Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

notebook - xp login, speed and other issues


  • This topic is locked This topic is locked
52 replies to this topic

#1 Charlotte82

Charlotte82

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 03 August 2014 - 05:36 AM

Hi

 

Emachines notebook NV51 (no DVd drive or recovery disks) running xp home edition. I THINK this is what happened:

 

2 weeks ago I was cleaning it up to lend it someone e.g deleting old files, uninstalling old progs and downloading new e.g. Zonealarm. Windows Updates started on reboot. I had to turn it off while it was installing updates.

 

Since then (I imagine) I havent been able to log in - it got progressively worse. First I could log in but it was slow. Then eggtimer hung for ages. Then hours. Then there was no desktop. Then I couldnt log in at all - password did not register. Machine was very slow, wheezing and hot. And those Windows uopdates kept having to reinstal.

 

Safe Mode was fine. But Windows pop ups appeared telling me new h/ware recognised when I wasnt installing any.And then Safe Mode got slower.

 

In the meantime I was running all sorts of rescue progs so I made it worse, I guess. There was FRST, Adwareremoval (removed stuff), CCleaner (removed stuff), MB (found 1 error, which never seemed to go away), Combidisk.......basically, I was Googling and trying anything.Didn't realise this might be a silly thing to do - but things went from bad to worse.

 

Being really silly, I decided to try deleting my admin account and creating a new one. After that I couldnt log in at all - there was no desktop.

 

I was surpried to find that a Restore Point worked - and here I am bothering you guys.Im runing from a point a week or so ago in Safe Mode as an admin and on internet Explorer because I can't get into my Firefox (I thought Id lost internet entirely but managed to get in on IE somehow).

 

Can you help? Obviously I didn't mean to mess up my machine. I was trying to take responsibility for it and not bother people.....and now I have to.

 

This machine is a few years old but I haven't been using it much. I lent it to a friend who did use it but when she returned it, it was good. It's a very robust spare and I just don't believe it's failing through overuse.

 

With gratitude

 

Charlotte

 

PS I didnt see an instruction to Zip attach.txt so I've just attached it. Hope that's OK

 

 

 

 

 

 

DDS log

 

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.65.2
Run by Administrator at 10:59:27 on 2014-08-03
Microsoft Windows XP Home Edition  5.1.2600.3.1252.44.1033.18.1013.377 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.emachines.com
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&m=em350&r=0xph0211n925l0434wu05r4722r369
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&m=em350&r=0xph0211n925l0434wu05r4722r369
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [ScrSav] c:\progra~1\emachi~1\screen~1\RUN_EM~1.EXE /default
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [NortonOnlineBackupReminder] "c:\program files\symantec\norton online backup\activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [S6000Mnt] Rundll32.exe S6000Rmv.dll ,WinMainRmv /StartStillMnt
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{69CFEEC4-68E7-41EB-9091-3D00C0E5E78A} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 31952]
R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2014-7-22 135776]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 301248]
R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2014-5-30 534024]
R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe [2014-5-30 3592120]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2010-5-4 60456]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 235216]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 41040]
S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2014-7-22 483936]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
S2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2010-5-4 312400]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S2 Updater Service;Updater Service;c:\program files\emachines\emachines updater\UpdaterService.exe [2010-5-4 243232]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files\checkpoint\zonealarm\ZAPrivacyService.exe [2014-5-29 90936]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-5-4 1691480]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30944]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30944]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2010-5-4 108752]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2013-1-1 9216]
S3 S6000KNT;S6000KNT_WebCam Driver;c:\windows\system32\drivers\S6000KNT.sys [2011-2-16 3221120]
.
=============== Created Last 30 ================
.
2014-08-03 09:53:42 -------- d-sh--w- c:\documents and settings\administrator.charlotte.000\PrivacIE
2014-08-02 10:10:17 -------- d-----w- c:\windows\system32\wbem\repository\FS
2014-08-02 10:10:17 -------- d-----w- c:\windows\system32\wbem\Repository
2014-08-02 10:09:09 -------- d-----w- c:\windows\LastGood.Tmp
2014-08-02 10:08:59 -------- d-----w- c:\documents and settings\all users\application data\Partner
2014-08-02 10:08:55 -------- d-----w- c:\windows\WebCam
2014-08-02 10:08:54 -------- d-----w- c:\windows\S60Setup
2014-08-02 10:08:54 -------- d-----w- c:\program files\ALi
2014-08-02 10:05:42 -------- d-----w- c:\windows\oem
2014-08-01 18:27:24 -------- d-----w- c:\program files\CCleaner
2014-08-01 01:13:59 -------- d-----w- C:\cmdcons
2014-08-01 01:10:43 -------- d-----w- C:\ComboFix
2014-08-01 00:03:12 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-08-01 00:03:12 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-07-31 23:23:06 -------- d-sh--w- C:\found.000
2014-07-28 23:51:58 -------- d-----w- c:\program files\Realtek AC97
2014-07-28 15:17:43 -------- d-----w- C:\FRST
2014-07-28 13:27:54 -------- d-----w- C:\AdwCleaner
2014-07-28 01:38:15 -------- d-----w- C:\e3d8fbbc83fffbf3e5dc6dcd
2014-07-22 14:55:05 135776 ----a-w- c:\windows\system32\drivers\kl1.sys
2014-07-22 14:54:22 74336 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-07-22 13:49:40 822384 ----a-w- c:\program files\mozilla firefox\icuuc52.dll
2014-07-22 13:49:40 10594416 ----a-w- c:\program files\mozilla firefox\icudt52.dll
2014-07-22 13:49:40 1022576 ----a-w- c:\program files\mozilla firefox\icuin52.dll
2014-07-22 13:34:10 -------- d-----w- c:\program files\CheckPoint
2014-07-22 13:33:55 -------- d-----w- c:\documents and settings\all users\application data\CheckPoint
2014-07-22 13:19:12 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-07-22 13:18:44 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M  ====================
.
2014-07-22 15:06:28 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-22 15:06:27 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 11:00:30.21 ===============
 

 

 

 

 

 

 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 Charlotte82

Charlotte82
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 03 August 2014 - 07:25 AM

Sorry - I omitted to post a link to this topic, as requested:

 

http://www.bleepingcomputer.com/forums/t/542973/xp-infected-malware/#entry3438060



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:05 PM

Posted 08 August 2014 - 05:45 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/543180 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Charlotte82

Charlotte82
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 08 August 2014 - 08:35 AM

 Thank you, volunteers. I hope you can help. You see,I am currentlly in a developing country and enjoy lending my spare computers to people who can't afford to buy or run them. This is one of my spares. Another recently went down - so this is my LAST spare and I'm desperate to get it fixed, if possible, as I need a spare for ME!

 

Emachines notbook NV51 (no recovery disk or DVD drive) running XP home edition 5.1

 

This is what I BELIEVE happened:

 

i was uninstalling a few progs and adding more e.g Zone Alarm to lend this machine to a friend. I hadn't used it for a while but it was fine when I'd last used it.

 

When I turned it off it asked me to wait to instal Windows Updates so I did but I was in a hurry to go out so couldn't wait long enough - and turned it off.

 

My friend turned it on first, not me so Im not sure what happened but she gave it back saying she couldnt use it.

 

Since, I've had log in probs and it's been very slow. For example, I would be able to log in but the eggtimer would hang for ages. Or the same and then none of the desktop icons worked. These probs grew progressively worse over a fortnight or so to the extent that I could not log in at all eventually - the machine did not respond when I entered my password. (Although I have been able to run in Safe Mode).

 

 

In the meantime I ran malware Bytes (that found 1 prob) Adware Cleaner, Farbar Recovery Scan Tool and Combofix. I did not reaise from the forums I was consulting that Combofix had to be run with expert support. I eventually opted in Combofix to wipe the drive.

 

Nothing changed - I could still not log in properlly and things were slow. So I decided to delete my user account. After that, things were even worse.

 

So I magened to Restore the machine to a point before I started all the messing around.

 

I'm sorry if this is vague but I've done so much of said messing around - and that was before I found you - that I can't actually remember all the details.

 

I hope someone will be able to help out there. In messing around I was only trying to "take respoinsbility".

 

Thanks

 

Charlotte

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.65.2
Run by Administrator at 13:54:20 on 2014-08-08
Microsoft Windows XP Home Edition  5.1.2600.3.1252.44.1033.18.1013.384 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.emachines.com
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&m=em350&r=0xph0211n925l0434wu05r4722r369
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&m=em350&r=0xph0211n925l0434wu05r4722r369
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [ScrSav] c:\progra~1\emachi~1\screen~1\RUN_EM~1.EXE /default
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [NortonOnlineBackupReminder] "c:\program files\symantec\norton online backup\activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [S6000Mnt] Rundll32.exe S6000Rmv.dll ,WinMainRmv /StartStillMnt
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{69CFEEC4-68E7-41EB-9091-3D00C0E5E78A} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 31952]
R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2014-7-22 135776]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 301248]
R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2014-5-30 534024]
R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe [2014-5-30 3592120]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2010-5-4 60456]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 235216]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 41040]
S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2014-7-22 483936]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
S2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2010-5-4 312400]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S2 Updater Service;Updater Service;c:\program files\emachines\emachines updater\UpdaterService.exe [2010-5-4 243232]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files\checkpoint\zonealarm\ZAPrivacyService.exe [2014-5-29 90936]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-5-4 1691480]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30944]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30944]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2010-5-4 108752]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2013-1-1 9216]
S3 S6000KNT;S6000KNT_WebCam Driver;c:\windows\system32\drivers\S6000KNT.sys [2011-2-16 3221120]
.
=============== Created Last 30 ================
.
2014-08-08 12:44:41 -------- d-sh--w- c:\documents and settings\administrator.charlotte.002\PrivacIE
2014-08-08 12:42:00 20040 ----a-w- c:\documents and settings\administrator.charlotte.002\application data\microsoft\identitycrl\production\ppcrlconfig.dll
2014-08-02 10:10:17 -------- d-----w- c:\windows\system32\wbem\repository\FS
2014-08-02 10:10:17 -------- d-----w- c:\windows\system32\wbem\Repository
2014-08-02 10:09:09 -------- d-----w- c:\windows\LastGood.Tmp
2014-08-02 10:08:59 -------- d-----w- c:\documents and settings\all users\application data\Partner
2014-08-02 10:08:55 -------- d-----w- c:\windows\WebCam
2014-08-02 10:08:54 -------- d-----w- c:\windows\S60Setup
2014-08-02 10:08:54 -------- d-----w- c:\program files\ALi
2014-08-02 10:05:42 -------- d-----w- c:\windows\oem
2014-08-01 18:27:24 -------- d-----w- c:\program files\CCleaner
2014-08-01 01:13:59 -------- d-----w- C:\cmdcons
2014-08-01 01:10:43 -------- d-----w- C:\ComboFix
2014-08-01 00:03:12 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-08-01 00:03:12 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-07-31 23:23:06 -------- d-sh--w- C:\found.000
2014-07-28 23:51:58 -------- d-----w- c:\program files\Realtek AC97
2014-07-28 15:17:43 -------- d-----w- C:\FRST
2014-07-28 13:27:54 -------- d-----w- C:\AdwCleaner
2014-07-28 01:38:15 -------- d-----w- C:\e3d8fbbc83fffbf3e5dc6dcd
2014-07-22 14:55:05 135776 ----a-w- c:\windows\system32\drivers\kl1.sys
2014-07-22 14:54:22 74336 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-07-22 13:49:40 822384 ----a-w- c:\program files\mozilla firefox\icuuc52.dll
2014-07-22 13:49:40 10594416 ----a-w- c:\program files\mozilla firefox\icudt52.dll
2014-07-22 13:49:40 1022576 ----a-w- c:\program files\mozilla firefox\icuin52.dll
2014-07-22 13:34:10 -------- d-----w- c:\program files\CheckPoint
2014-07-22 13:33:55 -------- d-----w- c:\documents and settings\all users\application data\CheckPoint
2014-07-22 13:19:12 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-07-22 13:18:44 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M  ====================
.
2014-07-22 15:06:28 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-22 15:06:27 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 13:56:05.50 ===============
 

 

 

 

 

 

 

Attached Files



#5 polskamachina

polskamachina

  • Malware Response Team
  • 3,846 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:05 PM

Posted 11 August 2014 - 05:09 PM

Hi Charlotte :)

 

My name is polskamachina and I will be assisting you with your malware problems. Please give me some time to review your situation and I will get back to you with further instructions.

 

polskamachina


Member of the Bleeping Computer A.I.I. early response team!

#6 polskamachina

polskamachina

  • Malware Response Team
  • 3,846 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:05 PM

Posted 12 August 2014 - 09:55 AM

Greetings Charlotte :)
 
I am polskamachina and I will be assisting you with your malware problems. What follows below are some ground rules for this forum.

I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know. I am in California at GMT-7 Hours (Pacific Standard Time). If I do not respond to you within 48 hours, feel free to send me a private message.

Some points for you to keep in mind:

  • Do NOT run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
  • NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
  • NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. Please remember to copy the entire post so you do not miss any instructions.

Let's get started:
 
I do not recommend that you have more than one anti-virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either AVG 2011 AND AV2012 or ZoneAlarm Antivirus. In addition, please uninstall all other AVG or ZoneAlarm products depending on which one you have decided to remove.
 
Finally, please run the DDS program again. This time, make sure the box that says Attach.txt is checked before clicking the Start button. Then, copy and paste the new DDS.txt and Attach.txt logs into your next reply to me.
 
Let me know if you have any questions. How is your computer performing now?
 
polskamachina


Member of the Bleeping Computer A.I.I. early response team!

#7 Charlotte82

Charlotte82
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 12 August 2014 - 10:44 AM

Thank you for your help, polskamachina.

 

I am on my main PC now as the notebook is so slow. After this message I will do what you recommended and reply but these are the current problems encountered on starting up:

 

On normal log in to xp – on entering pword machine does not respond. Touchpad and mouse not working

 

Attempt 1 to boot in Restore Dirctory Services Repair Mode – logged in OK but IE was extremely slow (like 1 min to load IE - and I can't access Firefox).

 

Booted into Safemode with Networking – while machine is booting it hangs on list of files/directories at avgi1

 

Attempt 2 to boot into Restore Directory Mode – machine suggested then ran a CHDSK verification and rebooted. IE still painfully slow.

 

The machine also gets very hot and wheezes (although not sure if this is old age?).

 

Thanks again for your time. I'll get back to you as soon as I've done what you've advised (assuming I can)

 

Charlotte



#8 Charlotte82

Charlotte82
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 12 August 2014 - 01:10 PM

DDS (Ver_2012-11-20.01) - NTFS_x86 DSREPAIR
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.65.2
Run by CWard at 18:36:37 on 2014-08-12
Microsoft Windows XP Home Edition  5.1.2600.3.1252.44.1033.18.1013.255 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&m=em350&r=0xph0211n925l0434wu05r4722r369
uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&m=em350&r=0xph0211n925l0434wu05r4722r369
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&m=em350&r=0xph0211n925l0434wu05r4722r369
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&m=em350&r=0xph0211n925l0434wu05r4722r369
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [NortonOnlineBackupReminder] "c:\program files\symantec\norton online backup\activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [S6000Mnt] Rundll32.exe S6000Rmv.dll ,WinMainRmv /StartStillMnt
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{69CFEEC4-68E7-41EB-9091-3D00C0E5E78A} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2014-7-22 135776]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2014-5-30 534024]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2010-5-4 312400]
R2 Updater Service;Updater Service;c:\program files\emachines\emachines updater\UpdaterService.exe [2010-5-4 243232]
R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe [2014-5-30 3592120]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files\checkpoint\zonealarm\ZAPrivacyService.exe [2014-5-29 90936]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2010-5-4 60456]
R3 S6000KNT;S6000KNT_WebCam Driver;c:\windows\system32\drivers\S6000KNT.sys [2011-2-16 3221120]
S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2014-7-22 483936]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-5-4 1691480]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30944]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30944]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2010-5-4 108752]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys --> c:\windows\system32\drivers\massfilter.sys [?]
S4 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys --> c:\windows\system32\drivers\avgrkx86.sys [?]
S4 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys --> c:\windows\system32\drivers\avgtdix.sys [?]
.
=============== Created Last 30 ================
.
2014-08-02 10:10:17 -------- d-----w- c:\windows\system32\wbem\repository\FS
2014-08-02 10:10:17 -------- d-----w- c:\windows\system32\wbem\Repository
2014-08-02 10:09:09 -------- d-----w- c:\windows\LastGood.Tmp
2014-08-02 10:08:59 -------- d-----w- c:\documents and settings\all users\application data\Partner
2014-08-02 10:08:55 -------- d-----w- c:\windows\WebCam
2014-08-02 10:08:54 -------- d-----w- c:\windows\S60Setup
2014-08-02 10:08:54 -------- d-----w- c:\program files\ALi
2014-08-01 18:27:24 -------- d-----w- c:\program files\CCleaner
2014-08-01 01:13:59 -------- d-----w- C:\cmdcons
2014-08-01 01:10:43 -------- d-----w- C:\ComboFix
2014-08-01 00:03:12 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-08-01 00:03:12 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-07-31 23:23:06 -------- d-sh--w- C:\found.000
2014-07-28 23:51:58 -------- d-----w- c:\program files\Realtek AC97
2014-07-28 15:17:43 -------- d-----w- C:\FRST
2014-07-28 13:27:54 -------- d-----w- C:\AdwCleaner
2014-07-28 01:38:15 -------- d-----w- C:\e3d8fbbc83fffbf3e5dc6dcd
2014-07-22 14:55:05 135776 ----a-w- c:\windows\system32\drivers\kl1.sys
2014-07-22 14:54:22 74336 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-07-22 13:49:40 822384 ----a-w- c:\program files\mozilla firefox\icuuc52.dll
2014-07-22 13:49:40 10594416 ----a-w- c:\program files\mozilla firefox\icudt52.dll
2014-07-22 13:49:40 1022576 ----a-w- c:\program files\mozilla firefox\icuin52.dll
2014-07-22 13:34:10 -------- d-----w- c:\program files\CheckPoint
2014-07-22 13:33:55 -------- d-----w- c:\documents and settings\all users\application data\CheckPoint
2014-07-22 13:19:12 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-07-22 13:18:44 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M  ====================
.
2014-07-22 15:06:28 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-22 15:06:27 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 18:37:48.15 ===============
 

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 16/02/2011 11:38:23
System Uptime: 12/08/2014 18:10:47 (0 hours ago)
.
Motherboard: Acer |  | eM350
Processor:          Intel® Atom™ CPU N450   @ 1.66GHz | CPU | 1662/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 138 GiB total, 114.695 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP206: 22/07/2014 14:17:45 - Removed Java™ 6 Update 22
RP207: 22/07/2014 14:18:16 - Installed Java 7 Update 65
RP208: 22/07/2014 15:43:53 - Installed Windows KB954550-v5.
RP209: 22/07/2014 15:44:19 - Printer Driver Microsoft XPS Document Writer Installed
RP210: 22/07/2014 15:44:48 - Printer Driver Microsoft XPS Document Writer Installed
RP211: 22/07/2014 16:48:39 - Software Distribution Service 3.0
RP212: 29/07/2014 00:51:54 - Restore Operation
RP213: 02/08/2014 11:04:35 - Restore Operation
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader 9.5.5 MUI
Adobe Shockwave Player 11.6
ALPS Touch Pad Driver
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
AVG 2011
AVG 2012
Canon MP280 series MP Drivers
Compatibility Pack for the 2007 Office system
DJ_AIO_03_F2200_Software_Min
eMachines Games
eMachines Recovery Management
eMachines ScreenSaver
eMachines Updater
ENE USB Card Reader Driver
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB949764)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB969084)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
HP Deskjet F2200 All-In-One Driver 10.0 Rel .3
Identity Card
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Java 7 Update 65
Java Auto Updater
Junk Mail filter update
Launch Manager
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 30.0 (x86 en-GB)
Mozilla Maintenance Service
MSN
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Online Backup
Penguins!
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2483614)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Segoe UI
Skype Click to Call
Skype™ 6.0
swMSM
Toolbox
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2813347-v2)
Update for Windows XP (KB2863058)
Update for Windows XP (KB898461)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Video Web Camera
WebCam
WebFldrs XP
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
Yahoo! Detect
ZoneAlarm Antivirus
ZoneAlarm Firewall
ZoneAlarm Security
.
==== Event Viewer Messages From Past Week ========
.
12/08/2014 18:12:31, error: Service Control Manager [7001]  - The AVGIDSFilter service depends on the AVGIDSShim service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/08/2014 18:12:31, error: Service Control Manager [7001]  - The AVGIDSDriver service depends on the AVGIDSFilter service which failed to start because of the following error:  The dependency service or group failed to start.
12/08/2014 18:12:31, error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  The dependency service or group failed to start.
12/08/2014 17:04:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows XP (KB2922229).
12/08/2014 17:04:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows XP (KB2916036).
12/08/2014 17:01:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows XP (KB2904266).
12/08/2014 17:01:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Skype for Windows desktop 6.11 (KB2876229).
12/08/2014 17:01:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2836941).
12/08/2014 17:01:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows XP (KB2930275).
12/08/2014 17:01:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows XP (KB2929961).
12/08/2014 17:01:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows XP (KB2898715).
12/08/2014 17:01:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows XP (KB2893294).
12/08/2014 17:01:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2901111).
12/08/2014 17:01:55, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Internet Explorer 8 for Windows XP (KB2964358).
12/08/2014 16:52:10, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Microsoft Silverlight (KB2977218).
12/08/2014 16:51:49, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8024002d: Security Update for Microsoft Office Word 2007 (KB2880515).
12/08/2014 16:51:38, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Windows XP End of Support Notification (KB2934207).
12/08/2014 16:51:21, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2898856).
12/08/2014 16:51:21, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2936068).
12/08/2014 16:51:21, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8024002d: Security Update for Microsoft Office 2007 suites (KB2817330).
12/08/2014 16:23:29, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  KLIF
09/08/2014 03:26:00, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
08/08/2014 13:55:23, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
08/08/2014 13:48:35, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Avgldx86 Avgmfx86 Fips intelppm KLIF
08/08/2014 13:47:48, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08/08/2014 13:45:01, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
08/08/2014 13:43:19, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Avgldx86 Avgmfx86 Avgtdix Fips intelppm IPSec KLIF MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip Vsdatant
08/08/2014 13:43:19, error: Service Control Manager [7001]  - The TrueVector Internet Monitor service depends on the Vsdatant service which failed to start because of the following error:  A device attached to the system is not functioning.
08/08/2014 13:43:19, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
08/08/2014 13:43:19, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
08/08/2014 13:43:19, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
08/08/2014 13:43:19, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
08/08/2014 13:42:23, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
.
==== End Of File ===========================
 



#9 polskamachina

polskamachina

  • Malware Response Team
  • 3,846 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:05 PM

Posted 12 August 2014 - 04:49 PM

Hi Charlotte :)

 

Were you able to get to the control panel of your laptop and uninstall one of your anti-virus products? Also, can you describe in as much detail as you can the kind of noises, or wheezes as you described it, that you are hearing? Is it constantly making these noises?

 

polskamachina


Member of the Bleeping Computer A.I.I. early response team!

#10 Charlotte82

Charlotte82
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 12 August 2014 - 06:59 PM

Hi Polska :warrior:

 

When logged in in Directory Services Restore Mode I went to Start -Progs-AVG 2011 and found Uninstal, And that seemed to work. But I am still getting "Yor computer mght be at risk" AVG pop-ups.

 

Nextt:

 

I next went to Control Panel and Uninstalled Zonealarm and ZA Toolbar. All the processes seemd to go smoothly.....

 

However, this did not seem to uninstall ZA. I tried in Start menu - no go. I loaded Za and examined options - could not find an uninstal option. So ZA is still there - maybe I just don't know how to untinstal it.

 

The last time I booted normally, I was able to log in to xp - so the log innow responds. But on logging in nothing works - the icons on the desktop do nothing.

 

How can I explain the wheezing sound?.....

 

It's fairly high-pitched. Like breathing in and out. I don't know how old you are but it is something like the kind of noise an old PC might make if you were loading a floppy disk with too much data on it so the progs had to slow down. Ot a pair of bellows.

 

And here I am getting anohter pop up telling me that "Updates are ready for your computer" when I only installed upfates a couple of hours ago....and I d'm not sure how many Windows XP updates there are any more.

 

So I'm not installing them.

 

Please let me know if you need more info. And thanks again

 

Charlotte

 

Sorry I can't be more precise.

 

I haven't used this machine in a while so I'm not sure if this is how it has been. lately (although it has been mothballed for 18 months).



#11 Charlotte82

Charlotte82
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 12 August 2014 - 07:00 PM

PS Please excuse typos. This keyboard is tiny.



#12 polskamachina

polskamachina

  • Malware Response Team
  • 3,846 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:05 PM

Posted 13 August 2014 - 02:41 PM

Hi Charlotte :)
 
It seems there are a plethora of maladies plaguing your computer. Let's see if it's possible to complete any of the following tasks.
 
Click on the Start button.
Click on Run.
Type, services.msc Then click on Ok.
When the services window appears, scroll down to Automatic Updates. Right click that line to highlight it.
Select properties. Another window will pop up.
Click on stop. After a few seconds, the service will be stopped. Then change the startup type to disabled.
 
Next:

How To Publish a Snapshot using Speccy


Guide Overview

The purpose of this guide is to teach you how to post your computer's specifications to the forum with minimal effort on your part. This is often helpful when troubleshooting problems, and the person helping you needs to see the details of your computer's hardware.

Tools Needed

  • Speccy - First, you will need a program called Speccy. From Piriform's website: "Speccy is an advanced system information tool for your PC." This is a very useful utility that every PC user should have in their arsenal.

Instructions

  • Go to Piriform's website, and click the big download.png button.

    Next, click Download from Piriform (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version.

    You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.
  • After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
  • Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
    JmYsp.png

    Now, in the menu bar at the top left, click File > Publish Snapshot

    You will see the following prompt:
    publish.png

    Click Yes > then Copy to Clipboard

    copydi.png

    Now, once you are back in the forum topic you are posting in, click the replyji.png button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Finally, let's check your CPU usage.
 
Press and hold the ctrl and shift keys while you tap the Escape key. In other words, you will need to momentarily press all three keys at once. Then, the task manager will appear. Click on the second tab, Processes, if it isn't already shown. Next, click on the column header for CPU two times. The column will now be sorted by process with the highest CPU users at the top of the list. Take note of any process that is using more just a few percentage points. In a healthy computer, the System Idle process should be using over 95% of the CPU resources. If you see other processes using more than just a couple of percentage points, write them down and please copy and paste them in your next reply to me.
 
Let me know if you have any questions and if your computer has shown any improvement.
 
polskamachina


Member of the Bleeping Computer A.I.I. early response team!

#13 Charlotte82

Charlotte82
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 13 August 2014 - 04:34 PM

Thank you. p-m

 

A "plethora of maladies", What a wonderful phrase - sounds alchemical!

 

Will follow advice and be back within 72 hours.

 

Charlotte



#14 Charlotte82

Charlotte82
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 13 August 2014 - 05:56 PM

 http://speccy.piriform.com/results/YKeOxDzH6nf1yqGA5k1Fe7m

 

 

Thanks pm! I managed to perform your first step 0f disabling Automatic Updates fine.

 

Now onto CPU....



#15 Charlotte82

Charlotte82
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 13 August 2014 - 06:17 PM

As you will understand, thse values went up and down.

 

ieexplore.exe varied between low values and some up to 50%.

 

Others that were not system Idle included:

 

(seen System Idle as low as 52%)

avgmfapx.exe - between 45 and 50%

avgwdsvc.exe - as above

svchost.eve - around 10%

soloolssv.exe

Speccy.exe

 

Whiloe I was watchig the CPU processes,they seemd to pulse: one moment of high CPU

%the next less.

 

Thanks

 

Charlotte

 

ALU.exe - around 20%

SD.exe - 20 - 30%






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users