Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No icons, other issues, mouse is possessed - really


  • This topic is locked This topic is locked
20 replies to this topic

#1 taram7

taram7

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 29 May 2013 - 10:48 PM

Posted Today, 07:04 PM

I first noticed a problem when my computer started telling my internet connection was not secure. I have not received this information for my laptop or other computer, only this one. 

So I tried to download and run Mbam and it wouldn't let me. I went into safemode, ran rkill and downloaded it, ran it. Said it found an 'ad. something' and removed it. So I thought I was okay at that point. Nope.

 

Restarted in regular mode- no icons. Went back to safemode, ran unhide, then Rkill- back to regular and ran Mbam. Found nothing. Ran Avast Antivirus Full scan, found nothing. Downloaded and Ran 10bit. Found nothing. 

 

Every time I shut it down or restart- no icons. I left it sit once for about an hour, icons finally popped up. But my mouse is now possessed. It double clicks everything, sometimes if I just run the mouse over, it clicks it for me. Opens 2-3 of everything I try to open. I am still getting 'network not secure' which takes me to a Comodo screen to buy their safe connect thing. Comodo (free) is my firewall I run.

 

Some time after using machine, the usb's stop reading, and it kicks my wireless adapter off. I have ran everything I can find and nothing picks up anything. But still no icons on startup- until days later, still get unsecure network error and mouse is still possessed. 

 

I ran a process explorer v15.3 to see if my startup was just messed up since its an old computer and found two Spigot, Inc. processes. Other than the normal Microsoft processes and my security programs, Chrome and Sun Micro. 

 

I googled the Spigot, inc. and I guess it is pretty seedy. 

 

also ran FRST and ComboFix. 

But I don't know much about computers except that I know something is wrong with this one. I need it for my business and its not working well. 

Thank you so much!

Tara

Log Follows

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Combo Fix Log:

 

 

ComboFix 13-05-30.01 - Tara 05/29/2013  23:00:01.4.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2046.1397 [GMT -4:00]
Running from: c:\documents and settings\Tara\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-28 to 2013-05-30  )))))))))))))))))))))))))))))))
.
.
2013-05-30 03:03 . 2013-05-30 03:03 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-05-30 01:38 . 2013-05-30 01:37 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-05-30 01:38 . 2013-05-30 01:37 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-29 19:44 . 2013-05-29 19:44 -------- d-----w- C:\FRST
2013-05-29 03:54 . 2013-05-29 03:54 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2013-05-29 03:53 . 2013-05-29 03:53 -------- d-----w- c:\documents and settings\Tara\Application Data\Search Settings
2013-05-29 03:53 . 2013-05-29 03:53 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Application Updater
2013-05-29 03:53 . 2013-05-29 03:53 -------- d-----w- c:\program files\Application Updater
2013-05-29 03:53 . 2013-05-29 03:53 -------- d-----w- c:\program files\IObit Apps Toolbar
2013-05-29 03:53 . 2013-05-29 03:53 -------- d-----w- c:\program files\Common Files\Spigot
2013-05-29 03:53 . 2013-05-29 03:53 -------- d-----w- c:\documents and settings\Tara\Application Data\IObit
2013-05-29 03:53 . 2013-05-29 03:53 -------- d-----w- c:\program files\IObit
2013-05-28 17:54 . 2013-05-28 17:54 -------- d-----w- c:\documents and settings\Tara\Local Settings\Application Data\PCHealth
2013-05-28 17:06 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-05-28 17:06 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2013-05-25 07:00 . 2013-05-25 07:05 -------- d-----w- c:\program files\Common Files\Adobe
2013-05-21 18:44 . 2013-05-21 18:44 -------- d-----w- c:\documents and settings\Tara\Application Data\AVG2012
2013-05-21 04:58 . 2013-05-21 04:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-05-21 04:58 . 2013-04-04 18:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-21 03:49 . 2013-05-21 03:49 -------- d-----w- C:\Stinger_Quarantine
2013-05-21 03:49 . 2013-05-21 04:54 -------- d-----w- c:\program files\stinger
2013-05-21 03:29 . 2013-05-21 03:29 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-05-21 03:25 . 2013-05-21 03:25 388096 ----a-r- c:\documents and settings\Tara\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-05-21 03:25 . 2013-05-21 03:25 -------- d-----w- c:\program files\Trend Micro
2013-05-20 20:46 . 2013-05-20 20:46 -------- d-----w- c:\documents and settings\Tara\Application Data\HpUpdate
2013-05-20 20:46 . 2012-10-17 08:04 580712 ------w- c:\windows\system32\HPDiscoPM6412.dll
2013-05-20 20:45 . 2012-10-17 18:31 529808 ----a-r- c:\windows\system32\hpinksts6412.dll
2013-05-20 20:45 . 2012-10-17 18:31 268688 ----a-r- c:\windows\system32\hpinksts6412LM.dll
2013-05-20 20:45 . 2012-10-17 18:31 2216336 ----a-r- c:\windows\system32\hpinkins6412.exe
2013-05-20 20:45 . 2012-10-17 18:31 220560 ----a-r- c:\windows\system32\hpinkcoi6412.dll
2013-05-20 20:39 . 2013-05-20 21:00 -------- d-----w- c:\documents and settings\Tara\Local Settings\Application Data\HP
2013-05-20 20:39 . 2012-10-17 18:31 1979280 ----a-r- c:\windows\system32\HPScanTRDrv_OJ4620.dll
2013-05-20 20:39 . 2012-10-17 18:31 495504 ----a-r- c:\windows\system32\HPWia1_OJ4620.dll
2013-05-18 04:58 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-18 04:58 . 2013-05-09 08:59 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-18 04:58 . 2013-05-09 08:59 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-18 04:34 . 2011-12-12 21:43 1034240 ----a-w- c:\windows\system32\drivers\bcmwlhigh5.sys
2013-05-18 04:34 . 2013-05-18 04:34 -------- d-----w- c:\documents and settings\Tara\Application Data\InstallShield
2013-05-18 04:06 . 2010-02-03 15:21 413696 ----a-w- c:\windows\system32\msvc6097.rra
2013-05-18 04:05 . 2013-05-18 04:05 -------- d-----w- c:\program files\NETGEAR
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-30 01:37 . 2012-09-17 03:37 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-05-30 01:37 . 2012-01-17 21:55 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-09 08:59 . 2012-01-17 05:01 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2012-01-17 05:01 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2012-01-17 05:01 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2012-01-17 05:01 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2012-01-17 05:01 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2012-01-17 05:01 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2012-01-17 05:01 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-16 22:17 . 2006-03-04 03:33 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-10 11:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-10 11:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-10 11:00 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31 . 2004-08-10 11:00 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-08 08:36 . 2004-08-10 11:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32 . 2005-03-30 01:21 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2005-03-30 01:01 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-02-13 06:05 . 2012-02-13 06:05 14886760 -c--a-w- c:\program files\picasa39-setup.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files\IObit Apps Toolbar\IE\7.1\iobitappsToolbarIE.dll" [2013-05-15 1353536]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
2013-05-15 16:38 1353536 ----a-w- c:\program files\IObit Apps Toolbar\IE\7.1\iobitappsToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files\IObit Apps Toolbar\IE\7.1\iobitappsToolbarIE.dll" [2013-05-15 1353536]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-17 81920]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 282624]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-05-15 1298240]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2013-05-16 1488192]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\documents and settings\Tara\Start Menu\Programs\Startup\
Monitor Ink Alerts - HP Officejet 4620 series.lnk - c:\windows\system32\RunDll32.exe [2004-8-10 33280]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
NETGEAR WNA3100 Genie.lnk - c:\program files\NETGEAR\WNA3100\WNA3100.exe [2013-5-18 8364288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-11 02:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [5/18/2013 12:58 AM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [5/18/2013 12:58 AM 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1/17/2012 01:01 AM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/17/2012 01:01 AM 368944]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [12/19/2011 07:59 PM 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [12/19/2011 07:59 PM 31704]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [5/15/2013 10:09 AM 806776]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/17/2012 01:01 AM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [5/18/2013 12:58 AM 66336]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [5/28/2013 11:53 PM 335168]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [5/21/2013 12:58 AM 418376]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/21/2013 12:58 AM 701512]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [5/18/2013 12:34 AM 1034240]
R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [5/28/2013 11:53 PM 247968]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5/21/2013 12:58 AM 22856]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [5/29/2013 11:03 PM 40776]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [5/28/2013 11:53 PM 31520]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [5/28/2013 11:53 PM 17360]
S2 WSWNA3100;WSWNA3100;c:\program files\NETGEAR\WNA3100\WifiSvc.exe [5/18/2013 12:06 AM 303360]
S3 BCM44X2;BCM 10/100 Ethernet Network Adapter Driver;c:\windows\system32\drivers\BCM4E5.SYS [1/16/2012 09:04 PM 26568]
S3 cpudrv;cpudrv;\??\c:\program files\SystemRequirementsLab\cpudrv.sys --> c:\program files\SystemRequirementsLab\cpudrv.sys [?]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [5/20/2013 11:29 PM 35144]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ   Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-30 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-02 08:58]
.
2013-05-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1123561945-725345543-1003Core.job
- c:\documents and settings\Tara\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-08 08:09]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1123561945-725345543-1003UA.job
- c:\documents and settings\Tara\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-08 08:09]
.
2013-05-29 c:\windows\Tasks\User_Feed_Synchronization-{EDA90FF0-65AA-4FE7-9F83-E2300D0EEA4A}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.yahoo.com?type=800236&fr=spigot-yhp-ie
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.200.1 192.168.200.1
TCP: Interfaces\{383E1201-B87D-4E6C-9395-41FD36463D7D}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{A667EC13-AF81-491A-BFC1-0192EC0DC491}: NameServer = 8.26.56.26,156.154.70.22
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-29 23:41
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(828)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(17924)
c:\windows\system32\WININET.dll
c:\windows\system32\guard32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
- - - - - - - > 'csrss.exe'(744)
c:\windows\system32\cmdcsr.dll
.
Completion time: 2013-05-29  23:43:20
ComboFix-quarantined-files.txt  2013-05-30 03:43
ComboFix2.txt  2013-05-29 03:48
ComboFix3.txt  2013-05-22 05:03
.
Pre-Run: 99,452,006,400 bytes free
Post-Run: 99,486,117,888 bytes free
.
- - End Of File - - D26A1584EAA02ECF92814417DE865F80
 

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 PM

Posted 03 June 2013 - 10:50 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/496386 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 taram7

taram7
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 04 June 2013 - 12:30 AM

I DO still need help. I do NOT still have my Windows DVD.

I am working on DDS log, its not easy to log on.

Will post as soon as I can get it. 

Thanks,

Tara



#4 taram7

taram7
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 04 June 2013 - 02:17 AM

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.21.2
Run by Tara at 3:05:23 on 2013-06-04
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2046.877 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* 
.
============== Running Processes ================
.
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Documents and Settings\Tara\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tara\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tara\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tara\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tara\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tara\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tara\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com?type=800236&fr=spigot-yhp-ie
uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.1\iobitappsToolbarIE.dll
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.1\iobitappsToolbarIE.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files\iobit apps toolbar\ie\7.1\iobitappsToolbarIE.dll
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\tara\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wna3100\WNA3100.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
TCP: NameServer = 192.168.200.1 192.168.200.1
TCP: Interfaces\{383E1201-B87D-4E6C-9395-41FD36463D7D} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{A667EC13-AF81-491A-BFC1-0192EC0DC491} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{F9AEDC21-71D7-489C-8C5E-55AEE36EEAFB} : DHCPNameServer = 192.168.200.1 192.168.200.1
AppInit_DLLs= c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-5-18 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-5-18 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-17 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-17 368944]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-12-19 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-12-19 31704]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2013-5-15 806776]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-17 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-5-18 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-1-17 46808]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2011-12-19 1983232]
R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2013-5-28 335168]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-5-21 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-5-21 701512]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2013-5-18 1034240]
R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2013-5-28 247968]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-5-21 22856]
R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\RegFilter.sys [2013-5-28 31520]
R3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\UrlFilter.sys [2013-5-28 17360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 WSWNA3100;WSWNA3100;c:\program files\netgear\wna3100\WifiSvc.exe [2013-5-18 303360]
S3 BCM44X2;BCM 10/100 Ethernet Network Adapter Driver;c:\windows\system32\drivers\BCM4E5.SYS [2012-1-16 26568]
S3 cpudrv;cpudrv;\??\c:\program files\systemrequirementslab\cpudrv.sys --> c:\program files\systemrequirementslab\cpudrv.sys [?]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-5-20 35144]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-5-29 40776]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-05-30 03:03:30 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-05-30 01:38:14 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-05-30 01:38:07 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-29 19:44:28 -------- d-----w- C:\FRST
2013-05-29 03:54:27 -------- d-----w- c:\documents and settings\all users\application data\IObit
2013-05-29 03:53:57 -------- d-----w- c:\documents and settings\tara\application data\Search Settings
2013-05-29 03:53:53 -------- d-----w- c:\program files\IObit Apps Toolbar
2013-05-29 03:53:53 -------- d-----w- c:\program files\common files\Spigot
2013-05-29 03:53:53 -------- d-----w- c:\program files\Application Updater
2013-05-29 03:53:39 -------- d-----w- c:\documents and settings\tara\application data\IObit
2013-05-29 03:53:30 -------- d-----w- c:\program files\IObit
2013-05-28 17:54:27 -------- d-----w- c:\documents and settings\tara\local settings\application data\PCHealth
2013-05-28 17:06:34 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-05-28 17:06:34 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2013-05-22 04:47:00 -------- d-sha-r- C:\cmdcons
2013-05-22 04:46:12 98816 ----a-w- c:\windows\sed.exe
2013-05-22 04:46:12 256000 ----a-w- c:\windows\PEV.exe
2013-05-22 04:46:12 208896 ----a-w- c:\windows\MBR.exe
2013-05-21 18:44:31 -------- d-----w- c:\documents and settings\tara\application data\AVG2012
2013-05-21 04:58:43 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-21 04:58:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-05-21 03:49:28 -------- d-----w- C:\Stinger_Quarantine
2013-05-21 03:49:16 -------- d-----w- c:\program files\stinger
2013-05-21 03:29:49 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-05-21 03:25:55 388096 ----a-r- c:\documents and settings\tara\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2013-05-21 03:25:54 -------- d-----w- c:\program files\Trend Micro
2013-05-20 20:46:32 -------- d-----w- c:\documents and settings\tara\application data\HpUpdate
2013-05-20 20:46:23 580712 ------w- c:\windows\system32\HPDiscoPM6412.dll
2013-05-20 20:45:02 529808 ----a-r- c:\windows\system32\hpinksts6412.dll
2013-05-20 20:45:02 268688 ----a-r- c:\windows\system32\hpinksts6412LM.dll
2013-05-20 20:45:01 2216336 ----a-r- c:\windows\system32\hpinkins6412.exe
2013-05-20 20:45:01 220560 ----a-r- c:\windows\system32\hpinkcoi6412.dll
2013-05-20 20:39:56 -------- d-----w- c:\documents and settings\tara\local settings\application data\HP
2013-05-20 20:39:23 1979280 ----a-r- c:\windows\system32\HPScanTRDrv_OJ4620.dll
2013-05-20 20:39:22 495504 ----a-r- c:\windows\system32\HPWia1_OJ4620.dll
2013-05-18 04:58:19 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-18 04:58:19 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-18 04:58:18 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-18 04:34:59 1034240 ----a-w- c:\windows\system32\drivers\bcmwlhigh5.sys
2013-05-18 04:06:14 413696 ----a-w- c:\windows\system32\msvc6097.rra
2013-05-18 04:05:00 -------- d-----w- c:\program files\NETGEAR
2013-05-11 10:37:28 209472 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2013-05-30 01:37:45 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-05-30 01:37:45 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-09 08:59:10 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:58:37 41664 ----a-w- c:\windows\avastSS.scr
2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17:14 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17:14 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28:55 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-02-13 06:05:43 14886760 -c--a-w- c:\program files\picasa39-setup.exe
.
============= FINISH:  3:06:49.87 ===============
 

Don't see how to attach the file on this post.



#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:56 PM

Posted 04 June 2013 - 04:17 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.
 
----------------

 

I am reviewing your dds log.

 

Please post the full contents of the attach text file in your next reply.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 taram7

taram7
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 04 June 2013 - 10:17 PM

Attached Log

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/16/2012 05:31:56 PM
System Uptime: 6/4/2013 02:56:25 AM (1 hours ago)
.
Motherboard: Dell Inc |  | 0UW457
Processor: AMD Athlon™ 64 X2 Dual Core Processor 3800+ | Socket M2  | 2004/1000mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 92.495 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 401.826 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 440x 10/100 Integrated Controller
Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01ED1028&REV_02\4&DC268A3&0&3880
Manufacturer: Broadcom
Name: Broadcom 440x 10/100 Integrated Controller
PNP Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01ED1028&REV_02\4&DC268A3&0&3880
Service: bcm4sbxp
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8169/8110 Family Gigabit Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8169&SUBSYS_311A1385&REV_10\4&DC268A3&0&4880
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8169/8110 Family Gigabit Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8169&SUBSYS_311A1385&REV_10\4&DC268A3&0&4880
Service: RTL8023xp
.
==== System Restore Points ===================
.
RP312: 4/4/2013 01:25:45 AM - System Checkpoint
RP313: 5/16/2013 09:31:45 PM - System Checkpoint
RP314: 5/17/2013 09:55:02 PM - System Checkpoint
RP315: 5/18/2013 12:04:59 AM - Installed NETGEAR WNA3100 wireless USB 2.0 adapter
RP316: 5/18/2013 12:34:58 AM - Installed NETGEAR WNA3100 wireless USB 2.0 driver
RP317: 5/20/2013 09:52:48 PM - Removed HP Update.
RP318: 5/20/2013 09:55:26 PM - Removed Windows Media Player Firefox Plugin
RP319: 5/20/2013 09:55:42 PM - Removed MSXML 4.0 SP2 (KB973688)
RP320: 5/20/2013 11:25:53 PM - Installed HiJackThis
RP321: 5/20/2013 11:28:37 PM - Removed AVG 2012
RP322: 5/20/2013 11:29:18 PM - Removed AVG 2012
RP323: 5/20/2013 11:40:53 PM - Removed AVG 2012
RP324: 5/21/2013 03:02:02 AM - Removed AVG 2012
RP325: 5/22/2013 03:20:06 AM - System Checkpoint
RP326: 5/23/2013 03:53:34 AM - System Checkpoint
RP327: 5/24/2013 04:57:26 AM - System Checkpoint
RP328: 5/25/2013 02:59:34 AM - Removed Adobe Reader X (10.1.4).
RP329: 5/25/2013 03:00:37 AM - Installed Adobe Reader XI (11.0.02).
RP330: 5/27/2013 09:30:54 AM - System Checkpoint
RP331: 5/28/2013 09:52:07 AM - System Checkpoint
RP332: 5/28/2013 01:18:17 PM - Software Distribution Service 3.0
RP333: 5/28/2013 11:25:24 PM - Software Distribution Service 3.0
RP334: 5/29/2013 09:36:41 PM - Removed Java™ 6 Update 35
RP335: 5/29/2013 09:37:37 PM - Installed Java 7 Update 21
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
5700_Help
AD_Install
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.6
Athlon 64 Processor Driver
avast! Free Antivirus
Bible Explorer Limited Edition
Bonjour
BPD_Scan
BPDSoftware
BPDSoftware_Ini
Broadcom 440x 10/100 Integrated Controller
Broadcom Management Programs
BufferChm
Canon Camera WIA Driver
Canon Camera WIA Driver 6.2.5
CCleaner
COMODO Internet Security
Conexant D850 56K V.9x DFVc Modem
Dell Resource CD
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
eSupportQFolder
Fax
GemMaster Mystic
GIMP 2.6.11
Google Chrome
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB981793)
HP Imaging Device Functions 8.0
HP OCR Software 8.0
HP Officejet 4620 series Basic Device Software
HP Officejet 4620 series Help
HP Officejet All-In-One Series
HP Photosmart Essential
HP Solution Center 8.0
HPProductAssistant
I.R.I.S. OCR
ImgBurn
Inkscape 0.48.2
IObit Apps Toolbar v7.1
IObit Malware Fighter
J2SE Runtime Environment 5.0 Update 6
J5700
Java 7 Update 21
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 4 Client Profile
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Basic Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Modem Diagnostic Tool
MSXML 4.0 SP2 (KB954430)
NETGEAR WNA3100 wireless USB 2.0 adapter
NVIDIA Drivers
Otto
Paint.NET v3.5.10
PhotoScape
Picasa 3
ProductContext
REALTEK GbE & FE Ethernet PCI NIC Driver
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SigmaTel Audio
SolutionCenter
Sonic Encoders
Status
swMSM
Toolbox
TrayApp
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC 9.0 Runtime
Visual C++ 8.0 CRT (x86) WinSXS MSM
Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
VLC media player 1.1.11
WebFldrs XP
WebReg
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908250
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
ZoomTown Software
.
==== Event Viewer Messages From Past Week ========
.
5/29/2013 09:57:57 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AmdK8 aswRvrt aswSnx aswSP aswTdi aswVmm cmdGuard Fips
5/29/2013 09:56:54 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/28/2013 01:23:24 PM, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2742597).
.
==== End Of File ===========================


#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:56 PM

Posted 06 June 2013 - 09:07 AM

Hi
 
Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 taram7

taram7
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 06 June 2013 - 11:09 AM

# AdwCleaner v2.301 - Logfile created 06/06/2013 at 11:59:08
# Updated 16/05/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Tara - HOME-6C2FE480D6
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Tara\My Documents\Downloads\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
Found : Application Updater
 
***** [Files / Folders] *****
 
File Found : C:\Documents and Settings\Tara\Application Data\Mozilla\Firefox\Profiles\v6xdpnpg.default\searchplugins\Askcom.xml
Folder Found : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Found : C:\Documents and Settings\Tara\Application Data\OpenCandy
Folder Found : C:\Documents and Settings\Tara\Application Data\Search Settings
Folder Found : C:\Program Files\Application Updater
Folder Found : C:\Program Files\Common Files\spigot
Folder Found : C:\Program Files\IObit Apps Toolbar
 
***** [Registry] *****
 
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Search Settings
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F3157AA407841454BB0C9BE8D1982BC9
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : HKLM\Software\Search Settings
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v [Unable to get version]
 
File : C:\Documents and Settings\Tara\Application Data\Mozilla\Firefox\Profiles\v6xdpnpg.default\prefs.js
 
Found : user_pref("browser.search.order.1", "Ask.com");
 
-\\ Google Chrome v27.0.1453.110
 
File : C:\Documents and Settings\Tara\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [3225 octets] - [06/06/2013 11:59:08]
 
########## EOF - C:\AdwCleaner[R1].txt - [3285 octets] ##########


#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:56 PM

Posted 08 June 2013 - 08:30 AM

Hi
 
Please do the following next:
 
:step1:

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

:step2:
 
How is the computer running now?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:56 PM

Posted 10 June 2013 - 07:16 AM

Hi Are you still with us? The topic will be closed in 3 days unless we receive a response from you.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 taram7

taram7
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 10 June 2013 - 11:58 AM

I am still here and am running scan now. Will post log as soon as its done. 

I had to go out of town a couple days, that was my delay.



#12 taram7

taram7
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 10 June 2013 - 12:11 PM

# AdwCleaner v2.303 - Logfile created 06/10/2013 at 13:01:29
# Updated 08/06/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Tara - HOME-6C2FE480D6
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Tara\My Documents\Downloads\AdwCleaner (1).exe
# Option [Delete]
 
 
***** [Services] *****
 
Stopped & Deleted : Application Updater
 
***** [Files / Folders] *****
 
File Deleted : C:\Documents and Settings\Tara\Application Data\Mozilla\Firefox\Profiles\v6xdpnpg.default\searchplugins\Askcom.xml
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\Tara\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\Tara\Application Data\Search Settings
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\IObit Apps Toolbar
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F3157AA407841454BB0C9BE8D1982BC9
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\Software\Search Settings
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v [Unable to get version]
 
File : C:\Documents and Settings\Tara\Application Data\Mozilla\Firefox\Profiles\v6xdpnpg.default\prefs.js
 
C:\Documents and Settings\Tara\Application Data\Mozilla\Firefox\Profiles\v6xdpnpg.default\user.js ... Deleted !
 
Deleted : user_pref("browser.search.order.1", "Ask.com");
 
-\\ Google Chrome v27.0.1453.110
 
File : C:\Documents and Settings\Tara\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [3354 octets] - [06/06/2013 11:59:08]
AdwCleaner[S1].txt - [3559 octets] - [10/06/2013 13:01:29]
 
########## EOF - C:\AdwCleaner[S1].txt - [3619 octets] ##########
 

 

I starts better, but mouse still has a mind of its own. 



#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:56 PM

Posted 10 June 2013 - 03:44 PM

Hi is it a USB or PS/2 connection on the mouse?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 taram7

taram7
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 11 June 2013 - 02:39 AM

usb. but now my disk drive (lower) has stopped working. not sure when that happened. 



#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:56 PM

Posted 11 June 2013 - 07:04 AM

Hi
 
Lets check the hard disks:
 
Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the StartBtn.gif button
  • Click My Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.

A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

  • Click the StartBtn.gif button
  • Click Run.
  • Type "eventvwr" without the quotes and press the <ENTER> key.
  • The Event Viewer window will open.
  • In the left pane, expand "Event Viewer (local)" then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Winlogon", with an entry corresponding to the date and time of the disk check.
  • Click on that Winlogon entry to select it.
  • In the box below "Description", Copy all of the contents.
  • Paste the contents into your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users