Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dds log file


  • This topic is locked This topic is locked
51 replies to this topic

#1 davidwp13

davidwp13

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 05 July 2009 - 03:03 PM

For additional information, please read this topic: http://www.bleepingcomputer.com/forums/t/236443/dds-and-i-have-spent-days-trying-the-slow-comp-dl-moved/ ~ OB

DDS (Ver_09-06-26.01) - NTFSx86
Run by davidwp13 at 20:27:36.58 on Sat 07/04/2009
Internet Explorer: 8.0.6001.18783
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.2037.908 [GMT -5:00]

AV: Trend Micro Internet Security Pro *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Toshiba\IVP\ISM\pinger.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Utilities\VolControl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\alg.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Dealio\kb124\Dealio Deskbar.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFCommander.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\sdclt.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Trend Micro\Internet Security\UfNavi.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN\Toolbar\3.0.0426.0\msntask.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://search.live.com
uDefault_Page_URL = hxxp://www.msn.com
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
mSearchAssistant = hxxp://search.live.com/sphome.aspx
mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80015
uURLSearchHooks: N/A: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
uURLSearchHooks: N/A: {0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2} - c:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL
uURLSearchHooks: H - No File
mURLSearchHooks: eMusic Toolbar: {9ee802e8-c931-47ab-b570-aa8f791598ca} - c:\program files\emusic\tbeMu0.dll
BHO: Ask Search Assistant BHO: {0579b4b1-0293-4d73-b02d-5ebb0ba0f0a2} - c:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - No File
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: eMusic Toolbar: {9ee802e8-c931-47ab-b570-aa8f791598ca} - c:\program files\emusic\tbeMu0.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0426.0\msneshellx.dll
BHO: : {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: Ask Toolbar BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: Ask Toolbar: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - No File
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0426.0\msneshellx.dll
TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: eMusic Toolbar: {9ee802e8-c931-47ab-b570-aa8f791598ca} - c:\program files\emusic\tbeMu0.dll
TB: Dealio: {e67c74f4-a00a-4f2c-9fec-fd9dc004a67f} - c:\program files\dealio\kb124\Dealio.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
uRun: [TOSCDSPD] "c:\program files\toshiba\toscdspd\TOSCDSPD.exe"
uRun: [ehTray.exe] "c:\windows\ehome\ehTray.exe"
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [WMPNSCFG] "c:\program files\windows media player\WMPNSCFG.exe"
uRun: [Google Update] "c:\users\davidwp13\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [OE] "c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe"
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [SynTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [NDSTray.exe] NDSTray.exe
mRun: [PINGER] "c:\toshiba\ivp\ism\pinger.exe" /run
mRun: [TOSHIBA Volume Indicator] "c:\program files\toshiba\utilities\VolControl.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [TPwrMain] "c:\program files\toshiba\power saver\TPwrMain.EXE"
mRun: [HSON] "c:\program files\toshiba\tbs\HSON.exe"
mRun: [SmoothView] "c:\program files\toshiba\smoothview\SmoothView.exe"
mRun: [00TCrdMain] "c:\program files\toshiba\flashcards\TCrdMain.exe"
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [au] "c:\program files\dealio\DealioAU.exe"
mRun: [MyWebSearch Plugin] "rundll32" c:\progra~1\mywebs~2\bar\1.bin\M3PLUGIN.DLL,UPF
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe"
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"
mRun: [Persistence] "c:\windows\system32\igfxpers.exe"
mRun: [SpySweeper] "c:\program files\webroot\spy sweeper\SpySweeperUI.exe" /startintray
dRun: [OE] c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: Compare Prices with &Dealio - c:\users\davidwp13\appdata\locallow\dealio\kb124\res\DealioSearch.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
IE: {E908B145-C847-4e85-B315-07E2E70DECF8} - {9F038672-0425-4792-BC9C-36DE3308E8AA} - c:\program files\dealio\kb124\Dealio.dll
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/PopularScreenSaversInitialSetup1.0.1.1.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll
Notify: igfxcui - igfxdev.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll
LSA: Notification Packages = scecli psqlpwd

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-07-04 04:07 92,464 a------- c:\windows\system32\drivers\SBREDrv.sys
2009-07-04 04:07 65,320 a------- c:\windows\system32\sbbd.exe
2009-07-04 04:07 --d----- C:\VIPRERESCUE
2009-07-03 19:00 --d----- c:\users\davidwp13\Tracing
2009-07-03 18:28 --d----- c:\program files\Microsoft Office Outlook Connector
2009-07-03 18:28 55,280 a------- c:\windows\system32\drivers\fssfltr.sys
2009-07-03 18:26 3,426,072 a------- c:\windows\system32\d3dx9_32.dll
2009-07-03 18:26 --d----- c:\program files\Microsoft SQL Server Compact Edition
2009-07-03 18:24 --d----- c:\program files\Windows Live SkyDrive
2009-07-03 17:10 --d----- c:\program files\common files\Windows Live
2009-07-03 17:04 97,800 a------- c:\windows\system32\infocardapi.dll
2009-07-03 17:04 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-03 17:04 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-07-03 17:04 622,080 a------- c:\windows\system32\icardagt.exe
2009-07-03 17:04 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-07-03 17:04 11,264 a------- c:\windows\system32\icardres.dll
2009-07-03 17:04 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-07-03 17:04 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-07-03 16:57 96,760 a------- c:\windows\system32\dfshim.dll
2009-07-03 16:57 282,112 a------- c:\windows\system32\mscoree.dll
2009-07-03 16:57 41,984 a------- c:\windows\system32\netfxperf.dll
2009-07-03 16:57 158,720 a------- c:\windows\system32\mscorier.dll
2009-07-03 16:57 83,968 a------- c:\windows\system32\mscories.dll
2009-07-03 16:55 --d----- c:\program files\Microsoft
2009-07-03 16:54 --d----- c:\windows\system32\x64
2009-06-26 18:23 --d----- c:\windows\system32\Service
2009-06-13 23:05 428,544 a------- c:\windows\system32\EncDec.dll
2009-06-13 23:05 293,376 a------- c:\windows\system32\psisdecd.dll
2009-06-13 23:05 217,088 a------- c:\windows\system32\psisrndr.ax
2009-06-13 23:05 177,664 a------- c:\windows\system32\mpg2splt.ax
2009-06-13 23:05 80,896 a------- c:\windows\system32\MSNP.ax
2009-06-09 19:13 2,033,152 a------- c:\windows\system32\win32k.sys
2009-06-09 19:00 636,928 a------- c:\windows\system32\localspl.dll
2009-06-09 18:53 915,456 a------- c:\windows\system32\wininet.dll
2009-06-09 18:53 1,469,440 a------- c:\windows\system32\inetcpl.cpl
2009-06-09 18:53 71,680 a------- c:\windows\system32\iesetup.dll
2009-06-09 18:53 1,638,912 a------- c:\windows\system32\mshtml.tlb
2009-06-09 18:44 784,896 a------- c:\windows\system32\rpcrt4.dll

==================== Find3M ====================

2009-07-03 18:37 143,360 a------- c:\windows\inf\infstrng.dat
2009-07-03 18:37 51,200 a------- c:\windows\inf\infpub.dat
2009-07-03 18:37 86,016 a------- c:\windows\inf\infstor.dat
2009-06-23 16:11 86,872 a------- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-05-16 11:57 28,672 a------- c:\windows\system32\f3PSSavr.scr
2008-10-03 16:33 174 a--sh--- c:\program files\desktop.ini
2008-10-03 16:20 665,600 a------- c:\windows\inf\drvindex.dat
2008-08-27 03:48 350,208 -------- c:\users\davidwp13\d3drm.dll
2008-07-13 06:48 262,144 a------- c:\progra~2\ntuser.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2005-05-26 12:35 1,422 a------- c:\program files\ReadMe.txt
2006-09-18 16:43 10 a--sh--- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\config.sys
2006-09-18 16:43 10 a--sh--- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\config.sys

============= FINISH: 20:37:23.48 ===============

Edited by Orange Blossom, 05 July 2009 - 09:27 PM.


BC AdBot (Login to Remove)

 


#2 DocSatan

DocSatan

    Bleepin' Wanna-Be


  • Members
  • 2,156 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Ma.
  • Local time:11:11 AM

Posted 12 July 2009 - 10:49 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

#3 davidwp13

davidwp13
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 13 July 2009 - 03:03 PM

Attached File  Attach_DDS_2.txt   5.29KB   8 downloads

I hope thi is right lasttime it was not zipped and I did not zip it this time it just loaded this way , also my machine seems to be better did you already do something? it is not back to where it was but it got very bad at one point

#4 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:06:11 PM

Posted 14 July 2009 - 03:51 AM

Hi,

Please re-run DDS and post back dds.txt file contents.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#5 davidwp13

davidwp13
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 14 July 2009 - 04:33 PM

Attached File  Attach_DDS_2.txt   5.29KB   16 downloadsAttached File  manifest.xml   24.51KB   11 downloads

OK i do apoligize for not know ing how to do this and THANK you for helping me anyway I HOPE I got it this time here goes (i sent 2 to help my odds)

#6 davidwp13

davidwp13
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 14 July 2009 - 05:35 PM

I did post a new DDS file but I thought you wanted it as a new post SORRY I amnot real computer savvy, if I need to do anything else PLEASE let me know and maybe a cheat sheet on how? THANK YOU

#7 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,807 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:11 AM

Posted 14 July 2009 - 11:03 PM

Hello davidwp13,

I merged your new topic with the current logs here to your previous topic and it appears as post #5. Please keep all posts regarding this issue to this topic by using the Add Reply button found near the bottom of the topic. Starting new topics creates confusion for all involved and delays the assistance you receive.

Back to you Blade.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#8 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:06:11 PM

Posted 15 July 2009 - 04:21 AM

Thanks OB :thumbup2:

David, I need you to re-run DDS and post contents of dds.txt file. The one you posted is attach.txt :)

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#9 davidwp13

davidwp13
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 15 July 2009 - 04:57 PM

Sorry i will do it now and I had mentioned earlier it seemed to be a bit better but it is NOT and THANK YOU for spending time on this for me.I just hope I get it right this dds.txt COMING YOUR WAYAttached File  Attach_DDS_3.txt   5.29KB   6 downloads

#10 davidwp13

davidwp13
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 15 July 2009 - 05:58 PM

hi Blade i have no idea of how this works and what i will need to do when you are done, i wanted to tell you as far as removing things PLEASE treat it like it was your machine i have put a lot of things on it i no lnger use and it came with several trials and stuff i never used. i have and use a Sony camera and the adobe software but i can read load that even.I like i said do not know what you will do but wanted you to know you have carte blanche. THANK YOU

#11 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:06:11 PM

Posted 16 July 2009 - 03:11 AM

Hi David,

You posted attach.txt again. Please see that you post the dds.txt log which contents begins something like this:
DDS (Ver_09-06-26.01) - NTFSx86
Run by davidwp13

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#12 davidwp13

davidwp13
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 16 July 2009 - 05:06 PM

Attached File  DDS_4.txt   17.55KB   20 downloads When i had itopen in "noepad" it started the way you said but after attaching it here now it says something differet, I feel so bad about wasting your time if i can not get right this time i give up.
I have everything backed up on ext HD if i wipe my drive can I salvage what I had or would my back up be infected as well. You probably allready answered this but if so i do not remember

THANK YOU again

Attached Files



#13 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:06:11 PM

Posted 17 July 2009 - 02:26 AM

Hi,

Now both got posted properly :thumbup2:

Uninstall Ask Toolbar if it was not installed on purpose.

I see you have both Trend Micro Internet Security Pro and Webroot AntiVirus with AntiSpyware installed. You should decide which one to keep since it's recommended to have only one antivirus installed in one system. Having multiple ones installed and running causes performance and other issues.


Adobe Reader should be updated to 9.1.2 version. The latest one (9.1 and separate update 9.1.2 for it) can be found here. Alternatively, you may get Foxit Reader here. Make sure you don't install toolbar if choose Foxit Reader! You may also check free readers introduced here.


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 14.
  • Click the
    Download
    button to the right.
  • Select Windows on platform combobox and check the box that says:
    Accept License Agreement. Click continue.
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u14-windows-i586-p.exe to install the newest version. Uncheck MSN toolbar if it's offered there.

Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Java Cache

*The other boxes are optional*
Then click the Empty Selected button.

If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.


When done, reboot and re-run DDS. Post back the logs like you did in previous post. Let me know how's the system performing :)

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#14 davidwp13

davidwp13
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 17 July 2009 - 04:39 PM

Hi here isthe last log file and it does seem to be better it is not as fast as it was a while back but it is a year old now. i have not used it enough to be sure it does not feeze but so far so goodAttached File  DDS_7_17_2009.txt   17.31KB   16 downloads

#15 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:06:11 PM

Posted 17 July 2009 - 05:18 PM

Hi David,

Let's give Malwarebytes' Anti-Malware a run there.


Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Please post contents of that file and fresh DDS log in your next reply.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users