Jump to content

kcshaklee99

Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

 Content Type 

Everything posted by kcshaklee99

  1. kcshaklee99
    It said no threats found when it finished and there was no report to run? Thanks
  2. kcshaklee99
    It is still freezing up. It hasn't today but yesterday it did it 3 times and I had to manually shut the computer off and restart it. If I open more than one window at a time or type to fast or anything it freezes up and has to be turned off by hoding down the on button. I try alt control delete and nothing works so I shut it down and turn it back on?
  3. kcshaklee99
    Hi Borislav, sorry, I posted yesterday that I re-ran adwcleaner and clicked the clean button and then I posted the log here but I must not have hit post or something because today it is gone. I re ran adwcleaner and hit clean and it finished. Jim
  4. kcshaklee99
    Hi here are the 4 reports: Junkware Removal Tool log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.4 (08.22.2013:1) OS: Windows Vista Home Basic x86 Ran by Admin on Mon 08/26/2013 at 10:33:56.28 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo ~~~ Files Successfully deleted: [File] "C:\Windows\system32\roboot.exe" ~~~ Folders Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\systweak" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Mon 08/26/2013 at 10:37:31.36 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner log # AdwCleaner v3.001 - Report created 26/08/2013 at 11:51:56 # Updated 24/08/2013 by Xplode # Operating System : Windows Vista Home Basic Service Pack 2 (32 bits) # Username : Admin - MIKES # Running from : C:\Users\Admin\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Windows\System32\Tasks\RegClean Pro_UPDATES ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro_UPDATES Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\RegClean Pro_UPDATES Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16502 -\\ Google Chrome v [ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1228 octets] - [26/08/2013 11:06:37] AdwCleaner[R1].txt - [1288 octets] - [26/08/2013 11:09:18] AdwCleaner[R2].txt - [1208 octets] - [26/08/2013 11:51:56] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1268 octets] ########## Malwarebytes' Anti-Malware log Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.26.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Admin :: MIKES [administrator] 8/26/2013 11:12:08 AM mbam-log-2013-08-26 (11-12-08).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 240704 Time elapsed: 9 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) RogueKiller log Mode : Scan -- Date : 08/26/2013 11:46:22 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] AdwCleaner.exe -- C:\Users\Admin\Desktop\AdwCleaner.exe [-] -> KILLED [TermProc] ¤¤¤ Registry Entries : 4 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 8 ¤¤¤ [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2181040529-65555768-2323870305-1001UA.job : C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2181040529-65555768-2323870305-1001Core.job : C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2181040529-65555768-2323870305-1000UA.job : C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2181040529-65555768-2323870305-1000Core.job : C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2181040529-65555768-2323870305-1000Core : C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2181040529-65555768-2323870305-1000UA : C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2181040529-65555768-2323870305-1001Core : C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2181040529-65555768-2323870305-1001UA : C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ -> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST316081 5AS SCSI Disk Device +++++ --- User --- [MBR] 70486eebc3406326d051c9c0c7ae891a [bSP] e4f1a3792e18a93ded96ab613143948a : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 10240 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21053440 | Size: 142306 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[0]_S_08262013_114622.txt >> Also ADWCleaner has a few boxes with checks that say KEY, am I supposed to click the button that says clean or anything :-) Rogue Killer also has boxes checked that say found. Do I need to do anything there or just close those 2 applications. Thanks
  5. kcshaklee99
    Hi here is the DDS file and the Attach file requested. Thanks for your help. Computer keeps freezing and have to manually shut down and also boots up and runs slow Jim DDS.txt DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.25.2 Run by Admin at 13:19:12 on 2013-08-20 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.958.338 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE C:\Windows\system32\rundll32.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe C:\Windows\system32\Taskmgr.exe C:\Users\Admin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer provided by Dell BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - c:\program files\internet explorer\iedvtool.dll mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [Conime] c:\windows\system32\conime.exe mRun: [EKStatusMonitor] c:\program files\kodak\aio\statusmonitor\EKStatusMonitor.exe mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup StartupFolder: c:\users\admin\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\admin\appdata\roaming\dropbox\bin\Dropbox.exe mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 192.168.1.1 TCP: Interfaces\{B6505625-388A-475D-A00E-1F8CFAAF8CE6} : DHCPNameServer = 192.168.1.1 LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-7-16 49376] R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-7-16 175176] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-10 770344] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-10 369584] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-10 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-12-10 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-10 46808] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-9 21504] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\EKAiOHostService.exe [2013-3-15 395640] R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files\kodak\aio\statusmonitor\EKPrinterSDK.exe [2013-1-15 780152] R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2013-8-14 167424] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-6-10 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2012-12-7 23040] . =============== Created Last 30 ================ . 2013-08-15 22:55:53 -------- d-----w- c:\users\admin\appdata\roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2013-08-15 20:50:40 -------- d-----w- c:\users\admin\appdata\local\Htc 2013-08-15 20:47:58 -------- d-----w- c:\users\admin\appdata\roaming\HTC 2013-08-15 00:59:28 -------- d-----w- c:\users\admin\appdata\local\Downloaded Installations 2013-08-15 00:57:36 -------- d-----w- c:\program files\Spirent Communications 2013-08-15 00:54:28 -------- d-----w- c:\program files\HTC 2013-08-14 20:34:00 867240 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-08-14 20:33:31 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-08-14 20:18:41 783360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-08-14 20:18:38 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-14 20:18:38 15872 ----a-w- c:\windows\system32\icaapi.dll 2013-08-14 20:18:35 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-08-14 20:18:22 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-14 20:17:09 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-14 20:17:03 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-14 20:17:01 1205168 ----a-w- c:\windows\system32\ntdll.dll 2013-08-14 20:16:22 992768 ----a-w- c:\windows\system32\crypt32.dll 2013-08-14 20:16:21 172544 ----a-w- c:\windows\system32\wintrust.dll 2013-08-14 20:16:21 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-14 20:16:17 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-13 23:52:04 499712 ----a-w- c:\windows\iwexec.exe 2013-08-13 23:51:59 -------- d-----w- C:\tcConference 2013-08-13 22:02:42 789416 ----a-w- c:\windows\system32\deployJava1.dll 2013-08-06 21:33:15 -------- d-----w- c:\windows\system32\MRT 2013-07-31 20:59:21 -------- d-----w- c:\users\admin\appdata\local\Protexis 2013-07-31 20:28:37 -------- d-----w- c:\program files\NT Registry Optimizer 2013-07-25 21:35:44 -------- d-----r- c:\users\admin\Dropbox 2013-07-25 21:32:00 -------- d-----w- c:\program files\Dropbox 2013-07-25 21:28:42 -------- d-----w- c:\users\admin\appdata\roaming\Dropbox 2013-07-25 20:18:54 -------- d-----w- c:\users\admin\appdata\local\Apps 2013-07-25 20:18:53 -------- d-----w- c:\users\admin\appdata\local\Deployment 2013-07-25 20:11:59 -------- d-----w- c:\users\admin\appdata\local\Yahoo 2013-07-24 21:28:20 -------- d-----w- c:\programdata\Visan 2013-07-24 21:28:20 -------- d-----w- c:\programdata\PrintProjects 2013-07-24 21:28:20 -------- d-----w- c:\program files\PrintProjects 2013-07-24 21:26:57 -------- d-----w- c:\users\admin\appdata\local\Eastman_Kodak_Company 2013-07-24 21:23:32 -------- d-----w- c:\users\admin\appdata\local\Eastman Kodak Company 2013-07-24 21:04:17 36352 ----a-w- c:\users\admin\appdata\roaming\PnPutil.exe 2013-07-24 21:04:16 800824 ----a-w- c:\users\admin\appdata\roaming\DPInst.exe 2013-07-24 21:04:15 106496 ----a-w- c:\users\admin\appdata\roaming\gacutil.exe 2013-07-24 19:18:57 -------- d-----w- c:\windows\pss 2013-07-24 01:57:53 -------- d-----w- c:\users\admin\{341e4644-391a-4eaf-8f5c-ee48c8c83c7c} 2013-07-24 01:55:21 -------- d-----w- c:\program files\Kodak 2013-07-24 01:53:21 -------- d-----w- c:\users\admin\appdata\roaming\Temp 2013-07-23 23:01:39 7143960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a329a9a8-7029-4856-a3a4-40dd969c5b7a}\mpengine.dll . ==================== Find3M ==================== . 2013-08-07 19:39:56 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-08-07 19:39:55 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-07-25 02:32:35 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-07-25 02:26:10 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-07-25 02:25:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-07-25 02:23:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-07-25 02:23:58 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-07-25 02:22:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-07-17 22:28:30 4096000 ----a-w- c:\program files\GUT27BC.tmp 2013-07-17 00:10:11 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-07-17 00:10:10 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-04 01:50:43 2049024 ----a-w- c:\windows\system32\win32k.sys 2013-06-01 04:06:08 505344 ----a-w- c:\windows\system32\qedit.dll 2012-09-19 23:05:56 4096000 ----a-w- c:\program files\GUTDB42.tmp . ============= FINISH: 13:21:17.65 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Basic Boot Device: \Device\HarddiskVolume3 Install Date: 7/19/2007 12:47:37 AM System Uptime: 8/20/2013 12:30:34 PM (1 hours ago) . Motherboard: Dell Inc. | | 0RY206 Processor: AMD Sempron™ Processor 3600+ | Socket AM2 | 2009/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 139 GiB total, 84.939 GiB free. D: is FIXED (NTFS) - 10 GiB total, 4.52 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe AIR Adobe Download Manager Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.7) aioscnnr avast! Free Antivirus CCleaner CDDRV_Installer center Conexant D850 PCI V.92 Modem Corel Paint Shop Pro Photo XI Corel Snapfire Plus Dell DataSafe Online Dell Support Center Dell System Customization Wizard DellSupport Digital Line Detect Dropbox essentials Games, Music, & Photos Launcher Google Talk Plugin Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Deskjet 3520 series Basic Device Software HP Photo Creations HTC BMP USB Driver HTC Driver Installer HTC Sync IPTInstaller Java 7 Update 25 Java Auto Updater KhalSetup Kodak AIO Printer KODAK AiO Software Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Modem Diagnostic Tool MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) NetWaiting NTREGOPT 1.1j NVIDIA Drivers NVIDIANetworkDiagnostic ocr PowerDVD PreReq PrintProjects Product Documentation Launcher QualxServ Service Agreement Realtek High Definition Audio Driver Roxio Creator Audio Roxio Creator BDAV Plugin Roxio Creator Copy Roxio Creator Data Roxio Creator DE Roxio Creator Tools Roxio Express Labeler Roxio MyDVD DE Roxio Update Manager Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition SetPoint Sonic Activation Module Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) URL Assistant User's Guides . ==== End Of File ===========================
  6. kcshaklee99
    Computer freezes for long periods of time randomly and boots up and runs real slow. I've done a little cleaning and ran a registry program that a computer guy helped me with and it has helped a little. is it possible that my Avast or malwarebytes let something thru and should I also have a spyware program like spybot on here? Thanks for your help.
  7. kcshaklee99
    Hi LT, I finally got the IE 8 completly removed and it soesn't seem to be having that problem anymore. I will keep it open for a bit and see if it does it anymore. Is it safe to re-install 8. Also I have a system with Windows 2000 ME edition which unfortunatly sucks but, do you know of any free virus protectors for that version and also I'm having a hard time removing AVG from it. Is it hard to remove programs from the registry? Thanks for your help and have a great day
  8. kcshaklee99
    When I try to open internet explorer now it says Internet Explorer has encountered an error and must close, do you want to send a report. As it closes a little popup comes up that says welcome to Internet explorer 8?
  9. kcshaklee99
    OK, it was not easy, when I would remove it would error to DOS and say Bad_Pooler_Call or Bad_caller_Pool? So I went into safe mode and removed it the way you said and it worked. Was I also supposed to remove all the Security and other updates for Explorer 8 cause I think I need to do each one individually. I don't want to delete with out you telling me and I don't want to re install IE 8 till you say. Thanks
  10. kcshaklee99
    I've been using Mozilla firefox since this happened and it's not happening so I do beleive its an IE problem :-)
  11. kcshaklee99
    Yes sorry, Been away from the computer. Last night I opened IE without the addons thru the accessories like you said. It was better but it was still happening. I have screen shots that show Avast blocking the URLS I can post those if that helps. It shows where it is and what it is? Also since this has been happening, the popup that says your browsing session closed unexpectantly would you like to re open it? I think it's related because I close my sessions out and also it happens at random times when I haven't even been browsing the Internet. Hope this helps and let me know if you would like to see the screen shots and what I should do next. JC
  12. kcshaklee99
    Hi Larry Tate, here is the DDS.txt log as you requested.. Thanks . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21 Run by Jim at 20:49:24 on 2012-07-30 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.144 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe C:\Program Files\Java\jre6\bin\jqs.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\eHome\ehmsas.exe C:\Documents and Settings\Jim\Application Data\Dropbox\bin\Dropbox.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\program files\real\realplayer\update\realsched.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\mspaint.exe C:\WINDOWS\notepad.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - No File BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "c:\documents and settings\jim\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [Epson Stylus NX430(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatihba.exe /fu "c:\docume~1\jim\locals~1\temp\E_S1BF.tmp" /EF "HKCU" uRun: [EPSON NX430 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatihba.exe /fu "c:\docume~1\jim\locals~1\temp\E_S1BD.tmp" /EF "HKCU" uRun: [X-Lite 4] "c:\program files\counterpath\x-lite 4\X-Lite4.exe" -bootload mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [dlccmon.exe] "c:\program files\dell photo aio printer 924\dlccmon.exe" mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe" mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k dRunOnce: [RunNarrator] Narrator.exe StartupFolder: c:\docume~1\jim\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\jim\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://pcpitstop.com/pcpitstop/PCPitStop.CAB DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cab DPF: {6F750202-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab DPF: {72C9EA8F-8965-40C2-ABAD-D460A5815F86} - hxxp://host-d.oddcast.com/hostClientIE.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{DD55D7CB-82EE-4173-AC5C-3195D0396A83} : DhcpNameServer = 192.168.1.1 Handler: junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - c:\program files\juno\bin\jmsgpph.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: igfxcui - igfxdev.dll Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\jim\application data\mozilla\firefox\profiles\ymdty76c.default\ FF - prefs.js: browser.startup.homepage - google.com FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\documents and settings\jim\application data\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\jim\application data\mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: c:\documents and settings\jim\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\ksolo\npAVX.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-6 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-2-22 353688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-22 21256] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-2-22 44808] R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-7-30 40776] S2 Ca50xav;Digital Blue DMC2 Video Device;c:\windows\system32\drivers\Ca50xav.sys [2006-6-27 508304] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-7-29 113120] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-07-31 00:05:48 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-07-30 00:51:11 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-07-15 07:54:02 -------- d-----w- c:\windows\system32\wbem\repository\FS 2012-07-15 07:54:02 -------- d-----w- c:\windows\system32\wbem\Repository . ==================== Find3M ==================== . 2012-07-03 20:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-03 16:21:53 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21:32 41224 ----a-w- c:\windows\avastSS.scr 2012-06-27 17:21:20 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-27 17:21:20 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll 2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 22:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 22:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 22:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 22:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 22:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 22:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 22:18:58 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 22:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08:26 916992 ------w- c:\windows\system32\wininet.dll 2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec 2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys . ============= FINISH: 20:57:05.09 ===============
  13. kcshaklee99
    Hi and thanks for your help, Here is the log from Malewarebytes.. Now downloading DDS.. Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.30.11 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Jim :: FAMILY_DESKTOP [administrator] 7/30/2012 5:06:42 PM mbam-log-2012-07-30 (17-06-42).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 255042 Time elapsed: 1 hour(s), 5 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  14. kcshaklee99
    I think my Internet Explorer 8 has been Hi-Jacked. My Avast Anti-virus keeps popping up that it blocked a suspicious URL-Website. I've been using Mozilla and Safari and it doesn't happen with those. I've run Maleware bytes, CC Cleaner and my avast scans and it's still happining Can you help? Thanks, Jim James Cass
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.