Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Hp tower crashes sometimes?


  • Please log in to reply
10 replies to this topic

#1 briffdogg

briffdogg

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:02:45 AM

Posted 25 October 2011 - 08:09 PM

hi, i have a Hp pavallion a600n, and once in a while it crashes, and when ir estart it jams up on the hp startup screen, then i restart it again and it will start up normally, i run malwarebytes antimalware from time to time to clean it out, any other suggestion on what i can do to make sure the system is clean please?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:45 AM

Posted 25 October 2011 - 08:19 PM

Hello,lets get some logs and see what we have.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

RKill....

Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 briffdogg

briffdogg
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:02:45 AM

Posted 25 October 2011 - 08:32 PM

MiniToolBox by Farbar
Ran by Derick Briffa (administrator) on 25-10-2011 at 21:30:50
Microsoft Windows XP Service Pack 2 (X86)

***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com

There are 2 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 3"

set address name="Local Area Connection 3" source=dhcp
set dns name="Local Area Connection 3" source=dhcp register=PRIMARY
set wins name="Local Area Connection 3" source=dhcp

# Interface IP Configuration for "{FEA7EF74-8725-49F3-9B2C-F8CDA6BFA356}"

set address name="{FEA7EF74-8725-49F3-9B2C-F8CDA6BFA356}" source=dhcp
set dns name="{FEA7EF74-8725-49F3-9B2C-F8CDA6BFA356}" source=dhcp register=PRIMARY
set wins name="{FEA7EF74-8725-49F3-9B2C-F8CDA6BFA356}" source=dhcp

# Interface IP Configuration for "{1204ADA6-C9FB-47F8-BE19-E77907550029}"

set address name="{1204ADA6-C9FB-47F8-BE19-E77907550029}" source=dhcp
set dns name="{1204ADA6-C9FB-47F8-BE19-E77907550029}" source=dhcp register=PRIMARY
set wins name="{1204ADA6-C9FB-47F8-BE19-E77907550029}" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : briffa

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : Yes

WINS Proxy Enabled. . . . . . . . : Yes

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Local Area Connection 3:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter

Physical Address. . . . . . . . . : 00-11-2F-58-AA-14

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.10

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : Tuesday, October 25, 2011 8:58:35 PM

Lease Expires . . . . . . . . . . : Friday, October 28, 2011 8:58:35 PM

Server: mymodem
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.226.243, 74.125.226.240, 74.125.226.244, 74.125.226.242
74.125.226.241



Pinging google.com [74.125.226.241] with 32 bytes of data:



Reply from 74.125.226.241: bytes=32 time=30ms TTL=55

Reply from 74.125.226.241: bytes=32 time=44ms TTL=55



Ping statistics for 74.125.226.241:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 30ms, Maximum = 44ms, Average = 37ms

Server: mymodem
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.137.149.56, 98.139.180.149, 209.191.122.70, 67.195.160.76
72.30.2.43



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Reply from 72.30.2.43: bytes=32 time=99ms TTL=52

Reply from 72.30.2.43: bytes=32 time=124ms TTL=52



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 99ms, Maximum = 124ms, Average = 111ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 2f 58 aa 14 ...... VIA Rhine II Fast Ethernet Adapter - Packet Scheduler Miniport
0x3 ...00 ff fe a7 ef 74 ...... Anchorfree HSS Adapter - Packet Scheduler Miniport
0x4 ...00 ff 12 04 ad a6 ...... TAP VPN Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.10 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.10 192.168.2.10 20
192.168.2.10 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.2.255 255.255.255.255 192.168.2.10 192.168.2.10 20
224.0.0.0 240.0.0.0 192.168.2.10 192.168.2.10 20
255.255.255.255 255.255.255.255 192.168.2.10 4 1
255.255.255.255 255.255.255.255 192.168.2.10 192.168.2.10 1
255.255.255.255 255.255.255.255 192.168.2.10 3 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/22/2011 06:08:21 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 7.0.1.4288, faulting module , version 4.8.9.0, fault address 0x000052b1.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (10/22/2011 06:06:43 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 7.0.1.4288, faulting module , version 4.8.9.0, fault address 0x000052b1.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (10/22/2011 06:06:14 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 7.0.1.4288, faulting module , version 4.8.9.0, fault address 0x000052b1.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (10/22/2011 06:05:54 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 7.0.1.4288, faulting module , version 4.8.9.0, fault address 0x000052b1.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (10/22/2011 06:05:13 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 7.0.1.4288, faulting module , version 4.8.9.0, fault address 0x000052b1.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (10/22/2011 06:01:24 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 7.0.1.4288, faulting module , version 4.8.9.0, fault address 0x000052b1.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (10/22/2011 01:05:12 AM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 7.0.1.4288, faulting module , version 4.8.9.0, fault address 0x000052b1.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (10/22/2011 01:04:49 AM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 7.0.1.4288, faulting module , version 4.8.9.0, fault address 0x000052b1.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (10/14/2011 00:15:07 AM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.51.0.1118, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/12/2011 01:49:16 PM) (Source: Application Error) (User: )
Description: Faulting application dllhost.exe, version 5.1.2600.2180, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
Processing media-specific event for [dllhost.exe!ws!]


System errors:
=============
Error: (10/25/2011 09:01:08 PM) (Source: RemoteAccess) (User: )
Description: Unable to add the interface {6A4203B2-A829-48DB-AC1B-CE3BAD4C23EC} with the Router Manager for the IP protocol. The
following error occurred: Cannot complete this function.

Error: (10/25/2011 09:01:02 PM) (Source: Service Control Manager) (User: )
Description: The Universal Plug and Play Device Host service depends on the SSDP Discovery Service service which failed to start because of the following error:
%%1058

Error: (10/25/2011 09:01:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (10/25/2011 09:01:02 PM) (Source: Service Control Manager) (User: )
Description: The Net Logon service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (10/24/2011 11:04:31 PM) (Source: RemoteAccess) (User: )
Description: Unable to add the interface {6A4203B2-A829-48DB-AC1B-CE3BAD4C23EC} with the Router Manager for the IP protocol. The
following error occurred: Cannot complete this function.

Error: (10/24/2011 11:04:28 PM) (Source: DCOM) (User: Derick Briffa)
Description: The server {89DAE4CD-9F17-4980-902A-99BA84A8F5C8} did not register with DCOM within the required timeout.

Error: (10/24/2011 11:04:01 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
uagp35

Error: (10/24/2011 11:04:01 PM) (Source: Service Control Manager) (User: )
Description: The Universal Plug and Play Device Host service depends on the SSDP Discovery Service service which failed to start because of the following error:
%%1058

Error: (10/24/2011 11:04:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (10/24/2011 11:04:01 PM) (Source: Service Control Manager) (User: )
Description: The Net Logon service depends on the Workstation service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

AC3Filter (remove only)
Adobe AIR (Version: 2.0.3.13070)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader 9.3.4 (Version: 9.3.4)
Agere Systems PCI Soft Modem
Akamai NetSession Interface
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoStudio 5.5
Ask Toolbar (Version: 4.1.0.3)
ATI - Software Uninstall Utility (Version: 6.14.10.1012)
ATI Catalyst Control Center (Version: 1.1.1879.40231)
ATI Control Panel (Version: 6.14.10.5120)
ATI Display Driver (Version: 8.111-050222a-021277C-ATI)
Audio Editor Gold v8.4.8 (Version: 8.4.8)
AutoUpdate (Version: 1.1)
Avanquest update (Version: 1.11)
Badoo Desktop (Version: 1.3.12.904)
Big Brother Keylogger
BitPim 1.0.3 (Version: 1.0.3)
Bonjour (Version: 3.0.0.2)
BUM (Version: 2.1.1.24)
Business Card Designer Plus 9.5.0.1
Camera Window DS (Version: 5.0)
Camera Window DVC (Version: 5.0)
Camera Window MC (Version: 5.0)
Canon Camera Support Core Library (Version: 7.1.0.11)
Canon Camera Window DS for ZoomBrowser EX (Version: 5.0)
Canon Camera Window DVC for ZoomBrowser EX (Version: 5.0)
Canon Camera Window for ZoomBrowser EX (Version: 5.0)
Canon CanoScan Toolbox 4.9
Canon MovieEdit Task for ZoomBrowser EX (Version: 1.2.0.21)
Canon MP Navigator EX 1.2
Canon MP190 series MP Drivers
Canon My Printer
Canon PIXMA iP1500
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.2)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.1)
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
CCleaner (remove only)
CCScore (Version: 6.02.1001.0001)
Chessmaster Challenge (remove only)
CL-Eye Driver (Version: 4.0.2.1017)
COMODO Internet Security (Version: 3.10.102363.531)
Digital Photo Navigator 1.5
Digital Photo Resizer
DivX ;-) Audio Compressor 4.02
DivX Codec (Version: 6.8.0)
DivX Converter (Version: 6.5.1)
DivX Player (Version: 6.6.0)
DivX Plus Web Player (Version: 2.0.0)
EASEUS Data Recovery Wizard Professional 4.3.6 (Version: 4.3.6)
Easy-WebPrint
Easy DVD Shrink
Elecard MPEG2 Player 2.0 (Version: 2.0)
ESSBrwr (Version: 6.04.0000.0001)
ESSCDBK (Version: 6.04.0000.0001)
ESScore (Version: 6.04.0000.0003)
ESSgui (Version: 6.04.0000.0001)
ESSini (Version: 6.04.0000.0001)
ESSPCD (Version: 6.04.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSSONIC (Version: 6.4.0000.0001)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 6.04.0000.0001)
EVGA Display Driver (Version: 1.00.000)
Flash Slideshow Maker Pro 4.00 (Version: 4.00)
Form Fill (Windows Live Toolbar) (Version: 03.01.0146)
Fourelle Venturi Personal Client 2.1.1
Full Tilt Poker (Version: 4.32.0.WIN.FullTilt.COM)
Fun Morph 3.0
GameSpy Arcade
Google Chrome (Version: 14.0.835.202)
Google Earth (Version: 6.0.3.2197)
Google Earth Pro (Version: 3.0.0762)
Google Earth Pro version 3.0.XXXX (beta) Patch Files
Google Talk Plugin (Version: 2.4.5.4390)
Google Update Helper (Version: 1.3.21.79)
Google Updater (Version: 2.4.2432.1652)
Hewlett-Packard Multimedia Keyboard/Mouse Solution (Version: 1.0.2.2.100504)
HijackThis 2.0.2 (Version: 2.0.2)
honestech Video Editor (Version: 7.0)
Hotspot Shield 2.06 (Version: 2.06)
HP DVD Writer
ImageMixer (Version: 1.7.4.4)
Inkjet Printer/Scanner Extended Survey Program
Internet Check-Up
iTunes (Version: 10.4.0.80)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
Junk Mail filter update (Version: 14.0.8117.416)
KeyRipper 3.1 (Version: 3.1)
kgcbase (Version: 5.03.0000.0004)
KODAK EASYSHARE Gallery Upload ActiveX Control
Kodak EasyShare software
LG PC Suite (Version: 1.00.0000)
LG USB Modem driver (Version: 4.8.1)
LimeWire 4.18.8 (Version: 4.18.8)
LogMeIn (Version: 4.0.982)
LS_HSI (Version: 1.0.15.1)
Macromedia Shockwave Player (Version: 10.1.0.11)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Manual CanoScan LiDE 25
Map Button (Windows Live Toolbar) (Version: 03.01.0146)
Matroska Pack (remove only)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 (Version: 2.0.50727)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Halo
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint Viewer 2003 (Version: 11.0.8305.0)
Microsoft Office Professional 2007 (Version: 12.0.4518.1014)
Microsoft Office Professional 2007 Trial (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Search Enhancement Pack (Version: 1.3.59.0)
Microsoft Silverlight (Version: 4.0.60310.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft WinUsb 1.0
Microsoft WinUsb 2.0
Microsoft Works 7.0 (Version: 07.02.0808)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MicroStaff WINASPI
Monopoly by Parker Brothers (Version: 1.0.406.0)
Motorola Driver Installation 3.2.0 (Version: 3.2.0)
Motorola Phone Tools (Version: 4.3.6c 10-23-2006)
Motorola Phone Tools (Version: 4.30)
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MovieEdit Task (Version: 1.2.0.21)
Mozilla Firefox 7.0.1 (x86 en-US) (Version: 7.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Native Instruments Traktor DJ Studio 3 Demo
Nero 8 Demo (Version: 8.10.89)
neroxml (Version: 1.0.0)
netbrdg (Version: 6.04.0000.0001)
OfotoNow
OfotoXMI (Version: 6.04.0000.0001)
OmniPage SE 2.0 (Version: 2.00.0004)
On2 VP7 Codec
OneCare Advisor (Windows Live Toolbar) (Version: 03.01.0072)
ParetoLogic Data Recovery (Version: 1.1.0)
PC Camera (602a VGA) (Version: 2.0.0.0)
PC Connectivity Solution (Version: 8.15.0.0)
PDF Settings CS5 (Version: 10.0)
Personal License Update Wizard for Windows Media Player
Pocket Voice Recorder 3.4 (Version: 3.4)
Popup Blocker (Windows Live Toolbar) (Version: 03.01.0146)
PowerCinema NE for Everio
PowerDirector Express
PowerISO
PowerProducer (Version: 074511a(3.7)_Vista_JVC)
PowerZip 7.05 (Version: 7.05)
QuickTime (Version: 7.69.80.9)
RAW Image Task (Version: 0.9.2)
Real Alternative 1.37 (Version: 1.37)
Realtek AC'97 Audio
Realtek High Definition Audio Driver
Registry Mechanic 7.0 (Version: 7.0)
RemoteCapture Task 1.1 (Version: 1.1)
S3GSetup (Version: 2.00.07.0709)
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
SAMSUNG Mobile Modem V2 Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Download Driver Software
SAMSUNG Mobile USB Driver (Version: 1.00.0000)
SAMSUNG Mobile USB Modem 1.0 Software
Samsung Mobile USB Modem Device Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio (Version: 1.00.0000)
SAMSUNG SYMBIAN USB Download Driver (Version: 1.1.808.7165)
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver (Version: 6.83.6.2.1)
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
Search Bar
Security Task Manager 1.7e (Version: 1.7e)
Segoe UI (Version: 14.0.4327.805)
SFR (Version: 6.04.0000.0001)
SHASTA (Version: 6.04.0000.0001)
skin0001 (Version: 6.04.0000.0004)
SKINXSDK (Version: 6.02.1001.0001)
Skype™ 4.2 (Version: 4.2.155)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)
Sonic RecordNow! (Version: 7.22)
Sonic Update Manager (Version: 2.9)
Sony Ericsson PC Suite (Version: 1.30.55)
staticcr (Version: 6.04.0000.0005)
Steinberg Cubase SX v3.1.1.944
Switch
Syncrosoft's License Control
SyncroSoft Emu (Remove only)
Tabbed Browsing (Windows Live Toolbar) (Version: 03.01.0146)
Talking Time Keeper
TBS WMP Plug-in (Version: 1.00.676)
tooltips (Version: 6.04.0000.0001)
TuneUp Companion 1.5.9 (Version: 1.5.9)
URGE (Version: 1.1.9060.0)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VCRedistSetup (Version: 1.0.0)
Veetle TV 0.9.18 (Version: 0.9.18)
VIA Rhine-Family Fast Ethernet Adapter
VIA/S3G Display Driver
VideoLAN VLC media player 0.8.2 (Version: 0.8.2)
VirtualCom driver (Version: 1.0.0)
VPRINTOL (Version: 6.04.0000.0001)
Vuze
WebCam for MSN Messenger
WebFldrs XP (Version: 9.50.7523)
Windows Defender (Version: 1.1.1593.21)
Windows Driver Package - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0) (Version: 01/26/2008 2.6.0.0)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
Windows Easy Transfer
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Favorites for Windows Live Toolbar (Version: 03.01.0146)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live OneCare safety scanner
Windows Live Outlook Toolbar (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 03.01.0146)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Toolbar Feed Detector (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 9 Series TweakMP PowerToy
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Hotfix - KB867282 (Version: 20050127.090417)
Windows XP Hotfix - KB873333 (Version: 20050114.005213)
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885250 (Version: 20050118.202711)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB885884 (Version: 20040924.025457)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB887742 (Version: 20041103.095002)
Windows XP Hotfix - KB888113 (Version: 20041116.131036)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890047 (Version: 20041221.124506)
Windows XP Hotfix - KB890175 (Version: 20041201.233338)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB890923 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
Windows XP Hotfix - KB893066 (Version: 1)
Windows XP Hotfix - KB893086 (Version: 1)
WinRAR archiver
WinSCP 4.0.4 (Version: 4.0.4)
WinZip (Version: 9.0 SR-1 (6224))
WIRELESS (Version: 6.04.0000.0001)
WIZ1x0_105SR Configtool (Version: 2.1)
XviD MPEG-4 Video Codec (Version: XviD-1.0.3-20122004)
Yahoo! extras
Yahoo! Install Manager
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 1023.48 MB
Available physical RAM: 582.73 MB
Total Pagefile: 1597.55 MB
Available Pagefile: 1212.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 2004.93 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:69.73 GB) (Free:0.17 GB) NTFS
3 Drive e: (DRV2_VOL1) (Fixed) (Total:149.05 GB) (Free:0.13 GB) NTFS
6 Drive h: (HP_RECOVERY) (Fixed) (Total:4.79 GB) (Free:4.78 GB) FAT32

========================= Users: ========================================

User accounts for \\

Administrator ASPNET Derick Briffa
Guest HelpAssistant LogMeInRemoteUser
SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:45 AM

Posted 25 October 2011 - 09:07 PM

Hello a coupe questions.

Do you know why this is installed?
Big Brother Keylogger

You have a lot of Adobe apps contacting Adobe in the Hosts file. Do you use a lot of Adobe and often?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 briffdogg

briffdogg
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:02:45 AM

Posted 25 October 2011 - 09:32 PM

yes i had used it a couple of times a while back, how can i get rid of it?

No i dont use much adobe how can i get rid of those please?

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/25/2011 at 10:15 PM

Application Version : 5.0.1134

Core Rules Database Version : 7848
Trace Rules Database Version: 5660

Scan type : Quick Scan
Total Scan Time : 00:17:25

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 2 (Build 5.01.2600)
Administrator

Memory items scanned : 270
Memory threats detected : 0
Registry items scanned : 31027
Registry threats detected : 17
File items scanned : 8110
File threats detected : 23

Adware.ZToolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AZESearch
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AZESearch#DisplayName

Browser Hijacker.Favorites
C:\Documents and Settings\Derick Briffa\Favorites\Favorites\Music and Movies
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Adventure Travel.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Air Travel.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Business Travel.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Discount Travel.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Food.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Hawaii Travel.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Lodging.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\London Travel.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Travel Agent.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Travel Insurance.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Travel package.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Travel Reservation.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Travel Spain.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Travel Web site.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Vacation Cruises.url
C:\Documents and Settings\Derick Briffa\Favorites\Travel\Vacations.url
C:\Documents and Settings\Derick Briffa\Favorites\Pharmacy\.AppleSyncInfo
C:\Documents and Settings\Derick Briffa\Favorites\Pharmacy

Adware.Casino Games (Golden Palace Casino)
HKLM\Software\Golden Palace Casino PT
HKLM\Software\Golden Palace Casino PT#account
HKLM\Software\Golden Palace Casino PT#advertisercode
HKLM\Software\Golden Palace Casino PT#banner
HKLM\Software\Golden Palace Casino PT#createdfunaccount
HKLM\Software\Golden Palace Casino PT#creditGPF47291261
HKLM\Software\Golden Palace Casino PT#creferer
HKLM\Software\Golden Palace Casino PT#profile
HKLM\Software\Golden Palace Casino PT#referer
HKLM\Software\Golden Palace Casino PT#safemode
HKLM\Software\Golden Palace Casino PT#uninstall_lang

Trojan.Fake-Alert/Trace
HKU\S-1-5-21-1708537768-1580818891-839522115-1004\SOFTWARE\Microsoft\fias4013

Browser Hijacker.Internet Explorer Zone Hijack
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny#https

Rogue.Agent/Gen-Nullo[DLL]
C:\WINDOWS\SYSTEM32\NVRCJOAA.DLL
C:\WINDOWS\SYSTEM32\NVPQNGAA.DLL

Rogue.Agent/Gen-Nullo[OCX]
C:\WINDOWS\SYSTEM32\P1FULMON.OCX
C:\WINDOWS\SYSTEM32\RTLCOISE.OCX

Edited by briffdogg, 25 October 2011 - 09:32 PM.


#6 briffdogg

briffdogg
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:02:45 AM

Posted 25 October 2011 - 09:49 PM

hi im getting this message alot also jamming up firefox,
plugin-container.exe has encountered a problem and needs to close. We are sorry for the inconvenience.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:45 AM

Posted 25 October 2011 - 10:15 PM

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.


Now go into the Control Panel >> Add/Remove programs

Click on each of these and select Uninsatll

Adobe AIR (Version: 2.0.3.13070)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0).. Leave this if you paid for it.
Adobe Reader 9.3.4 (Version: 9.3.4)

Scroll thru the list ..remove any Toolbars.

Reboot

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u1-windows-i586-s.exe (or jre-7u1-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

Now install.......
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional


These
http://get.adobe.com/air/

http://www.adobe.com/products/flashplayer.html

http://get.adobe.com/reader/



Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Edited by boopme, 25 October 2011 - 10:20 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 briffdogg

briffdogg
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:02:45 AM

Posted 26 October 2011 - 03:21 AM

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8021

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

10/26/2011 3:09:19 AM
mbam-log-2011-10-26 (03-09-19).txt

Scan type: Full scan (C:\|E:\|)
Objects scanned: 394783
Time elapsed: 2 hour(s), 19 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:45 AM

Posted 26 October 2011 - 10:07 AM

Let me know how it's running now..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 briffdogg

briffdogg
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Local time:02:45 AM

Posted 26 October 2011 - 10:13 PM

running very smooth and faster my friend thank you very much :)

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:45 AM

Posted 26 October 2011 - 10:20 PM

Ok, great!! You're welcome. You should put XP Service Pack 3 in there to close the security gaps it covers.

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users