Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer acting wonky


  • This topic is locked This topic is locked
52 replies to this topic

#1 bedtimefrog

bedtimefrog

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 16 March 2013 - 07:02 PM

my computer screen continually flashes then the screen will freeze...will say web page is not responding. Will tell me my internet isnt connected when it is. Takes forever to load things...My main email page is mywinnipeg.com when i have a tab open and go to open another tab it isnt mywinnipeg.com that comes up its some bing thing that I cannot find in my control panel/uninstall...Sometimes i will have to shut the computer off from the tower then reset it to get it to work..Would like gringo's help with this...

thanx


Edited by hamluis, 19 March 2013 - 09:19 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 21 March 2013 - 12:48 PM

I am now getting a pop up window with c:\users\becky\app data\roaming\macromedia\flash player...\dealspot.sol folder does not exist. and it wants to know if I want to create the folder.  I of course said no



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,333 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:46 PM

Posted 21 March 2013 - 01:31 PM

Hello bedtimefrog..

 

Reboot into Safe Mode with Networking
 How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.

 

 

 

Please download Rkill by Grinler and save it to your desktop.[url="http://download.bleepingcomputer.com/grinler/rkill.com"%5D%5Bcolor="blue"]Link 1[/color][/url]
[url="http://download.bleepingcomputer.com/grinler/rkill.exe"%5D%5Bcolor="blue"]Link 2[/color][/url]

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and [url="http://vistasupport.mvps.org/run_as_administrator.htm"%5D%5Bcolor="blue"]Run As Administrator[/color][/url].
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.

Do not reboot the computer, you will need to run the application again.

 

 

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

 


Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

Reboot back to Normal mode....

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#4 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 21 March 2013 - 07:12 PM

it is not letting me paste the results from the rkill adwcleaner or the tdsskiller....

MiniToolBox by Farbar  Version:05-03-2013
Ran by becky (administrator) on 21-03-2013 at 19:10:34
Running from "C:\Users\becky\Desktop\desktp#2\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Cisco AM10 = Wireless Network Connection 4 (Connected)
Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : becky-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : wp.shawcable.net

Wireless LAN adapter Wireless Network Connection 4:

   Connection-specific DNS Suffix  . : wp.shawcable.net
   Description . . . . . . . . . . . : Cisco AM10 #4
   Physical Address. . . . . . . . . : 68-7F-74-E3-F7-8B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.0.101(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : March-21-13 7:01:54 PM
   Lease Expires . . . . . . . . . . : March-22-13 7:01:54 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection
   Physical Address. . . . . . . . . : 00-1A-A0-92-02-4B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:4004:801::1007
   74.125.228.32
   74.125.228.35
   74.125.228.41
   74.125.228.39
   74.125.228.40
   74.125.228.36
   74.125.228.33
   74.125.228.34
   74.125.228.46
   74.125.228.38
   74.125.228.37

 

Pinging google.com [74.125.228.37] with 32 bytes of data:

Reply from 74.125.228.37: bytes=32 time=43ms TTL=54

Reply from 74.125.228.37: bytes=32 time=42ms TTL=54

 

Ping statistics for 74.125.228.37:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 42ms, Maximum = 43ms, Average = 42ms

Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  98.139.183.24
   98.138.253.109
   206.190.36.45

 

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=822ms TTL=51

Reply from 206.190.36.45: bytes=32 time=849ms TTL=51

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 822ms, Maximum = 849ms, Average = 835ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 17 ...68 7f 74 e3 f7 8b ...... Cisco AM10 #4
  9 ...00 1a a0 92 02 4b ...... Intel® 82562V-2 10/100 Network Connection
  1 ........................... Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     40
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.101    296
    192.168.0.101  255.255.255.255         On-link     192.168.0.101    296
    192.168.0.255  255.255.255.255         On-link     192.168.0.101    296
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.101    296
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.101    296
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/21/2013 06:45:44 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (03/21/2013 00:58:18 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (03/21/2013 00:58:15 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/21/2013 00:38:32 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16470 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 2948
Start Time: 01ce2654a5fc3240
Termination Time: 33200

Error: (03/21/2013 08:46:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5218217

Error: (03/21/2013 08:46:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5218217

Error: (03/21/2013 08:46:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/21/2013 08:46:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5217219

Error: (03/21/2013 08:46:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5217219

Error: (03/21/2013 08:46:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/21/2013 07:03:12 PM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (03/21/2013 06:51:52 PM) (Source: Service Control Manager) (User: )
Description: CLCV01

Error: (03/21/2013 06:49:39 PM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (03/21/2013 06:46:13 PM) (Source: Service Control Manager) (User: )
Description: ASPI32
MpFilter
SASDIFSV
SASKUTIL
spldr
Wanarpv6

Error: (03/21/2013 06:46:13 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (03/21/2013 06:45:54 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/21/2013 06:45:52 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (03/21/2013 06:45:44 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/21/2013 06:45:35 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/21/2013 06:17:09 PM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2


Microsoft Office Sessions:
=========================
Error: (03/21/2013 06:45:44 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (03/21/2013 00:58:18 PM) (Source: Perflib)(User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (03/21/2013 00:58:15 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/21/2013 00:38:32 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16470294801ce2654a5fc324033200

Error: (03/21/2013 08:46:49 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5218217

Error: (03/21/2013 08:46:49 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5218217

Error: (03/21/2013 08:46:49 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/21/2013 08:46:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5217219

Error: (03/21/2013 08:46:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5217219

Error: (03/21/2013 08:46:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-02-19 17:29:46.823
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-19 17:29:46.433
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-19 17:29:46.043
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-19 17:29:45.669
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-19 17:29:43.297
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-19 17:29:42.923
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-19 17:29:42.564
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-19 17:29:42.159
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-19 17:29:29.679
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-19 17:29:29.304
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

10 Talismans (remove only)
7 Wonders
7-Zip 9.20
Abra Academy (remove only)
Adobe AIR (Version: 3.6.0.5970)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Age of Oracles: Tara's Journey (remove only)
Alexander the Great: Secrets of Power
Angelica Weaver: Catch Me When You Can
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Autumn's Treasures (remove only)
Avenue Flo - Special Delivery Just For Fun Games
Avenue Flo: Special Delivery
Aveyond (remove only)
Beach Party Craze
Bejeweled 2 Deluxe
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bingo Cafe
Blood Oath 1.00
Bonjour (Version: 3.0.0.10)
Book of Legends (remove only)
Born Into Darkness 1.00
Brainiversity (remove only)
Build-a-lot -- The Elizabethan Era (remove only)
Build-A-Lot (remove only)
Build-A-Lot 2 (remove only)
Building the Great Wall of China Collector's Edition
Cake Mania 2
Cake Mania Deluxe
Cake Mania: To The Max (remove only)
Call of Atlantis (Version: 1.0)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.0
Canon MP495 series MP Drivers
Canon My Printer
Canon Solution Menu EX
Caribbean Explorer 1.0.0.9
Cathy`s Caribbean Club (remove only)
CCleaner (Version: 3.23)
Cisco Valet Connector (Version: 1.2.10148.2)
Clayside (remove only)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Cooking Academy (remove only)
Cooking Dash (remove only)
Creative Live! Cam Video IM Pro Driver (1.03.02.00)
Criminal Minds
Cute Knight (remove only)
D3DX10 (Version: 15.4.2368.0902)
DAMN NFO Viewer 2.10.0031 RC3 (Version: 2.10.0031)
Dark Mysteries: The Soul Keeper (Version: 1.0.24.0)
Dark Mysteries: The Soul Keeper Collector's Edition (Version: 1.0.24.0)
Dark Parables: The Red Riding Hood Sisters Collector's Edition
Dark Tales: Edgar Allan Poe's the Premature Burial (remove only)
Deadly Voltage: Rise of the Invincible (Version: 1.0.0.1)
Dell Support Center (Version: 3.2.6032.125)
Dell System Customization Wizard (Version: 1.00.0000)
DellSupport (Version: 6.0.3075)
Diner Dash
Diner Dash - Flo on the Go
Diner Dash 2
Disharmony Blocks
Disney Mix Stick (Version: )
Doggie Dash (Version: 1.0.0.100)
Dominic Crane's Dreamscape Mystery (remove only)
Dream Chronicles
Dream Day Honeymoon
Dreams from the Past (Version: 3.4.0.27242)
E.P.I.C.: Wishmaster Adventures
EA Download Manager (Version: 5.0.0.288)
eGames Toolbar
Enigmatis: The Ghosts of Maple Creek (remove only)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Fairy Tale Mysteries: The Puppet Thief (Version: 3.5.6.44817)
Fairy Tale Mysteries: The Puppet Thief Premium Edition (Version: 3.5.6.44817)
Farm Frenzy 2 (remove only)
Farm Frenzy 3 (remove only)
Farm Frenzy 3: American Pie (remove only)
Farm Frenzy 3: Ice Age (Version: 0.5.0.0)
Farm Frenzy: Ancient Rome (Version: 0.5.0.0)
Farm Frenzy: Gone Fishing! (remove only)
Farm Frenzy: Pizza Party (remove only)
Farm Frenzy: Viking Heroes (Version: 0.5.0.0)
Farm Mania: Hot Vacation
Fashion Dash (remove only)
Fashion Fits (remove only)
Final Cut: Death on the Silver Screen Collector's Edition
Forbidden Secrets: Alien Town Collector's Edition (Version: 1.0.0.1)
Gem Ball Ancient Legends (remove only)
Gem Shop
Ghost Encounters: Deadwood (remove only)
Golden Trails 2: The Lost Legacy (remove only)
Golden Trails 3: The Guardian's Creed Premium Edition
Golden Trails: The New Western Rush (remove only)
Google Chrome (Version: 25.0.1364.172)
Google Update Helper (Version: 1.3.21.135)
Gothic Fiction: Dark Saga Collector's Edition
Granny in Paradise (remove only)
Grim Tales: The Wishes Collector's Edition
Hallowed Legends: Templar (remove only)
Haunted Domains (remove only)
Haunted Halls: Revenge of Doctor Blackmore Collector's Edition
Haunted Hotel 4: Charles Dexter Ward Collector's Edition
Haunted Legends 2: The Bronze Horseman (remove only)
Haunted Manor: Queen of Death (remove only)
Haunted Past: Realm of Ghosts Collector's Edition (remove only)
Haunting Mysteries The Island of Lost Souls
Haunting Mysteries: The Island of Lost Souls Premium Edition
Hidden Magic (remove only)
Hidden Mysteries Salem Secrets (remove only)
Hidden Mysteries: Gates of Graceland
Hidden Mysteries: Notre Dame (remove only)
Hidden Mysteries: Royal Family Secrets
Hidden Path of Faery
Hide & Secret (remove only)
Home Sweet Home 2: Kitchens and Baths
Hotel Dash 2: Lost Luxuries (remove only)
Hotel Dash: Suite Success (remove only)
House of 1000 Doors (Version: 1.0.0.1)
House of 1000 Doors: The Palm of Zoroaster (Version: 1.0.0.1)
iCloud (Version: 2.1.1.3)
Icy Tower v1.4
ImagXpress (Version: 7.0.74.0)
Inception of Darkness: Exorcist 3
IncrediMail (Version: 6.2.2.4750)
IncrediMail 2.0 (Version: 6.2.2.4750)
Indeo® Software
Insider Tales: The Stolen Venus (remove only)
Inspector Magnusson:  Murder on the Titanic (remove only)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.11.0 (Version: )
Interpol 2: Most Wanted (remove only)
iTunes (Version: 11.0.2.26)
iWin Games (remove only)
Jane's Hotel. Family Hero (Version: 1.0)
Jane's Realty (Version: 1.01)
Jane's Realty 2 (remove only)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Jet Bingo
Jewel Quest Solitaire (remove only)
Jojos Fashion Show (remove only)
Jojo's Fashion Show 2: Las Cruces (remove only)
Jojo's Fashion Show: World Tour (remove only)
Junk Mail filter update (Version: 15.4.3502.0922)
Kudos (remove only)
Law & Order Criminal Intent 2 - Dark Obsession (remove only)
Lexmark 1200 Series
Living Legends: Ice Rose
Lost Realms:  Legacy of the Sun Princess (remove only)
Lost Secrets Bermuda Triangle (Version: 1.0)
Lost Secrets: November 1963
Lost Souls Enchanted Paintings Collector's Edition (remove only)
M&Ms The Lost Formulas
Macabre Mysteries: Curse of the Nightingale (remove only)
Mahjongg Platinum 2 (Version: 2.00.06.08.08)
Malice: Two Sisters (Version: 1.5.0.0)
Mall Tycoon 3 (Version: 1.0.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Marooned (remove only)
Marooned II - Secrets of the Akoni (remove only)
Masquerade Mysteries: The Case of the Copycat Curator (remove only)
Masters of Mystery: Blood of Betrayal (remove only)
Mayan Prophecies: Ship of Spirits Collector's Edition (Version: 1.0.0.0)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0818)
Midnight Mysteries 2 Salem Witch Trials 1.00
Midnight Mysteries Haunted Houdini (remove only)
Midnight Mysteries: Devil on the Mississippi (remove only)
Monopoly
Monument Builders: Statue of Liberty (Version: 3.5.0.43509)
Moto Racer 3
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MY CAMERA (Version: 1.00.0000)
My Farm Life 2 (Version: 1.0.0.1)
MySpaceIM (Version: 1.0.823.0)
Mysteries & Treasures: The Adventures of the Mary Celeste
Mystery Legends: Sleepy Hollow (remove only)
Mystery Legends: The Phantom of the Opera
Mystery of Mortlake Mansion (remove only)
Mystery P.I. - Lost in Los Angeles
Mystery Stories: Berlin Nights (remove only)
Mystery Stories: Mountains of Madness (remove only)
Mystery Trackers: Black Isle
Mystery Valley (remove only)
Mystic Inn (remove only)
neroxml (Version: 1.0.0)
Nightmare Adventures:  The Witch's Prison (remove only)
Nightmares from the Deep: The Cursed Heart
Oddly Enough: Pied Piper (Version: 1.2.3.4)
OpenAL
Origin (Version: 8.5.2.23)
Our Worst Fears: Stained Skin
Pando Media Booster (Version: 2.3.3.6)
Pantheon (remove only)
Parking Dash (remove only)
Phenomenon: City of Cyan
Photo Viewer s2.5
PhotoMail Maker (Version: 6.0.0.1007)
Pirate Poppers
PuppetShow: Return to Joyville Collector's Edition
QuickTax 2009 (Version: 1.00.0000)
QuickTime (Version: 7.73.80.64)
Real Detectives: Murder in Miami (remove only)
Realtek High Definition Audio Driver
Revo Uninstaller Pro 2.5.9 (Version: 2.5.9)
Rita James and the Race to Shangri La (remove only)
Rite of Passage: The Perfect Show Collector's Edition
RollerCoaster Tycoon 3 (Version: 1.00.000)
Rootkit Unhooker LE 3.8 SR 2
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio MyDVD DE (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
Royal Detective: The Lord of Statues Collector's Edition
Sacra Terra: Angelic Night (Version: 1.0.0.1)
Saints and Sinners Bingo (remove only)
Sally's Spa (remove only)
Sandlot Games Client Services
Save.ca Print-At-Home (Version: 6.2)
Sea Legends: Phantasmal Light (remove only)
Secrets of the Dark: Eclipse Mountain Collector's Edition (Version: 1.0.0.1)
Secrets of the Dark: Temple of Night (remove only)
Segoe UI (Version: 15.4.2271.0615)
Shadow Wolf Mysteries - Bane of the Family
Shiver: Poltergeist (Version: 0.0.0.1)
Shiver: Vanishing Hitchhiker (remove only)
Silent Scream: The Dancer (remove only)
Sister's Secrecy: Arcanum Bloodlines
Skype Click to Call (Version: 6.0.10297)
Skype™ 6.0 (Version: 6.0.126)
Slingo Mystery (remove only)
Slingo Quest Hawaii (remove only)
Slingo Supreme (remove only)
Slingo-Supreme (remove only)
Soap Opera Dash (remove only)
Sonic Activation Module (Version: 1.0)
Spirit Walkers: Curse of the Cypress Witch
Spirits and Curses 3 in 1 Bundle
Spirits of Mystery: Song of the Phoenix
SpongeBob SquarePants - Lights, Camera, Pants! (Version: 1.0)
Strange Cases 2: The Lighthouse Mystery - Collector's Edition (remove only)
Stroke of Midnight (remove only)
SUPERAntiSpyware (Version: 5.1.1002)
Surface: The Noise She Couldn't Make Collector's Edition
System Requirements Lab CYRI (Version: 4.3.1.0)
Tahiti Hidden Pearls (remove only)
Tales of Sorrow: Strawsbrough Town
TeamViewer 5 (Version: 5.0.7904 )
Tearstone (remove only)
Temple Of Life The Legend of Four Elements (remove only)
Tesla's Tower: The Wardenclyffe Mystery
The Agency of Anomalies: Mystic Hospital (remove only)
The Agency of Anomalies: The Last Performance Collector's Edition (Version: 1.0.0.1)
The Beast of Lycan Isle (Version: 3.5.6.44817)
The Beast of Lycan Isle Collector's Edition (Version: 3.5.6.44817)
The Clockwork Man (remove only)
The Clockwork Man 2 (remove only)
The Curse of the Werewolves
The Curse of the Werewolves Premium Edition
The Dreamatorium of Dr. Magnus
The Golden Years: Way Out West (remove only)
The Hidden Prophecies of Nostradamus (remove only)
The Lake House: Children of Silence Collector's Edition
The Price Is Right 1.1.4
The Sims™ 2 Double Deluxe
The Sims™ 2 Fun with Pets Collection
The Sims™ 2 Seasons
The Sims™ 2 University Life Collection
The Three Stooges (Version: 1.0.0.0)
The Timebuilders: Caveman's Prophecy (remove only)
The Tudors (remove only)
Theatre of Shadows: As You Wish
Time Mysteries: The Ancient Spectres (remove only)
Travelogue 360 Paris (remove only)
Turbo Subs (Version: 1.0.0.0)
Twilight Phenomena: The Lodgers of House 13 Collector's Edition
Twisted Lands: Insomniac (remove only)
Twisted Lands: Origin (Version: 1.0.0.1)
Twisted Lands: Shadow Town
Unfinished Tales: Illicit Love Collector's Edition
Unity Web Player (Version: 2.6.1f3_31223)
Unsolved Mystery Club: Ancient Astronauts Collector's Edition (remove only)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
User's Guides
Virtual Farm (remove only)
Voodoo Chronicles: First Sign (remove only)
Web of Deceit: Black Widow Collector's Edition
Wedding Dash 4-Ever
Weird Park: Scary Tales (Version: 1.0.0.1)
Westward II: Heroes of the Frontier (remove only)
Westward III: Gold Rush (remove only)
Where Angels Cry (Version: 1.0.0.0)
Whispered Secrets: The Story of Tideville Collector's Edition
White Haven Mysteries (remove only)
Wild West Quest (remove only)
Wild West Quest II (remove only)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
Witch Hunters: Stolen Beauty Collector's Edition (Version: 1.0.1.10)
Women's Murder Club: A Darker Shade of Grey (remove only)
Yahoo! Messenger
Yahoo! Software Update
Youda Mystery: The Stanwick Legacy (remove only)
Youda Sushi Chef (remove only)
Zoodles (Version: 3.0.5)

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 2036.45 MB
Available physical RAM: 885.62 MB
Total Pagefile: 4314.15 MB
Available Pagefile: 3020.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.2 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:288.04 GB) (Free:88.67 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:6.27 GB) NTFS
3 Drive e: (Sims2DoubleDeluxe) (CDROM) (Total:5.55 GB) (Free:0 GB) UDF
4 Drive f: () (Removable) (Total:0.12 GB) (Free:0 GB) FAT32

========================= Users: ========================================

User accounts for \\BECKY-PC

Administrator            becky                    Guest                   


**** End of log ****



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,333 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:46 PM

Posted 21 March 2013 - 08:43 PM

Can you PM them to me? Hover over my name and click send message.

I'll see if I can post them.


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#6 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 25 March 2013 - 01:38 PM

I have printed out the logs so i can recopy by hand to here for you...they are as follows:....



#7 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 25 March 2013 - 02:23 PM

AdwCleaner[S2]

 

#AdwCleaner v2.115-Logfile created 03/21/2013 at 18:59:24

#Updated 17/03/2013 by Xplode

#Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)

#User: becky-BECKY-PC

#Boot Mode: Norma

#Running from : C:\Users\becky\AppData\Local\Microsoft\Windows\Temporary Internet

Files\Content.IE5\QJ89N714\AdwCleaner.exe

#Option [Delete]

 

*****[Services]*****

 

 

*****[Files/ Folders]*****

 

File Deleted :C:\END

Folder Deleted :C:\Program Files\Conduit

Folder Deleted :C:\ProgramData\IBUpdaterService

Folder Deleted :C:\Users\becky\AppData\Local\Conduit

Folder Deleted :C:\Users\becky\AppData\Locallow\Conduit

Folder Deleted :C:\Users\becky\AppData\Locallow\PriceGong

 

*****[Registry]*****

 

Key Deleted :HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted :HKCU\Software\AppDataLow\Software\Freecause

Key Deleted :HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted :HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted :HKCU\Software\AppDataLow\Software\Toolbar

Key Deleted :HKCU\Software\InstallCore

Key Deleted :

HKCU\Software\Microsoft\Windows\Current Version\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted:

HKCU\Software\Microsoft\Windows\Current Version\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted :HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL

Key Deleted :HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL

Key Deleted :HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}

Key Deleted :HKLM\SOFTWARE\Classes\Toolbar.CT1678857

Key Deleted :HKLM\SOFTWARE\Classes\Toolbar.CT3201318

Key Deleted :HKLM\SOFTWARE\Classes\Toolbar.CT3244149

Key Deleted :HKLM\Software\Conduit

Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\Current Version\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\Current Version\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted :

HKLM\Software\Microsoft\Windows\Current Version\Installer\UserData\S-1-5-18\Components\063A857433EDED11A893800002C0A966

Key Deleted :HKLM\Software\TENCENT

Key Deleted :HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
 

*****[Internet Browsers]*****

 

-\\Internet Explorer v9.0.8.16470

 

[OK] Registry is clean.

 

-\\Google Chrome v25.0.1364.172


File :C:\Users\becky\AppData\Local\Googe\Chrome\USer Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt-[2760 octets]-[21/03/2013 18:58:44]

AdwCleaner[S1].txt-[7004 octets]-[09/10/2012 10:00:05]

AdwCleaner[S2].txt-[2747 octets]-[21/03/2013 18:59:24]
 

##########EOF-C:\AdwCleaner[S2].txt-[2807 octets]##########



#8 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 25 March 2013 - 02:43 PM

Rkill 2.4.7 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about RKill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 03/21/2013 06:51:50 PM in x86 mode.

Windows Version: Windows Vista ™ Home Premium Service Pack 2

 

Checking for Windows services to stop:

 

*No malware services found to stop.

 

Checking for processes to terminate:

 

*C:\Windows\system32\UTSCSI.EXE(PID: 2136)[WD-HEUR]

 

1 proccess terminated!

 

Checking Registry for malware related settings:

 

*No issues found in the Registry.

 

Resetting, EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaeous checks:

 

*No issues found.

 

Checking Windows Service Integrity:

 

*msiserver=>%systemroot%\system32\msiexec.exe/V [Incorrect ImagePath]

 

Searching for Missing Digital Signatures:

 

*No issues found.

 

Checking HOSTS File:

 

*HOSTS file entries found:

 

127.0.0.1   localhost

 

Program finished at: 03/21/2013 06:52:08 PM

Execution time: 0 hour(s), 0 minute(s), an 18 second(s)



#9 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 25 March 2013 - 02:54 PM

I will post the TDSS killer log tomorrow...I have tried 3 times to type it out and have hit the internet button on my keyboard and am frustrated about starting again so I will start again tomorrow march 26th...Hope what I posted so far will help



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,333 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:46 PM

Posted 25 March 2013 - 06:38 PM

We have removed a lot of malwares.

We really only need probably the last 10 lines of TDSS ,unless the last 2 say 0 infections found. Then we don't need it at all. To save you typing.. I amazed you still cannot post. Do you get an error message?

 

I may have missed it ,but what is your Antivirus?

 

Yours is way outdated.....

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#11 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 26 March 2013 - 08:06 AM

I can click copy but when I get to where I go to paste it is grey so I cant even use it....Ill look into the tdss and my antivirus is microsoft security essentials



#12 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 26 March 2013 - 08:07 AM

they both say 0 infections...whew...lol



#13 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 222 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:10:46 AM

Posted 26 March 2013 - 09:36 AM

it wouldnt copy and paste so im copying it out by hand again:

 

Mbam-log -2013-03-26(08-09-57)

 

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

 

 

Database version: v2012.12.14.11

 

Windows Vista Servie Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

becky::BECKY-PC[administrator]

 

26/03/2013 8:09:57 AM

mbam-log-2013-03-26(08-09-57).txt

 

Scan type:Quick scan

Scan options enabled:Memory|startup|Registry|File system|Heuristics/Extra|Heuristics/Shuriken|PUP|PUM

Scan options disabled:p2p

Objects scanned:215295

Time elapsed:12 minute(s),29 second(s)

 

Memeory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected
 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)



#14 Queen-Evie

Queen-Evie

    Official Bleepin' G.R. I. T.S. (and proud of it)


  • Global Moderator
  • 9,402 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:My own little world. They know me here.
  • Local time:11:46 AM

Posted 26 March 2013 - 09:50 AM

To paste click the circled icon in the editor toolbar.

 

bccopy.png



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,333 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:46 PM

Posted 26 March 2013 - 09:50 AM

OK, it looks clean. Other than the posting, (I am looking at that) are ere other issues?


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users