Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ads and a Virus


  • Please log in to reply
23 replies to this topic

#1 VAParadise4

VAParadise4

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 16 June 2012 - 01:51 PM

Hi, my name is Victoria. I'm having some issues with my computer, and my mom has used your website before, and she said you'll be able to help me. I got my laptop in December for Christmas, and it was working great. I had a free trial of Norton, and it was awesome, but my trial ran up. I went about four months without a filter and it RUINED my computer. I got AVG about a week ago, but it didn't fix the problems I had before. I'm constantly getting pop-ups, my computer restarts for no reason at all, I can't use Youtube at all because the ads cause the video to lag every ten seconds, and I have a virus. How can I fix these issues and get my computer running properly again? Oh, and I don't know if it matters, but I have a Toshiba Satellite L755. Thank you!

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:33 PM

Posted 16 June 2012 - 03:57 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 VAParadise4

VAParadise4
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 16 June 2012 - 06:24 PM

I followed everything you told me to EXACTLY.. But, on the AVG Anti-Malware quick scan, where you said to click Show Results, it didn't have a link or anything that said Show Results, so I clicked Move To Vault (Recommended). There was a window that popped up that said "Access is denied. Moving object to Virus Vault failed. Do you really want to delete this object? HKCR\CLSID\{41A1BC10-76B9-42CA-A480-AAFB64D6BCBE} " I clicked yes. It then loaded for a minute more, then said "Threat has been removed successfully." So I closed it. A log in Notepad didn't come up, so I went to my Search Programs on my start button, and search both of the links you gave me - C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt AND C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt . Both came up "No items match your search." I then restarted my computer and downloaded aswMBR to my desktop and finished what you told me to do.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:33 PM

Posted 16 June 2012 - 06:29 PM

I'm not sure what you're saying...
All I need are 4 logs.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 VAParadise4

VAParadise4
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 16 June 2012 - 06:50 PM

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Smart PC Cleaner v3.0
JavaFX 2.1.0
Java™ 6 Update 30
Java™ 7 Update 4
Out of date Java installed!
Adobe Flash Player ( 10.2.152.32) Flash Player Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
AVG avgwdsvc.exe
AVG avgtray.exe
``````````End of Log````````````





Farbar Service Scanner Version: 09-06-2012
Ran by Victoria (administrator) on 16-06-2012 at 17:18:47
Running from "C:\Users\Victoria\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-12 21:37] - [2012-04-24 00:37] - 0184320 ____A (Microsoft Corporation) 4F5414602E2544A4554D95517948B705

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe
[2011-04-29 00:07] - [2011-03-01 03:07] - 0027648 ____A (Microsoft Corporation) 6F68F63794097E54F36474ED4384B759

C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****






MiniToolBox by Farbar Version: 09-06-2012
Ran by Victoria (administrator) on 16-06-2012 at 17:21:34
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Victoria-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : netgear.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : netgear.com
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : D0-DF-9A-65-D8-1A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5c69:3106:65af:6576%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 16, 2012 4:24:42 PM
Lease Expires . . . . . . . . . . : Sunday, June 17, 2012 4:24:46 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 248569754
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-AF-64-08-D0-DF-9A-65-D8-1A
DNS Servers . . . . . . . . . . . : 192.168.254.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.netgear.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : netgear.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:aa:2f48:b5d9:53c9(Preferred)
Link-local IPv6 Address . . . . . : fe80::aa:2f48:b5d9:53c9%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter.netgear.com
Address: 192.168.254.254

Name: google.com
Addresses: 2607:f8b0:4004:801::1008
74.125.228.34
74.125.228.35
74.125.228.36
74.125.228.37
74.125.228.38
74.125.228.39
74.125.228.40
74.125.228.41
74.125.228.46
74.125.228.32
74.125.228.33


Pinging google.com [74.125.228.33] with 32 bytes of data:
Reply from 74.125.228.33: bytes=32 time=48ms TTL=53
Reply from 74.125.228.33: bytes=32 time=49ms TTL=53

Ping statistics for 74.125.228.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 49ms, Average = 48ms
Server: dslrouter.netgear.com
Address: 192.168.254.254

Name: yahoo.com
Addresses: 209.191.122.70
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=119ms TTL=51
Reply from 72.30.38.140: bytes=32 time=131ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 119ms, Maximum = 131ms, Average = 125ms
Server: dslrouter.netgear.com
Address: 192.168.254.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...d0 df 9a 65 d8 1a ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.105 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.105 281
192.168.1.105 255.255.255.255 On-link 192.168.1.105 281
192.168.1.255 255.255.255.255 On-link 192.168.1.105 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.105 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.105 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:aa:2f48:b5d9:53c9/128
On-link
11 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::aa:2f48:b5d9:53c9/128
On-link
11 281 fe80::5c69:3106:65af:6576/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/16/2012 01:33:16 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 19.0.1084.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3060

Start Time: 01cd4b569b291f0e

Termination Time: 24

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: b5045a96-b7e1-11e1-a279-c3de3a32bbd0

Error: (06/16/2012 09:03:35 AM) (Source: Google Update) (User: Victoria)Victoria
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (06/15/2012 03:36:00 AM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 19.0.1084.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1810

Start Time: 01cd49ea1f2c872a

Termination Time: 149

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 0baf1966-b6c5-11e1-a279-c3de3a32bbd0

Error: (06/13/2012 11:56:52 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 19.0.1084.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e50

Start Time: 01cd49df73fc63e7

Termination Time: 14

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 5681cf10-b5dd-11e1-a279-c3de3a32bbd0

Error: (06/13/2012 10:41:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/13/2012 10:24:20 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 19.0.1084.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 123c

Start Time: 01cd49a11ff32f90

Termination Time: 206

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 6746301d-b5d0-11e1-bfc3-e23fffe662d4

Error: (06/13/2012 06:11:48 PM) (Source: Application Hang) (User: )
Description: The program Wow.exe version 4.3.4.15595 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c0c

Start Time: 01cd49a7ac9e1650

Termination Time: 81

Application Path: C:\Program Files (x86)\World of Warcraft\Wow.exe

Report Id:

Error: (06/13/2012 03:14:20 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 19.0.1084.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f6c

Start Time: 01cd49a037ef6d9d

Termination Time: 13

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 587b4e35-b594-11e1-bfc3-e23fffe662d4

Error: (06/13/2012 03:08:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/13/2012 01:12:50 PM) (Source: Application Hang) (User: )
Description: The program Weather.exe version 6.8.0.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11b4

Start Time: 01cd499009301ae0

Termination Time: 437

Application Path: C:\Program Files (x86)\AWS\WeatherBug\Weather.exe

Report Id: 594a08de-b583-11e1-af98-c4214b56f0d9


System errors:
=============
Error: (06/16/2012 04:24:48 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (06/16/2012 04:24:48 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (06/16/2012 04:24:48 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (06/16/2012 04:24:44 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (06/16/2012 04:24:44 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (06/16/2012 04:24:44 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (06/16/2012 04:24:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (06/16/2012 04:24:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (06/16/2012 04:24:38 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (06/16/2012 02:07:54 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (06/16/2012 01:33:16 PM) (Source: Application Hang)(User: )
Description: chrome.exe19.0.1084.56306001cd4b569b291f0e24C:\Program Files (x86)\Google\Chrome\Application\chrome.exeb5045a96-b7e1-11e1-a279-c3de3a32bbd0

Error: (06/16/2012 09:03:35 AM) (Source: Google Update)(User: Victoria)Victoria
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (06/15/2012 03:36:00 AM) (Source: Application Hang)(User: )
Description: chrome.exe19.0.1084.56181001cd49ea1f2c872a149C:\Program Files (x86)\Google\Chrome\Application\chrome.exe0baf1966-b6c5-11e1-a279-c3de3a32bbd0

Error: (06/13/2012 11:56:52 PM) (Source: Application Hang)(User: )
Description: chrome.exe19.0.1084.56e5001cd49df73fc63e714C:\Program Files (x86)\Google\Chrome\Application\chrome.exe5681cf10-b5dd-11e1-a279-c3de3a32bbd0

Error: (06/13/2012 10:41:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/13/2012 10:24:20 PM) (Source: Application Hang)(User: )
Description: chrome.exe19.0.1084.56123c01cd49a11ff32f90206C:\Program Files (x86)\Google\Chrome\Application\chrome.exe6746301d-b5d0-11e1-bfc3-e23fffe662d4

Error: (06/13/2012 06:11:48 PM) (Source: Application Hang)(User: )
Description: Wow.exe4.3.4.15595c0c01cd49a7ac9e165081C:\Program Files (x86)\World of Warcraft\Wow.exe

Error: (06/13/2012 03:14:20 PM) (Source: Application Hang)(User: )
Description: chrome.exe19.0.1084.56f6c01cd49a037ef6d9d13C:\Program Files (x86)\Google\Chrome\Application\chrome.exe587b4e35-b594-11e1-bfc3-e23fffe662d4

Error: (06/13/2012 03:08:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/13/2012 01:12:50 PM) (Source: Application Hang)(User: )
Description: Weather.exe6.8.0.811b401cd499009301ae0437C:\Program Files (x86)\AWS\WeatherBug\Weather.exe594a08de-b583-11e1-af98-c4214b56f0d9


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 10 ActiveX (Version: 10.2.152.32)
Adobe Flash Player 10 Plugin (Version: 10.2.152.32)
Adobe Reader X MUI (Version: 10.0.0)
AMD VISION Engine Control Center (Version: 2011.0420.1613.27244)
Anti-phishing Domain Advisor (Version: 1.0.0.0)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.820.0)
Audials (Version: 9.1.16000.0)
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 12.0.2433)
AVG 2012 (Version: 2012.0.2180)
Best Buy pc app (Version: 3.2.0.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0420.1613.27244)
Catalyst Control Center InstallProxy (Version: 2011.0420.1613.27244)
Catalyst Control Center Localization All (Version: 2011.0420.1613.27244)
ccc-utility64 (Version: 2011.0420.1613.27244)
CCC Help Chinese Standard (Version: 2011.0420.1612.27244)
CCC Help Chinese Traditional (Version: 2011.0420.1612.27244)
CCC Help Czech (Version: 2011.0420.1612.27244)
CCC Help Danish (Version: 2011.0420.1612.27244)
CCC Help Dutch (Version: 2011.0420.1612.27244)
CCC Help English (Version: 2011.0420.1612.27244)
CCC Help Finnish (Version: 2011.0420.1612.27244)
CCC Help French (Version: 2011.0420.1612.27244)
CCC Help German (Version: 2011.0420.1612.27244)
CCC Help Greek (Version: 2011.0420.1612.27244)
CCC Help Hungarian (Version: 2011.0420.1612.27244)
CCC Help Italian (Version: 2011.0420.1612.27244)
CCC Help Japanese (Version: 2011.0420.1612.27244)
CCC Help Korean (Version: 2011.0420.1612.27244)
CCC Help Norwegian (Version: 2011.0420.1612.27244)
CCC Help Polish (Version: 2011.0420.1612.27244)
CCC Help Portuguese (Version: 2011.0420.1612.27244)
CCC Help Russian (Version: 2011.0420.1612.27244)
CCC Help Spanish (Version: 2011.0420.1612.27244)
CCC Help Swedish (Version: 2011.0420.1612.27244)
CCC Help Thai (Version: 2011.0420.1612.27244)
CCC Help Turkish (Version: 2011.0420.1612.27244)
Conexant HD Audio (Version: 8.51.1.0)
D3DX10 (Version: 15.4.2368.0902)
Disney Pirates of the Caribbean Online (Version: )
Download Manager
Driver Detective (Version: 8.0.1)
Epic Ages (Version: 1.0.287)
Fable III (Version: 1.0.0000.131)
Fable III (Version: 1.0.0002.131)
Facebook Messenger 2.1.4520.0 (Version: 2.1.4520.0)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
File Type Assistant
FoxTab Video Player
FoxTab Video To MP3
Genieo (Version: 1.0.311)
Google Chrome (Version: 19.0.1084.56)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 30 (Version: 6.0.300)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
JetMP3 (Version: 1.0213.1239)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
MagicDisc 2.7.106
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MplayerforWindows v2011-03-27 (Version: v2011-03-27)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Norton PC Checkup (Version: 2.0.17.20)
ooVoo (Version: 3.0.7040)
Optimizer Pro v3.0 (Version: 3.0)
Origin (Version: 8.5.2.23)
Pando Media Booster (Version: 2.6.0.7)
PC Optimizer Pro (Version: 6.2.4.2)
Playalot Games (Version: 1.0.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
RawCoupon Toolbar (Version: 6.8.5.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek USB 2.0 Reader Driver (Version: 1.0.0.14)
Realtek WLAN Driver (Version: 2.00.0013)
RealUpgrade 1.1 (Version: 1.1.0)
RebateRobot for Online Shopping version 1.0.2 (Version: 1.0.2)
RivalGaming
Rugrats™ All Growed Up
Searchqu Toolbar (Version: 3.0.0.122375)
Shop To Win (Version: 1.1.0.0)
Skype Click to Call (Version: 5.8.8855)
Skype 5.6 (Version: 5.6.110)
Smart PC Cleaner v3.0 (Version: 3.0)
Spam Free Search Bar (Version: 1.0.0.12)
Spotify (Version: 0.8.3.222.g317ab79d)
SweetIM for Messenger 3.6 (Version: 3.6.0002)
SweetIM Toolbar for Internet Explorer 4.2 (Version: 4.2.0004)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
The Sims 3 (Version: 1.34.27)
The Sims 3 Ambitions (Version: 4.10.1)
The Weather Channel Desktop 6
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 4.02.02)
Toshiba Book Place (Version: 2.2.6775)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.9 for x64)
TOSHIBA eco Utility (Version: 1.3.2.64)
TOSHIBA Face Recognition (Version: 3.1.8.64)
TOSHIBA Hardware Setup (Version: 4.09.02.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.8)
TOSHIBA Media Controller (Version: 1.0.86.2)
TOSHIBA Media Controller Plug-in (Version: 1.0.6.1)
TOSHIBA PC Health Monitor (Version: 1.7.7.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.3.5109)
TOSHIBA ReelTime (Version: 1.7.18.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.0)
TOSHIBA Service Station (Version: 2.1.52)
TOSHIBA Sleep Utility (Version: 1.4.2.8)
TOSHIBA Supervisor Password (Version: 4.09.02.00)
TOSHIBA Value Added Package (Version: 1.5.10.64)
TOSHIBA Web Camera Application (Version: 2.0.3.35)
TOSHIBA Wireless LAN Indicator (Version: 1.0.4)
ToshibaRegistration (Version: 1.0.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
vGrabber (Version: 1.14)
Vgrabber Toolbar (Version: 6.8.5.1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.0.1 (Version: 1.0.1)
VUDU To Go (Version: 1.0.0)
Wajam (Version: 1.37)
WeatherBug (Version: 7.0.0.7)
Windows iLivid Toolbar (Version: 3.0.0.118320)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Wizard101 (Version: 1.0.0)
WMV9/VC-1 Video Playback (Version: 1.00.0000)
World of Warcraft (Version: 4.3.4.15595)
wxDfast (Version: )
wxDownload Fast 0.6.0

========================= Devices: ================================

Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 3558.87 MB
Available physical RAM: 1248.98 MB
Total Pagefile: 7115.93 MB
Available Pagefile: 2330.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.46 MB

========================= Partitions: =====================================

1 Drive c: (TI106166W0D) (Fixed) (Total:283.15 GB) (Free:149.68 GB) NTFS
2 Drive d: (Sims3EP02) (CDROM) (Total:4.6 GB) (Free:0 GB) UDF
3 Drive e: (Sims3) (CDROM) (Total:5.56 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\VICTORIA-PC

Administrator Guest Other
Victoria


**** End of log ****





What I was trying to tell you was I didn't get a log for the last one.

#6 VAParadise4

VAParadise4
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 16 June 2012 - 06:52 PM

And I was explaining what I did because it didn't come up as you said it would.

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:33 PM

Posted 16 June 2012 - 06:55 PM

I still need two logs, MBAM and aswMBR.
Which one didn't show up?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#8 VAParadise4

VAParadise4
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 16 June 2012 - 06:59 PM

Well, I put three logs up there, and you said you only needed the four. But I didn't get one for the MBAM or the aswMBR.

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:33 PM

Posted 16 June 2012 - 07:01 PM

Re-run both tools.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#10 VAParadise4

VAParadise4
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 16 June 2012 - 09:18 PM

Okay,so I got the log for the aswMBR, but when I opened the MBR in Notepad, I got this :

3м |ؾ |  Ph ~ | V UFF AU]rUu  tFf`~ t&fh fvh h |h h BV  |V vNnfasN ~  U2V ]뜁>}Uunv  d `x dq f#u;fTCPAu2r,fh fh  fh fSfSfUfh fh | fah Z2 | 2 < t +d $$Invalid partition table Error loading operating system Missing operating system e ! '  . Y . d#  # H U

This is the aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-16 19:47:57
-----------------------------
19:47:57.217 OS Version: Windows x64 6.1.7601 Service Pack 1
19:47:57.217 Number of processors: 4 586 0x100
19:47:57.232 ComputerName: VICTORIA-PC UserName: Victoria
19:48:41.448 Initialze error C000010E - driver not loaded
19:48:41.494 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
19:48:41.931 AVAST engine defs: 12061601
19:48:58.015 Service scanning
19:50:00.428 Modules scanning
19:50:00.428 Disk 0 trace - called modules:
19:50:00.428
19:50:02.035 AVAST engine scan C:\windows
19:50:06.013 AVAST engine scan C:\windows\system32
19:54:30.749 AVAST engine scan C:\windows\system32\drivers
19:54:47.691 AVAST engine scan C:\Users\Victoria
19:55:00.499 File: C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\adhmhclafdhfabmmglbcngpddpdeijgd\npRivalGamingGC.dll **INFECTED** Win32:Adware-gen [Adw]
20:04:31.880 File: C:\Users\Victoria\AppData\Local\Temp\538874.Uninstall\Uninstall.exe **INFECTED** Win32:Spyware-gen [Spy]
20:04:32.613 File: C:\Users\Victoria\AppData\Local\Temp\803717.Uninstall\Uninstall.exe **INFECTED** Win32:Spyware-gen [Spy]
20:04:44.407 File: C:\Users\Victoria\AppData\Local\Temp\DownloadManager_Installer.exe **INFECTED** Win32:Malware-gen
20:24:49.592 File: C:\Users\Victoria\Downloads\PDFReaderSetup (1).exe **INFECTED** Win32:Spyware-gen [Spy]
20:24:49.841 File: C:\Users\Victoria\Downloads\PDFReaderSetup (2).exe **INFECTED** Win32:Spyware-gen [Spy]
20:24:51.386 File: C:\Users\Victoria\Downloads\PDFReaderSetup.exe **INFECTED** Win32:Spyware-gen [Spy]
20:24:59.513 File: C:\Users\Victoria\Downloads\SetupRG (1).exe **INFECTED** Win32:Gamevance-CS [Adw]
20:25:22.055 File: C:\Users\Victoria\Downloads\XvidSetup.exe **INFECTED** Win32:HotBar-BL [Adw]
20:26:23.473 AVAST engine scan C:\ProgramData
20:28:13.375 Scan finished successfully
21:00:57.049 The log file has been saved successfully to "C:\Users\Victoria\Documents\ComputerFail\aswMBR 6-16-12.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-16 19:47:57
-----------------------------
19:47:57.217 OS Version: Windows x64 6.1.7601 Service Pack 1
19:47:57.217 Number of processors: 4 586 0x100
19:47:57.232 ComputerName: VICTORIA-PC UserName: Victoria
19:48:41.448 Initialze error C000010E - driver not loaded
19:48:41.494 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
19:48:41.931 AVAST engine defs: 12061601
19:48:58.015 Service scanning
19:50:00.428 Modules scanning
19:50:00.428 Disk 0 trace - called modules:
19:50:00.428
19:50:02.035 AVAST engine scan C:\windows
19:50:06.013 AVAST engine scan C:\windows\system32
19:54:30.749 AVAST engine scan C:\windows\system32\drivers
19:54:47.691 AVAST engine scan C:\Users\Victoria
19:55:00.499 File: C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\adhmhclafdhfabmmglbcngpddpdeijgd\npRivalGamingGC.dll **INFECTED** Win32:Adware-gen [Adw]
20:04:31.880 File: C:\Users\Victoria\AppData\Local\Temp\538874.Uninstall\Uninstall.exe **INFECTED** Win32:Spyware-gen [Spy]
20:04:32.613 File: C:\Users\Victoria\AppData\Local\Temp\803717.Uninstall\Uninstall.exe **INFECTED** Win32:Spyware-gen [Spy]
20:04:44.407 File: C:\Users\Victoria\AppData\Local\Temp\DownloadManager_Installer.exe **INFECTED** Win32:Malware-gen
20:24:49.592 File: C:\Users\Victoria\Downloads\PDFReaderSetup (1).exe **INFECTED** Win32:Spyware-gen [Spy]
20:24:49.841 File: C:\Users\Victoria\Downloads\PDFReaderSetup (2).exe **INFECTED** Win32:Spyware-gen [Spy]
20:24:51.386 File: C:\Users\Victoria\Downloads\PDFReaderSetup.exe **INFECTED** Win32:Spyware-gen [Spy]
20:24:59.513 File: C:\Users\Victoria\Downloads\SetupRG (1).exe **INFECTED** Win32:Gamevance-CS [Adw]
20:25:22.055 File: C:\Users\Victoria\Downloads\XvidSetup.exe **INFECTED** Win32:HotBar-BL [Adw]
20:26:23.473 AVAST engine scan C:\ProgramData
20:28:13.375 Scan finished successfully
21:00:57.049 The log file has been saved successfully to "C:\Users\Victoria\Documents\ComputerFail\aswMBR 6-16-12.txt"
21:01:16.128 The log file has been saved successfully to "C:\Users\Victoria\Documents\ComputerFail\aswMBR 6-16-12.txt"

#11 VAParadise4

VAParadise4
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 16 June 2012 - 09:28 PM

And "Therockwall", I didn't come here for your opinion.. I came here to have someone who knows what they're talking about tell me how to fix my computer.. Thanks..

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:33 PM

Posted 16 June 2012 - 09:59 PM

Very well.

I still need MBAM log.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 VAParadise4

VAParadise4
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 16 June 2012 - 11:34 PM

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.17.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Victoria :: VICTORIA-PC [administrator]

Protection: Enabled

6/16/2012 10:46:09 PM
mbam-log-2012-06-16 (23-34-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 289644
Time elapsed: 19 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 25
HKCR\CLSID\{11111111-1111-1111-1111-110011461139} (PUP.CrossFire.SA) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440044464439} (PUP.CrossFire.SA) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550055465539} (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.BHO.1 (PUP.CrossFire.SA) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011461139} (PUP.CrossFire.SA) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011461139} (PUP.CrossFire.SA) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011461139} (PUP.CrossFire.SA) -> No action taken.
HKCR\CLSID\{22222222-2222-2222-2222-220022462239} (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.Sandbox.1 (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.Sandbox (PUP.CrossFire.SA) -> No action taken.
HKCR\CLSID\{33333333-3333-3333-3333-330033463339} (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.FBApi.1 (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.FBApi (PUP.CrossFire.SA) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0004639.BHO (PUP.CrossFire.SA) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F4C5E11-0612-48D2-8055-987992AAC432} (PUP.wxDfast) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavingsApp (PUP.CrossFire.SA) -> No action taken.
HKCU\Software\Cr_Installer\4639 (Adware.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> No action taken.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41A1BC10-76B9-42CA-A480-AAFB64D6BCBE} (PUP.wxDfast) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{41A1BC10-76B9-42CA-A480-AAFB64D6BCBE} (PUP.wxDfast) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41A1BC10-76B9-42CA-A480-AAFB64D6BCBE} (PUP.wxDfast) -> No action taken.

Registry Values Detected: 2
HKCU\Software\InstalledBrowserExtensions\215 Apps|4639 (PUP.CrossFire.SA) -> Data: SavingsApp -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavingsApp|Publisher (PUP.CrossFire.SA) -> Data: 215 Apps -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 11
C:\Program Files (x86)\Object (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\content (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\defaults (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\defaults\preferences (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\locale (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\locale\en-US (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\skin (PUP.FCTPlugin) -> No action taken.
C:\ProgramData\wxDfast (PUP.wxDfast) -> No action taken.
C:\ProgramData\wxDfast\data (PUP.wxDfast) -> No action taken.
C:\Program Files (x86)\SavingsApp (PUP.CrossFire.SA) -> No action taken.

Files Detected: 69
C:\Program Files (x86)\SavingsApp\SavingsApp.dll (PUP.CrossFire.SA) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-715348841-432181978-221854585-1000\$RB7Q1KG.exe (Affiliate.Downloader) -> No action taken.
C:\Users\Victoria\AppData\Local\Temp\538874.Uninstall\Uninstall.exe (Adware.Agent) -> No action taken.
C:\Users\Victoria\AppData\Local\Temp\803717.Uninstall\Uninstall.exe (Adware.Agent) -> No action taken.
C:\Users\Victoria\AppData\Local\Temp\is1438683437\IWantThis.exe (Adware.GamePlayLabs) -> No action taken.
C:\Users\Victoria\Downloads\DownloadManager_Setup.exe (PUP.Bundle.Installer.OI) -> No action taken.
C:\Users\Victoria\Downloads\DownloadSetup (1).exe (Affiliate.Downloader) -> No action taken.
C:\Users\Victoria\Downloads\DownloadSetup (2).exe (Affiliate.Downloader) -> No action taken.
C:\Users\Victoria\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> No action taken.
C:\Users\Victoria\Downloads\FastDownload.exe (Affiliate.Downloader) -> No action taken.
C:\Users\Victoria\Downloads\FinalTorrent2011Setup.exe (PUP.BundleOffers.IIQ) -> No action taken.
C:\Users\Victoria\Downloads\IWantThis.exe (Adware.GamePlayLabs) -> No action taken.
C:\Users\Victoria\Downloads\PDFReaderSetup (1).exe (Adware.Agent) -> No action taken.
C:\Users\Victoria\Downloads\PDFReaderSetup (2).exe (Adware.Agent) -> No action taken.
C:\Users\Victoria\Downloads\PDFReaderSetup.exe (Adware.Agent) -> No action taken.
C:\Users\Victoria\Downloads\SetupRG (1).exe (Adware.GameVance) -> No action taken.
C:\Users\Victoria\Downloads\SoftonicDownloader_for_mydiary.exe (PUP.ToolbarDownloader) -> No action taken.
C:\Users\Victoria\Downloads\VideoPlayerSetup.exe (Adware.Agent) -> No action taken.
C:\Users\Victoria\Downloads\VideoToMp3Setup.exe (Adware.Agent) -> No action taken.
C:\Users\Victoria\Downloads\video_downloader (1).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Victoria\Downloads\video_downloader (2).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Victoria\Downloads\video_downloader (3).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Victoria\Downloads\video_downloader (4).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Victoria\Downloads\video_downloader (5).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Victoria\Downloads\video_downloader (6).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Victoria\Downloads\video_downloader (7).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Victoria\Downloads\video_downloader (8).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Victoria\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Victoria\AppData\Local\Temp\.exe (Trojan.Agent) -> No action taken.
C:\Program Files (x86)\Object\status.txt (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\config.ini (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\enable.txt (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\status2.txt (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\status3.txt (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\status4.txt (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\build.sh (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\chrome.manifest (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\config_build.sh (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\files (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\install.rdf (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\readme.txt (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\content\.DS_Store (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\content\firefoxOverlay.xul (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\content\installid.js (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\content\overlay.js (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\content\sudoku.js (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\defaults\.DS_Store (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\defaults\preferences\.DS_Store (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\defaults\preferences\._sudoku.js (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\defaults\preferences\sudoku.js (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\locale\.DS_Store (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\locale\en-US\.DS_Store (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\locale\en-US\sudoku.dtd (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\locale\en-US\sudoku.properties (PUP.FCTPlugin) -> No action taken.
C:\Program Files (x86)\Object\facetheme\skin\overlay.css (PUP.FCTPlugin) -> No action taken.
C:\ProgramData\wxDfast\background.html (PUP.wxDfast) -> No action taken.
C:\ProgramData\wxDfast\content.js (PUP.wxDfast) -> No action taken.
C:\ProgramData\wxDfast\opnkkfjdnhgkjefnnohgfackfninikjo.crx (PUP.wxDfast) -> No action taken.
C:\ProgramData\wxDfast\settings.ini (PUP.wxDfast) -> No action taken.
C:\ProgramData\wxDfast\uninstall.exe (PUP.wxDfast) -> No action taken.
C:\ProgramData\wxDfast\data\content.js (PUP.wxDfast) -> No action taken.
C:\ProgramData\wxDfast\data\jsondb.js (PUP.wxDfast) -> No action taken.
C:\Program Files (x86)\SavingsApp\SavingsAppInstaller.log (PUP.CrossFire.SA) -> No action taken.
C:\Program Files (x86)\SavingsApp\SavingsApp.exe (PUP.CrossFire.SA) -> No action taken.
C:\Program Files (x86)\SavingsApp\SavingsApp.ico (PUP.CrossFire.SA) -> No action taken.
C:\Program Files (x86)\SavingsApp\SavingsApp.ini (PUP.CrossFire.SA) -> No action taken.
C:\Program Files (x86)\SavingsApp\SavingsAppGui.exe (PUP.CrossFire.SA) -> No action taken.
C:\Program Files (x86)\SavingsApp\Uninstall.exe (PUP.CrossFire.SA) -> No action taken.
C:\Users\Victoria\Local Settings\Application Data\SavingsApp\Chrome\SavingsApp.crx (PUP.CrossFire.SA) -> No action taken.

(end)

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:33 PM

Posted 16 June 2012 - 11:40 PM

Your log says "No action taken".
Re-run MBAM, fix all issues and post new log.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 VAParadise4

VAParadise4
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 16 June 2012 - 11:51 PM

How do I fix the issues? Do I delete the ones that are red? Or all that pop up (cause they're all red) ?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users