Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus ( Error: Prog. won't close system has it locked)??? Or Self destruct?


  • Please log in to reply
26 replies to this topic

#1 Snowydog

Snowydog

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 14 January 2014 - 09:32 AM

Seems a lot has been wrong  lately with this Dell Dimension 8300

Windows XP

 Blue screen boot volume..(fixed that) .slow to load pages or not loading  (reboot of router by Charter fixed that)  double click to open downloads won't work,  some games in Pogo won't load,  Java is updated but  receive messages saying Java needs updating

 Tweaking All in One fix shows chkdsk errors........

 

 Now...I tried to run Anti Spy Ware and  it will not run...it freezes and when I try to  close  it ..get an error message  saying Program cannot be closed System has it Locked.

 

I tried to run Malware..it ran, showed no  problems, but would not close...no error message but  a white screen

I had to  reboot computer to clear screen

 

I am able to run ATF cleaner, but that doesn't help with Spyware, right?

 

Browsing seems fine, pages are loading.   if I download   a doubleclick does not always work, takes several tries

 

I have a permanent Word problem that it will not read any PDF files..but that's been  for a few years now...

We are looking at new computers  but in the meantime I  want to clear this up so i don't transfer  corrupt files or viruses.

 Thank you

 

 

  

  

 



BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:33 PM

Posted 14 January 2014 - 09:56 AM

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.
  • Click on Change Parameters and click Detect TDLFS File System.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A TDSSKiller text file would be saved in Local Disk C.
  • Copy and paste the contents of that file in your next reply.
ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#3 Snowydog

Snowydog
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 14 January 2014 - 11:07 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by Amy on Tue 01/14/2014 at 10:51:27.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\big fish"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\big fish games"
Successfully deleted: [Folder] "C:\Documents and Settings\Amy\Application Data\big fish games"
Successfully deleted: [Folder] "C:\Documents and Settings\Amy\Local Settings\Application Data\big fish"



~~~ FireFox

Emptied folder: C:\Documents and Settings\Amy\Application Data\mozilla\firefox\profiles\t3e10y5y.default-1360345643078\minidumps [2 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/14/2014 at 10:56:55.75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#4 Snowydog

Snowydog
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 14 January 2014 - 11:16 AM

# AdwCleaner v3.017 - Report created 14/01/2014 at 10:25:21
# Updated 12/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Amy - AMYCOMPUTER
# Running from : C:\Documents and Settings\Amy\My Documents\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Found : C:\Documents and Settings\Amy\Application Data\Mozilla\Firefox\Profiles\t3e10y5y.default-1360345643078\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Folder Found C:\Documents and Settings\All Users\Application Data\Alawar Stargaze

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\Software\Uniblue

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Documents and Settings\Amy\Application Data\Mozilla\Firefox\Profiles\t3e10y5y.default-1360345643078\prefs.js ]

Line Found : user_pref("FirstSearch.aol_toolbar.search.hasDoneFirst", 2);
Line Found : user_pref("aol_toolbar.button.aol_mail_32490.click", "1");
Line Found : user_pref("aol_toolbar.button.mapquest_41322.click", "1");
Line Found : user_pref("aol_toolbar.buttons.layout", "_32490;facebook_41300;mapquest_41322;wikipedia_41355;_32513;_32524;");
Line Found : user_pref("aol_toolbar.calendar.date", "{system.date.timestamp}");
Line Found : user_pref("aol_toolbar.calendar.displaydate", "{system.date.locale}");
Line Found : user_pref("aol_toolbar.calendar.timestamp", "1386565200649");
Line Found : user_pref("aol_toolbar.cookie.homepage", "");
Line Found : user_pref("aol_toolbar.cookie.search", "");
Line Found : user_pref("aol_toolbar.curtain.congrats", "curtain");
Line Found : user_pref("aol_toolbar.default.homepage.check", true);
Line Found : user_pref("aol_toolbar.default.homepage.url", "hxxp://www.aol.com/?mtmhp=hyplogusaolp00000003");
Line Found : user_pref("aol_toolbar.default.newtab.check", false);
Line Found : user_pref("aol_toolbar.default.search.check", false);
Line Found : user_pref("aol_toolbar.default.search.label", "AOL Search");
Line Found : user_pref("aol_toolbar.default.search.url", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=customfirefoxright-ff&s_qt=sb&tb_uuid=2013020980659468&tb_oid=09-02-2013&tb_mrud=09-02-2013");
Line Found : user_pref("aol_toolbar.facebook.imagelist.layout", "facebook");
Line Found : user_pref("aol_toolbar.facebook.notifications", "0");
Line Found : user_pref("aol_toolbar.facebook.popup.autoclose", "true");
Line Found : user_pref("aol_toolbar.firsttime.showwindow", false);
Line Found : user_pref("aol_toolbar.guid", "{5A12C38B-A94B-9F9D-53D5-2CB449523BAA}");
Line Found : user_pref("aol_toolbar.historybutton.active", false);
Line Found : user_pref("aol_toolbar.historybutton.enabled", true);
Line Found : user_pref("aol_toolbar.historybutton.ignoreids", "8;66;23");
Line Found : user_pref("aol_toolbar.historybutton.watchids", "97");
Line Found : user_pref("aol_toolbar.historybutton.watchlist", "2");
Line Found : user_pref("aol_toolbar.historybutton.watchtimes", "10");
Line Found : user_pref("aol_toolbar.homepageprotection.enabled", false);
Line Found : user_pref("aol_toolbar.install.distroid", "");
Line Found : user_pref("aol_toolbar.install.homepage", "hxxp://www.aol.com/?mtmhp={mtmhp}");
Line Found : user_pref("aol_toolbar.install.homepage.label", "AOL.com");
Line Found : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.9828");
Line Found : user_pref("aol_toolbar.install.lid", "");
Line Found : user_pref("aol_toolbar.install.mtmhp", "hyplogusaolp00000003");
Line Found : user_pref("aol_toolbar.install.ncid", "");
Line Found : user_pref("aol_toolbar.install.sethomepage", "1");
Line Found : user_pref("aol_toolbar.install.setnewtab", "0");
Line Found : user_pref("aol_toolbar.install.setsearch", "0");
Line Found : user_pref("aol_toolbar.install.type", "upgrade");
Line Found : user_pref("aol_toolbar.metrics.activestampdate", "14");
Line Found : user_pref("aol_toolbar.metrics.activestampmonth", "0");
Line Found : user_pref("aol_toolbar.metrics.activestampyear", "2014");
Line Found : user_pref("aol_toolbar.metrics.log", false);
Line Found : user_pref("aol_toolbar.metrics.originalDate", "9");
Line Found : user_pref("aol_toolbar.metrics.originalHours", "5");
Line Found : user_pref("aol_toolbar.metrics.originalMinutes", "0");
Line Found : user_pref("aol_toolbar.metrics.originalMonth", "2");
Line Found : user_pref("aol_toolbar.metrics.originalSeconds", "0");
Line Found : user_pref("aol_toolbar.metrics.originalYear", "2013");
Line Found : user_pref("aol_toolbar.presethomepage", "aol.com");
Line Found : user_pref("aol_toolbar.presetnewtab", "about:newtab");
Line Found : user_pref("aol_toolbar.presetsearch", "Google");
Line Found : user_pref("aol_toolbar.relatednews.enabled", false);
Line Found : user_pref("aol_toolbar.remote..xml", "1389708121771");
Line Found : user_pref("aol_toolbar.remote.config.js", "");
Line Found : user_pref("aol_toolbar.remote.historyconfig.js", "");
Line Found : user_pref("aol_toolbar.remote.publish.xml", "1389708121770");
Line Found : user_pref("aol_toolbar.remote.searchterm.js", "");
Line Found : user_pref("aol_toolbar.reset.flag", "1");
Line Found : user_pref("aol_toolbar.reset.style", "A");
Line Found : user_pref("aol_toolbar.resetprompt.daily.num", "1");
Line Found : user_pref("aol_toolbar.resetprompt.daily.timestamp", "1360853806142");
Line Found : user_pref("aol_toolbar.resetprompt.display.limit", "8");
Line Found : user_pref("aol_toolbar.rtw.active", false);
Line Found : user_pref("aol_toolbar.search.button", true);
Line Found : user_pref("aol_toolbar.search.cid", "08-11-2013");
Line Found : user_pref("aol_toolbar.search.focusnewtab", true);
Line Found : user_pref("aol_toolbar.search.instd", "2013020980659468");
Line Found : user_pref("aol_toolbar.search.newtab", true);
Line Found : user_pref("aol_toolbar.search.oid", "09-02-2013");
Line Found : user_pref("aol_toolbar.search.placement", "right");
Line Found : user_pref("aol_toolbar.search.populateoncomplete", false);
Line Found : user_pref("aol_toolbar.search.savehistory", false);
Line Found : user_pref("aol_toolbar.search.searchtype", "web");
Line Found : user_pref("aol_toolbar.search.source", "customfirefoxright-ff");
Line Found : user_pref("aol_toolbar.searchengine.label", "AOL Search");
Line Found : user_pref("aol_toolbar.searchprotection.enabled", false);
Line Found : user_pref("aol_toolbar.skin.custom", false);
Line Found : user_pref("aol_toolbar.surf.date", "26");
Line Found : user_pref("aol_toolbar.surf.lastDate", "4");
Line Found : user_pref("aol_toolbar.surf.lastMonth", "9");
Line Found : user_pref("aol_toolbar.surf.lastYear", "2013");
Line Found : user_pref("aol_toolbar.surf.month", "375");
Line Found : user_pref("aol_toolbar.surf.prevMonth", "975");
Line Found : user_pref("aol_toolbar.surf.total", "38811");
Line Found : user_pref("aol_toolbar.surf.week", "26");
Line Found : user_pref("aol_toolbar.surf.year", "38647");
Line Found : user_pref("aol_toolbar.ticker.active", false);
Line Found : user_pref("aol_toolbar.toolbar.langlocale", "en-US");
Line Found : user_pref("aol_toolbar.uninstallreset", "0");
Line Found : user_pref("aol_toolbar.upgrade.showwindow", false);
Line Found : user_pref("aol_toolbar.weather.condition", "27_n");
Line Found : user_pref("aol_toolbar.weather.degc", "-2");
Line Found : user_pref("aol_toolbar.weather.degf", "28");
Line Found : user_pref("aol_toolbar.weather.degrees", "F");
Line Found : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/26_n.png");
Line Found : user_pref("aol_toolbar.weather.lastupdate", "");
Line Found : user_pref("aol_toolbar.weather.locationid", "USMA0404");
Line Found : user_pref("aol_toolbar.weather.metric", true);
Line Found : user_pref("aol_toolbar.weather.tooltip", "Spencer , MA : Cloudy");
Line Found : user_pref("aol_toolbar.weather.update", "1380935177983");
Line Found : user_pref("aol_toolbar.weather.zipcode", "10006");
Line Found : user_pref("aol_toolbar.widgets.layout", "");
Line Found : user_pref("aol_toolbar.widgets.log", false);
Line Found : user_pref("aol_toolbar.widgets.timestamp", "1389645688843");
Line Found : user_pref("aol_toolbar.widgets.version", "5.74.1.9828");
Line Found : user_pref("aol_toolbar.winamp.volume", "");
Line Found : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=customfirefoxright-ff&s_qt=sb&tb_uuid=2013020980659468&tb_oid=09-02-2013&tb_mrud=09-02-2013");
Line Found : user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&s_qt=ab&s_it=customfirefoxright-ff&tb_uuid=2013020980659468&tb_oid=09-02-2013&tb_mrud=09-02-2013&q=");

-\\ Google Chrome v

[ File : C:\Documents and Settings\Amy\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9817 octets] - [14/01/2014 10:25:21]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9877 octets] ##########



#5 Snowydog

Snowydog
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 14 January 2014 - 11:23 AM

Farbar Service Scanner Version: 08-01-2014
Ran by Amy (administrator) on 14-01-2014 at 11:19:33
Running from "C:\Documents and Settings\Amy\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Avgfwfd(11) Avgtdix(10) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0B000000050000000100000002000000030000000400000008000000090000000B0000000A0000000600000007000000
IpSec Tag value is correct.

**** End of log ****



#6 Snowydog

Snowydog
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 14 January 2014 - 11:26 AM

**  Added note  to double click anything takes "forever" for it to load.     Cannot double click downloads, had to hit  little open  icon next to  item...

Even with my untrained eye I see a few things..secure Search?  And in the files AVG has a $ infront of it?

  Alawar Stargaze?

 

Thank you for your help!

 

TDSS was clean...nothing picked up


Edited by Snowydog, 14 January 2014 - 02:57 PM.


#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:33 PM

Posted 14 January 2014 - 06:34 PM

Please download Malwarebytes Anti-Malware
and save it to your desktop.MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

#8 Snowydog

Snowydog
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 14 January 2014 - 09:45 PM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.14.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Amy :: AMYCOMPUTER [administrator]

Protection: Enabled

1/14/2014 8:47:58 PM
mbam-log-2014-01-14 (20-47-58).txt

Scan type: Full scan (A:\|C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 265160
Time elapsed: 48 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

***This took a bit  it did not want to run, ran for 1 min then computer restarted? Got Several Program not responding messages.  Several times just got white screen and hour glass.......""

I ran Malware bytes several times , through tweaking .com...but  no results show up

 

 ????

Thank you!

 

Double clicks are still painfully slow...computer hangs in suspension ti seems   



#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:33 PM

Posted 15 January 2014 - 06:16 AM

Please download MiniToolBox, and save it to your desktop and run it, and checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#10 Snowydog

Snowydog
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 15 January 2014 - 10:18 AM

HI   Will do this in a  few minutes. I want to ask, just so I can get a handle on what we are doing.......what are "we" looking for or trying to assess?  I am downloading  things but  am not sure  what we are doing.....

 I am totally in debt to your assistance and  completely grateful and appreciate and everything else that  means Thank you....but in an effort to learn.....just want to know what  "we're" trying to find?

 

 Thanks so much



#11 Snowydog

Snowydog
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 15 January 2014 - 11:09 AM

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Amy (administrator) on 15-01-2014 at 11:02:31
Running from "C:\Documents and Settings\Amy\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : amycomputer

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : charter.net



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : charter.net

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-11-11-05-0A-BB

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.100

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 66.189.0.100

                                            24.159.64.23

                                            24.247.24.53

        Lease Obtained. . . . . . . . . . : Wednesday, January 15, 2014 8:34:51 AM

        Lease Expires . . . . . . . . . . : Thursday, January 16, 2014 8:34:51 AM

Server:  vip01oxfrma.oxfr.ma.charter.com
Address:  66.189.0.100

Name:    google.com
Addresses:  74.125.228.4, 74.125.228.14, 74.125.228.9, 74.125.228.2
      74.125.228.6, 74.125.228.0, 74.125.228.5, 74.125.228.3, 74.125.228.1
      74.125.228.7, 74.125.228.8



Pinging google.com [74.125.228.66] with 32 bytes of data:



Reply from 74.125.228.66: bytes=32 time=20ms TTL=54

Reply from 74.125.228.66: bytes=32 time=18ms TTL=54



Ping statistics for 74.125.228.66:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 18ms, Maximum = 20ms, Average = 19ms

Server:  vip01oxfrma.oxfr.ma.charter.com
Address:  66.189.0.100

Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=237ms TTL=43

Reply from 206.190.36.45: bytes=32 time=103ms TTL=43



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 103ms, Maximum = 237ms, Average = 170ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 11 11 05 0a bb ...... Intel® PRO/100 VE Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.100      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0    192.168.1.100   192.168.1.100      20
    192.168.1.100  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255    192.168.1.100   192.168.1.100      20
        224.0.0.0        240.0.0.0    192.168.1.100   192.168.1.100      20
  255.255.255.255  255.255.255.255    192.168.1.100   192.168.1.100      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/14/2014 11:38:01 AM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/14/2014 11:31:48 AM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/14/2014 00:48:30 AM) (Source: Application Hang) (User: )
Description: Fault bucket -259888731.

Error: (01/14/2014 00:48:23 AM) (Source: Application Hang) (User: )
Description: Hanging application SUPERAntiSpyware.exe, version 5.7.0.1016, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/14/2014 00:48:05 AM) (Source: Application Hang) (User: )
Description: Hanging application SUPERAntiSpyware.exe, version 5.7.0.1016, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/14/2014 00:47:24 AM) (Source: Application Hang) (User: )
Description: Hanging application SUPERAntiSpyware.exe, version 5.7.0.1016, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/13/2014 00:15:29 PM) (Source: Application Hang) (User: )
Description: Hanging application SUPERAntiSpyware.exe, version 5.7.0.1016, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/13/2014 00:15:13 PM) (Source: Application Hang) (User: )
Description: Hanging application SUPERAntiSpyware.exe, version 5.7.0.1016, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/13/2014 00:07:14 PM) (Source: Application Hang) (User: )
Description: Hanging application SUPERAntiSpyware.exe, version 5.7.0.1016, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/13/2014 00:06:39 PM) (Source: Application Hang) (User: )
Description: Hanging application SUPERAntiSpyware.exe, version 5.7.0.1016, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/09/2014 09:16:02 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.103 for the Network Card with network address 001111050ABB has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/09/2014 03:38:16 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the MS Software Shadow Copy Provider service to connect.

Error: (01/09/2014 03:38:16 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service SwPrv with arguments ""
in order to run the server:
{65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}

Error: (01/08/2014 10:58:04 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the MS Software Shadow Copy Provider service to connect.

Error: (01/08/2014 10:58:04 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service SwPrv with arguments ""
in order to run the server:
{65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}

Error: (01/02/2014 11:08:22 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the MS Software Shadow Copy Provider service to connect.

Error: (01/02/2014 11:08:22 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service SwPrv with arguments ""
in order to run the server:
{65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}


Microsoft Office Sessions:
=========================
Error: (01/14/2014 11:38:01 AM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087hungapp0.0.0.000000000

Error: (01/14/2014 11:31:48 AM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087hungapp0.0.0.000000000

Error: (01/14/2014 00:48:30 AM) (Source: Application Hang)(User: )
Description: -259888731

Error: (01/14/2014 00:48:23 AM) (Source: Application Hang)(User: )
Description: SUPERAntiSpyware.exe5.7.0.1016hungapp0.0.0.000000000

Error: (01/14/2014 00:48:05 AM) (Source: Application Hang)(User: )
Description: SUPERAntiSpyware.exe5.7.0.1016hungapp0.0.0.000000000

Error: (01/14/2014 00:47:24 AM) (Source: Application Hang)(User: )
Description: SUPERAntiSpyware.exe5.7.0.1016hungapp0.0.0.000000000

Error: (01/13/2014 00:15:29 PM) (Source: Application Hang)(User: )
Description: SUPERAntiSpyware.exe5.7.0.1016hungapp0.0.0.000000000

Error: (01/13/2014 00:15:13 PM) (Source: Application Hang)(User: )
Description: SUPERAntiSpyware.exe5.7.0.1016hungapp0.0.0.000000000

Error: (01/13/2014 00:07:14 PM) (Source: Application Hang)(User: )
Description: SUPERAntiSpyware.exe5.7.0.1016hungapp0.0.0.000000000

Error: (01/13/2014 00:06:39 PM) (Source: Application Hang)(User: )
Description: SUPERAntiSpyware.exe5.7.0.1016hungapp0.0.0.000000000


=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.04) (Version: 11.0.04)
AVG 2013 (Version: 13.0.3462)
AVG 2013 (Version: 13.0.3681)
AVG 2013 (Version: 2013.0.3462)
Big Fish: Game Manager (Version: 3.2.0.6)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 3.0
Canon MP640 series MP Drivers
Canon MP640 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Charter Pipeline® Self-Installation
Dell ResourceCD
ESET Online Scanner v3
FinePixViewer Ver.3.2 (Version: 3.2)
FUJIFILM USB Driver
Gardenscapes
Gardenscapes: Mansion Makeover™
ImageMixer VCD for FinePix
Intel® PRO Network Adapters and Drivers
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 7.1 (Version: 7.10.344.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Word 2002 (Version: 10.0.2627.01)
Microsoft Works (Version: 07.03.0719)
Microsoft Works 2004 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word (Version: 7.0.0.0000)
MicroStaff WINASPI
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mythic Wonders: The Philosopher's Stone Collector's Edition
NVIDIA Drivers (Version: 1.3)
QuickTime
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 4.39.1002)
Tweaking.com - Windows Repair (All in One) (Version: 2.1.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.6513)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 511 MB
Available physical RAM: 252.56 MB
Total Pagefile: 1681.45 MB
Available Pagefile: 983.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.77 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:298.08 GB) (Free:278.85 GB) NTFS

========================= Users: ========================================

User accounts for \\AMYCOMPUTER

Administrator            Amy                      Guest                    
HelpAssistant            SUPPORT_388945a0         


**** End of log ****



#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:33 PM

Posted 15 January 2014 - 06:43 PM

To answer your questions, I am trying to ascertain if there are any programs installed on your computer that can be causing your issues. I see you have AVG Installed, as that maybe the suspect it may have gotten corrupted.

Please perform the following, so that we can get the exact specs of your computer. This will better assist us in helping you more.

Publish a Snapshot using Speccy

The below is for those who cannot get online

Please take caution when attaching a text file to your post if you cannot copy/paste the link to your post, you will need to edit it to make sure that your Windows Key is not present.

#13 Snowydog

Snowydog
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 15 January 2014 - 11:37 PM

http://speccy.piriform.com/results/BuTLJwVkNyaxrgnvGQOXY6l

 

 

 

 

  Thank you for the explanation. Just so you know, I do not have a sound card on this computer.

Thanks for the efforts..



#14 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:33 PM

Posted 16 January 2014 - 08:29 AM

Please download and run the following AVG Removal Tool and then see if your computer behaves better, and also I would recommend upgrading to 2Gigs of RAM.



#15 Snowydog

Snowydog
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 16 January 2014 - 10:57 AM

Hello!  Computer seems to be faster but now I don't have anti virus protection  Should I reload AVG..I did pay for that service.

 Will removing AVG  get rid of the secure search  virus that attached to AVG?  

Thank you

 

Just tried to run Super Anti Spyware...it locks up, and I cannot  run nor close it nor anything. Error message still indicates Program cannot closed it is locked by the system.  I have to reboot to   get program to close.

 

 Okay I  did a new download of Superantispyware.........it asked if I wanted to uninstall the older version and I clicked YES but it did not uninstall it.  But new download went okay, ran and picked up 220 adtracking events.

 I went to my Download page and tried to  click on the older Spyware  but no response, so I had AVg permanently shred it.

 I am not sure what I did but am hoping that cleared it from the system??

 

???

Thank you!


Edited by Snowydog, 16 January 2014 - 04:56 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users