MissElaine12 Posted August 31, 2012 ID:592141 Share Posted August 31, 2012 My computer is slow and grinding alot. I'd appreciate any assistance.I have the reports for a Malwarebytes scan and DDS.Thank you. Link to post Share on other sites More sharing options...
MrCharlie Posted August 31, 2012 ID:592143 Share Posted August 31, 2012 Welcome to the forum, please start at the link below:http://forums.malwar...?showtopic=9573Post back the 2 logs here.....DDS.txt and Attach.txt<====><====><====><====><====><====><====><====>Next.......Please remove any usb or external drives from the computer before you run this scan!Please download and run RogueKiller to your desktop.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.Click Scan to scan the system. When the scan completes > Close out the program > Don't Fix anything!Don't run any other options, they're not all bad!!!!!!!Post back the report which should be located on your desktop.MrC Link to post Share on other sites More sharing options...
MissElaine12 Posted August 31, 2012 Author ID:592145 Share Posted August 31, 2012 Thanks for your response, MrC. Below are dds and attach. I hope posting them is what you wanted me to do. If not, please redirect me..DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_30Run by Elaine Moore at 11:29:13 on 2012-08-31Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1534.819 [GMT -7:00].AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}.============== Running Processes ===============.C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exec:\Program Files\Microsoft Security Client\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\acs.exeC:\WINDOWS\Explorer.EXEsvchost.exeC:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\WINDOWS\system32\svchost.exe -k HPServiceC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\ehome\ehtray.exeC:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\stsystra.exeC:\Program Files\Intel\Modem Event Monitor\IntelMEM.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exesvchost.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\DellSupport\DSAgnt.exeC:\Program Files\Microsoft Office\Office14\MSOSYNC.EXEC:\WINDOWS\eHome\ehmsas.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exeC:\Program Files\Windows Desktop Search\WindowsSearch.exeC:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\AthServer.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\HP\Digital Imaging\bin\hpqbam08.exeC:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exeC:\WINDOWS\notepad.exeC:\WINDOWS\system32\SearchProtocolHost.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.yahoo.com/uSearch Page = hxxp://www.google.com/hws/sb/dell/en/side.htmluSearch Bar = hxxp://www.google.com/hws/sb/dell/en/side.htmluDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=enuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Settings,ProxyOverride = <local>;*.localmSearchAssistant = hxxp://www.google.com/hws/sb/dell/en/side.htmlBHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dllBHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllBHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dllTB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileEB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dlluRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgrounduRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startupuRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenteruRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"mRun: [ehTray] c:\windows\ehome\ehtray.exemRun: [sigmatelSysTrayApp] stsystra.exemRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exemRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startupmRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -startmRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exemRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCentermRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServicesmRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [<NO NAME>]mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkeymRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [Garmin Lifetime Updater] c:\program files\garmin\lifetime updater\GarminLifetime.exe /StartMinimizeddRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -tStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tp-lin~1.lnk - c:\program files\tp-link\tp-link wireless configuration utility\TWCU.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exeIE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLLIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dllDPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} - hxxp://www.networkcamerareviews.com/downloads/cab/DVatDec.cabDPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cabDPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cabDPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cabDPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.evite.com/html/imageUpload/ImageUploader5.cabDPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346286314794DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cabDPF: {85BA505F-FD01-4A91-836C-F7D502E89C9A} - hxxp://www.evite.com/html/imageUpload/ImageUploader4.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cabDPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://crucial.com/controls/cpcScanner.cabDPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://bigwatersedge.axiscam.net/activex/AMC.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: DhcpNameServer = 209.18.47.61 209.18.47.62TCP: Interfaces\{9AD0B609-24CC-4A53-9778-BBEB9AACCB06} : DhcpNameServer = 209.18.47.61 209.18.47.62SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office14\GROOVEEX.DLLSEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dllHosts: 205.238.40.1 winmx.com.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\elaine lance\application data\mozilla\firefox\profiles\k819aebi.default\FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=FF - prefs.js: network.proxy.type - 0FF - plugin: c:\documents and settings\elaine lance\application data\mozilla\firefox\profiles\k819aebi.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dllFF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLLFF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLLFF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dllFF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064]R1 MpKsl4dbad353;MpKsl4dbad353;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3db0412c-4223-4e7a-a2ec-03db439e516c}\MpKsl4dbad353.sys [2012-8-31 29904]R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [2011-12-21 1756384]R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [2011-12-21 57440]R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 gupdate1c9b8aee91e1c52;Google Update Service (gupdate1c9b8aee91e1c52);c:\program files\google\update\GoogleUpdate.exe [2009-4-8 133104]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 250568]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-4-8 133104]S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\tp-link\tp-link wireless configuration utility\wps\jswpsapi.exe [2011-12-21 360529]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 114144]S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2005-8-16 14336].=============== Created Last 30 ================.2012-08-31 18:19:15 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3db0412c-4223-4e7a-a2ec-03db439e516c}\MpKsl4dbad353.sys2012-08-31 01:02:35 7022536 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3db0412c-4223-4e7a-a2ec-03db439e516c}\mpengine.dll2012-08-30 01:23:18 7022536 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll2012-08-29 14:59:58 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll.==================== Find3M ====================.2012-08-25 13:50:00 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-08-25 13:49:59 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-07-03 20:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec2012-06-06 15:49:52 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll2012-06-05 00:35:26 222448 ----a-w- c:\windows\system32\muweb.dll2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll2012-06-02 22:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui2012-06-02 22:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl2012-06-02 22:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui2012-06-02 22:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui2012-06-02 22:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui2012-06-02 22:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll2012-06-02 22:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui.============= FINISH: 11:29:33.20 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume2Install Date: 2/6/2006 9:01:08 PMSystem Uptime: 8/31/2012 7:44:27 AM (4 hours ago).Motherboard: Dell Inc. | | 0WG261Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 70 GiB total, 12.66 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: Officejet 4500 G510n-zDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: HPName: Officejet 4500 G510n-zPNP Device ID: ROOT\MULTIFUNCTION\0000Service:.==== System Restore Points ===================.RP2597: 8/19/2012 10:08:03 AM - System CheckpointRP2598: 8/19/2012 6:25:27 PM - Software Distribution Service 3.0RP2599: 8/20/2012 5:36:46 PM - Software Distribution Service 3.0RP2600: 8/21/2012 5:45:38 PM - Software Distribution Service 3.0RP2601: 8/22/2012 5:34:43 PM - Software Distribution Service 3.0RP2602: 8/23/2012 5:35:22 PM - System CheckpointRP2603: 8/23/2012 6:19:44 PM - Software Distribution Service 3.0RP2604: 8/24/2012 6:07:30 PM - Software Distribution Service 3.0RP2605: 8/25/2012 6:13:12 PM - Software Distribution Service 3.0RP2606: 8/26/2012 5:55:24 PM - Software Distribution Service 3.0RP2607: 8/27/2012 5:49:42 PM - Software Distribution Service 3.0RP2608: 8/28/2012 6:15:47 PM - Software Distribution Service 3.0RP2609: 8/29/2012 5:51:27 PM - Software Distribution Service 3.0RP2610: 8/29/2012 6:23:01 PM - Software Distribution Service 3.0RP2611: 8/30/2012 6:02:32 PM - Software Distribution Service 3.0.==== Installed Programs ======================.32 Bit HP CIO Components Installer4500_G510nz_Help4500G510nz4500G510nz_Software_MinAcrobat.comAdobe AIRAdobe Atmosphere Player for Acrobat and Adobe ReaderAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Photoshop Elements 2.0Adobe Photoshop Elements 7.0Adobe Photoshop.com Inspiration BrowserAdobe Reader X (10.1.4)AOLIconApple Application SupportApple Mobile Device SupportApple Software UpdateATI Control PanelATI Display DriverAXIS Media Control EmbeddedBonjourBufferChmCCleanerCreative Mass Storage DriversCreative System InformationCreative Zen Nano PlusCritical Update for Windows Media Player 11 (KB959772)Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDefragglerDell Digital Jukebox DriverDell Driver Reset ToolDell Game ConsoleDell Support Center (Support Software)Dell System RestoreDellSupportDestinationsDeviceDiscoveryDigital Content PortalDocProcEducateUELIconESET Online Scanner v3FaxGarmin Lifetime UpdaterGoogle EarthGoogle Update HelperGPBaseService2Hewlett-Packard ACLM.NET v1.1.0.0High Definition Audio Driver Package - KB835221Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Internet Explorer 7 (KB947864)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 10 (KB903157)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB915800-v4)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)HP Customer Participation Program 13.0HP Imaging Device Functions 13.0HP Officejet 4500 G510n-zHP Product DetectionHP Smart Web Printing 4.5HP Solution Center 13.0HP UpdateHPDiagnosticAlertHPProductAssistantIntel® 537EP V9x DF PCI ModemIntel® PRO Network Connections DriversIntel® PROSet for Wired ConnectionsJava Auto UpdaterJava 6 Update 30Malwarebytes Anti-Malware version 1.62.0.1300MarketResearchMicrosoft .NET Framework 1.0 Hotfix (KB2572066)Microsoft .NET Framework 1.0 Hotfix (KB2604042)Microsoft .NET Framework 1.0 Hotfix (KB2656378)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.0 Hotfix (KB979904)Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2656353)Microsoft .NET Framework 1.1 Security Update (KB2656370)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Base Smart Card Cryptographic Service Provider PackageMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Expression WebMicrosoft Expression Web MUI (English)Microsoft Expression Web Service Pack 1 (SP1)Microsoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office FrontPage 2003Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2007Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2007Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2007Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2007Microsoft Office Proofing (English) 2010Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared MUI (English) 2007Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)Microsoft Office Word MUI (English) 2010Microsoft Plus! Digital Media Edition InstallerMicrosoft Plus! Photo Story 2 LEMicrosoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft Software Update for Web Folders (English) 12Microsoft Software Update for Web Folders (English) 14Microsoft User-Mode Driver Framework Feature Pack 1.0Modem Event MonitorModem HelperModem On HoldMozilla Firefox 15.0 (x86 en-US)Mozilla Maintenance ServiceMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 6.0 Parser (KB933579)NetworkOCR Software by I.R.I.S. 13.0OverDrive Media ConsolePhotoshopdotcomInspirationBrowserPolar BowlerQuickTimeScanSecurity Update for 2007 Microsoft Office System (KB2288621)Security Update for 2007 Microsoft Office System (KB2553089)Security Update for 2007 Microsoft Office System (KB2553090)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596615) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596856) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596880) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687441) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553260) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589322) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589337) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2597986) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit EditionSecurity Update for Microsoft SharePoint Workspace 2010 (KB2566445)Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit EditionSecurity Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 7 (KB928090)Security Update for Windows Internet Explorer 7 (KB929969)Security Update for Windows Internet Explorer 7 (KB931768)Security Update for Windows Internet Explorer 7 (KB933566)Security Update for Windows Internet Explorer 7 (KB937143)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security Update for Windows Internet Explorer 7 (KB942615)Security Update for Windows Internet Explorer 7 (KB944533)Security Update for Windows Internet Explorer 7 (KB950759)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 8 (KB2183461)Security Update for Windows Internet Explorer 8 (KB2360131)Security Update for Windows Internet Explorer 8 (KB2416400)Security Update for Windows Internet Explorer 8 (KB2482017)Security Update for Windows Internet Explorer 8 (KB2497640)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2530548)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2559049)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB2647516)Security Update for Windows Internet Explorer 8 (KB2675157)Security Update for Windows Internet Explorer 8 (KB2699988)Security Update for Windows Internet Explorer 8 (KB2722913)Security Update for Windows Internet Explorer 8 (KB969897)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB972260)Security Update for Windows Internet Explorer 8 (KB974455)Security Update for Windows Internet Explorer 8 (KB976325)Security Update for Windows Internet Explorer 8 (KB978207)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB911565)Security Update for Windows Media Player 10 (KB917734)Security Update for Windows Media Player 11 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows Search 4 - KB963093Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2491683)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2621440)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2633171)Security Update for Windows XP (KB2639417)Security Update for Windows XP (KB2641653)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB2647518)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2655992)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2660465)Security Update for Windows XP (KB2661637)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2685939)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2691442)Security Update for Windows XP (KB2695962)Security Update for Windows XP (KB2698365)Security Update for Windows XP (KB2705219)Security Update for Windows XP (KB2707511)Security Update for Windows XP (KB2709162)Security Update for Windows XP (KB2712808)Security Update for Windows XP (KB2718523)Security Update for Windows XP (KB2719985)Security Update for Windows XP (KB2723135)Security Update for Windows XP (KB2731847)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB938464-v2)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951376)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)SmartWebPrintingSolutionCenterSonic EncodersSonic RecordNow CopySpelling Dictionaries Support For Adobe Reader 9StatusTL-WN822N DriverToolboxTP-LINK Wireless Configuration UtilityTrayAppUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 System (KB2539530)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553270) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598289) 32-Bit EditionUpdate for Microsoft Office Script Editor Help (KB963671)Update for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2589345) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2553248) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft Windows (KB971513)Update for Windows Internet Explorer 8 (KB2447568)Update for Windows Internet Explorer 8 (KB971930)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Internet Explorer 8 (KB976749)Update for Windows Internet Explorer 8 (KB980182)Update for Windows Media Player 10 (KB910393)Update for Windows Media Player 10 (KB913800)Update for Windows Media Player 10 (KB926251)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2492386)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676)Update for Windows XP (KB2641690)Update for Windows XP (KB2718704)Update for Windows XP (KB951072-v2)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Update Rollup 2 for Windows XP Media Center Edition 2005WebCyberCoach 3.2 DellWebFldrs XPWebRegWildTangent Web DriverWindows Genuine Advantage Notifications (KB905474)Windows Genuine Advantage Validation Tool (KB892130)Windows Imaging ComponentWindows Internet Explorer 7Windows Internet Explorer 8Windows Management Framework CoreWindows Media Format 11 runtimeWindows Media Player 10Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]Windows Media Player 11Windows Presentation FoundationWindows Search 4.0Windows XP Media Center Edition 2005 KB2502898Windows XP Media Center Edition 2005 KB2619340Windows XP Media Center Edition 2005 KB2628259Windows XP Media Center Edition 2005 KB908246Windows XP Media Center Edition 2005 KB925766Windows XP Media Center Edition 2005 KB973768Windows XP Service Pack 3XML Paper Specification Shared Components Pack 1.0.==== Event Viewer Messages From Past Week ========.8/31/2012 7:31:45 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address F8D11162C3F7. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.8/29/2012 5:55:10 PM, error: Service Control Manager [7034] - The TP-LINK Configuration Service service terminated unexpectedly. It has done this 1 time(s).8/29/2012 5:37:39 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service ntmssvc with arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983}8/27/2012 7:21:02 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE.==== End Of File =========================== Link to post Share on other sites More sharing options...
MrCharlie Posted August 31, 2012 ID:592147 Share Posted August 31, 2012 I need to see the log from RogueKiller....MrC Link to post Share on other sites More sharing options...
MissElaine12 Posted August 31, 2012 Author ID:592152 Share Posted August 31, 2012 RogueKiller V8.0.2 [08/31/2012] by Tigzymail: tigzyRK<at>gmail<dot>comFeedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/Blog: http://tigzyrk.blogspot.comOperating System: Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser : Elaine Moore [Admin rights]Mode : Scan -- Date : 08/31/2012 12:29:16¤¤¤ Bad processes : 1 ¤¤¤¤¤¤ Registry Entries : 2 ¤¤¤[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\WINDOWS\system32\drivers\etc\hosts127.0.0.1 localhost205.238.40.1 winmx.com¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: ST380819AS +++++--- User ---[MBR] cdbee0871117f94324fdc3ae7fdb05bc[bSP] 3efdd157322bc54deb4f0f8435ac64f6 : MBR Code unknownPartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 71476 Mo2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 146496735 | Size: 4753 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1].txt >>RKreport[1].txt Link to post Share on other sites More sharing options...
MrCharlie Posted August 31, 2012 ID:592181 Share Posted August 31, 2012 Run RogueKiller again and click ScanWhen the scan completes > click on the Registry tabPut a check next to all of these and uncheck the rest: (if found)[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUNDNow click Delete on the right hand column under Options~~~~~~~~~~~~~~~~~~~~~~There's not much showing but lets run some scans.......Please make sure system restore is running and create a new restore point before continuing.XP <===> Vista & W7Please read the directions carefully so you don't end up deleting something that is good!!Please download and run TDSSKiller to your desktop as outlined below:Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.-------------------------Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.------------------------Click the Start Scan button.-----------------------If a suspicious object is detected, the default action will be Skip, click on ContinueIf you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on Continue----------------------If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.--------------------A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.-------------------Here's a summary of what to do if you would like to print it out:If a suspicious object is detected, the default action will be Skip, click on ContinueIf you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on ContinueIf malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.MrC Link to post Share on other sites More sharing options...
MissElaine12 Posted August 31, 2012 Author ID:592220 Share Posted August 31, 2012 The zipped TDSS report is attached.TDSSKiller.2.8.8.0_31.08.2012_14.39.33_log.zip Link to post Share on other sites More sharing options...
MrCharlie Posted September 1, 2012 ID:592280 Share Posted September 1, 2012 That scan was clean...........Please download and run ComboFix.The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.Please visit this webpage for download links, and instructions for running ComboFixhttp://www.bleepingcomputer.com/combofix/how-to-use-combofixEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Information on disabling your malware programs can be found Here.Make sure you run ComboFix from your desktop. Give it at least 30-45 minutes to finish if needed.Please include the C:\ComboFix.txt in your next reply for further review.---------->NOTE<----------If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrC Link to post Share on other sites More sharing options...
MissElaine12 Posted September 1, 2012 Author ID:592319 Share Posted September 1, 2012 ComboFix 12-08-31.08 - Elaine Moore 08/31/2012 18:46:13.1.2 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1534.799 [GMT -7:00]Running from: c:\documents and settings\Elaine Lance\My Documents\Downloads\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\documents and settings\All Users\Application Data\arclib.dllc:\documents and settings\All Users\Documents\~WRL0003.tmpc:\documents and settings\All Users\Documents\~WRL1973.tmpc:\documents and settings\All Users\Documents\~WRL2538.tmpc:\documents and settings\All Users\Documents\~WRL2775.tmpc:\documents and settings\Elaine Lance\Local Settings\Application Data\{C7BA3DA9-B502-43F6-BCF8-A37995FBD880}c:\documents and settings\Elaine Lance\Local Settings\Application Data\{C7BA3DA9-B502-43F6-BCF8-A37995FBD880}\chrome.manifestc:\documents and settings\Elaine Lance\Local Settings\Application Data\{C7BA3DA9-B502-43F6-BCF8-A37995FBD880}\chrome\content\overlay.xulc:\documents and settings\Elaine Lance\Local Settings\Application Data\{C7BA3DA9-B502-43F6-BCF8-A37995FBD880}\install.rdfc:\documents and settings\Elaine Lance\My Documents\~WRL0001.tmpc:\windows\system32\URTTempc:\windows\system32\URTTemp\fusion.dllc:\windows\system32\URTTemp\mscoree.dllc:\windows\system32\URTTemp\mscoree.dll.localc:\windows\system32\URTTemp\mscorsn.dllc:\windows\system32\URTTemp\mscorwks.dllc:\windows\system32\URTTemp\msvcr71.dllc:\windows\system32\URTTemp\regtlib.exec:\windows\unicows.1c:\windows\wtc:\windows\wt\data.wtsc:\windows\wt\updater\wcmdmgr.exec:\windows\wt\updater\wcmdmgrl.exec:\windows\wt\updater\wt.inic:\windows\wt\webdriver.dllc:\windows\wt\webdriver\4.1.1\actorobject.dllc:\windows\wt\webdriver\4.1.1\dx5drv.dllc:\windows\wt\webdriver\4.1.1\dx7drv.dllc:\windows\wt\webdriver\4.1.1\objectbundle.dllc:\windows\wt\webdriver\4.1.1\sound.dllc:\windows\wt\webdriver\4.1.1\wdcaps.dedc:\windows\wt\webdriver\4.1.1\wdengine.dllc:\windows\wt\webdriver\4.1.1\webdriver.dllc:\windows\wt\webdriver\4.1.1\wthost.exec:\windows\wt\webdriver\4.1.1\wthostctl.dllc:\windows\wt\webdriver\4.1.1\wtmulti.dllc:\windows\wt\webdriver\4.1.1\wtmulti.jarc:\windows\wt\webdriver\4.1.1\wtwmplug.axc:\windows\wt\webdriver\4.1.1\wtwmplug.inic:\windows\wt\webdriver\export.datc:\windows\wt\webdriver\jdriver.dllc:\windows\wt\webdriver\rdriver.dllc:\windows\wt\webdriver\wildtangent.jarc:\windows\wt\webdriver\wtdmmp.dllc:\windows\wt\webdriver\wtdmmpi.jarc:\windows\wt\webdriver\wtdmmpv.dllc:\windows\wt\wt3d.dllc:\windows\wt\wt3d.inic:\windows\wt\wtupdates\dmmp\3.0.2.000\files\controlPanel\index.htmlc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\update_info\data.wtsc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmp.dllc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpi.jarc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpv.dllc:\windows\wt\wtupdates\dmmp\3.0.2.000\install\dmmp.cdanfoc:\windows\wt\wtupdates\dmmp\3.0.2.000\install\DMMP_Uninstall.cdasc:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.htmlc:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dllc:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jarc:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dllc:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dllc:\windows\wt\wtupdates\DRM\3.2.0.19\files\wt.stoc:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfoc:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdasc:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dllc:\windows\wt\wtupdates\webd\4.1.1\files\controlpanel\index.htmlc:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dllc:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dllc:\windows\wt\wtupdates\webd\4.1.1\files\jdriver.dllc:\windows\wt\wtupdates\webd\4.1.1\files\legacy\data.wtsc:\windows\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dllc:\windows\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dllc:\windows\wt\wtupdates\webd\4.1.1\files\npWTHost.dllc:\windows\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xptc:\windows\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dllc:\windows\wt\wtupdates\webd\4.1.1\files\rdriver.dllc:\windows\wt\wtupdates\webd\4.1.1\files\Sound.dllc:\windows\wt\wtupdates\webd\4.1.1\files\update_info\data.wtsc:\windows\wt\wtupdates\webd\4.1.1\files\wdcaps.dedc:\windows\wt\wtupdates\webd\4.1.1\files\wdengine.dllc:\windows\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfoc:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdasc:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdasc:\windows\wt\wtupdates\webd\4.1.1\files\webdriver.dllc:\windows\wt\wtupdates\webd\4.1.1\files\wildtangent.jarc:\windows\wt\wtupdates\webd\4.1.1\files\wt3d.inic:\windows\wt\wtupdates\webd\4.1.1\files\WTHost.exec:\windows\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dllc:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.dllc:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.jarc:\windows\wt\wtupdates\webd\4.1.1\files\wtvh.dllc:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.axc:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.inic:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfoc:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdasc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\controlpanel\index.htmlc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl.cdanfoc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl_Uninstall.cdasc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\WireControl.dllc:\windows\wt\wtupdates\WireControl\1.1.0.23\files\controlpanel\index.htmlc:\windows\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl.cdanfoc:\windows\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl_Uninstall.cdasc:\windows\wt\wtupdates\WireControl\1.1.0.23\files\WireControl.dllc:\windows\wt\wtupdates\wtdmmp\update_info\data.wtsc:\windows\wt\wtupdates\wtupdater\appinfo.datc:\windows\wt\wtupdates\wtwebdriver\update_info\data.wtsc:\windows\wt\wtvh.dll..((((((((((((((((((((((((( Files Created from 2012-08-01 to 2012-09-01 )))))))))))))))))))))))))))))))..2012-09-01 01:25 . 2012-09-01 01:25 304 ----a-w- C:\user.js2012-09-01 01:24 . 2012-09-01 01:24 -------- d-----w- c:\program files\BabylonToolbar2012-09-01 01:22 . 2012-09-01 01:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon2012-09-01 01:22 . 2012-09-01 01:22 -------- d-----w- c:\documents and settings\Elaine Lance\Application Data\Babylon2012-09-01 00:59 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{28FEA074-809E-4308-B9F1-AF3D4D5DB097}\mpengine.dll2012-08-31 21:39 . 2012-08-31 21:39 177496 ----a-w- c:\windows\system32\drivers\86948340.sys2012-08-31 01:02 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-08-29 14:59 . 2012-08-29 14:59 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-08-31 22:01 . 2012-08-31 22:01 38084 ----a-w- C:\TDSSKiller.2.8.8.0_31.08.2012_14.39.33_log.zip2012-08-25 13:50 . 2012-04-02 04:03 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-08-25 13:49 . 2011-05-27 21:50 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-07-06 13:58 . 2005-08-16 10:18 78336 ----a-w- c:\windows\system32\browser.dll2012-07-04 14:05 . 2005-08-16 10:37 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-07-03 20:46 . 2010-05-08 01:48 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-07-03 13:40 . 2005-08-16 10:18 1866112 ----a-w- c:\windows\system32\win32k.sys2012-07-02 17:49 . 2005-08-16 10:18 916992 ----a-w- c:\windows\system32\wininet.dll2012-07-02 17:49 . 2005-08-16 10:18 43520 ----a-w- c:\windows\system32\licmgr10.dll2012-07-02 17:49 . 2005-08-16 10:18 1469440 ------w- c:\windows\system32\inetcpl.cpl2012-07-02 12:05 . 2005-08-16 10:18 385024 ----a-w- c:\windows\system32\html.iec2012-06-06 15:49 . 2012-06-06 15:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX2012-06-05 15:50 . 2007-05-15 22:43 1372672 ----a-w- c:\windows\system32\msxml6.dll2012-06-05 15:50 . 2005-08-16 10:18 1172480 ----a-w- c:\windows\system32\msxml3.dll2012-06-05 00:35 . 2008-07-04 19:10 222448 ----a-w- c:\windows\system32\muweb.dll2012-06-04 04:32 . 2005-08-16 10:18 152576 ----a-w- c:\windows\system32\schannel.dll2012-08-29 14:59 . 2012-02-21 17:41 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-21 719672].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-09-12 196608]"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-19 421888]"Garmin Lifetime Updater"="c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-05-23 1466760].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-12-21 519584].c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-14 113664]HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]TP-LINK Wireless Configuration Utility.lnk - c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2011-12-21 788992]Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904].[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128].[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Adobe\\Photoshop Elements 7.0\\AdobePhotoshopElementsMediaServer.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"="c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management.R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 1:03 PM 169312]R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [12/21/2011 5:45 PM 1756384]R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [12/21/2011 5:46 PM 57440]R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000]S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]S2 gupdate1c9b8aee91e1c52;Google Update Service (gupdate1c9b8aee91e1c52);c:\program files\Google\Update\GoogleUpdate.exe [4/8/2009 6:02 PM 133104]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/1/2012 9:03 PM 250568]S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/8/2009 6:02 PM 133104]S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [12/21/2011 5:46 PM 360529]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 11:15 AM 31125880]S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/25/2012 8:08 PM 114144].--- Other Services/Drivers In Memory ---.*NewlyCreated* - 28523989*NewlyCreated* - MPKSL4DBAD353*NewlyCreated* - TRUESIGHT*Deregistered* - 28523989*Deregistered* - MpKsl4dbad353*Deregistered* - TrueSight.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12HPService REG_MULTI_SZ HPSLPSVChpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Contents of the 'Scheduled Tasks' folder.2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 13:50].2012-08-31 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57].2012-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-09 01:02].2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-09 01:02]..------- Supplementary Scan -------.uStart Page = hxxp://search.babylon.com/?affID=114336&tt=3512_6&babsrc=HP_ss&mntrId=e025dff7000000000000f8d11162c3f7uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Settings,ProxyOverride = <local>;*.localIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105TCP: DhcpNameServer = 209.18.47.61 209.18.47.62DPF: {85BA505F-FD01-4A91-836C-F7D502E89C9A} - hxxp://www.evite.com/html/imageUpload/ImageUploader4.cabDPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://bigwatersedge.axiscam.net/activex/AMC.cabFF - ProfilePath - c:\documents and settings\Elaine Lance\Application Data\Mozilla\Firefox\Profiles\k819aebi.default\FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=114336&tt=3512_6&babsrc=HP_ss&mntrId=e025dff7000000000000f8d11162c3f7FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=114336&tt=3512_6&babsrc=KW_ss&mntrId=e025dff7000000000000f8d11162c3f7&q=FF - prefs.js: network.proxy.type - 0FF - user.js: extensions.BabylonToolbar.autoRvrt - falseFF - user.js: extensions.BabylonToolbar_i.newTab - falseFF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=e025dff7000000000000f8d11162c3f7&q=FF - user.js: extensions.BabylonToolbar.id - e025dff7000000000000f8d11162c3f7FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}FF - user.js: extensions.BabylonToolbar.instlDay - 15584FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1218:25FF - user.js: extensions.BabylonToolbar.prtnrId - babylonFF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbarFF - user.js: extensions.BabylonToolbar.aflt - babsstFF - user.js: extensions.BabylonToolbar_i.smplGrp - noneFF - user.js: extensions.BabylonToolbar.tlbrId - bbclnFF - user.js: extensions.BabylonToolbar.instlRef - sstFF - user.js: extensions.BabylonToolbar.dfltLng - enFF - user.js: extensions.BabylonToolbar.excTlbr - falseFF - user.js: extensions.BabylonToolbar.admin - falseFF - user.js: extensions.BabylonToolbar_i.babTrack - affID=114336&tt=3512_6FF - user.js: extensions.BabylonToolbar_i.babExt -FF - user.js: extensions.BabylonToolbar_i.srcExt - ss.- - - - ORPHANS REMOVED - - - -.AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-08-31 18:52Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... ..c:\docume~1\ELAINE~1\LOCALS~1\Temp\catchme.dll 53248 bytes executable.scan completed successfullyhidden files: 1.**************************************************************************.Completion time: 2012-08-31 18:55:31ComboFix-quarantined-files.txt 2012-09-01 01:55.Pre-Run: 13,290,708,992 bytes freePost-Run: 15,101,431,808 bytes free.WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsUnsupportedDebug="do not select this" /debugmulti(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect.- - End Of File - - 91E433D2A5A3CE3C4AEA5D303A0DE3A4 Link to post Share on other sites More sharing options...
MrCharlie Posted September 1, 2012 ID:592321 Share Posted September 1, 2012 I see you have the BabylonToolbar on the system, is this something you installed and want??MrC Link to post Share on other sites More sharing options...
MissElaine12 Posted September 1, 2012 Author ID:592323 Share Posted September 1, 2012 I downloaded it by accident, do not want it. Link to post Share on other sites More sharing options...
MrCharlie Posted September 1, 2012 ID:592326 Share Posted September 1, 2012 Using ComboFix......1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Open notepad and copy/paste the text in the quotebox below into it:4. If ComboFix wants to update.....please allow it to.DDS::TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FilemRun: [<no name="">]FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dllStart Page = hxxp://search.babylon.com/?Folder::c:\program files\BabylonToolbarc:\documents and settings\All Users\Application Data\Babylonc:\documents and settings\Elaine Lance\Application Data\BabylonFirefox::FF - ProfilePath - c:\documents and settings\Elaine Lance\Application Data\Mozilla\Firefox\Profiles\k819aebi.default\FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=114336&tt=3512_6&babsrc=HP_ss&mntrId=e025dff7000000000000f8d11162c3f7FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=114336&tt=3512_6&babsrc=KW_ss&mntrId=e025dff7000000000000f8d11162c3f7&q=FF - user.js: extensions.BabylonToolbar.autoRvrt - falseFF - user.js: extensions.BabylonToolbar_i.newTab - falseFF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=e025dff7000000000000f8d11162c3f7&q=FF - user.js: extensions.BabylonToolbar.id - e025dff7000000000000f8d11162c3f7FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}FF - user.js: extensions.BabylonToolbar.instlDay - 15584FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1218:25FF - user.js: extensions.BabylonToolbar.prtnrId - babylonFF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbarFF - user.js: extensions.BabylonToolbar.aflt - babsstFF - user.js: extensions.BabylonToolbar_i.smplGrp - noneFF - user.js: extensions.BabylonToolbar.tlbrId - bbclnFF - user.js: extensions.BabylonToolbar.instlRef - sstFF - user.js: extensions.BabylonToolbar.dfltLng - enFF - user.js: extensions.BabylonToolbar.excTlbr - falseFF - user.js: extensions.BabylonToolbar.admin - falseFF - user.js: extensions.BabylonToolbar_i.babTrack - affID=114336&tt=3512_6FF - user.js: extensions.BabylonToolbar_i.babExt -FF - user.js: extensions.BabylonToolbar_i.srcExt - ssClearJavaCache::Save this as CFScript.txt, in the same location as ComboFix.exeRefering to the picture above, drag CFScript into ComboFix.exeCAUTION: Do not mouse-click ComboFix while it is running. It may cause it to stall.After reboot, (in case it asks to reboot)......Please provide the contents of the ComboFix log (C:\ComboFix.txt) in your next reply.MrC (gone for tonight > be back in the AM)</no> Link to post Share on other sites More sharing options...
MissElaine12 Posted September 1, 2012 Author ID:592332 Share Posted September 1, 2012 Sweet dreams!Below is the ComboFix log.FYI - I turned my antivirus program back on.Running from: c:\documents and settings\Elaine Lance\My Documents\Downloads\ComboFix.exeCommand switches used :: c:\documents and settings\Elaine Lance\My Documents\Downloads\CFScript.txtAV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\documents and settings\All Users\Application Data\Babylonc:\documents and settings\All Users\Documents\userinit.exec:\documents and settings\Elaine Lance\Application Data\Babylonc:\documents and settings\Elaine Lance\Application Data\Babylon\log_file.txtc:\program files\BabylonToolbarc:\program files\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarApp.dllc:\program files\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarEng.dllc:\program files\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarsrv.exec:\program files\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dllc:\program files\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dllc:\program files\BabylonToolbar\BabylonToolbar\1.6.9.12\escortShld.dllc:\program files\BabylonToolbar\BabylonToolbar\1.6.9.12\uninstall.exe..((((((((((((((((((((((((( Files Created from 2012-08-01 to 2012-09-01 )))))))))))))))))))))))))))))))..2012-09-01 01:25 . 2012-09-01 01:25 304 ----a-w- C:\user.js2012-09-01 01:25 . 2012-09-01 01:25 -------- d-----w- c:\documents and settings\Elaine Lance\Application Data\BabylonToolbar2012-09-01 00:59 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{28FEA074-809E-4308-B9F1-AF3D4D5DB097}\mpengine.dll2012-08-31 21:39 . 2012-08-31 21:39 177496 ----a-w- c:\windows\system32\drivers\86948340.sys2012-08-31 01:02 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-08-29 14:59 . 2012-08-29 14:59 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-08-31 22:01 . 2012-08-31 22:01 38084 ----a-w- C:\TDSSKiller.2.8.8.0_31.08.2012_14.39.33_log.zip2012-08-25 13:50 . 2012-04-02 04:03 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-08-25 13:49 . 2011-05-27 21:50 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-07-06 13:58 . 2005-08-16 10:18 78336 ----a-w- c:\windows\system32\browser.dll2012-07-04 14:05 . 2005-08-16 10:37 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-07-03 20:46 . 2010-05-08 01:48 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-07-03 13:40 . 2005-08-16 10:18 1866112 ----a-w- c:\windows\system32\win32k.sys2012-07-02 17:49 . 2005-08-16 10:18 916992 ----a-w- c:\windows\system32\wininet.dll2012-07-02 17:49 . 2005-08-16 10:18 43520 ----a-w- c:\windows\system32\licmgr10.dll2012-07-02 17:49 . 2005-08-16 10:18 1469440 ------w- c:\windows\system32\inetcpl.cpl2012-07-02 12:05 . 2005-08-16 10:18 385024 ----a-w- c:\windows\system32\html.iec2012-06-06 15:49 . 2012-06-06 15:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX2012-06-05 15:50 . 2007-05-15 22:43 1372672 ----a-w- c:\windows\system32\msxml6.dll2012-06-05 15:50 . 2005-08-16 10:18 1172480 ----a-w- c:\windows\system32\msxml3.dll2012-06-05 00:35 . 2008-07-04 19:10 222448 ----a-w- c:\windows\system32\muweb.dll2012-06-04 04:32 . 2005-08-16 10:18 152576 ----a-w- c:\windows\system32\schannel.dll2012-08-29 14:59 . 2012-02-21 17:41 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-21 719672].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-09-12 196608]"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-19 421888]"Garmin Lifetime Updater"="c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-05-23 1466760].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-12-21 519584].c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-14 113664]HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]TP-LINK Wireless Configuration Utility.lnk - c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2011-12-21 788992]Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904].[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128].[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Adobe\\Photoshop Elements 7.0\\AdobePhotoshopElementsMediaServer.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"="c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management.R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 1:03 PM 169312]R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [12/21/2011 5:45 PM 1756384]R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [12/21/2011 5:46 PM 57440]R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000]S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]S2 gupdate1c9b8aee91e1c52;Google Update Service (gupdate1c9b8aee91e1c52);c:\program files\Google\Update\GoogleUpdate.exe [4/8/2009 6:02 PM 133104]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/1/2012 9:03 PM 250568]S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/8/2009 6:02 PM 133104]S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [12/21/2011 5:46 PM 360529]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 11:15 AM 31125880]S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/25/2012 8:08 PM 114144].--- Other Services/Drivers In Memory ---.*NewlyCreated* - 28523989*NewlyCreated* - MPKSL4DBAD353*NewlyCreated* - TRUESIGHT*Deregistered* - 28523989*Deregistered* - MpKsl4dbad353*Deregistered* - TrueSight.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12HPService REG_MULTI_SZ HPSLPSVChpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Contents of the 'Scheduled Tasks' folder.2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 13:50].2012-08-31 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57].2012-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-09 01:02].2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-09 01:02]..------- Supplementary Scan -------.uStart Page = hxxp://search.babylon.com/?affID=114336&tt=3512_6&babsrc=HP_ss&mntrId=e025dff7000000000000f8d11162c3f7uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Settings,ProxyOverride = <local>;*.localIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105TCP: DhcpNameServer = 209.18.47.61 209.18.47.62DPF: {85BA505F-FD01-4A91-836C-F7D502E89C9A} - hxxp://www.evite.com/html/imageUpload/ImageUploader4.cabDPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://bigwatersedge.axiscam.net/activex/AMC.cabFF - ProfilePath - c:\documents and settings\Elaine Lance\Application Data\Mozilla\Firefox\Profiles\k819aebi.default\FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=114336&tt=3512_6&babsrc=HP_ss&mntrId=e025dff7000000000000f8d11162c3f7FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=114336&tt=3512_6&babsrc=KW_ss&mntrId=e025dff7000000000000f8d11162c3f7&q=FF - prefs.js: network.proxy.type - 0FF - user.js: extensions.BabylonToolbar.autoRvrt - falseFF - user.js: extensions.BabylonToolbar_i.newTab - falseFF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=e025dff7000000000000f8d11162c3f7&q=FF - user.js: extensions.BabylonToolbar.id - e025dff7000000000000f8d11162c3f7FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}FF - user.js: extensions.BabylonToolbar.instlDay - 15584FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1218:25FF - user.js: extensions.BabylonToolbar.prtnrId - babylonFF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbarFF - user.js: extensions.BabylonToolbar.aflt - babsstFF - user.js: extensions.BabylonToolbar_i.smplGrp - noneFF - user.js: extensions.BabylonToolbar.tlbrId - bbclnFF - user.js: extensions.BabylonToolbar.instlRef - sstFF - user.js: extensions.BabylonToolbar.dfltLng - enFF - user.js: extensions.BabylonToolbar.excTlbr - falseFF - user.js: extensions.BabylonToolbar.admin - falseFF - user.js: extensions.BabylonToolbar_i.babTrack - affID=114336&tt=3512_6FF - user.js: extensions.BabylonToolbar_i.babExt -FF - user.js: extensions.BabylonToolbar_i.srcExt - ss.- - - - ORPHANS REMOVED - - - -.AddRemove-BabylonToolbar - c:\program files\BabylonToolbar\BabylonToolbar\1.6.9.12\uninstall.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-08-31 19:42Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.Completion time: 2012-08-31 19:44:42ComboFix-quarantined-files.txt 2012-09-01 02:44ComboFix2.txt 2012-09-01 01:55.Pre-Run: 15,112,437,760 bytes freePost-Run: 15,097,237,504 bytes free.- - End Of File - - A1AB12051E991BBC5A7B9E275D0ED0D5 Link to post Share on other sites More sharing options...
MissElaine12 Posted September 1, 2012 Author ID:592335 Share Posted September 1, 2012 Also, I rebooted and saw that the Babylon Toolbar was still there. I'm not sure if the instructions you provided in post #12 were to get rid of it... Just in case they were, I wanted to let you know. Link to post Share on other sites More sharing options...
MrCharlie Posted September 1, 2012 ID:592398 Share Posted September 1, 2012 OK, I made a mistake in the CFScript.txt, I fixed it so go back and run it again.MrC Link to post Share on other sites More sharing options...
MissElaine12 Posted September 2, 2012 Author ID:592936 Share Posted September 2, 2012 ComboFix 12-09-01.01 - Elaine Moore 09/02/2012 16:40:23.4.2 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1534.716 [GMT -7:00]Running from: c:\documents and settings\Elaine Lance\My Documents\Downloads\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}..((((((((((((((((((((((((( Files Created from 2012-08-02 to 2012-09-02 )))))))))))))))))))))))))))))))..2012-09-02 01:06 . 2012-09-02 01:06 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{31799E4F-0B06-4D3E-B5CC-30B4762F1AE4}\offreg.dll2012-09-02 01:06 . 2012-09-02 01:06 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{31799E4F-0B06-4D3E-B5CC-30B4762F1AE4}\MpKsleefdbcdc.sys2012-09-02 01:01 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{31799E4F-0B06-4D3E-B5CC-30B4762F1AE4}\mpengine.dll2012-09-01 15:49 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-09-01 01:25 . 2012-09-01 01:25 304 ----a-w- C:\user.js2012-09-01 01:25 . 2012-09-01 01:25 -------- d-----w- c:\documents and settings\Elaine Lance\Application Data\BabylonToolbar2012-08-31 21:39 . 2012-08-31 21:39 177496 ----a-w- c:\windows\system32\drivers\86948340.sys2012-08-29 14:59 . 2012-08-29 14:59 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-08-31 22:01 . 2012-08-31 22:01 38084 ----a-w- C:\TDSSKiller.2.8.8.0_31.08.2012_14.39.33_log.zip2012-08-25 13:50 . 2012-04-02 04:03 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-08-25 13:49 . 2011-05-27 21:50 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-07-06 13:58 . 2005-08-16 10:18 78336 ----a-w- c:\windows\system32\browser.dll2012-07-04 14:05 . 2005-08-16 10:37 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-07-03 20:46 . 2010-05-08 01:48 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-07-03 13:40 . 2005-08-16 10:18 1866112 ----a-w- c:\windows\system32\win32k.sys2012-07-02 17:49 . 2005-08-16 10:18 916992 ----a-w- c:\windows\system32\wininet.dll2012-07-02 17:49 . 2005-08-16 10:18 43520 ----a-w- c:\windows\system32\licmgr10.dll2012-07-02 17:49 . 2005-08-16 10:18 1469440 ------w- c:\windows\system32\inetcpl.cpl2012-07-02 12:05 . 2005-08-16 10:18 385024 ----a-w- c:\windows\system32\html.iec2012-06-06 15:49 . 2012-06-06 15:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX2012-06-05 15:50 . 2007-05-15 22:43 1372672 ----a-w- c:\windows\system32\msxml6.dll2012-06-05 15:50 . 2005-08-16 10:18 1172480 ----a-w- c:\windows\system32\msxml3.dll2012-06-05 00:35 . 2008-07-04 19:10 222448 ----a-w- c:\windows\system32\muweb.dll2012-08-29 14:59 . 2012-02-21 17:41 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((( SnapShot@2012-09-01_01.52.46 ))))))))))))))))))))))))))))))))))))))))).+ 2012-09-01 15:34 . 2012-09-01 15:34 16384 c:\windows\Temp\Perflib_Perfdata_2a0.dat.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-21 719672].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-09-12 196608]"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-19 421888]"Garmin Lifetime Updater"="c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-05-23 1466760].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-12-21 519584].c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-14 113664]HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]TP-LINK Wireless Configuration Utility.lnk - c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2011-12-21 788992]Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904].[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128].[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0).[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Adobe\\Photoshop Elements 7.0\\AdobePhotoshopElementsMediaServer.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"="c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management.R1 MpKsleefdbcdc;MpKsleefdbcdc;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{31799E4F-0B06-4D3E-B5CC-30B4762F1AE4}\MpKsleefdbcdc.sys [9/1/2012 6:06 PM 29904]R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 1:03 PM 169312]R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [12/21/2011 5:45 PM 1756384]R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [12/21/2011 5:46 PM 57440]S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]S2 gupdate1c9b8aee91e1c52;Google Update Service (gupdate1c9b8aee91e1c52);c:\program files\Google\Update\GoogleUpdate.exe [4/8/2009 6:02 PM 133104]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/1/2012 9:03 PM 250568]S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/8/2009 6:02 PM 133104]S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [12/21/2011 5:46 PM 360529]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 11:15 AM 31125880]S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/25/2012 8:08 PM 114144]S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000].--- Other Services/Drivers In Memory ---.*NewlyCreated* - MPKSLEEFDBCDC.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12HPService REG_MULTI_SZ HPSLPSVChpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Contents of the 'Scheduled Tasks' folder.2012-09-02 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 13:50].2012-08-31 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57].2012-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-09 01:02].2012-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-09 01:02]..------- Supplementary Scan -------.uStart Page = hxxp://search.babylon.com/?affID=114336&tt=3512_6&babsrc=HP_ss&mntrId=e025dff7000000000000f8d11162c3f7uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Settings,ProxyOverride = <local>;*.localIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105TCP: DhcpNameServer = 209.18.47.61 209.18.47.62DPF: {85BA505F-FD01-4A91-836C-F7D502E89C9A} - hxxp://www.evite.com/html/imageUpload/ImageUploader4.cabDPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://bigwatersedge.axiscam.net/activex/AMC.cabFF - ProfilePath - c:\documents and settings\Elaine Lance\Application Data\Mozilla\Firefox\Profiles\k819aebi.default\FF - prefs.js: network.proxy.type - 0..**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-09-02 16:47Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'explorer.exe'(8240)c:\windows\system32\WININET.dllc:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odfc:\progra~1\MICROS~4\Office14\1033\GrooveIntlResource.dllc:\windows\system32\ieframe.dllc:\windows\system32\webcheck.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.Completion time: 2012-09-02 16:50:09ComboFix-quarantined-files.txt 2012-09-02 23:50ComboFix2.txt 2012-09-02 23:29ComboFix3.txt 2012-09-01 02:44ComboFix4.txt 2012-09-01 01:55.Pre-Run: 15,019,622,400 bytes freePost-Run: 15,019,257,856 bytes free.- - End Of File - - B03A26C0C938140A5F6242844FAF5B43 Link to post Share on other sites More sharing options...
MissElaine12 Posted September 3, 2012 Author ID:592938 Share Posted September 3, 2012 The Babylon toolbar is still there. Link to post Share on other sites More sharing options...
MrCharlie Posted September 3, 2012 ID:592940 Share Posted September 3, 2012 In what browser or browsers? MrC Link to post Share on other sites More sharing options...
MissElaine12 Posted September 3, 2012 Author ID:592942 Share Posted September 3, 2012 Firefox and IE. Link to post Share on other sites More sharing options...
MissElaine12 Posted September 3, 2012 Author ID:592943 Share Posted September 3, 2012 I just realized I might have left out a step when I ran ComboFix the second time. After the first time, I realized that my firewall was still on, so I ran ComboFix again without copying CFScript to ComboFix. The above log is from the second run. I hope that makes sense... Link to post Share on other sites More sharing options...
MrCharlie Posted September 3, 2012 ID:592946 Share Posted September 3, 2012 See if this works:http://www.ehow.com/...ll-babylon.htmlLet me know.....MrC Link to post Share on other sites More sharing options...
MissElaine12 Posted September 3, 2012 Author ID:592959 Share Posted September 3, 2012 OK, I didn't see the Babylon icon in the system tray, so I skipped step 1.Did step 2. (The list of currently installed programs took a looooong time to load, BTW.)Step 3: Uninstalled Babylon installer. That's the only Bablylon-related item that I saw. No Babylon toolbar or anything else.Step 4: I didn't see a Babylon folder in Program Files.Step 6: Disabled Babylon toolbar in IE; the add-on doesn't appear in Firefox Add-ons Manager.The toolbar is still there. Link to post Share on other sites More sharing options...
MrCharlie Posted September 3, 2012 ID:592961 Share Posted September 3, 2012 In both browsers? MrC Link to post Share on other sites More sharing options...
MissElaine12 Posted September 3, 2012 Author ID:592963 Share Posted September 3, 2012 Yes. Link to post Share on other sites More sharing options...
MrCharlie Posted September 3, 2012 ID:592967 Share Posted September 3, 2012 Reset IE back to defaults:http://www.howtogeek.com/howto/16365/reset-all-internet-explorer-8-settings-to-fix-stability-problems/MrC Link to post Share on other sites More sharing options...
Recommended Posts