Jump to content

Explorer.exe has stopped working ; no desktop . . . Please help


Recommended Posts

Hello,

I was trying to connect a external monitor to my laptop. It wouldn't work so I unhooked it and when that happened my explorer.exe no longer worked and everytime I tried to restart the computer it just kept popping up saying explorer.exe has stopped working. I can only run things through the task manager and I have searched forever on how to fix this. Please help me because I don't have the money to take it in. I really need to get my computer running properly again. Thanks

Link to post
Share on other sites

Hello clevelandfan50 and welcome to Malwarebytes!

I am D-FRED-BROWN and I will be helping you. :)

Please print or save this topic: it will make it easier for you to follow the instructions and complete all of the necessary steps.

-------------

Let's run a scan using the Avira Rescue CD :) :

Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore.

  • Download The Avira AntiVir Rescue System from here.
  • Just double-click on the rescue system package to burn it to a CD/DVD.
  • Then please use that CD/DVD with Avira Rescue System to boot your computer.

At the boot option please press the number 1 on your keyboard to 1 Boot AntiVir Rescue System (default) and press Enter or just wait.

You will then see the graphical interface of Rescue CD loading modules and mounting devices. The default language is German, but you can change it to English anytime by clicking on the English flag on the lower-left side of the screen.

2cnti8i.gif

Under Configuration, please select Scan all files, Try to repair infected files and Rename files if they cannot be removed?.

Then please go back to Virus scanner and click Start scanneren.

The Avira AntiVir Rescue System wil now

  • repair a damaged system,
  • rescue data,
  • scan the system for virus infections.

After you run the CD, please reboot the computer and let me know of any changes. If you're still having trouble, we'll try something else ;).

Link to post
Share on other sites

Okay so I stopped it and tried it again and just decided to let it run for a while instead of trying that other program and it eventually started running again and finished so I rebooted my computer and it everything worked again. THANK YOU SO MUCH!!! I am so glad you could help me get my computer running again. Thank you.

Link to post
Share on other sites

Glad to hear that. :)

Let's run some scans to make sure you're clean:

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Link to post
Share on other sites

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6427

# api_version=3.0.2

# EOSSerial=4166849e8f33f249b696ea4c8e2ada81

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-06-26 12:37:28

# local_time=2011-06-25 08:37:28 (-0500, Eastern Daylight Time)

# country="United States"

# lang=9

# osver=6.0.6000 NT

# compatibility_mode=512 16777215 100 0 110853536 110853536 0 0

# compatibility_mode=1031 16777213 100 92 22336196 25833171 0 0

# compatibility_mode=2560 16777215 100 0 0 0 0 0

# compatibility_mode=5892 16776574 100 100 25219299 145642401 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=321588

# found=9

# cleaned=9

# scan_time=13776

C:\$RECYCLE.BIN\S-1-5-21-1767816179-250327935-2407638968-1000\$R7B3POA.exe Win32/Adware.Toolbar.Dealio application (deleted - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Application Updater\ApplicationUpdater.exe probably a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Dealio Toolbar\IE\4.4\dealioToolbarIE.dll a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Search Toolbar\SearchToolbar.dll Win32/Toolbar.Zugo application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C

C:\Users\Jared\AppData\Local\Temp\NOD7E9C.tmp Win32/Toolbar.Zugo application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C

C:\Users\Jared\AppData\Local\Temp\NOD9DE9.tmp a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Jared\AppData\Local\Xenocode\ApplianceCaches\KumaClient.exe_v71B24F3E\Native\STUBEXE\@PROGRAMFILES@\Kuma Games\KumaDownloader.exe probably a variant of Win32/Agent.BYDWJYO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Link to post
Share on other sites

Let's run another scan to make sure you're clean, and to see what programs need updating ;):

Please use the Internet Explorer and run a BitDefender Online scan from Here

  • Please check I agree with the Terms and Conditions and click Start Here
  • You will need to allow an Active X install for the scan to run.
  • Leave the scanning options at default and click Start Scan

Please post the results in your next reply.

----------

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

----------

Please include both scan results in your next reply. :)

Link to post
Share on other sites

Online Scan

QuickScan Beta 32-bit v0.9.9.96

-------------------------------

Scan date: Sat Jun 25 21:18:19 2011

Machine ID: 2A715227

No infection found.

-------------------

Processes

---------

3708 C:\Program Files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe

hpwuSchd Application 3444 C:\Program Files\Hp\HP Software Update\hpwuschd2.exe

Adobe Reader and Acrobat Manager 2560 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

avast! Antivirus 552 C:\Program Files\AVAST Software\Avast\AvastSvc.exe

avast! Antivirus 3808 C:\Program Files\AVAST Software\Avast\AvastUI.exe

AVG IDS 5692 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe

AVG Internet Security 4516 C:\Program Files\AVG\AVG9\avgfws9.exe

AVG Internet Security 3528 C:\Program Files\AVG\AVG9\avgtray.exe

AVG Internet Security 3432 C:\Program Files\AVG\AVG9\avgwdsvc.exe

Bonjour 3136 C:\Program Files\Bonjour\mDNSResponder.exe

CLCapSvc Module 3268 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe

Data Manager 3580 C:\Program Files\Shareaza Applications\MediaBar\Datamngr\datamngrUI.exe

DisplayLink Core Software v5.6.30904.0 1852 C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

DisplayLink Core Software v5.6.30904.0 2220 C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe

DisplayLink Core Software v5.6.30904.0 2024 C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe

EDMWS 2620 C:\Program Files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.Server.exe

Expedia Fare Alert 4076 C:\Program Files\Expedia\Expedia Fare Alert 2.1\ExpediaFareAlert.exe

Google Chrome 6396 C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe

Google Chrome 492 C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe

Google Chrome 6528 C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe

Google Chrome 6564 C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe

Google Chrome 7528 C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe

Google Chrome 7828 C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe

Google Chrome 328 C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe

Google Chrome 4204 C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe

Google Chrome 8124 C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe

GPCore COM object 6124 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe

HP Digital Imaging 5320 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe

HP Digital Imaging 3152 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe

HP Digital Imaging 4036 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

HP Health Check Service 4008 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe

HP Quick Launch Buttons 2924 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

HP QuickPlay 2912 C:\Program Files\Hp\QuickPlay\QPService.exe

HP Smart Web Printing 6288 C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_clipbook.exe

HP Wireless Assistant 2996 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

HP Wireless Assistant 3064 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

HpqToaster Module 4640 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

hpqwmiex Module 4864 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

Intel® Common User Interface 2816 C:\Windows\System32\hkcmd.exe

Intel® Common User Interface 2876 C:\Windows\System32\igfxpers.exe

Intel® Common User Interface 6096 C:\Windows\System32\igfxsrvc.exe

iTunes 1356 C:\Program Files\iPod\bin\iPodService.exe

iTunes 3640 C:\Program Files\iTunes\iTunesHelper.exe

Java Platform SE Auto Updater 2 0 4924 C:\Program Files\Common Files\Java\Java Update\jucheck.exe

Java Platform SE Auto Updater 2 0 3652 C:\Program Files\Common Files\Java\Java Update\jusched.exe

LightScribe 1112 C:\Program Files\Common Files\LightScribe\LSSrvc.exe

LogMeIn 2792 C:\Program Files\LogMeIn\x86\ramaint.exe

McAfee Free Tools 4044 C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

Microsoft SQL Server 4440 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

Microsoft SQL Server 4452 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

Microsoft SQL Server 4124 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

Microsoft® Windows® Operating System 4716 C:\Program Files\Windows Media Player\wmpnetwk.exe

Microsoft® Windows® Operating System 4000 C:\Program Files\Windows Media Player\wmpnscfg.exe

Microsoft® Windows® Operating System 2396 C:\Program Files\Windows Sidebar\sidebar.exe

Microsoft® Windows® Operating System 3968 C:\Program Files\Windows Sidebar\sidebar.exe

Microsoft® Windows® Operating System 3864 C:\Windows\ehome\ehmsas.exe

Microsoft® Windows® Operating System 3836 C:\Windows\ehome\ehtray.exe

Microsoft® Windows® Operating System 2088 C:\Windows\explorer.exe

Microsoft® Windows® Operating System 580 C:\Windows\System32\csrss.exe

Microsoft® Windows® Operating System 632 C:\Windows\System32\csrss.exe

Microsoft® Windows® Operating System 996 C:\Windows\System32\dwm.exe

Microsoft® Windows® Operating System 728 C:\Windows\System32\lsass.exe

Microsoft® Windows® Operating System 736 C:\Windows\System32\lsm.exe

Microsoft® Windows® Operating System 1804 C:\Windows\System32\mobsync.exe

Microsoft® Windows® Operating System 8108 C:\Windows\System32\notepad.exe

Microsoft® Windows® Operating System 7516 C:\Windows\System32\rundll32.exe

Microsoft® Windows® Operating System 4548 C:\Windows\System32\SearchFilterHost.exe

Microsoft® Windows® Operating System 4628 C:\Windows\System32\SearchIndexer.exe

Microsoft® Windows® Operating System 7544 C:\Windows\System32\SearchProtocolHost.exe

Microsoft® Windows® Operating System 704 C:\Windows\System32\services.exe

Microsoft® Windows® Operating System 1680 C:\Windows\System32\SLsvc.exe

Microsoft® Windows® Operating System 464 C:\Windows\System32\smss.exe

Microsoft® Windows® Operating System 1760 C:\Windows\System32\spoolsv.exe

Microsoft® Windows® Operating System 1440 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 1452 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 1660 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 1720 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 1968 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 1184 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 2592 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 1260 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 3052 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 4188 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 4408 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 4500 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 1412 C:\Windows\System32\svchost.exe

Microsoft® Windows® Operating System 5144 C:\Windows\System32\taskeng.exe

Microsoft® Windows® Operating System 2332 C:\Windows\System32\taskeng.exe

Microsoft® Windows® Operating System 5304 C:\Windows\System32\wbem\WmiPrvSE.exe

Microsoft® Windows® Operating System 2548 C:\Windows\System32\wbem\WmiPrvSE.exe

Microsoft® Windows® Operating System 620 C:\Windows\System32\wininit.exe

Microsoft® Windows® Operating System 780 C:\Windows\System32\winlogon.exe

MobileDeviceService 3608 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

OpenCASE Media Agent 4212 C:\Program Files\OpenCase\OpenCASE Media Agent\MediaAgent.exe

PnkBstrA.exe 4420 C:\Windows\System32\PnkBstrA.exe

RocketDock.exe 3892 C:\Program Files\RocketDock\RocketDock.exe

SoftK56 Modem Driver 4772 C:\Windows\System32\drivers\XAudio.exe

Splashtop Remote Software Updater 4572 C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe

Splashtop® Remote 4488 C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe

Spybot - Search & Destroy 4964 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

SSDMonit Application 3816 C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

StartMan Application 4380 C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

Synaptics Pointing Device Driver 2664 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

TeaTimer.exe 3920 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

Viewpoint Manager 4528 C:\Program Files\Viewpoint\Common\ViewpointService.exe

Windows® Internet Explorer 7668 C:\Program Files\Internet Explorer\iexplore.exe

Windows® Internet Explorer 7788 C:\Program Files\Internet Explorer\iexplore.exe

Windows® Internet Explorer 8020 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Google Update 3980 C:\Users\Jared\AppData\Local\Google\Update\GoogleUpdate.exe

(verified) Microsoft® Windows® Operating System 5124 C:\Windows\System32\dllhost.exe

(verified) Microsoft® Windows® Operating System 3296 C:\Windows\System32\wuauclt.exe

Network activity

----------------

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 74.125.225.66

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 209.85.225.113

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 216.68.10.177

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 216.68.10.177

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 74.125.225.8

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 69.171.224.11

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 216.68.10.163

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 216.68.10.163

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 216.68.10.163

Process AvastSvc.exe (552) connected on port 80 (HTTP) --> 75.127.110.25

Process chrome.exe (4204) connected on port 443 (HTTP over SSL) --> 74.125.225.22

Process chrome.exe (4204) connected on port 443 (HTTP over SSL) --> 74.125.225.22

Process wininit.exe (620) listens on ports: 49152 (RPC)

Process services.exe (704) listens on ports: 49182

Process lsass.exe (728) listens on ports: 49154 (RPC)

Process svchost.exe (1260) listens on ports: 135 (RPC)

Process svchost.exe (1412) listens on ports: 49153 (RPC)

Process svchost.exe (1452) listens on ports: 49157 (RPC)

Process svchost.exe (1720) listens on ports: 49155 (RPC)

Process wmpnetwk.exe (4716) listens on ports: 554 (RTSP)

Autoruns and critical files

---------------------------

hpwuSchd Application C:\Program Files\Hp\HP Software Update\hpwuschd2.exe

Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe

Adobe CS4 Service Manager C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Adobe Systems, Inc. Adobe Gamma Loader C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

ARO 2011 C:\Program Files\ARO 2011\ARO.exe

avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastUI.exe

AVG Internet Security C:\Program Files\AVG\AVG9\avgtray.exe

Data Manager C:\Program Files\Shareaza Applications\MediaBar\Datamngr\datamngrUI.exe

Data Manager c:\progra~1\sharea~1\mediabar\datamngr\datamngr.dll

Driver Fetch C:\Program Files\Driver Fetch\2.3.0.8\DriverFetch.exe

EPSON Status Monitor 3 C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDA.EXE

Expedia Fare Alert C:\Program Files\Expedia\Expedia Fare Alert 2.1\ExpediaFareAlert.exe

HP Digital Imaging C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

HP Quick Launch Buttons C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

HP QuickPlay C:\Program Files\Hp\QuickPlay\QPService.exe

HP Wireless Assistant C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

HP Wireless Assistant C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

Intel® Common User Interface C:\Windows\System32\hkcmd.exe

Intel® Common User Interface C:\Windows\system32\igfxdev.dll

Intel® Common User Interface C:\Windows\System32\igfxpers.exe

Intel® Common User Interface C:\Windows\system32\igfxtray.exe

IpSharkk C:\Program Files\IpSharkk\IpSharkk.exe

iTunes C:\Program Files\iTunes\iTunesHelper.exe

Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe

Microsoft Office OneNote C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

Microsoft® Windows® Operating System C:\Program Files\Windows Media Player\wmpnscfg.exe

Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe

Microsoft® Windows® Operating System C:\Windows\ehome\ehtray.exe

Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll

Microsoft® Windows® Operating System C:\Windows\System32\msconfig.exe

Microsoft® Windows® Operating System C:\Windows\system32\Ribbons.scr

Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

QuickTime C:\Program Files\QuickTime\QTTask.exe

Registry Mechanic C:\Program Files\Registry Mechanic\RegMech.exe

RocketDock.exe C:\Program Files\RocketDock\RocketDock.exe

SSDMonit Application C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

TeaTimer.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

Windows Defender C:\Program Files\Windows Defender\MSASCui.exe

(verified) Google Update C:\Users\Jared\AppData\Local\Google\Update\GoogleUpdate.exe

(verified) Windows® Internet Explorer C:\Windows\System32\webcheck.dll

Browser plugins

---------------

AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll

Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

AOL Media Playback Control C:\Windows\Downloaded Program Files\ampAx3.0.84.2.dll

AOL Media Playback Plugin C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll

avast! WebRep C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

AVG Internet Security C:\Program Files\AVG\AVG9\avgssie.dll

AVG Security Toolbar c:\program files\avg\avg9\toolbar\ietoolbar.dll

BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll

BitTorrent C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll

Bonjour C:\Program Files\Bonjour\mdnsNSP.dll

Conduit Toolbar C:\Program Files\ConduitEngine\ConduitEngin1.dll

Conduit Toolbar C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll

Conduit Toolbar C:\Program Files\uTorrentBar\tbuTo0.dll

Coupons Inc., Coupon Printer Manager C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll

Coupons Inc., Coupon Printer Manager C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll

DivX Web Player C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

DNA Plug-in C:\Program Files\DNA\plugins\npbtdna.dll

DNA Plug-in C:\Users\Jared\Program Files\DNA\plugins\npbtdna.dll

downloadUpdater C:\Program Files\Mozilla Firefox\plugins\npdnu.dll

downloadUpdater2 C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll

DTX Toolbar C:\Users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\jm9nyls2.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\components\dtTransparency.dll

Freemake np-plugin for google chrome C:\Users\Jared\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll

Freemake np-plugin for google chrome C:\Users\Jared\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_1\npFreemake.dll

Google Update C:\Users\Jared\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll

HP Smart Web Printing C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

HP Smart Web Printing C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

i-drop control C:\Windows\Downloaded Program Files\IDrop.ocx

i-drop control C:\Windows\Downloaded Program Files\IDropCHS.dll

i-drop control C:\Windows\Downloaded Program Files\IDropCHT.dll

i-drop control C:\Windows\Downloaded Program Files\IDropCSY.dll

i-drop control C:\Windows\Downloaded Program Files\IDropDEU.dll

i-drop control C:\Windows\Downloaded Program Files\IDropENU.dll

i-drop control C:\Windows\Downloaded Program Files\IDropESP.dll

i-drop control C:\Windows\Downloaded Program Files\IDropFRA.dll

i-drop control C:\Windows\Downloaded Program Files\IDropHUN.dll

i-drop control C:\Windows\Downloaded Program Files\IDropITA.dll

i-drop control C:\Windows\Downloaded Program Files\IDropJPN.dll

i-drop control C:\Windows\Downloaded Program Files\IDropKOR.dll

i-drop control C:\Windows\Downloaded Program Files\IDropPLK.dll

i-drop control C:\Windows\Downloaded Program Files\IDropRUS.dll

IE Toolbar c:\program files\celebrity toolbar\tbcore3.dll

IE Toolbar c:\program files\celebrity toolbar\tbhelper.dll

IEHelper Module C:\Program Files\Shareaza Applications\MediaBar\Datamngr\IEBHO.dll

Java Deployment Toolkit 6.0.240.7 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

Java Platform SE 6 U24 C:\Program Files\Java\jre6\bin\jp2ssv.dll

Java Platform SE 6 U24 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

MediaBar c:\program files\shareaza applications\mediabar\toolbar\shareazamediabardx.dll

MetaStream 3 Plugin C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

MetaStream 3 Plugin C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

mhxpcomi New Tab Library c:\program files\celebrity toolbar\mhxpcomi.dll

Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll

Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll

Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll

Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll

Move Streaming Media Player C:\Users\Jared\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll

Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll

npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

RadioWMPCore.dll C:\Users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\jm9nyls2.default\extensions\engine@conduit.com\components\RadioWMPCore.dll

RadioWMPCore.dll C:\Users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\jm9nyls2.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll

RealNetworks Rhapsody Player Engine C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll

SDHelper.dll C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

Shockwave for Director C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll

Shockwave for Director C:\Windows\system32\Adobe\Director\np32dsw.dll

Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

unagiuninst.exe C:\Windows\Downloaded Program Files\unagiuninst.exe

Veetle TV Core C:\Program Files\Veetle\plugins\npVeetle.dll

Veetle TV Player C:\Program Files\Veetle\Player\npvlc.dll

Windows Genuine Advantage C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll

Windows Presentation Foundation c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

Windows® Internet Explorer C:\Windows\system32\ieframe.dll

(verified) FFExternalAlert.dll C:\Users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\jm9nyls2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll

(verified) RadioWMPCore.dll C:\Users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\jm9nyls2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll

(verified) RadioWMPCoreGecko19.dll C:\Users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\jm9nyls2.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

(verified) RadioWMPCoreGecko19.dll C:\Users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\jm9nyls2.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll

Scan

----

MD5: 8a6683ac1dafa824615bb3857ef8c709 C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe

MD5: 659cb37944bfcca3fe6ebdfeb3bb99f4 C:\Program Files\ARO 2011\ARO.exe

MD5: 96f0a3ed550e89bffa11eaf83acd9232 C:\Program Files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.Authentication.dll

MD5: 89c01e55c1854c39f115e7ccbf7ac030 C:\Program Files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe

MD5: 8664a0897e9e73c9490cc0532444ee24 C:\Program Files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.AppDomain.dll

MD5: dbbb593e925a0653f48317e287d8ebac C:\Program Files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.Server.exe

MD5: 7aaaca0588f62e02bda33060f7ea9ea4 C:\Program Files\Autodesk\Inventor 2008\Bin\acge130I.dll

MD5: 32042f36e6a4244c347e68f54f9aa705 C:\Program Files\Autodesk\Inventor 2008\Bin\AcIOLite.dll

MD5: 9242acac1324b3cedd7b4a4ca428e777 C:\Program Files\Autodesk\Inventor 2008\Bin\DT.dll

MD5: c7cc2d98ea3d6257598af8a591837f17 C:\Program Files\Autodesk\Inventor 2008\Bin\DtRes.dll

MD5: 3c198130a60a569f95af874dca4d3dcd C:\Program Files\Autodesk\Inventor 2008\Bin\FB.dll

MD5: fd1cd4da8c34ed5f135a4d8dbb2b5c4b C:\Program Files\Autodesk\Inventor 2008\Bin\GRData.dll

MD5: 64af9aaf43454a0a9b6c6905079a70ab C:\Program Files\Autodesk\Inventor 2008\Bin\persist.dll

MD5: b70bc935587caf35c208cd07f662be0d C:\Program Files\Autodesk\Inventor 2008\Bin\RP.dll

MD5: 956a3f314869c3ab8b5f93336c0222e4 C:\Program Files\Autodesk\Inventor 2008\Bin\rse.dll

MD5: 8948ee8b410bd38e48ee595b88573213 C:\Program Files\Autodesk\Inventor 2008\Bin\utx.dll

MD5: 13b088f235d7682ec6925969b833714f C:\Program Files\AVAST Software\Avast\1033\Base.dll

MD5: 70f61ffb3fa736bf4a3a49c30614806d C:\Program Files\AVAST Software\Avast\1033\UILangRes.dll

MD5: d8ebbf704c86546a84748522be0f1a88 C:\Program Files\AVAST Software\Avast\Aavm4h.dll

MD5: 5e12a7add37a308f6c0d3fae14582170 C:\Program Files\AVAST Software\Avast\AavmRpch.dll

MD5: 10681962712198df23bf0b053b4ebfd7 C:\Program Files\AVAST Software\Avast\AhAScr.dll

MD5: 31d79cb3487e9d8892717b47e2b9b4af C:\Program Files\AVAST Software\Avast\AhResBhv.dll

MD5: 12c0ee05dd83e40997986b68c68d64fe C:\Program Files\AVAST Software\Avast\AhResJs.dll

MD5: eb37e35684e0a974561a56e35c1bac63 C:\Program Files\AVAST Software\Avast\AhResMai.dll

MD5: 4b98c6e1cded22bafb2f2c95621e6ab6 C:\Program Files\AVAST Software\Avast\AhResMes.dll

MD5: f7c23f5ed3a5ea2de2b9b7130081e891 C:\Program Files\AVAST Software\Avast\AhResNS.dll

MD5: 04ce86df37beb0171ce554ab8b8c250a C:\Program Files\AVAST Software\Avast\AhResP2P.dll

MD5: 212a00f274e221cdd235cb643c688bbb C:\Program Files\AVAST Software\Avast\AhResStd.dll

MD5: b24c3d32622bae7183b3763653fd735e C:\Program Files\AVAST Software\Avast\AhResWS.dll

MD5: 93ba9a1055b2e64333421a6f5c352eff C:\Program Files\AVAST Software\Avast\ashBase.dll

MD5: 76775ab4c8a2756b7b639e9a4cfa069b C:\Program Files\AVAST Software\Avast\ashMaiSv.dll

MD5: 25c7c4aa390f5b54956e3b526d5f462c C:\Program Files\AVAST Software\Avast\ashServ.dll

MD5: 3f665cde964fc1efda762d01fda7c71e C:\Program Files\AVAST Software\Avast\ashShell.dll

MD5: b9a46d9e8e6e6b1e8310b4894ae76187 C:\Program Files\AVAST Software\Avast\ashTask.dll

MD5: 405721b18e44148d3c0cd362c8b5fb1c C:\Program Files\AVAST Software\Avast\ashTaskEx.dll

MD5: 77c02950dd5dfdbaef45c5193e4dec0c C:\Program Files\AVAST Software\Avast\ashWebSv.dll

MD5: a119a7c89f3cf9506ed06d718c3cba2b C:\Program Files\AVAST Software\Avast\ashWsFtr.dll

MD5: 640de459a034492d680981abb0aa890c C:\Program Files\AVAST Software\Avast\aswAux.dll

MD5: 799f67d28ed55b4b4de2d6fb21baf320 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll

MD5: 442bd69226b8b7fe0c8956296a9cabda C:\Program Files\AVAST Software\Avast\aswCmnIS.dll

MD5: 71a48008fc9c8cd7171cb63aed6cc889 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll

MD5: 92d406d7a9934b309b3c8becde3e04c4 C:\Program Files\AVAST Software\Avast\aswData.dll

MD5: cd3b2a6fa7456df8962f9a9b72421cbb C:\Program Files\AVAST Software\Avast\aswDld.dll

MD5: d213c34bed142cdcffcf5f0e2a382ccb C:\Program Files\AVAST Software\Avast\aswEngLdr.dll

MD5: 56899b0e3b046c26fed9916136a8f600 C:\Program Files\AVAST Software\Avast\aswIdle.dll

MD5: 4f97bf71999a277323e23f06d4a4d402 C:\Program Files\AVAST Software\Avast\aswLog.dll

MD5: 4c2a6eee68c65aaf50f9fafe0349fc84 C:\Program Files\AVAST Software\Avast\aswProperty.dll

MD5: 1eef17552a02708a5280e0240ce1ea3d C:\Program Files\AVAST Software\Avast\aswSqLt.dll

MD5: 3392c3c2afb3af4be57b53afbdb65920 C:\Program Files\AVAST Software\Avast\aswUtil.dll

MD5: c7314b508ca4d1c2898de4f0a0504a90 C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

MD5: c59640ab3a0148b800759438cd6de7fc C:\Program Files\AVAST Software\Avast\AvastGUIProxy.dll

MD5:

The following file(s) must be uploaded for server-side scanning:

C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\autodeskdm_services\f924c671\35d0f680\App_Web_oqeyatby.dll

C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\autodeskdm_services\f924c671\35d0f680\App_global.asax.cwwf_g1o.dll

Upload started - 2 file(s)

App_global.asax.cwwf_g1o.dll (3584)

App_Web_oqeyatby.dll (4608)

Upload speed - 12 KB/s

Upload finished - 2 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 4 sec

Total traffic - 0.05 MB sent, 3.84 KB recvd

Scanned 1247 files and modules - 153 seconds

Security Check . . . .

Results of screen317's Security Check version 0.99.15

Windows Vista (UAC is disabled!)

Out of date service pack!!

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Disabled!

avast! Free Antivirus

AVG 9.0

ESET Online Scanner v3

McAfee Security Scan

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Spybot - Search & Destroy

HijackThis 2.0.2

TuneUp Companion 1.9.0

CCleaner

Java 6 Update 24

Java SE Runtime Environment 6

Java 6 Update 5

Out of date Java installed!

Flash Player Out of Date!

Adobe Flash Player 10.0.32.18

Adobe Reader X (10.0.1) Adobe Reader Out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

AVG avgwdsvc.exe

AVG avgtray.exe

AVAST Software Avast AvastSvc.exe

AVAST Software Avast AvastUI.exe

``````````End of Log````````````

Link to post
Share on other sites

Great! Let's move on to the next step :):

---------

I noticed in your log you have more than one antivirus (Avast, AVG9) program and more than one anti-spyware (Avast, AVG9, and Spybot Teatimer) program running in resident mode.

This is very dangerous, as multiple anti-spyware programs can interfere with one another and actually allow more infections to get through.

It is important that only one anti-spyware program is running realtime protection.

I strongly suggest you either (1) uninstall one of the programs through Control Panel->Add or Remove Programs,

OR (2) keep both programs, but leave one of them disabled most of the time.

You can still use it for scanning your computer.

Out of those two, I suggest you keep Avast (you can leave Spybot installed, but disabled), however the decision is up to you. :)

---------

I see you have User Accounts Control (UAC) disabled.

This is an important security feature which helps prevent malware and other unwanted software from being installed on your computer.

I strongly suggest you keep it enabled. See this link for instructions on how to enable it: http://windows.microsoft.com/en-US/windows-vista/Turn-User-Account-Control-on-or-off

---------

Please take the time to install the following program updates, as outdated applications leave you extremely vulnerable to getting infected again. ;)

*** Please consider updating to Windows Vista Service Pack 2 (SP2).

Windows Vista Service Pack 2 (SP2) contains all the updates released since SP1 plus support for new types of hardware and emerging hardware standards.

It is now available via Windows Update or as a standalone installation here.

---------

You are using Internet Explorer version 8. Since you are using Vista, you can update to the latest version, which is 9. Using an outdated version of a web browser leaves you extremley vulnerable to malware!

Please see this link to download the latest version: http://windows.microsoft.com/en-US/internet-explorer/products/ie/home

---------

Java is out of date and older versions contain vulnerabilities. Please update to the newest version.

Download the newest version from here http://www.oracle.com/technetwork/java/javase/downloads/index.html.

It's important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.

Go to Start > Control Panel and open Add or Remove Programs.

Search in the list for all previous installed versions of Java. (J2SE Runtime Environment).

They will have this icon next to them: javaicon.gif

Select each in turn and click Remove.

Once old versions are gone, please install the newest version.

---------

Your Flash Player is out of date!

To make sure you have the latest version of Adobe Flash Player installed:

1. To uninstall an older version, download this file to your Desktop: uninstall_flash_player.exe

2. Quit ALL running applications, including all Internet Explorer or other browser windows, and messenger applications (like AOL Instant Messenger, Yahoo Messenger, MSN Messenger).

3. Double-click on the file you've downloaded to uninstall Flash.

4. If uninstalled successfully, go to this site: Install Adobe Flash Player, and choose Agree and install now. This will install the newest version of Flash for your browser (note: Flash plugins for IE and Firefox must be installed separately).

Note: I recommend you uncheck an optional install (Free McAfee Security Scan or Free Google Toolbar).

---------

You're using an old version of Adobe Acrobat Reader, this can leave your PC open to vulnerabilities, you can update it here (uninstall version 7.0 first):

Adobe Reader X

Note: I suggest you uncheck an optional, third-party download (eg. McAfee Security Scan Plus).

After successfully installing Adobe Reader X, see this article on how to make this program more secure: Adobe Reader X secures itself by playing in the sandbox.

---------

Please let me know how the updates went, as failed updates may indicate additional malware. :)

Link to post
Share on other sites

  • 2 weeks later...

Try this:

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

Then, navigate to Start -> Run. type the following (in bold).

SFC.EXE /SCANNOW

The Windows System File Checker will open. Please allow it to run. Let me know if that helps.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.