Jump to content

Recommended Posts

Running Vista (SP2) with 6 GB RAM.

 

1.  Ran a quick scan.  Showed several hundred suspicious files.  I selected about 20 at random (since I saw no way to "select all" at once.)  Clicked on "Remove."  Program froze.

2.  Restarted computer fresh.  Ran no other programs.  Did Quick Scan again.  This time, I selected only one file to Delete from the list of suspicious one.  Again, program froze.

3.  Repeated Step Two again.  Program froze again.

 

So, it looks like the program works pefectly at finding suspicious files.  But if it can't remove them, it's not of any great utility, of course.

 

Any suggestions?  The process looks pretty straightforward, so I don't think I'm doing anything obviously wrong.  How are you guys getting the program to work correctly?

Link to post
Share on other sites

Hello santamonica811 and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Prevet, Borislav,

Thanks in advance for your help.  Below are the two text files.

 

1.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/4/2010 5:57:24 PM
System Uptime: 1/11/2014 8:10:08 PM (9 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | Benicia
Processor: Intel® Pentium® Dual  CPU  E2200  @ 2.20GHz | CPU 1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 457 GiB total, 68.4 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 0.903 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 1863 GiB total, 121.253 GiB free.
G: is FIXED (NTFS) - 1397 GiB total, 41.386 GiB free.
I: is Removable
J: is Removable
K: is Removable
L: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
7-Zip 4.65
7-Zip 9.20
ABBYY FineReader 6.0 Sprint
AcroPano Photo Stitcher, Panorama software
Adobe AIR
Adobe Community Help
Adobe Configurator 3
Adobe Extension Manager CS5
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Photoshop CS6
Adobe Photoshop Lightroom 4.4
Adobe Reader X (10.1.8)
Advertising Center
AirPlus G
Akamai NetSession Interface
Akamai NetSession Interface Service
Amazon Kindle
ANIO Service
ANIWZCS2 Service
Apple Application Support
Apple Software Update
Avira Free Antivirus
Cards_Calendar_OrderGift_DoMorePlugout
Chat Messenger
Compatibility Pack for the 2007 Office system
Connect DLC 5 Toolbar for IE
Creative MediaSource
Creative MediaSource NOMAD MuVo^2 Plugin
CWA Reminder by We-Care.com v4.1.24.3
CyberLink DVD Suite Deluxe
CyberLink Power2Go
DivX Setup
Dream Docs
DVDStyler v2.6.1
DWG TrueView 2011
Dynamic Auto-Painter 2.5.3
eMule
Enhanced Multimedia Keyboard Solution
Epson Copy Utility 3.5
Epson Event Manager
EPSON Perfection V500 Photo Scanner Driver Update
EPSON Perfection V500P User's Guide
EPSON Printer Software
EPSON Scan
File Association Manager
Google Chrome
Google Earth Plug-in
Google Gears
Google Update Helper
Hardware Diagnostic Tools
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Advisor
HP Customer Experience Enhancements
HP Customer Feedback
HP Demo
HP Easy Setup - Frontend
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5
HP Picasso Media Center Add-In
HP Update
HPPhotoSmartPhotobookWebPack1
IHA_MessageCenter
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iPhoto Plus 4
Java 7 Update 10
Java Auto Updater
Java 6 Update 20
Java SE Runtime Environment 6 Update 1
JavaFX 2.1.1
Kindle Previewer
LabelPrint
LightScribe System Software
LightScribeTemplateLabeler
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Image Composite Editor
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
My HP Games
Nero 9 Essentials
Nero ControlCenter
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart OEM
neroxml
NexTalk.net
NxVideo
OpenOffice.org 3.2
Pascal Handset USB Driver
PDF Settings CS5
PDF Settings CS6
PowerDirector
PSSWCORE
Python 2.5
QuickTime
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Skype Click to Call
Skype™ 5.10
Smart Defrag 2
Snapfish Picture Mover
Spybot - Search & Destroy
TextBridge Classic
The Complete Law Office - Forms and Tutorials
TunnelBear 1.0.38
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Updater
VC80CRTRedist - 8.0.50727.4053
VideoToolkit01
VisualBee for Microsoft PowerPoint
VLC media player 1.1.11
Vz In-Home Agent
Vz In Home Agent
WeatherBug Gadget
x3Codec
Yahoo! Messenger
Yahoo! Toolbar
ZipItFree 1.95
ZTE V768 Handset USB Driver
.
==== End Of File ===========================

 

 

 

 

 

 

--------------------------------------

--------------------------------------

--------------------------------------

 

 

 

 

 

 

 

 

2

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6002.18005  BrowserJavaVersion: 10.5.1
Run by josh at 4:57:34 on 2014-01-12
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3317.1237 [GMT -8:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Users\josh\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\josh\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\eMule\emule.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = about:blank
mStart Page = about:blank

mDefault_Page_URL = about:blank

uProxyOverride = 127.0.0.1:9421;<local>
mURLSearchHooks: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\mpk\mpk.exe
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
TB: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -
uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [AdobeBridge] <no file>
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [searchProtect] \SearchProtect\bin\cltmng.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.





TCP: NameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{7BB91FCE-9C76-41EE-8D08-F784806F2461} : DHCPNameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{D9CE671E-DD95-4044-B2C5-2965C9519B70} : DHCPNameServer = 8.8.8.8
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: 94DE86E5-F3AF-433C-9789-8237C75C41A1 - msiexec.exe /fu {15F18520-06BB-484E-8DFD-632BB107C304} /q LAUNCHAPPONEXIT=0
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\josh\appdata\roaming\mozilla\firefox\profiles\jn058bk3.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll
FF - component: c:\users\josh\appdata\roaming\mozilla\firefox\profiles\jn058bk3.default\extensions\{9556409b-6f02-4c86-9efa-9fbd67ddf80e}\components\FFExternalAlert.dll
FF - component: c:\users\josh\appdata\roaming\mozilla\firefox\profiles\jn058bk3.default\extensions\{9556409b-6f02-4c86-9efa-9fbd67ddf80e}\components\RadioWMPCore.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-12-04 04:03; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\josh\appdata\roaming\mozilla\firefox\profiles\jn058bk3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2010-05-05 20:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-8-1 16184]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-11-30 37352]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-11-30 440376]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-11-30 440376]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-11-30 90400]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2011-7-1 350792]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-1-11 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-12 701512]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-5-23 1153368]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-12 22856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 massfilter_brcm;HandSet Mass Storage Filter Driver Brcm;c:\windows\system32\drivers\massfilter_brcm.sys [2013-7-8 17672]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== File Associations ===============
.
FileExt: .scr: DWGTrueViewScriptFile=c:\windows\system32\notepad.exe "%1"
FileExt: .js: JSFile="c:\program files\adobe dreamweaver cs3\Dreamweaver2.exe","%1"
.
=============== Created Last 30 ================
.
2014-01-12 06:03:19    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2014-01-12 04:05:38    712264    ----a-w-    c:\windows\isRS-000.tmp
2013-12-31 10:35:17    --------    d-----w-    c:\users\josh\tools
.
==================== Find3M  ====================
.
2013-12-18 08:21:35    90400    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2013-12-11 06:34:41    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 06:34:41    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-11-30 20:07:47    37352    ----a-w-    c:\windows\system32\drivers\avkmgr.sys
2013-11-19 11:33:38    230048    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-30 02:13:01    1304064    ----a-w-    c:\windows\system32\WMALFXGFXDSP.dll
2013-10-30 02:12:54    335360    ----a-w-    c:\windows\system32\SysFxUI.dll
2013-10-30 01:43:04    130048    ----a-w-    c:\windows\system32\drivers\drmk.sys
2013-10-30 00:43:06    167936    ----a-w-    c:\windows\system32\drivers\portcls.sys
2013-10-30 00:35:24    2050560    ----a-w-    c:\windows\system32\win32k.sys
2013-10-24 02:17:49    834048    ----a-w-    c:\windows\system32\wininet.dll
2013-10-24 02:17:06    53760    ----a-w-    c:\windows\apppatch\iebrshim.dll
2013-10-24 02:16:58    19456    ----a-w-    c:\windows\system32\corpol.dll
2013-10-24 00:55:43    389632    ----a-w-    c:\windows\system32\html.iec
2013-10-24 00:44:32    1383424    ----a-w-    c:\windows\system32\mshtml.tlb
2013-10-22 07:19:59    158208    ----a-w-    c:\windows\system32\imagehlp.dll
2010-02-10 08:03:44    5230592    ----a-w-    c:\program files\DWGVIEWR.msi
2010-02-10 04:48:20    47328    ----a-w-    c:\program files\AcSetup.dll
2010-01-14 20:40:18    85352    ----a-w-    c:\program files\CIPUtil.dll
2010-01-14 20:40:18    704360    ----a-w-    c:\program files\SetupAcadUi.dll
2010-01-14 20:40:18    693096    ----a-w-    c:\program files\SetupUi.dll
2010-01-14 20:40:18    544616    ----a-w-    c:\program files\DeployUi.dll
2010-01-14 20:40:18    108392    ----a-w-    c:\program files\LiteHtml.dll
2010-01-14 20:40:16    452456    ----a-w-    c:\program files\Setup.exe
2010-01-14 20:40:16    161640    ----a-w-    c:\program files\AcDelTree.exe
2010-01-14 20:37:32    319248    ----a-w-    c:\program files\UPI.dll
2010-01-14 20:36:36    375128    ----a-w-    c:\program files\MC3Res.dll
2010-01-14 20:36:36    1764696    ----a-w-    c:\program files\MC3.dll
2010-01-14 20:36:34    190688    ----a-w-    c:\program files\senddmp.exe
2009-10-29 09:18:18    653120    ----a-w-    c:\program files\msvcr90.dll
2009-10-29 09:18:18    569664    ----a-w-    c:\program files\msvcp90.dll
2009-10-29 09:18:18    225280    ----a-w-    c:\program files\msvcm90.dll
2009-06-08 06:37:19    3783672    ----a-w-    c:\program files\mfc90u.dll
2008-12-03 10:56:46    1477912    ----a-w-    c:\program files\ProjectPointClient.dll
2008-12-03 10:07:02    62464    ----a-w-    c:\program files\PPZlib123.dll
2008-12-03 10:06:54    1407488    ----a-w-    c:\program files\xerces-c_1_6_0.dll
2004-05-04 19:53:40    1645320    ----a-w-    c:\program files\gdiplus.dll
.
============= FINISH:  5:03:24.28 ===============
 

Link to post
Share on other sites

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as eMule or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

When you are done, generate a new fresh DDS log files.

Link to post
Share on other sites

Thanks for the quick responses.  How does one disable a program in Vista?  (I don't want to uninstall eMule, but no problem temporarily disabling it)  I did a Google search, but all I found was disabling a program from the Start Menu, which I just did.  If there is a way to disable a program in a different way, can you talk me through the steps?

 

Assuming that "completely disable" meant to disable from the start menu, below are the new DDS log files.

 

1.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6002.18005  BrowserJavaVersion: 10.5.1
Run by josh at 9:04:49 on 2014-01-12
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3317.1612 [GMT -8:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Users\josh\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\josh\AppData\Local\Akamai\netsession_win.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = about:blank
mStart Page = about:blank

mDefault_Page_URL = about:blank

uProxyOverride = 127.0.0.1:9421;<local>
mURLSearchHooks: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\mpk\mpk.exe
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
TB: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -
uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [AdobeBridge] <no file>
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
dRun: [searchProtect] \SearchProtect\bin\cltmng.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.





TCP: NameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{7BB91FCE-9C76-41EE-8D08-F784806F2461} : DHCPNameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{D9CE671E-DD95-4044-B2C5-2965C9519B70} : DHCPNameServer = 8.8.8.8
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: 94DE86E5-F3AF-433C-9789-8237C75C41A1 - msiexec.exe /fu {15F18520-06BB-484E-8DFD-632BB107C304} /q LAUNCHAPPONEXIT=0
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\josh\appdata\roaming\mozilla\firefox\profiles\jn058bk3.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll
FF - component: c:\users\josh\appdata\roaming\mozilla\firefox\profiles\jn058bk3.default\extensions\{9556409b-6f02-4c86-9efa-9fbd67ddf80e}\components\FFExternalAlert.dll
FF - component: c:\users\josh\appdata\roaming\mozilla\firefox\profiles\jn058bk3.default\extensions\{9556409b-6f02-4c86-9efa-9fbd67ddf80e}\components\RadioWMPCore.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-12-04 04:03; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\josh\appdata\roaming\mozilla\firefox\profiles\jn058bk3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2010-05-05 20:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-8-1 16184]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-11-30 37352]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-11-30 440376]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-11-30 440376]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-11-30 90400]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2011-7-1 350792]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-1-11 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-12 701512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-12 22856]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-1-11 40776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-5-23 1153368]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 massfilter_brcm;HandSet Mass Storage Filter Driver Brcm;c:\windows\system32\drivers\massfilter_brcm.sys [2013-7-8 17672]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S4 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
.
=============== File Associations ===============
.
FileExt: .scr: DWGTrueViewScriptFile=c:\windows\system32\notepad.exe "%1"
FileExt: .js: JSFile="c:\program files\adobe dreamweaver cs3\Dreamweaver2.exe","%1"
.
=============== Created Last 30 ================
.
2014-01-12 06:03:19    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2013-12-31 10:35:17    --------    d-----w-    c:\users\josh\tools
.
==================== Find3M  ====================
.
2013-12-18 08:21:35    90400    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2013-12-11 06:34:41    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 06:34:41    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-11-30 20:07:47    37352    ----a-w-    c:\windows\system32\drivers\avkmgr.sys
2013-11-19 11:33:38    230048    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-30 02:13:01    1304064    ----a-w-    c:\windows\system32\WMALFXGFXDSP.dll
2013-10-30 02:12:54    335360    ----a-w-    c:\windows\system32\SysFxUI.dll
2013-10-30 01:43:04    130048    ----a-w-    c:\windows\system32\drivers\drmk.sys
2013-10-30 00:43:06    167936    ----a-w-    c:\windows\system32\drivers\portcls.sys
2013-10-30 00:35:24    2050560    ----a-w-    c:\windows\system32\win32k.sys
2013-10-24 02:17:49    834048    ----a-w-    c:\windows\system32\wininet.dll
2013-10-24 02:17:06    53760    ----a-w-    c:\windows\apppatch\iebrshim.dll
2013-10-24 02:16:58    19456    ----a-w-    c:\windows\system32\corpol.dll
2013-10-24 00:55:43    389632    ----a-w-    c:\windows\system32\html.iec
2013-10-24 00:44:32    1383424    ----a-w-    c:\windows\system32\mshtml.tlb
2013-10-22 07:19:59    158208    ----a-w-    c:\windows\system32\imagehlp.dll
2010-02-10 08:03:44    5230592    ----a-w-    c:\program files\DWGVIEWR.msi
2010-02-10 04:48:20    47328    ----a-w-    c:\program files\AcSetup.dll
2010-01-14 20:40:18    85352    ----a-w-    c:\program files\CIPUtil.dll
2010-01-14 20:40:18    704360    ----a-w-    c:\program files\SetupAcadUi.dll
2010-01-14 20:40:18    693096    ----a-w-    c:\program files\SetupUi.dll
2010-01-14 20:40:18    544616    ----a-w-    c:\program files\DeployUi.dll
2010-01-14 20:40:18    108392    ----a-w-    c:\program files\LiteHtml.dll
2010-01-14 20:40:16    452456    ----a-w-    c:\program files\Setup.exe
2010-01-14 20:40:16    161640    ----a-w-    c:\program files\AcDelTree.exe
2010-01-14 20:37:32    319248    ----a-w-    c:\program files\UPI.dll
2010-01-14 20:36:36    375128    ----a-w-    c:\program files\MC3Res.dll
2010-01-14 20:36:36    1764696    ----a-w-    c:\program files\MC3.dll
2010-01-14 20:36:34    190688    ----a-w-    c:\program files\senddmp.exe
2009-10-29 09:18:18    653120    ----a-w-    c:\program files\msvcr90.dll
2009-10-29 09:18:18    569664    ----a-w-    c:\program files\msvcp90.dll
2009-10-29 09:18:18    225280    ----a-w-    c:\program files\msvcm90.dll
2009-06-08 06:37:19    3783672    ----a-w-    c:\program files\mfc90u.dll
2008-12-03 10:56:46    1477912    ----a-w-    c:\program files\ProjectPointClient.dll
2008-12-03 10:07:02    62464    ----a-w-    c:\program files\PPZlib123.dll
2008-12-03 10:06:54    1407488    ----a-w-    c:\program files\xerces-c_1_6_0.dll
2004-05-04 19:53:40    1645320    ----a-w-    c:\program files\gdiplus.dll
.
============= FINISH:  9:05:36.81 ===============
 

 

 

 

2

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/4/2010 5:57:24 PM
System Uptime: 1/12/2014 8:42:10 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | Benicia
Processor: Intel® Pentium® Dual  CPU  E2200  @ 2.20GHz | CPU 1 | 1200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 457 GiB total, 68.259 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 0.903 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 1863 GiB total, 121.253 GiB free.
G: is FIXED (NTFS) - 1397 GiB total, 41.386 GiB free.
I: is Removable
J: is Removable
K: is Removable
L: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
7-Zip 4.65
7-Zip 9.20
ABBYY FineReader 6.0 Sprint
AcroPano Photo Stitcher, Panorama software
Adobe AIR
Adobe Community Help
Adobe Configurator 3
Adobe Extension Manager CS5
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Photoshop CS6
Adobe Photoshop Lightroom 4.4
Adobe Reader X (10.1.8)
Advertising Center
AirPlus G
Akamai NetSession Interface
Akamai NetSession Interface Service
Amazon Kindle
ANIO Service
ANIWZCS2 Service
Apple Application Support
Apple Software Update
Avira Free Antivirus
Cards_Calendar_OrderGift_DoMorePlugout
Chat Messenger
Compatibility Pack for the 2007 Office system
Connect DLC 5 Toolbar for IE
Creative MediaSource
Creative MediaSource NOMAD MuVo^2 Plugin
CWA Reminder by We-Care.com v4.1.24.3
CyberLink DVD Suite Deluxe
CyberLink Power2Go
DivX Setup
Dream Docs
DVDStyler v2.6.1
DWG TrueView 2011
Dynamic Auto-Painter 2.5.3
eMule
Enhanced Multimedia Keyboard Solution
Epson Copy Utility 3.5
Epson Event Manager
EPSON Perfection V500 Photo Scanner Driver Update
EPSON Perfection V500P User's Guide
EPSON Printer Software
EPSON Scan
File Association Manager
Google Chrome
Google Earth Plug-in
Google Gears
Google Update Helper
Hardware Diagnostic Tools
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Advisor
HP Customer Experience Enhancements
HP Customer Feedback
HP Demo
HP Easy Setup - Frontend
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5
HP Picasso Media Center Add-In
HP Update
HPPhotoSmartPhotobookWebPack1
IHA_MessageCenter
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iPhoto Plus 4
Java 7 Update 10
Java Auto Updater
Java 6 Update 20
Java SE Runtime Environment 6 Update 1
JavaFX 2.1.1
Kindle Previewer
LabelPrint
LightScribe System Software
LightScribeTemplateLabeler
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Image Composite Editor
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
My HP Games
Nero 9 Essentials
Nero ControlCenter
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart OEM
neroxml
NexTalk.net
NxVideo
OpenOffice.org 3.2
Pascal Handset USB Driver
PDF Settings CS5
PDF Settings CS6
PowerDirector
PSSWCORE
Python 2.5
QuickTime
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Skype Click to Call
Skype™ 5.10
Smart Defrag 2
Snapfish Picture Mover
Spybot - Search & Destroy
TextBridge Classic
The Complete Law Office - Forms and Tutorials
TunnelBear 1.0.38
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Updater
VC80CRTRedist - 8.0.50727.4053
VideoToolkit01
VisualBee for Microsoft PowerPoint
VLC media player 1.1.11
Vz In-Home Agent
Vz In Home Agent
WeatherBug Gadget
x3Codec
Yahoo! Messenger
Yahoo! Toolbar
ZipItFree 1.95
ZTE V768 Handset USB Driver
.
==== End Of File ===========================
 

Link to post
Share on other sites

That means to disable it from startup while working on this sytem.

Step 1

Please uninstall this application: Connect DLC 5 Toolbar for IE

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.