Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer barely operating


  • Please log in to reply
9 replies to this topic

#1 DarkD

DarkD

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 19 May 2014 - 04:52 PM

I have finally decided to clean up my brothers computer of all the malware and half broken software he has.  I posted other topics several days ago, but this is a different computer than that. 

 

This is a windows XP 32 bit computer. 

 

Symptoms include computer freezing, browsers that don't start.  Right now I am on Internet explorer and I can only get one tab to open.  the rest freeze the moment I open them.  Other browsers don't even start. 

 

I am running malwarebytes antimalware as I post this.... at least I just tried to, it says "access is denied", this is during the installation process. So I may not even be able to install an antivirus right now. 


Edited by DarkD, 19 May 2014 - 04:58 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:21 AM

Posted 19 May 2014 - 07:38 PM

Try rebooting to Safe Mode with Networking

Run RKIll then try your MBAM again. Post the logs if successful.
 
Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 19 May 2014 - 08:23 PM

I got them working with your instructions, but malwarebytes crashed when I tried to save the log.  It found some 40 infections though that looked like they were from a malicious toolbar.  I also had deleted all the infections instead of quarantining which I know is frowned on... 

 

Rkill doesn't seem like it turned up anything. 

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/19/2014 06:19:02 PM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Manual

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

 * Automatic Updates (wuauserv) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 05/19/2014 06:19:24 PM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)
 



#4 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 19 May 2014 - 08:30 PM

I just ran adwcleaner now that I can run these things, and this time I have a log. 

 

# AdwCleaner v3.210 - Report created 19/05/2014 at 18:27:41
# Updated 19/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Don Last - GATEWAY-3A93DB6
# Running from : C:\Documents and Settings\Don Last\My Documents\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater18.0.5

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Don Last\Desktop\iLivid.lnk
File Found : C:\Documents and Settings\Don Last\Start Menu\Programs\iLivid.lnk
File Found : C:\Documents and Settings\Don Last\Start Menu\Programs\Torch.lnk
File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
Folder Found : C:\Documents and Settings\All Users\Application Data\wincert
Folder Found : C:\Documents and Settings\Don Last\AppData\LocalLow\DataMngr
Folder Found : C:\Documents and Settings\Don Last\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\Don Last\Application Data\ilividtoolbarguid
Folder Found : C:\Documents and Settings\Don Last\Application Data\searchresultstb
Folder Found : C:\Documents and Settings\Don Last\Local Settings\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\Don Last\Local Settings\Application Data\iLivid
Folder Found : C:\Documents and Settings\Don Last\Local Settings\Application Data\torch
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\Search Results Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll
Key Found : HKCU\Software\APN DTX
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\ilividtoolbarguid
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Found : HKCU\Software\torch
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\Software\iLividSRTB
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividtoolbarguid
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\torch
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Documents and Settings\Don Last\Local Settings\Application Data\Torch\Plugins\Torrent\TorchTorrent.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\Don Last\Local Settings\Application Data\Torch\Plugins\Torrent\TorchTorrent.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v21.0 (en-US)

[ File : C:\Documents and Settings\Don Last\Application Data\Mozilla\Firefox\Profiles\973e0qzk.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [9902 octets] - [19/05/2014 18:27:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9962 octets] ##########
 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:21 AM

Posted 19 May 2014 - 08:59 PM

That's OK.. at least you are cleaning.. Only problem is deleting a file makes it gone. Quarantining it makes you safe from it but if the file is important to the system we can get it back.
 
Can you do these??
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .

    .
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 19 May 2014 - 09:06 PM

Ok ill post them as I go incase something forces me to restart. 

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Don Last (administrator) on 19-05-2014 at 19:04:45
Running from "C:\Documents and Settings\Don Last\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® 82562V 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : gateway-3a93db6

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : vc.shawcable.net



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : vc.shawcable.net

        Description . . . . . . . . . . . : Intel® 82562V 10/100 Network Connection

        Physical Address. . . . . . . . . : 00-16-76-B7-12-64

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.120

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 64.59.144.93

                                            64.59.150.139

                                            192.168.1.1

        Lease Obtained. . . . . . . . . . : Monday, May 19, 2014 6:33:53 PM

        Lease Expires . . . . . . . . . . : Tuesday, May 20, 2014 6:33:53 PM

Server:  pd2nsc4.st.vc.shawcable.net
Address:  64.59.144.93

Name:    google.com
Addresses:  173.194.33.41, 173.194.33.33, 173.194.33.38, 173.194.33.37
      173.194.33.46, 173.194.33.32, 173.194.33.40, 173.194.33.34, 173.194.33.36
      173.194.33.35, 173.194.33.39



Pinging google.com [173.194.33.41] with 32 bytes of data:



Reply from 173.194.33.41: bytes=32 time=14ms TTL=55

Reply from 173.194.33.41: bytes=32 time=14ms TTL=55



Ping statistics for 173.194.33.41:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 14ms, Maximum = 14ms, Average = 14ms

Server:  pd2nsc4.st.vc.shawcable.net
Address:  64.59.144.93

Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=18ms TTL=52

Reply from 206.190.36.45: bytes=32 time=18ms TTL=52



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 18ms, Maximum = 18ms, Average = 18ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 76 b7 12 64 ...... Intel® 82562V 10/100 Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.120      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0    192.168.1.120   192.168.1.120      20
    192.168.1.120  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255    192.168.1.120   192.168.1.120      20
        224.0.0.0        240.0.0.0    192.168.1.120   192.168.1.120      20
  255.255.255.255  255.255.255.255    192.168.1.120   192.168.1.120      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/19/2014 06:14:15 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.0.0.500, faulting module qtcore4.dll, version 4.8.4.0, fault address 0x0010ebb3.
Processing media-specific event for [mbam.exe!ws!]

Error: (05/19/2014 01:31:24 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the security ID of the user. Group Policy processing aborted.

Error: (05/19/2014 11:36:24 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the security ID of the user. Group Policy processing aborted.

Error: (05/19/2014 09:41:24 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the security ID of the user. Group Policy processing aborted.

Error: (05/19/2014 07:46:24 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the security ID of the user. Group Policy processing aborted.

Error: (05/19/2014 05:51:24 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the security ID of the user. Group Policy processing aborted.

Error: (05/19/2014 03:56:24 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the security ID of the user. Group Policy processing aborted.

Error: (05/19/2014 02:17:24 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the security ID of the user. Group Policy processing aborted.

Error: (05/19/2014 00:39:24 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the security ID of the user. Group Policy processing aborted.

Error: (05/18/2014 11:01:24 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the security ID of the user. Group Policy processing aborted.


System errors:
=============
Error: (05/19/2014 06:35:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgldx86
Avgmfx86
Fips
intelppm

Error: (05/19/2014 06:34:21 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/19/2014 06:34:05 PM) (Source: 0) (User: )
Description:

Error: (05/19/2014 06:32:59 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/19/2014 06:25:38 PM) (Source: DCOM) (User: GATEWAY-3A93DB6)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/19/2014 06:25:30 PM) (Source: DCOM) (User: GATEWAY-3A93DB6)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/19/2014 06:14:09 PM) (Source: DCOM) (User: GATEWAY-3A93DB6)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/19/2014 05:48:44 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/19/2014 05:47:15 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgldx86
Avgmfx86
Fips
intelppm

Error: (05/19/2014 05:45:46 PM) (Source: 0) (User: )
Description:


Microsoft Office Sessions:
=========================
Error: (05/19/2014 06:14:15 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500qtcore4.dll4.8.4.00010ebb3

Error: (05/19/2014 01:31:24 PM) (Source: Userenv)(User: NT AUTHORITY)
Description:

Error: (05/19/2014 11:36:24 AM) (Source: Userenv)(User: NT AUTHORITY)
Description:

Error: (05/19/2014 09:41:24 AM) (Source: Userenv)(User: NT AUTHORITY)
Description:

Error: (05/19/2014 07:46:24 AM) (Source: Userenv)(User: NT AUTHORITY)
Description:

Error: (05/19/2014 05:51:24 AM) (Source: Userenv)(User: NT AUTHORITY)
Description:

Error: (05/19/2014 03:56:24 AM) (Source: Userenv)(User: NT AUTHORITY)
Description:

Error: (05/19/2014 02:17:24 AM) (Source: Userenv)(User: NT AUTHORITY)
Description:

Error: (05/19/2014 00:39:24 AM) (Source: Userenv)(User: NT AUTHORITY)
Description:

Error: (05/18/2014 11:01:24 PM) (Source: Userenv)(User: NT AUTHORITY)
Description:


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 7.1.8)
4500_Help (Version: 1.00.0000)
7-Zip 9.20
Adobe Acrobat 5.0 (Version: 5.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Age of Empires II: HD Edition
Age of Empires III (Version: 1.00.0000)
AVG 2012 (Version: 12.0.2641)
AVG 2012 (Version: 12.1.2240)
AVG 2012 (Version: 2012.1.2240)
Battle.net
Battlestations: Pacific
Be a King 2
Big Fish Games: Game Manager (Version: 3.0.1.60)
BPD_HPSU (Version: 1.00.0000)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 50.0.165.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 100.0.170.000)
Caesar 3
Chessmaster 9000
Cities XL Platinum (Version: 1.0.0)
Command & Conquer Red Alert 2
CompuApps SwissKnife V3
CustomerResearchQFolder (Version: 1.00.0000)
DAEMON Tools Lite (Version: 4.48.1.0347)
Dead Island Riptide
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
Diablo
Diablo II
Diablo III (Version: 1.0.6.13644)
DK2
DocMgr (Version: 100.0.201.000)
DocProc (Version: 10.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Doom 3 (Version: 1.00.0000)
Dune 2000
Dungeon Keeper 2
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 100.0.187.000)
GenuTax Standard (Version: 1.37)
GPBaseService (Version: 100.0.187.000)
Hitman: Codename 47
HP Customer Participation Program 10.0 (Version: 10.0)
HP Document Manager 1.0 (Version: 1.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP LaserJet Professional P1100-P1560-P1600 Series
HP Officejet J4500 Series (Version: 1.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Smart Web Printing (Version: 3.5)
HP Solution Center 10.0 (Version: 10.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
hppLaserJetService (Version: 001.001.0.0)
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0)
HPProductAssistant (Version: 100.0.170.000)
hppusgP1100P1560P1600Series (Version: 1.0.0.1)
HPSSupply (Version: 100.0.170.000)
Indeo® software
Intel Audio Studio 2.0 (Version: 2.00.00123)
Intel® Management Engine Interface
Intel® PRO Network Connections Drivers
J4500 (Version: 50.0.165.000)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 29 (Version: 6.0.290)
Killing Floor
Logitech Gaming Software (Version: 4.30)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Logitech WingMan Software
magicJack (Version: 2.0.6073.4252)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
MarketResearch (Version: 130.0.374.000)
Medieval II Total War (Version: 1.00.0000)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Age of Empires II
Microsoft Application Compatibility Toolkit 5.6 (Version: 5.6.7324.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Flight Simulator X (Version: 10.0.60905)
Microsoft Games for Windows - LIVE  (Version: 2.0.675.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSN
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Need For Speed III
Nero 7 Essentials (Version: 7.02.8507)
neroxml (Version: 1.0.0)
NVIDIA Control Panel 314.07 (Version: 314.07)
NVIDIA Graphics Driver 314.07 (Version: 314.07)
NVIDIA HD Audio Driver 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
OCR Software by I.R.I.S. 10.0 (Version: 10.0)
Origin (Version: 9.1.10.2728)
Plants vs. Zombies: Game of the Year
ProductContext (Version: 50.0.165.000)
PSSWCORE (Version: 2.02.0000)
Roll
Scan (Version: 10.1.0.0)
Shadowrun Returns
Shockwave
Shop for HP Supplies (Version: 10.0)
Sid Meier's Civilization 4 (Version: 1.00.0000)
Sid Meier's Civilization 4 (Version: 1.74)
Sierra Utilities
SigmaTel Audio (Version: 5.10.4811.0)
SimCity™ (Version: 1.0.0.0)
SmartWebPrintingOC (Version: 100.0.189.000)
Soft Data Fax Modem with SmartCP
SolutionCenter (Version: 100.0.175.000)
Status (Version: 100.0.175.000)
Steam (Version: 1.0.0.0)
System Shock 2
System Shock2
The Elder Scrolls V: Skyrim
Tom Clancy's Rainbow Six: Lockdown (Version: 1.00.000)
Toolbox (Version: 100.0.170.000)
TrayApp (Version: 100.0.170.000)
ubi.com
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB2934207) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VideoToolkit01 (Version: 100.0.128.000)
WarTorn
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 100.0.170.000)
Westwood Shared Internet Components
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 13%
Total physical RAM: 2029.78 MB
Available physical RAM: 1754.79 MB
Total Pagefile: 3926.21 MB
Available Pagefile: 3842.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1978.53 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.88 GB) (Free:116.41 GB) NTFS
2 Drive d: (CAESAR3) (CDROM) (Total:0.57 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\GATEWAY-3A93DB6

Administrator            Don Last                 Guest                    
HelpAssistant            SUPPORT_388945a0         UpdatusUser              


**** End of log ****
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:21 AM

Posted 19 May 2014 - 09:13 PM

OK , you don't need RKill any more
Can you run the scans from Normal now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 19 May 2014 - 09:16 PM

Oh ill restart in normal in a second.  Just posting a couple more logs. 

 

TDSS Killer found nothing and didn't generate a log. 

 

Ill run eset in normal once I restart. 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Don Last on Mon 05/19/2014 at 19:11:37.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\big fish games"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 05/19/2014 at 19:14:59.32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#9 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 19 May 2014 - 10:46 PM

looks like im clean.  Eset returned with nothing, so there's no log. 



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:21 AM

Posted 20 May 2014 - 09:38 AM

Great.. Remove these thru control Panel as they need to be updated.
Adobe Reader X (10.1.4) (Version: 10.1.4)
AVG 2012 (Version: 12.0.2641)
AVG 2012 (Version: 12.1.2240)
AVG 2012 (Version: 2012.1.2240)
DAEMON Tools Lite (Version: 4.48.1.0347)>> May want to leave this off
Java 7 Update 17 (Version: 7.0.170)
Java™ 6 Update 29 (Version: 6.0.290)

Reboot

Reinstall an antivirus.


Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.
Check to see if the drive needs defragmenting.
 
How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users