Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am i infected and how can I check


  • This topic is locked This topic is locked
11 replies to this topic

#1 stubby97

stubby97

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 26 October 2014 - 05:43 PM

I have been reading about infections on this site and have downloaded the DDN Tool... Here are the results... What to do next....
 
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.71.2
Run by Owner at 15:09:57 on 2014-10-26
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1022.529 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\qttask.exe
C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://signup.live.com/signup.aspx?cbcxt=mail&wreply=http:%2F%2Fmail.live.com&id=64855&lic=1&OLrefer=merchsite&suretry=3
mStart Page = about:blank
mSearch Bar = hxxp://www.google.com
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [KGShareApp] c:\program files\kodak\kodak share button app\KGShare_App.exe
uRun: [AnVir Task Manager Free] "c:\program files\anvir task manager free\anvir.exe" Minimized
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "d:\program files\qttask.exe" -atboottime
mRun: [DiskeeperSystray] "c:\program files\executive software\diskeeper\DkIcon.exe"
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [KodakShareButtonApp] c:\program files\kodak\kodak share button app\Listener.exe
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [CTHelper] CTHELPER.EXE
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\diskee~1.lnk - c:\program files\executive software\diskeeper\ESIRegister.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - LocalServer32 - <no file>
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: dell.com
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1110960978312
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {C6B95BE9-4373-4BF8-9D18-9FCEAE5563F0} - hxxps://col0-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=1864943381
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{2BA3F0B6-003E-4E48-9EC4-F2D428589507} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5471C59A-7BE5-482E-88CD-2DFD149E5A58} : DHCPNameServer = 192.168.1.254
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\2pqjj1pm.default-1413348957578\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/en-ca/
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\skypewebplugin\3.1.15602.22612\npSkypeWebPlugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1212152.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_189.dll
FF - plugin: d:\program files\plugins\npqtplugin.dll
FF - plugin: d:\program files\plugins\npqtplugin2.dll
FF - plugin: d:\program files\plugins\npqtplugin3.dll
FF - plugin: d:\program files\plugins\npqtplugin4.dll
FF - plugin: d:\program files\plugins\npqtplugin5.dll
FF - plugin: d:\program files\plugins\npqtplugin6.dll
FF - plugin: d:\program files\plugins\npqtplugin7.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 231960]
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2014-10-22 106248]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-10-14 1871160]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-10-14 968504]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2007-5-23 547744]
R3 atinewp2;ATI eHomeWonder, WDM Video CODEC;c:\windows\system32\drivers\atinewp2.sys [2009-1-27 485888]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-10-28 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-10-14 114904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2014-10-22 30504]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2009-1-27 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 cpuz134;cpuz134;\??\c:\docume~1\owner\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz134\cpuz134_x32.sys [?]
.
=============== Created Last 30 ================
.
2014-10-26 19:53:56    --------    d-----w-    c:\documents and settings\owner\application data\ChemTable Software
2014-10-26 19:53:22    --------    d-----w-    c:\documents and settings\owner\local settings\application data\ChemTable Software
2014-10-26 19:53:11    --------    d-----w-    c:\documents and settings\owner\local settings\application data\AnVir
2014-10-26 19:52:13    --------    d-----w-    c:\program files\AnVir Task Manager Free
2014-10-26 19:17:50    --------    d-----w-    c:\documents and settings\all users\application data\McAfee Security Scan
2014-10-26 19:17:42    --------    d-----w-    c:\program files\McAfee Security Scan
2014-10-26 19:17:40    71344    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-26 19:17:40    701104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-10-25 22:10:26    8901368    ----a-w-    c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3896729e-a0c9-428a-b76b-c6a677823a48}\mpengine.dll
2014-10-24 21:31:50    8901368    ----a-w-    c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-10-23 19:25:30    --------    d-----w-    c:\program files\Executive Software
2014-10-23 10:48:35    1409    ----a-w-    c:\windows\QTFont.for
2014-10-22 22:58:48    30504    ----a-w-    c:\windows\system32\drivers\DrvAgent32.sys
2014-10-21 05:50:18    --------    d-----w-    c:\program files\CCleaner
2014-10-21 04:58:17    --------    d-----w-    C:\FRST
2014-10-19 10:31:06    145408    ----a-w-    c:\windows\system32\javacpl.cpl
2014-10-19 10:30:54    96680    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-10-19 06:52:52    --------    d-----w-    c:\program files\HitmanPro
2014-10-18 01:01:50    --------    d-----w-    c:\documents and settings\all users\application data\HitmanPro
2014-10-15 06:30:01    220784    ----a-w-    c:\program files\mozilla firefox\sandboxbroker.dll
2014-10-14 19:51:27    114904    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-14 19:50:05    --------    d-----w-    c:\program files\Malwarebytes Anti-Malware
2014-10-14 08:13:56    --------    d-----w-    c:\documents and settings\owner\AppData
2014-10-14 08:13:55    --------    d-----w-    c:\documents and settings\owner\local settings\application data\cache
2014-10-14 08:13:15    --------    d-----w-    c:\documents and settings\all users\application data\HitsBlender
2014-10-14 08:13:01    --------    d-----w-    c:\documents and settings\all users\application data\ef8c90d588ad58a2
2014-10-14 08:12:24    --------    d-----w-    c:\documents and settings\owner\local settings\application data\Comodo
2014-10-14 01:40:48    --------    d-----w-    c:\program files\common files\Symantec Shared
2014-10-13 21:48:17    --------    d-----w-    c:\documents and settings\all users\application data\Norton
2014-10-04 22:02:11    501912    ----a-w-    c:\windows\system32\PICSDK2.dll
2014-10-04 22:02:10    80024    ----a-w-    c:\windows\system32\PICSDK.dll
2014-10-04 22:02:10    51360    ----a-w-    c:\windows\system32\EpPicPrt.dll
2014-10-04 22:02:10    51360    ----a-w-    c:\windows\system32\EpPicMgr.dll
2014-10-04 22:02:10    108704    ----a-w-    c:\windows\system32\PICEntry.dll
2014-10-04 22:01:20    34304    ----a-w-    c:\windows\system32\E_FBCHAEA.DLL
2014-10-04 22:01:19    79679    ----a-w-    c:\windows\system32\E_FLMAEA.DLL
2014-10-04 22:01:19    64000    ----a-w-    c:\windows\system32\E_FBCBAEA.DLL
2014-10-04 22:00:31    --------    d-----w-    c:\program files\epson
2014-10-04 22:00:30    46080    ----a-w-    c:\windows\system32\escimgd.dll
2014-10-04 22:00:30    29696    ----a-w-    c:\windows\system32\escwiad.dll
2014-10-04 22:00:30    22016    ----a-w-    c:\windows\system32\esccmd.dll
.
==================== Find3M  ====================
.
2014-10-01 18:20:26    54360    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 18:20:20    23256    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-09-22 06:41:56    231568    ------w-    c:\windows\system32\MpSigStub.exe
.
============= FINISH: 15:11:49.26 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 27/01/2009 2:26:57 PM
System Uptime: 26/10/2014 12:04:53 PM (3 hours ago)
.
Motherboard: Dell Inc.           |  | 0U7077
Processor:               Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 368 GiB total, 338.727 GiB free.
D: is FIXED (NTFS) - 368 GiB total, 302.522 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP553: 19/10/2014 11:25:19 PM - Software Distribution Service 3.0
RP554: 20/10/2014 11:06:05 PM - Checkpoint by HitmanPro
RP555: 21/10/2014 12:16:48 AM - Software Distribution Service 3.0
RP556: 21/10/2014 5:20:37 AM - Checkpoint by HitmanPro
RP557: 22/10/2014 5:33:53 AM - Checkpoint by HitmanPro
RP558: 22/10/2014 5:53:53 AM - Software Distribution Service 3.0
RP559: 22/10/2014 3:45:12 PM - Installed Windows Windows Easy Transfer for Windows 7.
RP560: 22/10/2014 4:09:48 PM - Checkpoint by HitmanPro
RP561: 22/10/2014 4:16:55 PM - Removed DriverUpdate
RP562: 22/10/2014 4:18:01 PM - Removed Snap.Do
RP563: 22/10/2014 4:24:45 PM - Removed Pro PC Cleaner
RP564: 22/10/2014 5:22:59 PM - Checkpoint by HitmanPro
RP565: 22/10/2014 10:50:18 PM - Checkpoint by HitmanPro
RP566: 23/10/2014 2:26:16 AM - Removed LPT System Updater Service
RP567: 23/10/2014 11:25:37 AM - Software Distribution Service 3.0
RP568: 23/10/2014 12:25:29 PM - Installed Diskeeper Home Edition
RP569: 24/10/2014 2:31:47 PM - Software Distribution Service 3.0
RP570: 24/10/2014 11:07:17 PM - Checkpoint by HitmanPro
RP571: 25/10/2014 3:10:22 PM - Software Distribution Service 3.0
RP572: 26/10/2014 1:01:10 AM - Installed Windows XP KB2618444.
.
==== Installed Programs ======================
.
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.08)
AnVir Task Manager Free
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
CCleaner
Diskeeper Home Edition
EPSON Printer Software
EPSON Scan
ESET Online Scanner v3
FileZilla Client 3.8.0
GnuCash 2.4.13
HitmanPro 3.7
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Java 7 Update 71
Java Auto Updater
Junk Mail filter update
KODAK Share Button App
Malwarebytes Anti-Malware version 2.0.3.1025
McAfee Security Scan Plus
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.0 Security Update (KB2904878)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
Mozilla Firefox 33.0 (x86 en-US)
Mozilla Maintenance Service
MSN
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB954459)
MySQL Connector/ODBC 3.51
Nero 7 Essentials
neroxml
OpenOffice 4.0.1
PowerDVD
PowerProducer
QuickTime
RPS CADR
RPS CRT
SAMSUNG Intelli-studio
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2761465)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2909921)
Security Update for Windows Internet Explorer 8 (KB2925418)
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows Internet Explorer 8 (KB2964358)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2922229)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Segoe UI
Skype Web Plugin
Snap.Do Engine
Sonic Encoders
SoundMAX
swMSM
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB2934207)
Update for Windows XP (KB943729)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebFldrs XP
Windows Easy Transfer for Windows 7
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Writer
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
26/10/2014 12:01:27 PM, error: Service Control Manager [7034]  - The HitmanPro Scheduler service terminated unexpectedly.  It has done this 1 time(s).
26/10/2014 12:01:06 PM, error: Service Control Manager [7034]  - The Diskeeper service terminated unexpectedly.  It has done this 1 time(s).
24/10/2014 2:52:18 AM, error: iaStor [9]  - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
24/10/2014 11:11:54 PM, error: Service Control Manager [7024]  - The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error 0 (0x0).
22/10/2014 6:21:29 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u mraid35x PCIIde perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 sisagp Sparrow symc810 symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde
22/10/2014 6:21:02 PM, error: Microsoft Antimalware [2041]  - The support for your operating system has expired. Running Microsoft Antimalware on an out of support operating system is not an adequate solution to protect against threats.
22/10/2014 6:20:10 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
22/10/2014 5:50:50 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Fips intelppm MpFilter
22/10/2014 10:31:17 AM, error: Service Control Manager [7031]  - The Media Center Receiver Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
22/10/2014 10:31:08 AM, error: Service Control Manager [7034]  - The Yahoo! Updater service terminated unexpectedly.  It has done this 1 time(s).
22/10/2014 10:29:33 AM, error: Service Control Manager [7034]  - The Media Center Scheduler Service service terminated unexpectedly.  It has done this 1 time(s).
22/10/2014 10:27:04 AM, error: Service Control Manager [7031]  - The Microsoft Antimalware Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 15000 milliseconds: Restart the service.
21/10/2014 5:21:39 AM, error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for DeleteFlag with the following error:  Access is denied.
21/10/2014 12:02:39 AM, error: Service Control Manager [7034]  - The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).
21/10/2014 12:02:13 AM, error: Service Control Manager [7034]  - The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
21/10/2014 12:01:58 AM, error: Service Control Manager [7031]  - The Microsoft Antimalware Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 15000 milliseconds: Restart the service.
20/10/2014 9:51:12 AM, error: Service Control Manager [7000]  - The MBAMService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
20/10/2014 9:51:01 AM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the MBAMService service to connect.
20/10/2014 9:05:15 PM, error: Service Control Manager [7034]  - The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).
20/10/2014 11:55:58 PM, error: Service Control Manager [7034]  - The PLFlash DeviceIoControl Service service terminated unexpectedly.  It has done this 1 time(s).
.
==== End Of File ===========================
 
Before I do anything else or let anyone touch computer I will wait for your advice

Edited by Queen-Evie, 26 October 2014 - 10:17 PM.
moved from Am I Infected to Malware Removal Logs. DDS logs are allowed only in MRL.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 31 October 2014 - 05:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/553446 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 02 November 2014 - 03:01 PM

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_07
Run by Rick at 11:48:04 on 2014-11-02
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1022.165 [GMT -8:00]
.
AV: AVG AntiVirus 2015 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
AV: ESET NOD32 antivirus system 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Norton Internet Security *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG Web TuneUp\avgcefrend.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.dell.com
mSearchAssistant = hxxp://search.v9.com/web/?type=ds&ts=1414539486&from=cor&uid=HDS725050KLA360_KRVN03ZAJ1UUHDJ1UUHDX&i=psd&t=34b2198b1&q={searchTerms}
mCustomizeSearch = hxxp://search.v9.com/web/?type=ds&ts=1414539486&from=cor&uid=HDS725050KLA360_KRVN03ZAJ1UUHDJ1UUHDX&i=psd&t=34b2198b1&q={searchTerms}
BHO: IETabPage Class: {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} -
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ST: {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: AVG Web TuneUp: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg web tuneup\4.0.0.16\AVG Web TuneUp.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: MSNToolBandBHO: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\en-ca\msntb.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Real.com: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\shdocvw.dll
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [MessengerPlus3] "\" /WinStart
uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [DellSystemDetect] c:\documents and settings\rick\local settings\apps\2.0\nkh2v00o.xbe\7kcqcvxj.2lv\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_03\bin\jusched.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [mmtask] "c:\program files\musicmatch\musicmatch jukebox\mmtask.exe"
mRun: [LVCOMSX] c:\windows\system32\LVCOMSX.EXE
mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe
mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [IAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [EPSON Stylus Photo R200 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [DiskeeperSystray] "c:\program files\executive software\diskeeper\DkIcon.exe"
mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTDVDDET] "c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDET.EXE"
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 6.0\apdproxy.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg web tuneup\vprot.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} -
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: imon.dll
Trusted Zone: dell.com
Trusted Zone: amaena.com
Trusted Zone: avsystemcare.com
Trusted Zone: gomyhit.com
Trusted Zone: imageservr.com
Trusted Zone: imagesrvr.com
Trusted Zone: onerateld.com
Trusted Zone: safetydownload.com
Trusted Zone: storageguardsoft.com
Trusted Zone: trustedantivirus.com
Trusted Zone: virusschlacht.com
DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab
DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://westmap.westvancouver.ca/westmapviewer/mgaxctrl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1414544593234
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F2D35D99-63B1-46D3-970C-6E22320D5DCB} - hxxp://www.ksolo.com/getPlugin.do
DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{2568D82D-6540-4601-9407-A55A29B55F32} : NameServer = 192.168.0.1
TCP: Interfaces\{8E2D2F1A-A888-4E07-8C76-900DB68C8A8D} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{BB189474-58B7-47F5-AF52-527966357EED} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\18.1.10\ViProtocol.dll
Notify: geBuVLeD - geBuVLeD.dll
SEH: {A6C54318-5AC7-477D-B0A7-49AF5189300C} - <orphaned>
LSA: Authentication Packages =  msv1_0 c:\windows\system32\ddcCVOIx
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rick\application data\mozilla\firefox\profiles\fplzew51.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/en-ca?pfr=1
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_189.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-18 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriverl;AVGIDSDriverl;c:\windows\system32\drivers\avgidsdriverlx.sys [2014-10-7 198936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2014-11-1 42784]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-20 15424]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-1-4 587096]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2015\avgidsagent.exe [2014-10-16 3487248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2015\avgwdsvc.exe [2014-10-16 298080]
R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2005-12-2 552064]
R2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10;c:\program files\common files\avg secure search\vtoolbarupdater\18.1.10\ToolbarUpdater.exe [2014-11-1 1849368]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2005-5-9 344800]
R3 atinewp2;ATI eHomeWonder, WDM Video CODEC;c:\windows\system32\drivers\atinewp2.sys [2005-5-9 485888]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-3-1 161384]
.
=============== File Associations ===============
.
ShellExec: EasyShare.exe: Preview="c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe"
ShellExec: QSync.exe: Open="c:\program files\logitech\video\QSync.exe"
.
=============== Created Last 30 ================
.
2014-11-02 05:28:21    --------    d-----w-    c:\documents and settings\rick\local settings\application data\AVG Web TuneUp
2014-11-02 05:28:05    --------    d-----w-    c:\documents and settings\rick\application data\AVG Web TuneUp
2014-11-02 05:28:05    --------    d-----w-    c:\documents and settings\all users\application data\AVG Security Toolbar
2014-11-02 05:27:35    42784    ----a-w-    c:\windows\system32\drivers\avgtpx86.sys
2014-11-02 05:27:25    --------    d-----w-    c:\documents and settings\all users\application data\AVG Secure Search
2014-11-02 05:27:21    --------    d-----w-    c:\program files\common files\AVG Secure Search
2014-11-02 05:27:06    --------    d-----w-    c:\program files\AVG Web TuneUp
2014-11-02 05:27:04    --------    d-----w-    c:\documents and settings\all users\application data\AVG Web TuneUp
2014-11-02 05:17:42    --------    d-----w-    c:\documents and settings\rick\application data\AVG2015
2014-11-02 05:16:14    --------    d-----w-    c:\documents and settings\rick\application data\TuneUp Software
2014-11-02 05:14:09    --------    d-----w-    c:\documents and settings\all users\application data\AVG2015
2014-11-02 05:13:05    --------    d-----w-    c:\program files\AVG
2014-11-02 05:08:59    --------    d--h--w-    c:\documents and settings\all users\application data\Common Files
2014-11-02 05:08:58    --------    d-----w-    c:\documents and settings\rick\local settings\application data\MFAData
2014-11-02 05:08:58    --------    d-----w-    c:\documents and settings\rick\local settings\application data\Avg2015
2014-11-02 05:08:58    --------    d-----w-    c:\documents and settings\all users\application data\MFAData
2014-10-30 09:07:11    --------    d-----w-    c:\documents and settings\rick\application data\Dell
2014-10-30 09:07:01    --------    d-----w-    c:\program files\Dell Support Center
2014-10-30 09:07:01    --------    d-----w-    c:\documents and settings\all users\application data\PCDr
2014-10-30 09:06:08    --------    d-----w-    c:\program files\My Dell
2014-10-30 09:04:06    --------    d-----w-    c:\documents and settings\rick\application data\PCDr
2014-10-30 09:04:03    --------    d-----w-    C:\temp
2014-10-30 09:01:12    --------    d-----w-    c:\documents and settings\rick\local settings\application data\Deployment
2014-10-30 07:39:03    --------    d-----r-    c:\program files\Skype
2014-10-30 07:37:23    --------    d-----w-    c:\documents and settings\rick\Contacts
2014-10-30 06:03:22    --------    d-----w-    c:\documents and settings\rick\application data\Azureus
2014-10-29 20:41:49    --------    d-sh--w-    c:\documents and settings\rick\IECompatCache
2014-10-29 20:40:13    --------    d-sh--w-    c:\documents and settings\rick\PrivacIE
2014-10-29 20:27:10    --------    d-sh--w-    c:\documents and settings\rick\IETldCache
2014-10-29 20:19:59    522240    ------w-    c:\windows\system32\dllcache\jsdbgui.dll
2014-10-29 20:19:47    6144    ------w-    c:\windows\system32\dllcache\iecompat.dll
2014-10-29 20:19:17    --------    d-----w-    c:\windows\ie8updates
2014-10-29 20:18:52    12800    ------w-    c:\windows\system32\dllcache\xpshims.dll
2014-10-29 20:18:51    743424    ------w-    c:\windows\system32\dllcache\iedvtool.dll
2014-10-29 20:18:51    247808    ------w-    c:\windows\system32\dllcache\ieproxy.dll
2014-10-29 20:17:59    --------    dc-h--w-    c:\windows\ie8
2014-10-29 20:00:09    --------    d-----w-    c:\documents and settings\rick\aqbanking
2014-10-29 19:23:22    --------    d-----w-    c:\documents and settings\rick\application data\MSNInstaller
2014-10-29 19:17:07    953856    ------w-    c:\windows\system32\dllcache\mfc40u.dll
2014-10-29 19:16:55    13312    ------w-    c:\windows\system32\xp_eos.exe
2014-10-29 19:16:55    13312    ------w-    c:\windows\system32\dllcache\xp_eos.exe
2014-10-29 19:16:29    617472    ------w-    c:\windows\system32\dllcache\comctl32.dll
2014-10-29 19:11:13    25088    ------w-    c:\windows\system32\dllcache\hidparse.sys
2014-10-29 19:11:12    14976    ------w-    c:\windows\system32\dllcache\usbscan.sys
2014-10-29 19:09:32    105472    ------w-    c:\windows\system32\dllcache\mup.sys
2014-10-29 19:09:18    12928    ------w-    c:\windows\system32\dllcache\usb8023x.sys
2014-10-29 19:09:18    12928    ------w-    c:\windows\system32\dllcache\usb8023.sys
2014-10-29 19:08:57    60160    ------w-    c:\windows\system32\dllcache\usbaudio.sys
2014-10-29 19:08:57    46848    ------w-    c:\windows\system32\dllcache\irbus.sys
2014-10-29 19:08:56    123008    ------w-    c:\windows\system32\dllcache\usbvideo.sys
2014-10-29 19:08:02    536576    ------w-    c:\windows\system32\dllcache\msado15.dll
2014-10-29 19:07:44    139784    ------w-    c:\windows\system32\dllcache\rdpwd.sys
2014-10-29 19:04:17    5376    ------w-    c:\windows\system32\dllcache\usbd.sys
2014-10-29 19:04:17    32384    ------w-    c:\windows\system32\dllcache\usbccgp.sys
2014-10-29 19:04:17    30336    ------w-    c:\windows\system32\dllcache\usbehci.sys
2014-10-29 19:04:17    144128    ------w-    c:\windows\system32\dllcache\usbport.sys
2014-10-29 19:02:02    10496    ------w-    c:\windows\system32\dllcache\ndistapi.sys
2014-10-29 19:02:01    40960    ------w-    c:\windows\system32\dllcache\ndproxy.sys
2014-10-29 18:59:32    45568    ------w-    c:\windows\system32\dllcache\wab.exe
2014-10-29 07:58:02    --------    d-----w-    c:\documents and settings\rick\local settings\application data\BVRP Software
2014-10-29 07:44:03    --------    d-----w-    c:\documents and settings\rick\local settings\application data\fontconfig
2014-10-29 07:43:52    --------    d-----w-    c:\documents and settings\rick\local settings\application data\webkit
2014-10-29 07:37:40    --------    d-----w-    c:\documents and settings\rick\local settings\application data\gtk-2.0
2014-10-29 07:28:44    --------    d-----w-    c:\documents and settings\rick\.gnucash
2014-10-29 07:26:50    --------    d-----w-    c:\program files\gnucash
2014-10-29 06:54:20    --------    d-----w-    c:\documents and settings\rick\application data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-10-29 06:29:15    --------    d-----w-    c:\windows\ERUNT
2014-10-29 06:01:27    --------    d-----w-    c:\documents and settings\rick\local settings\application data\Adobe
2014-10-29 05:34:56    --------    d-----w-    c:\documents and settings\rick\local settings\application data\Nova Development
2014-10-29 05:00:39    --------    d-----w-    c:\documents and settings\rick\local settings\application data\Google
2014-10-29 04:36:46    --------    d-----w-    c:\windows\system32\scripting
2014-10-29 04:36:45    --------    d-----w-    c:\windows\system32\en
2014-10-29 04:36:45    --------    d-----w-    c:\windows\system32\bits
2014-10-29 04:36:45    --------    d-----w-    c:\windows\l2schemas
2014-10-29 04:20:48    --------    d-----w-    c:\documents and settings\rick\local settings\application data\Logitech-LS
2014-10-29 03:29:56    79872    ------w-    c:\windows\system32\dllcache\msxml6r.dll
2014-10-29 03:28:59    46464    ------w-    c:\windows\system32\drivers\gagp30kx.sys
2014-10-29 02:42:41    --------    d-----w-    c:\documents and settings\rick\local settings\application data\Mozilla
2014-10-29 02:42:21    --------    d-----w-    c:\documents and settings\rick\local settings\application data\Apple Computer
2014-10-29 02:42:17    --------    d-----w-    c:\documents and settings\rick\local settings\application data\Musicmatch
2014-10-29 02:25:27    --------    d-----w-    c:\program files\MSXML 6.0
2014-10-29 01:59:01    --------    d-----w-    c:\documents and settings\all users\application data\8a5021e61f168704
2014-10-29 01:32:25    --------    d-----w-    c:\windows\system32\MRT
2014-10-29 01:13:04    --------    d-----w-    c:\windows\ServicePackFiles
2014-10-29 00:39:57    71344    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-29 00:39:57    701104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-10-28 23:45:44    357888    ------w-    c:\windows\system32\dllcache\srv.sys
2014-10-28 23:44:52    456320    ------w-    c:\windows\system32\dllcache\mrxsmb.sys
2014-10-28 23:44:45    471552    ------w-    c:\windows\system32\dllcache\aclayers.dll
2014-10-28 23:44:07    744448    ------w-    c:\windows\system32\dllcache\helpsvc.exe
2014-10-28 23:41:31    3558912    ------w-    c:\windows\system32\dllcache\moviemk.exe
2014-10-28 23:37:06    --------    d-----w-    c:\program files\Framed Display
2014-10-28 23:34:44    655872    ------w-    c:\windows\system32\dllcache\mstscax.dll
2014-10-28 23:31:19    337920    ------w-    c:\windows\system32\dllcache\netapi32.dll
2014-10-28 23:30:26    7168    ----a-w-    c:\windows\system32\xpsp4res.dll
2014-10-28 23:30:23    218112    ------w-    c:\windows\system32\dllcache\wordpad.exe
2014-10-24 03:29:41    --------    d-----w-    C:\MyReceips
2014-10-10 22:13:58    200984    ----a-w-    c:\windows\system32\drivers\avgtdix.sys
2014-10-08 04:40:20    198936    ----a-w-    c:\windows\system32\drivers\avgidsdriverlx.sys
.
==================== Find3M  ====================
.
2014-08-29 04:43:36    192792    ----a-w-    c:\windows\system32\drivers\avgldx86.sys
2013-10-29 22:21:30    155648    ----a-w-    c:\program files\qttask.exe
2013-10-29 22:21:25    409600    ----a-w-    c:\program files\QTPlugin.ocx
2005-09-02 00:26:42    5082112    ----a-w-    c:\program files\QuickTimePlayer.exe
2005-09-02 00:10:26    282624    ----a-w-    c:\program files\QTUIPanelControl.dll
2005-09-02 00:10:24    434176    ----a-w-    c:\program files\QTOLibrary.dll
2005-09-02 00:10:18    499712    ----a-w-    c:\program files\QTOControl.dll
2005-09-02 00:10:12    585728    ----a-w-    c:\program files\QTInfo.exe
2005-09-02 00:07:08    421888    ----a-w-    c:\program files\PictureViewer.exe
.
============= FINISH: 11:49:59.92 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 08/05/2005 6:30:01 PM
System Uptime: 02/11/2014 11:35:14 AM (0 hours ago)
.
Motherboard: Dell Inc.           |  | 0U7077
Processor:               Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 368 GiB total, 339.883 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 29/10/2014 1:46:39 PM - System Checkpoint
RP2: 29/10/2014 1:51:39 PM - Configured iPod for Windows 2005-06-26
RP3: 29/10/2014 1:52:27 PM - Removed iTunes
RP4: 29/10/2014 1:54:31 PM - Removed Sonic RecordNow!
RP5: 29/10/2014 1:55:22 PM - Removed The Sims Superstar
RP6: 30/10/2014 12:51:23 AM - Removed Business Contact Manager for Outlook 2003
RP7: 30/10/2014 1:28:53 AM - Removed DellSupport.
RP8: 31/10/2014 1:37:39 AM - System Checkpoint
RP9: 01/11/2014 3:55:59 AM - System Checkpoint
RP10: 01/11/2014 9:13:04 PM - Installed AVG 2015
RP11: 01/11/2014 9:13:50 PM - Installed AVG 2015
.
==== Installed Programs ======================
.
Acrobat.com
Ad-Aware 2007
Adobe AIR
Adobe Flash Player 15 Plugin
Adobe Photoshop Elements 2.0
Adobe Photoshop Elements 6.0
Adobe Reader 9
Adobe Shockwave Player
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Audacity 1.3.4
AVG 2015
AVG Web TuneUp
Azureus
Broadcom Advanced Control Suite 2
CCHelp
CCScore
Creative MediaSource
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Picture Studio v3.0
Dell System Detect
Dell System Restore
Diskeeper Home Edition
Dogz 5
EPSON Printer Software
EPSON SP R200 Reference Guide
ESPNMotion
ESSAdpt
ESSANUP
ESSCAM
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSSONIC
ESSvpaht
ESSvpot
Framed Display
GemMaster Mystic
getPlus®
GnuCash 2.6.4
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
HLPIndex
HLPRFO
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
hp photosmart 7700 series
Intel Application Accelerator
Intel® 537EP V9x DFV PCI Modem
InterActual Player
J2SE Runtime Environment 5.0 Update 3
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 7
Kodak EasyShare software
KSU
Learn2 Player (Uninstall Only)
LimeWire PRO 4.14.12
Logitech Desktop Messenger
Logitech Print Service
Logitech QuickCam Software
Logitech® Camera Driver
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2904878)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Small Business Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Modem Event Monitor
Modem Helper
Modem On Hold
Mozilla Firefox 33.0.2 (x86 en-US)
Mozilla Maintenance Service
MSN
MSN Toolbar
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Musicmatch® Jukebox
My Dell
MyPC Backup
Nikon View 6
NOD32 Antivirus System
Notifier
onOne Essentials 2.0
OpenOffice.org Installer 1.0
Optimizer Pro v3.2
OTtBP
OTtBPSDK
Otto
PCDADDIN
PCDHELP
PCDLNCH
PowerDVD 5.3
PS - Power and Sample Size Calculation
QuickTime
RealPlayer Basic
RegistryFix v6.4
Safari
Scrapbook Factory Deluxe
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2936068)
Security Update for Windows Internet Explorer 7 (KB2964358)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2909921)
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows Internet Explorer 8 (KB2964358)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834903-v2)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2909212)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2922229)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SFR
SFR2
Skype™ 6.3
Sonic DLA
Sonic Encoders
Sonic MyDVD
Sonic Update Manager
Sound Blaster Audigy 2 ZS
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2904266)
Update for Windows XP (KB2934207)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
v9 uninstall
Visual Studio 2012 x86 Redistributables
VPRINTOL
WebFldrs XP
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
28/10/2014 8:28:57 PM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28/10/2014 8:28:36 PM, error: Service Control Manager [7034]  - The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
28/10/2014 8:27:18 PM, error: Service Control Manager [7034]  - The Adobe Active File Monitor V6 service terminated unexpectedly.  It has done this 1 time(s).
28/10/2014 8:26:49 PM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28/10/2014 7:20:47 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Computer Backup (MyPC Backup) service to connect.
28/10/2014 7:20:47 PM, error: Service Control Manager [7000]  - The Computer Backup (MyPC Backup) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
28/10/2014 11:29:57 PM, error: Service Control Manager [7034]  - The Optimizer Pro Crash Monitor service terminated unexpectedly.  It has done this 1 time(s).
28/10/2014 11:29:55 PM, error: Service Control Manager [7034]  - The IePlugin Services service terminated unexpectedly.  It has done this 1 time(s).
28/10/2014 11:17:41 PM, error: Service Control Manager [7034]  - The Creative Service for CDROM Access service terminated unexpectedly.  It has done this 1 time(s).
.
==== End Of File ===========================

 



#4 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:10:19 PM

Posted 04 November 2014 - 03:52 PM

Hello stubby97,

Welcome to Bleeping Computer! :welcome:

My name is Cody and I'll be helping you clean up your computer. :)

I will reply to your posts as soon as possible -- typically within 24 hours. In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, I just ask for notice ahead of time.

Please do note any time differences between us. If I do not respond within 48 hours, feel free to send me a private message.

==========================================================================

Some points for you to keep in mind:
  • Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
  • Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.
==========================================================================

Do you have any reason to believe your system is infected with malware?

Or are you just wanting someone to inspect your computer?

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#5 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 05 November 2014 - 02:17 PM

I am pretty sure there is a trojan or virus on the puter... I just installed avg 14 and it picked up several infected files.. I believe they were system information files restore points I think.. Will wait for further instructions from you.. Let try and clean this puter up please..

 

Tks Rick



#6 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:10:19 PM

Posted 05 November 2014 - 05:19 PM

Hello stubby97,
 
Your logs show no signs of infection, but it does show a lot of other things that need to be addressed.
 
Please read and consider the following things. There is a lot here, but it is nothing complicated, mostly information and instructions on how to remove certain pieces of software I recommend you do not have on your computer.

Once you have read over and completed all of these things let me know and we will move on to our next steps.  :)
 
==========================================================

P2P Warning

Going over your logs I noticed that you have LimeWire PRO 4.14.12 installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall LimeWire PRO 4.14.12, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Programs and Features.

If you wish to keep it, please do not use it until your computer is cleaned.

==========================================================

Multiple Antivirus Programs

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time.

In general terms, the two programs may conflict and cause:

  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
  • System Performance Issues: Antivirus programs can be resource-intensive. Having multiple installed and running is very taxing to a computer.

Therefore, please go to Programs and Features in the Control Panel and remove all but one of the following:

  • AVG
  • Norton
  • Ad-Aware
  • NOD-32 Antivirus System

==========================================================

Spybot S&D No Longer Recommended

MVPS.org is no longer recommending Spybot S&D due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

I strongly recommend uninstalling Spybot Search & Destroy. The presence of this program can make cleaning your computer more difficult.

StartControl PanelAdd/Remove Programs (or Programs and Features) and uninstall the program.

==========================================================
 
Uninstall Programs Using Programs and Features

  • Press and hold the Windows key + R on your keyboard.
  • In the Run box type appwiz.cpl and hit Enter.
  • Select the following programs and click Uninstall.
    • Yahoo! Toolbar
    • MyPC Backup
    • MSN Toolbar
  • Reboot your computer.

==========================================================

Registry Cleaner Response

Going over your logs I noticed you have RegistryFix v6.4 and Optimizer Pro v3.2 installed.

BleepingComputer DOES NOT recommend the use of registry cleaners/optimizers or the registry cleaner component of software for several reasons:

  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.
    • The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
  • Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

If you persist in using a registry cleaner you should always backup the registry before doing so.

==========================================================

Update Java

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

Please follow these steps to update Java and remove any existing older versions:

  • Click here to evaluate your current version of Java
  • Click Free Java Download
  • Click the Agree and Start Free Download
  • Save jxpiinstall.exe to your desktop
  • Double click the icon then click Run
  • Click Install
  • Uncheck any Ask Toolbar offers
  • Click Next
  • You should be notified You have successfully installed Java
  • Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • In addition, check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.

==========================================================

Adobe Reader

Your Adobe Reader is out of date.

Outdated versions of this software can be exploited for malicious purposes, so it is important to keep updated.

Download and install the latest version of Adobe Reader.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#7 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:10:19 PM

Posted 08 November 2014 - 10:51 AM

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#8 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 08 November 2014 - 12:59 PM

Hi there... have been away ... will follow your steps tonight and get back to ya tomorrow with some results

Tks Rick



#9 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 08 November 2014 - 01:10 PM

I strongly recommend uninstalling Spybot Search & Destroy. The presence of this program can make cleaning your computer more difficult.

 

How do I remove spybot when it is not in my control panel add remove programs????



#10 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:10:19 PM

Posted 08 November 2014 - 02:09 PM

How do I remove spybot when it is not in my control panel add remove programs????

I see that it may not appear under Add or Remove Programs for you, but your logs show remnants of it in your system.

 

Do not worry about this step for right now, we will deal with it once you have completed the other steps.

 

Please let me know if you have other troubles and when all the steps are complete. :)


Edited by TheShooter93, 08 November 2014 - 02:10 PM.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#11 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:10:19 PM

Posted 11 November 2014 - 10:27 AM

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity. 


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,208 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:19 AM

Posted 13 November 2014 - 04:10 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users