Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop constantly freezes in IE (just started doing this)


  • This topic is locked This topic is locked
4 replies to this topic

#1 dakotag

dakotag

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 12 March 2012 - 11:50 AM

Hello, my laptop recently started freezing when in Internet Exploter and in Outlook. If I wait a few minutes it will respond but then freeze again. It's impossible for me to do anything online. DDS log is below and "attach.txt" and "ark.txt" are attached. I also have a HiJackThis log that I can post if requested.

DDS Log:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Chris at 12:12:11 on 2012-03-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2368 [GMT -4:00]
.
AV: Panda Internet Security 2011 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Internet Security 2011 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2011 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe
C:\windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\TPSrvWow.exe
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2011\WebProxy.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\pavsrvx86.exe
C:\windows\System32\svchost.exe -k HPZ12
c:\program files (x86)\panda security\panda internet security 2011\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsImSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\System32\rundll32.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\ApVxdWin.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
E:\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe
C:\windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavBckPT.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\AVENGINE.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Facebook Update] "C:\Users\Chris\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [<NO NAME>]
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "E:\iTunes\iTunesHelper.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
StartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append to existing PDF - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - E:\MICROS~1\OFFICE11\REFIEBAR.DLL
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{78735500-6C98-47CF-9D26-379411E11C0F} : DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{78735500-6C98-47CF-9D26-379411E11C0F}\0596E6E61636C6560214050313 : DhcpNameServer = 8.8.8.8 8.8.4.4 4.2.2.4
TCP: Interfaces\{78735500-6C98-47CF-9D26-379411E11C0F}\74347457563747 : DhcpNameServer = 10.0.0.250 10.0.0.3
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Adobe Acrobat 8 Pro\Acrobat\AcroIEFavClient.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [(Default)]
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\APVXDWIN.EXE" /s
mRun-x64: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "E:\iTunes\iTunesHelper.exe"
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;Panda boot driver;C:\windows\system32\Drivers\pavboot64.sys --> C:\windows\system32\Drivers\pavboot64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
R2 AmFSM;AmFSM;C:\windows\system32\DRIVERS\amm6460.sys --> C:\windows\system32\DRIVERS\amm6460.sys [?]
R2 APPFLT;App Filter Plugin;\??\C:\windows\system32\Drivers\APPFLT64.SYS --> C:\windows\system32\Drivers\APPFLT64.SYS [?]
R2 ComFiltr;Panda Anti-Dialer;\??\C:\windows\system32\DRIVERS\COMFiltr.sys --> C:\windows\system32\DRIVERS\COMFiltr.sys [?]
R2 DSAFLT;DSA Filter Plugin;\??\C:\windows\system32\Drivers\DSAFLT64.SYS --> C:\windows\system32\Drivers\DSAFLT64.SYS [?]
R2 FNETMON;NetMon Filter Plugin;\??\C:\windows\system32\Drivers\fnetm64.SYS --> C:\windows\system32\Drivers\fnetm64.SYS [?]
R2 IDSFLT;Ids Filter Plugin;\??\C:\windows\system32\Drivers\IDSFLT64.SYS --> C:\windows\system32\Drivers\IDSFLT64.SYS [?]
R2 NETFLTDI;Panda Net Driver [TDI Layer];\??\C:\windows\system32\Drivers\NETTDI64.SYS --> C:\windows\system32\Drivers\NETTDI64.SYS [?]
R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atipmdag.sys --> C:\windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]
R3 BcmVWL;Broadcom Virtual Wireless;C:\windows\system32\DRIVERS\bcmvwl64.sys --> C:\windows\system32\DRIVERS\bcmvwl64.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\system32\DRIVERS\CtClsFlt.sys --> C:\windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 NETIMFLT01060042;PANDA NDIS IM Filter Miniport v1.6.0.42;C:\windows\system32\DRIVERS\n64i1642.sys --> C:\windows\system32\DRIVERS\n64i1642.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
.
=============== File Associations ===============
.
JSEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %*
VBEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %*
VBSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %*
.
=============== Created Last 30 ================
.
2012-03-12 15:42:28 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FA0F4E1B-2083-4197-B5F2-C9083284EFCC}\offreg.dll
2012-03-12 15:41:49 200976 ----a-w- C:\windows\SysWow64\drivers\tmcomm.sys
2012-03-12 15:31:51 388096 ----a-r- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-03-12 15:31:50 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-03-09 16:17:50 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FA0F4E1B-2083-4197-B5F2-C9083284EFCC}\mpengine.dll
2012-03-08 19:19:28 -------- d-----w- C:\ProgramData\Panda Software
2012-02-27 22:29:44 -------- d-----w- C:\Users\Chris\AppData\Local\630D4ABB-A0B3-47C6-8880-9ECE8F70296E.aplzod
2012-02-24 21:40:57 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-02-24 21:40:40 -------- d-----w- C:\Users\Chris\AppData\Local\Microsoft Help
2012-02-16 15:38:12 509952 ----a-w- C:\windows\System32\ntshrui.dll
2012-02-16 15:38:12 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll
2012-02-16 15:38:10 515584 ----a-w- C:\windows\System32\timedate.cpl
2012-02-16 15:38:10 478720 ----a-w- C:\windows\SysWow64\timedate.cpl
2012-02-16 15:38:05 498688 ----a-w- C:\windows\System32\drivers\afd.sys
2012-02-16 15:38:02 3145728 ----a-w- C:\windows\System32\win32k.sys
2012-02-16 15:38:01 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll
2012-02-16 15:38:01 634880 ----a-w- C:\windows\System32\msvcrt.dll
.
==================== Find3M ====================
.
2012-02-23 14:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe
2012-02-21 15:00:00 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-14 07:11:03 2308096 ----a-w- C:\windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
.
============= FINISH: 12:13:51.42 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,936 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:41 PM

Posted 14 March 2012 - 09:52 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

#3 dakotag

dakotag
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 14 March 2012 - 10:08 AM

Thanks for your reply. Before running this program I wanted to run something past you first. After posting my original message I looked in the Windows Event Viewer and noticed hundreds of Administrative Errors being recorded. They all had the same message - "The driver detected a controller error on \Device\Ide\IdePort0." The source is "atapi" and the event code is "11". After several attempts I was finally able to run chkdsk and it came up with and repaired errors. Now things seems to be working better EXCEPT if I try and do several things at once (like opening outlook at the same time as have several web pages open).

So my question is this.... should I still run the program you asked me too or does this appear to be a hardware issue? I'll await your reply.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,936 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:41 PM

Posted 14 March 2012 - 12:55 PM

Yes please run the programs.

I want to make sure that you do not have a Master Boot Infection.
Then I can proceed with some other tools.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,936 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:41 PM

Posted 19 March 2012 - 09:13 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users