greene\Local Settings\Application Data\iac
Folder Deleted : C:\Documents and Settings\Dianne C. Greene\Application Data\Viewpoint
***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Key Deleted : HKCU\Software\MyWaySA
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\MyWaySA
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E7559288-223B-453C-9F06-340E3BE21E39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall Internet Explorer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E7559288-223B-453C-9F06-340E3BE21E39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MapsGalaxy_39bar Uninstall Internet Explorer
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v34.0.5 (x86 en-US)

*************************
AdwCleaner[R0].txt - [4412 octets] - [14/01/2015 09:19:00]
AdwCleaner[S0].txt - [4336 octets] - [14/01/2015 09:38:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4396 octets] ##########

 

[argus]

Search.txt ?

 

[TheDaver]

Search.txt ?

Below is FRST search:
Farbar Recovery Scan Tool (x86) Version: 14-01-2015 01
Ran by Dianne C. Greene at 2015-01-14 15:52:27
Running from C:\Documents and Settings\Dianne C. Greene\Desktop
Boot Mode: Normal
================== Search: "dllhost.exe" ===================
C:\WINDOWS\system32\dllhost.exe
[2004-08-10 10:50][2008-04-13 16:12] 0005120 ____A (Microsoft Corporation) 0a9ba6af531afe7fa5e4fb973852d863 [File is signed]
C:\WINDOWS\ServicePackFiles\i386\dllhost.exe
[2008-09-26 06:08][2008-04-13 16:12] 0005120 ____N (Microsoft Corporation) 0a9ba6af531afe7fa5e4fb973852d863 [File is signed]
C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe
[2008-10-15 06:22][2004-08-04 03:00] 0005120 ____C (Microsoft Corporation) dd87db7387b9eb441c5674888a0d840c [File is signed]
C:\i386\dllhost.exe
[2005-12-06 19:30][2004-08-04 03:00] 0005120 ____A (Microsoft Corporation) dd87db7387b9eb441c5674888a0d840c [File is signed]
=== End Of Search ===

 

[argus]

All clean.

How's your computer behaving now?

 

[TheDaver]

No change..sorry. From the FRST search, did you see the 3 or 4 instances of dllhost.exe?

 

[TheDaver]

No change..sorry. From the FRST search, did you see the 3 or 4 instances of dllhost.exe?

Do you have any new suggestions?
Have I sent you everything you need for analysis?

 

[TheDaver]

Argus: Have I been dismissed? I haven't heard from you in days.

 

[argus]

I have been busy. All clean, don't worry.

 

[TheDaver]

I have been busy. All clean, don't worry.

Do you have suggestions regarding future steps to take?

 

[argus]

How's your computer behaving now? CPU is normal?