Jump to content

Recommended Posts

I have been assisted by a fellow Forum member, not this Forum, who suggested that I come here for additional help. I am mostly a novice on the computer, I can find and go to web pages, upload pictures when I don't have a bug preventing it (like now), and I compose notes and messages, with pictures, that I send with e-mail to friends. I'm not that savvy with all the language to trouble shoot and solve the issues I now have.

I have a Dell, tower, that is about 9 years old with a C-Drive that is about 4 years old. I am using Windows NT. I have changed to have Google Chrome my home page. I am using the free Avast antivirus software. I visit a kit car forum and some parts supply web pages, my wife does banking and some shopping on line, we both do e-mail. We are careful about opening messages, especially, with attachments, and try to stay clear of web sites that aren't connected with reputable businesses.

My computer has had Ccleaner, Malewarebytes, Superantivirus and Rkill installed and ran during our attempt to clean up the machine.

I have some kind of bug that causes the boot-up to be very slow, like close to 30 minutes. There were other problems but working with my forum friend we seem to have most of it taken care of, at least that is how it appears now. I can go to web pages and forums and find information fairly quickly.

The boot up goes like this. Slow to bring up the icons, the icons go away and I have a blank screen for several minutes. The Icons come back and it takes several more minutes for the little icons in the lower right to come up, ending with superantivirus.logo. I click on Google Chrome and it takes several minutes for the screen to change and then three tabs come up, one with Babylon, one with Google and one with a Search. I kill the Babylon and Search tabs and Google comes up ready to work in a couple minutes. Once that is done going to a web page has been fairly good, lately I have had a coupe of the old slow responses.

Lately I have been unable to upload pictures to my kitcar web site. I also have been unable to upload pictures to PhotoBucket which says I need to down load Adobe Flash Player 9 (I think). When I do the Adobe down load it goes though all the procedure and says it is finished, then I get the "Law-and-Order" sound and note that says the download failed.

When I log off, it takes a couple minutes for the computer to go though the shut-down procedure and then usually I get (like 19 out of 20 times) a 1 of 1 Windows update. Up until about a month ago I would only get the Windows updates a couple times per month.

When I am shut down I turn off a switch so there is no power to the computer, but we usually leave it on all day, sitting on the Google home page if we are not actually doing something on it.

Thanks for any assistance that can be provided,

Regards, Rick (CRZN427)

Link to post
Share on other sites

Hello and welcome, CRZN427: :)

That's a pretty detailed description. :)

You mention that your computer is 9 years old -- that is pretty "long in the tooth", and it might be the case that it's just reached the end of its lifespan.

It might also be damaged from what sounds like an infection you were working to remove.

Until one of the more expert members arrives, the following steps will help them to provide you with the assistance you need.

If you can, please provide the following with your next reply:

  1. A BRIEF summary of the current major problem you are experiencing, e.g. "the computer is very slow to boot", or "I think I might be infected".
  2. A link to the other forum where you were being helped -- it can be confusing, counter-productive and sometimes damaging to be working in more than one place with more than 1 helper at a time. Moreover, it will assist the folks here to know what has already been done.
  3. Both logs from the DDS scanner tool -- this is a non-invasive utility that will provide the experts here with a bit of basic, preliminary system information. Please ATTACH both the DDS.txt and the attach.txt logs to your next reply. Instructions follow below.

Thanks,

daledoc1

--------------------------

DDS Instructions

Download DDS from one of the locations below and save it to your Desktop:

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once it is downloaded, you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


  • When done, DDS will open two (2) logs:

    1. DDS.txt
    2. Attach.txt

  • Save both reports to your desktop
  • Please attach both of the following logs to your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Link to post
Share on other sites

daledoc1,

Thanks for the reply, I need a lot of patience and assistance to get me through. My history is engineering and construction, not data and computers, I always had a data processing department to rely on so I could get on with the nuts and bolts, literally. I'll get the things done that you suggest and post the results. I know my computer is 9 years old but the C-drive is not as old as the machine, I suppose in computer years it is also a relic.

I belong to a forum that deals in kit cars. A member of that forum, that is highly versed in computers, helped me (through several e-mails), do the virus cleaning that has been done so far.

Regards, Rick.

Link to post
Share on other sites

Hi: :)

Well, it sounds as if your current issues may well be related -- at least in part -- to the recent infection you describe.

While it would certainly help the experts here to know what has already been done, what scans/tools have been used, what they detected, etc., it's not essential.

The first step is typically to run the DDS tool -- it provides the helpers with a preliminary "peek under the hood".

Running it should only take a few seconds.

>>>Since the original problem was related to malware, it would probably be best to follow the recommendations in this pinned topic: Available Assistance For Possibly Infected Computers.

A qualified helper will guide you through the cleanup process in the malware removal section of the forum, or at the help desk.

If there are other, non-malware-related issues after your helper gives you the "all clear", then he/she may refer you back here for additional work.

In the interim, I would avoid running any more malware removal tools or making any further changes to the system, without malware expert guidance. :)

HTH,

daledoc1

Link to post
Share on other sites

daledoc1,

I think I got it done, I'm going to try a copy/paste to show the results. I disconnected the internet connection after the download and then temporarily disabled Avast while it ran.

Regards, Rick.

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 5/31/2010 6:46:59 PM

System Uptime: 3/11/2013 3:15:16 PM (3 hours ago)

.

Motherboard: Dell Computer Corp. | |

Processor: Intel® Pentium® 4 CPU 1.80GHz | Microprocessor | 1794/400mhz

.

System Uptime: 3/11/2013 3:15:16 PM (3 hours ago)

.

Motherboard: Dell Computer Corp. | |

Processor: Intel® Pentium® 4 CPU 1.80GHz | Microprocessor | 1794/400mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 75 GiB total, 56.927 GiB free.

D: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader 9.5.3

Ask Toolbar

AT&T Yahoo! High Speed Internet Home Networking Installer

ATI Display Driver

avast! Free Antivirus

AVG Security Toolbar

Bing Bar

Bing Bar Platform

Bing Rewards Client Installer

CCleaner

Cisco Connect

Coupon Printer for Windows

Dell ResourceCD

Google Chrome

Google Earth Plug-in

Google Update Helper

GoToAssist 8.0.0.514

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB945060-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB981793)

HP Deskjet 1050 J410 series Basic Device Software

HP Deskjet 1050 J410 series Help

HP Deskjet 1050 J410 series Product Improvement Study

HP Photo Creations

HP Update

Intel® Network Connections 13.1.33.0

KODAK Share Button App

Lexmark 510 Series

LibreOffice 3.5

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Default Manager

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Word 2002

Microsoft Works 2002 Setup Launcher

Microsoft Works 6.0

Microsoft Works Suite Add-in for Microsoft Word

MPlayer (remove only)

Nero Suite

OLYMPUS CAMEDIA Master 2.0

Paint.NET v3.5.10

Quick Bridge (remove only)

QuickTime

Search.us.com

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

SoundMAX

Spybot - Search & Destroy

SUPERAntiSpyware

Support.com Toolbar Updater

TurboTax 2010

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wrapper

TurboTax 2011

TurboTax 2011 wcaiper

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wrapper

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2447568)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

Works Suite OS Pack

Works Synchronization

.

==== Event Viewer Messages From Past Week ========

.

3/9/2013 9:01:45 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.

3/9/2013 11:01:15 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

3/9/2013 10:43:53 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswSnx aswSP aswTdi Fips intelppm MpFilter OMCI SASDIFSV SASKUTIL

3/8/2013 8:35:43 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Intuit Update Service v4 service to connect.

3/8/2013 8:35:43 AM, error: Service Control Manager [7000] - The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/8/2013 4:53:47 PM, error: Service Control Manager [7000] - The BVRPMPR5 NDIS Protocol Driver service failed to start due to the following error: The system cannot find the file specified.

3/8/2013 12:39:26 AM, error: Service Control Manager [7022] - The Intuit Update Service v4 service hung on starting.

3/8/2013 12:37:53 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

3/8/2013 12:37:53 AM, error: Service Control Manager [7000] - The Spybot-S&D 2 Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/6/2013 6:55:46 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Updating Service service to connect.

3/6/2013 6:55:46 AM, error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/6/2013 6:55:33 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Scanner Service service to connect.

3/6/2013 6:55:33 AM, error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/11/2013 3:10:22 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Rick at 18:46:18 on 2013-03-11

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.145 [GMT -7:00]

.

AV: PC Cleaner Pro *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: avast! Antivirus *Disabled*

.

============== Running Processes ================

.

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Kodak\KODAK Share Button App\Listener.exe

C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\alg.exe

C:\Documents and Settings\Rick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Rick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\System32\svchost.exe -k NetworkService

C:\WINDOWS\System32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/?ilc=1

uWindow Title = Windows Internet Explorer provided by Yahoo!

uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8

uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: {f4c28532-b9d0-4950-a2df-e83f9929242b} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll

BHO: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - <orphaned>

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2291.0\npwinext.dll

BHO: Support.com Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>

TB: -c Search.us.com Toolbar: {19B6A28C-FF9C-4E23-B1C9-EF1AF23A678C} - c:\documents and settings\rick\local settings\application data\tnt2\2.0.0.1049\ietoolbar.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: Support.com Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: -c Search.us.com Toolbar: {19B6A28C-FF9C-4E23-B1C9-EF1AF23A678C} - c:\documents and settings\rick\local settings\application data\tnt2\2.0.0.1049\ietoolbar.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll

TB: Support.com Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: @c:\program files\msn toolbar\platform\6.3.2291.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2291.0\npwinext.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Google Update] "c:\documents and settings\rick\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [WorksFUD] c:\program files\microsoft works\wkfud.exe

mRun: [Microsoft Works Portfolio] c:\program files\microsoft works\WksSb.exe /AllUsers

mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe

mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [vProt] "c:\program files\avg secure search\vprot.exe"

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [KodakShareButtonApp] c:\program files\kodak\kodak share button app\Listener.exe

mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: &Search - http://tbedits.myfuncards.com/one-toolbaredits/menusearch.jhtml?s=207560036&p=ZUxpr999YYus&a=797CBD93-DE05-45D0-AA39-AB38A6D0BD87&n=2012090617&cv=1

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll

DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345354011453

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 195296]

R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-11-13 20624]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-9 738504]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-5-31 361032]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-11-25 33112]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-7-1 21256]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-31 44808]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-2-9 1103392]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-2-9 1369624]

R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MyFunCards_5mService;MyFunCardsService;c:\progra~1\myfunc~2\bar\1.bin\5mbarsvc.exe [2012-9-6 42528]

S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-2-9 168384]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

FileExt: .vbe: VBEFile=NOTEPAD.EXE %1

FileExt: .vbs: VBSFile=NOTEPAD.EXE %1

FileExt: .js: JSFile=NOTEPAD.EXE %1

FileExt: .jse: JSEFile=NOTEPAD.EXE %1

FileExt: .wsf: WSFFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2013-03-11 22:32:56 6954968 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{37383ef7-97ef-4f3e-bdc2-7ff7a3fcabca}\mpengine.dll

2013-03-10 18:42:40 6954968 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-03-09 23:39:41 -------- d-----w- c:\program files\Cisco Systems

2013-03-09 23:24:56 -------- d-----w- c:\documents and settings\all users\application data\Cisco Systems

2013-03-09 00:53:47 49904 ----a-r- c:\windows\system32\drivers\BVRPMPR5.SYS

2013-03-09 00:51:48 -------- d-----w- C:\Netgear

2013-02-24 19:57:52 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys

.

==================== Find3M ====================

.

2013-02-27 18:51:10 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-27 18:51:10 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-02-19 00:00:04 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe

2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll

2013-01-20 23:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-01-07 01:16:02 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-01-07 00:36:58 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax

2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll

2012-12-26 20:16:29 916480 ----a-w- c:\windows\system32\wininet.dll

2012-12-26 20:16:28 43520 ------w- c:\windows\system32\licmgr10.dll

2012-12-26 20:16:28 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-12-24 06:40:59 385024 ------w- c:\windows\system32\html.iec

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-15 00:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

.

============= FINISH: 18:47:47.67 ===============

Link to post
Share on other sites

There is still some issues going on with this computer that need to be addressed. These issues are either due to an active infection, prior infection or a hardware/software conflict, either way you need to have an expert help you get it all sorted out by following the instructions below....

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you


==== Event Viewer Messages From Past Week ========
.
3/9/2013 9:01:45 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
3/9/2013 11:01:15 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/9/2013 10:43:53 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswSnx aswSP aswTdi Fips intelppm MpFilter OMCI SASDIFSV SASKUTIL
3/8/2013 8:35:43 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Intuit Update Service v4 service to connect.
3/8/2013 8:35:43 AM, error: Service Control Manager [7000] - The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/8/2013 4:53:47 PM, error: Service Control Manager [7000] - The BVRPMPR5 NDIS Protocol Driver service failed to start due to the following error: The system cannot find the file specified.
3/8/2013 12:39:26 AM, error: Service Control Manager [7022] - The Intuit Update Service v4 service hung on starting.
3/8/2013 12:37:53 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
3/8/2013 12:37:53 AM, error: Service Control Manager [7000] - The Spybot-S&D 2 Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/6/2013 6:55:46 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Updating Service service to connect.
3/6/2013 6:55:46 AM, error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/6/2013 6:55:33 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Scanner Service service to connect.
3/6/2013 6:55:33 AM, error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/11/2013 3:10:22 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
.
==== End Of File ===========================

Link to post
Share on other sites

Forum Diety (??),

Please don't take this the wrong way, but I thought I had been following those instructions when I did the dds.com scan at the suggestion of daledoc1.

I'll try do do what is needed to help identify my problem, but I need something a little more specific, to know what to do. I'm not the sharpest (byte-head) knife in the drawer.

Thanks, Regards, Rick.

Link to post
Share on other sites

  • Root Admin

Just open a NEW topic in the other forum as requested and post the same DDS and ATTACH replies and as soon as someone is available they will assist you.

Please read this topic here Available Assistance for Possibly Infected Computers and then choose your option and post to that other forum is all.

This forum is sort of a catch all for basic general problems that can sometimes be fixed without having to go to the HJT forum for infection detection and removal but we can't use scanning tools and stuff here - that what the other forum is for.

Thank you

Link to post
Share on other sites

Hi:

Yes, since your original issues were malware-related, please start a new post over in that section of the forum, with your logs.

That's the dedicated area for working on malware detection and removal.

One of the trained experts will guide you through the process.

As I mentioned earlier, if you are still having issues after your malware helper gives you the "all-clear", then he/she may refer you back here for additional help.

However, any malware problems need to be resolved first.

Cheers,

daledoc1

P.S. One of the first things you'll need to do, with the assistance of your malware helper, is to completely remove 2 of the 3 antivirus programs on your computer. Having more than 1 installed leads to freezes, hangups, conflicts, crashes and REDUCED computer security. :)

AV: PC Cleaner Pro *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.