Jump to content

lilman2008

Members
  • Content Count

    52
  • Joined

  • Last visited

Everything posted by lilman2008

  1. Here is my Malwarebytes log. Its looks like it found nothing. The Spybot I think may have got rid of it. Does this mean that it's completely gone or could some of it still be hid on the pc? Thank you Juliet for the help. It's very much appreciated Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 1/31/2017 Scan Time: 2:05 PM Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2017.01.31.07 Rootkit Database: v2016.11.20.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Brenda Scan Type: Threat Scan Result: Completed Objects Scanned: 290434 Time Elapsed: 2 min, 51 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  2. Sorry for the delay. Work has been keeping me busy. I ran a Spybot scan and here is the log. Search results from Spybot - Search & Destroy 1/26/2017 9:29:26 PM Scan took 00:16:22. 33 items found. Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\c.paypal.com\PayPalLSO.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=93 Properties.md5=5EB1DA6BAAB3ADBD5876A86F312AFB7D Properties.filedate=1484823480 Properties.filedatetext=2017-01-19 10:57:59 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\mpsnare.iesnare.com\stm.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=79 Properties.md5=3AA8D9B3BEEBB0E11C01E644095083CC Properties.filedate=1484323759 Properties.filedatetext=2017-01-13 16:09:19 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\opf.ooyala.com\ima_adsets.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=58 Properties.md5=207FF1046931112B9B3325054CDD3136 Properties.filedate=1484588822 Properties.filedatetext=2017-01-16 17:47:02 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\player.ooyala.com\auth.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=47 Properties.md5=9AD9BF77CF3EA5389F593B3DC229FEE9 Properties.filedate=1484588824 Properties.filedatetext=2017-01-16 17:47:04 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\player.ooyala.com\auth2.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=178 Properties.md5=EAB71721F1F366FF7D6F18F8EC1BF292 Properties.filedate=1484588972 Properties.filedatetext=2017-01-16 17:49:32 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\player.ooyala.com\auth_id.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=40 Properties.md5=4D8ABC885EBEA1988A6D0559C14C1E5A Properties.filedate=1484588809 Properties.filedatetext=2017-01-16 17:46:49 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\player.ooyala.com\ooyala_guid.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=63 Properties.md5=561395C105BFFBC69DD7B9E226D8F7AA Properties.filedate=1484588809 Properties.filedatetext=2017-01-16 17:46:48 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\player.ooyala.com\perf.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=125 Properties.md5=BEBD4AB0AB8062642CB651D5F45E253D Properties.filedate=1484588938 Properties.filedatetext=2017-01-16 17:48:57 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\secureinclude.ebaystatic.com\ebayLSO.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=131 Properties.md5=6B9F9BE8BCF5D76AF889BAB9F082C858 Properties.filedate=1484169787 Properties.filedatetext=2017-01-11 21:23:06 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\secureinclude.ebaystatic.com\ebayT.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=39 Properties.md5=B43F43445AA3414DDC22EC80FBB22871 Properties.filedate=1484169787 Properties.filedatetext=2017-01-11 21:23:06 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\sports.cbsimg.net\OVPMetricsProvider.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=109 Properties.md5=E1DCD70740C300135E3F0775A0892B2E Properties.filedate=1485441679 Properties.filedatetext=2017-01-26 14:41:18 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\static.mediabong.com\mediabong.com.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=51 Properties.md5=7AA52AEEFC9781C0EDC80CB74C56F415 Properties.filedate=1485401130 Properties.filedatetext=2017-01-26 03:25:30 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\superbingohd-a.akamaihd.net\503981746312103.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=427 Properties.md5=1206DA2AD7A1CB3DB8328F4E9D5EA8C2 Properties.filedate=1484615765 Properties.filedatetext=2017-01-17 01:16:04 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\upstore.net\cookies.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=93 Properties.md5=9192045345DA4750ED2DFF51D725A19B Properties.filedate=1484410270 Properties.filedatetext=2017-01-14 16:11:09 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\www.paypalobjects.com\PayPalLSO.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=93 Properties.md5=8948A81F3680317759E6C27387228DD4 Properties.filedate=1484169752 Properties.filedatetext=2017-01-11 21:22:32 Macromedia.FlashPlayer.Cookies: [sBI $5555F3D7] Text file (File, nothing done) C:\Users\Brenda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4DADK68K\#AppContainer\aa.online-metrix.net\fpc.swf\session.sol Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Properties.size=76 Properties.md5=469F33F2A808BA422A410972A60391C5 Properties.filedate=1484169753 Properties.filedatetext=2017-01-11 21:22:33 Internet Explorer: [sBI $1E8157BE] Typed URL list (Registry Key, nothing done) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Internet Explorer: [sBI $1E8157BE] Typed URL list (Registry Key, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Internet Explorer: [sBI $1E8157BE] Typed URL list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-2440990344-3324082974-2880491747-1001\Software\Microsoft\Internet Explorer\TypedURLs Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-21-2440990344-3324082974-2880491747-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 MS DirectInput: [sBI $9A063C91] Most recent application (Registry Change, nothing done) HKEY_USERS\S-1-5-21-2440990344-3324082974-2880491747-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 MS DirectInput: [sBI $7B184199] Most recent application ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-2440990344-3324082974-2880491747-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Windows Explorer: [sBI $7308A845] Run history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-2440990344-3324082974-2880491747-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Windows Explorer: [sBI $D20DA0AD] Recent file global history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-2440990344-3324082974-2880491747-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Windows Media SDK: [sBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\S-1-5-21-2440990344-3324082974-2880491747-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Windows Media SDK: [sBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-2440990344-3324082974-2880491747-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Windows Media SDK: [sBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\S-1-5-21-2440990344-3324082974-2880491747-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber Category=Tracks ThreatLevel=2 Weblink=http://forums.spybot.info/forumdisplay.php?54 Cookie: [sBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done) Category=Browser ThreatLevel=1 Weblink=http://forums.spybot.info/forumdisplay.php?54 Cache: [sBI $49804B54] Browser: Cache (3) (Browser: Cache, nothing done) Category=Browser ThreatLevel=1 Weblink=http://forums.spybot.info/forumdisplay.php?54 --- Spybot - Search & Destroy version: 2.6.44.134 DLL (build: 20160321) --- 2014-06-24 blindman.exe (2.4.40.151) 2014-06-24 explorer.exe (2.4.40.181) 2014-06-24 SDBootCD.exe (2.4.40.109) 2016-03-21 SDCleaner.exe (2.6.44.110) 2014-06-24 SDDelFile.exe (2.4.40.94) 2013-06-18 SDDisableProxy.exe 2014-06-24 SDFiles.exe (2.4.40.135) 2014-06-24 SDFileScanHelper.exe (2.4.40.1) 2014-06-24 SDFSSvc.exe (2.4.40.217) 2014-06-24 SDHelp.exe (2.4.40.1) 2014-04-25 SDHookHelper.exe (2.3.39.2) 2014-04-25 SDHookInst32.exe (2.3.39.2) 2014-04-25 SDHookInst64.exe (2.3.39.2) 2016-03-21 SDImmunize.exe (2.6.44.130) 2014-06-24 SDLogReport.exe (2.4.40.107) 2014-06-24 SDOnAccess.exe (2.4.40.11) 2014-06-24 SDPESetup.exe (2.4.40.3) 2014-06-24 SDPEStart.exe (2.4.40.86) 2014-06-24 SDPhoneScan.exe (2.4.40.28) 2014-06-24 SDPRE.exe (2.4.40.22) 2014-06-24 SDPrepPos.exe (2.4.40.15) 2014-06-24 SDQuarantine.exe (2.4.40.103) 2014-06-24 SDRootAlyzer.exe (2.4.40.116) 2014-06-24 SDSBIEdit.exe (2.4.40.39) 2016-03-21 SDScan.exe (2.6.44.181) 2014-06-24 SDScript.exe (2.4.40.54) 2016-03-21 SDSettings.exe (2.6.44.141) 2014-06-24 SDShell.exe (2.4.40.2) 2014-06-24 SDShred.exe (2.4.40.108) 2014-06-24 SDSysRepair.exe (2.4.40.102) 2014-06-24 SDTools.exe (2.4.40.157) 2014-06-24 SDTray.exe (2.4.40.129) 2014-06-27 SDUpdate.exe (2.4.40.94) 2014-06-27 SDUpdSvc.exe (2.4.40.77) 2014-06-24 SDWelcome.exe (2.4.40.130) 2016-11-24 SDWSCSvc.exe (2.5.55.3) 2016-05-02 spybotsd2-install-iefreezefix.exe (2.4.40.0) 2016-11-30 spybotsd2-install-wsc-update-a.exe (2.6.52.0) 2014-07-31 spybotsd2-translation-esx.exe 2013-06-19 spybotsd2-translation-frx.exe 2015-03-25 spybotsd2-translation-hrx.exe 2014-08-25 spybotsd2-translation-hux2.exe 2014-10-01 spybotsd2-translation-nlx2.exe 2014-11-05 spybotsd2-translation-ukx.exe 2016-09-21 spybotsd2-updater-update.exe (2.6.52.0) 2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0) 2017-01-26 unins000.exe (51.1052.0.0) 1999-12-02 xcacls.exe 2012-08-23 borlndmm.dll (10.0.2288.42451) 2012-09-05 DelZip190.dll (1.9.0.107) 2016-03-21 DelZip192.dll (1.9.2.132) 2012-09-10 libeay32.dll (1.0.0.4) 2012-09-10 libssl32.dll (1.0.0.4) 2014-04-25 NotificationSpreader.dll 2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98) 2014-04-25 SDAV.dll 2014-06-24 SDECon32.dll (2.4.40.114) 2014-06-24 SDECon64.dll (2.3.39.113) 2014-06-24 SDEvents.dll (2.4.40.2) 2014-06-24 SDFileScanLibrary.dll (2.4.40.14) 2014-04-25 SDHook32.dll (2.3.39.2) 2014-04-25 SDHook64.dll (2.3.39.2) 2014-06-24 SDImmunizeLibrary.dll (2.4.40.2) 2014-06-24 SDLicense.dll (2.4.40.0) 2014-06-24 SDLists.dll (2.4.40.4) 2014-06-24 SDResources.dll (2.4.40.7) 2016-03-21 SDScanLibrary.dll (2.6.44.134) 2014-06-24 SDTasks.dll (2.4.40.15) 2014-06-24 SDWinLogon.dll (2.4.40.0) 2012-08-23 sqlite3.dll 2012-09-10 ssleay32.dll (1.0.0.4) 2014-06-24 Tools.dll (2.4.40.36) 2016-10-28 Includes\Adware-000.sbi (*) 2015-08-05 Includes\Adware-001.sbi (*) 2017-01-25 Includes\Adware-C.sbi (*) 2014-01-13 Includes\Adware.sbi (*) 2014-01-13 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2014-11-14 Includes\Dialer-000.sbi (*) 2014-11-14 Includes\Dialer-001.sbi (*) 2016-11-16 Includes\Dialer-C.sbi (*) 2014-01-13 Includes\Dialer.sbi (*) 2014-01-13 Includes\DialerC.sbi (*) 2014-01-09 Includes\Fraud-000.sbi (*) 2014-01-09 Includes\Fraud-001.sbi (*) 2014-03-31 Includes\Fraud-002.sbi (*) 2016-07-06 Includes\Fraud-003.sbi (*) 2012-11-14 Includes\HeavyDuty.sbi (*) 2014-11-14 Includes\Hijackers-000.sbi (*) 2014-11-14 Includes\Hijackers-001.sbi (*) 2016-11-09 Includes\Hijackers-C.sbi (*) 2014-01-13 Includes\Hijackers.sbi (*) 2014-01-13 Includes\HijackersC.sbi (*) 2014-01-08 Includes\iPhone-000.sbi (*) 2014-01-08 Includes\iPhone.sbi (*) 2016-05-27 Includes\Keyloggers-000.sbi (*) 2016-08-31 Includes\Keyloggers-C.sbi (*) 2014-01-13 Includes\Keyloggers.sbi (*) 2014-01-13 Includes\KeyloggersC.sbi (*) 2015-06-25 Includes\Malware-000.sbi (*) 2014-11-14 Includes\Malware-001.sbi (*) 2016-06-14 Includes\Malware-002.sbi (*) 2016-11-07 Includes\Malware-003.sbi (*) 2014-11-14 Includes\Malware-004.sbi (*) 2014-11-14 Includes\Malware-005.sbi (*) 2014-02-26 Includes\Malware-006.sbi (*) 2014-01-09 Includes\Malware-007.sbi (*) 2016-12-07 Includes\Malware-C.sbi (*) 2014-01-13 Includes\Malware.sbi (*) 2013-12-23 Includes\MalwareC.sbi (*) 2014-11-14 Includes\PUPS-000.sbi (*) 2014-01-15 Includes\PUPS-001.sbi (*) 2014-01-15 Includes\PUPS-002.sbi (*) 2017-01-25 Includes\PUPS-C.sbi (*) 2012-11-14 Includes\PUPS.sbi (*) 2014-01-07 Includes\PUPSC.sbi (*) 2014-01-08 Includes\Security-000.sbi (*) 2015-12-02 Includes\Security-C.sbi (*) 2014-01-21 Includes\Security.sbi (*) 2014-01-21 Includes\SecurityC.sbi (*) 2015-11-11 Includes\Spyware-000.sbi (*) 2015-05-06 Includes\Spyware-001.sbi (*) 2016-08-10 Includes\Spyware-C.sbi (*) 2014-01-21 Includes\Spyware.sbi (*) 2014-01-21 Includes\SpywareC.sbi (*) 2011-06-07 Includes\Tracks.sbi (*) 2012-11-19 Includes\Tracks.uti (*) 2014-01-15 Includes\Trojans-000.sbi (*) 2014-01-15 Includes\Trojans-001.sbi (*) 2014-11-14 Includes\Trojans-002.sbi (*) 2016-01-20 Includes\Trojans-003.sbi (*) 2014-01-15 Includes\Trojans-004.sbi (*) 2014-03-19 Includes\Trojans-005.sbi (*) 2015-03-31 Includes\Trojans-006.sbi (*) 2014-01-15 Includes\Trojans-007.sbi (*) 2014-07-09 Includes\Trojans-008.sbi (*) 2014-07-09 Includes\Trojans-009.sbi (*) 2017-01-25 Includes\Trojans-C.sbi (*) 2014-01-15 Includes\Trojans-OG-000.sbi (*) 2014-01-15 Includes\Trojans-TD-000.sbi (*) 2014-01-15 Includes\Trojans-VM-000.sbi (*) 2014-01-15 Includes\Trojans-VM-001.sbi (*) 2014-01-15 Includes\Trojans-VM-002.sbi (*) 2014-01-15 Includes\Trojans-VM-003.sbi (*) 2014-01-15 Includes\Trojans-VM-004.sbi (*) 2014-01-15 Includes\Trojans-VM-005.sbi (*) 2014-01-15 Includes\Trojans-VM-006.sbi (*) 2014-01-15 Includes\Trojans-VM-007.sbi (*) 2014-01-15 Includes\Trojans-VM-008.sbi (*) 2014-01-15 Includes\Trojans-VM-009.sbi (*) 2014-01-15 Includes\Trojans-VM-010.sbi (*) 2014-01-15 Includes\Trojans-VM-011.sbi (*) 2014-01-15 Includes\Trojans-VM-012.sbi (*) 2014-01-15 Includes\Trojans-VM-013.sbi (*) 2014-01-15 Includes\Trojans-VM-014.sbi (*) 2014-01-15 Includes\Trojans-VM-015.sbi (*) 2014-01-15 Includes\Trojans-VM-016.sbi (*) 2014-01-15 Includes\Trojans-VM-017.sbi (*) 2014-01-15 Includes\Trojans-VM-018.sbi (*) 2014-01-15 Includes\Trojans-VM-019.sbi (*) 2014-01-15 Includes\Trojans-VM-020.sbi (*) 2014-01-15 Includes\Trojans-VM-021.sbi (*) 2014-01-15 Includes\Trojans-VM-022.sbi (*) 2014-01-15 Includes\Trojans-VM-023.sbi (*) 2014-01-15 Includes\Trojans-VM-024.sbi (*) 2014-01-15 Includes\Trojans-ZB-000.sbi (*) 2016-02-03 Includes\Trojans-ZL-000.sbi (*) 2014-01-09 Includes\Trojans.sbi (*) 2014-01-16 Includes\TrojansC-01.sbi (*) 2014-01-16 Includes\TrojansC-02.sbi (*) 2014-01-16 Includes\TrojansC-03.sbi (*) 2014-01-16 Includes\TrojansC-04.sbi (*) 2014-01-16 Includes\TrojansC-05.sbi (*) 2014-01-09 Includes\TrojansC.sbi (*)
  3. I ran AdwCleaner and cleaned off what it found. The computer still pops the warning up when I up up internet explorer. What do I need to do next? I pasted the Adware file below. # AdwCleaner v6.042 - Logfile created 26/01/2017 at 18:25:52 # Updated on 06/01/2017 by Malwarebytes # Database : 2017-01-26.2 [server] # Operating System : Windows 10 Home (X64) # Username : Brenda - DESKTOP-4GFF5MU # Running from : C:\Users\Brenda\Desktop\AdwCleaner.exe # Mode: Scan # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\introvignefuneral Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.introvignefun Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\introvignefuneralhom Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.introvignefunera Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\introvignefuner Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.introvignef Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\introvignefuneralh Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.introvignefune ***** [ Web browsers ] ***** No malicious Firefox based browser items found. No malicious Chromium based browser items found. ************************* C:\AdwCleaner\AdwCleaner[s0].txt - [2667 Bytes] - [26/01/2017 18:25:52] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2740 Bytes] ##########
  4. Hello everyone, I bought my mom a new computer for Christmas. It is a dell Alienware R3 with windows 10. She has already got a virus on it. She is running Avast but when I scan it doesn't notice it. When she tries to browse the internet she gets a pop up that says ERROR# 36588a61648ef29 with a guy talking in the background telling her to call a number to fix the issue. The voice also mentions ERROR# 268d3. I can't even open a browser with out this popping up. How do I get all this mess off the pc? Thx for the help in adance
  5. Thanks for the help Juliet. Here are the results from the scans you asked for AdwCleaner # AdwCleaner v3.311 - Report created 03/10/2014 at 10:55:07 # Updated 30/09/2014 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits) # Username : jessica - JESSICA-PC # Running from : C:\Users\jessica\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Premium Folder Deleted : C:\ProgramData\GoldenCoupon Folder Deleted : C:\ProgramData\SaallesMaaggnnet Folder Deleted : C:\ProgramData\ssHopndrOp Folder Deleted : C:\Program Files\globalUpdate Folder Deleted : C:\Program Files\MyPC Backup Folder Deleted : C:\Program Files\WindowShopper Folder Deleted : C:\Users\jessica\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\jessica\AppData\Local\Conduit Folder Deleted : C:\Users\jessica\AppData\Local\globalUpdate Folder Deleted : C:\Users\jessica\AppData\LocalLow\Conduit Folder Deleted : C:\Users\jessica\AppData\LocalLow\DailyBibleGuideEI Folder Deleted : C:\Users\jessica\AppData\Roaming\Betcat Folder Deleted : C:\Users\jessica\AppData\Roaming\Search Protection Folder Deleted : C:\Users\jessica\AppData\Roaming\VOPackage Folder Deleted : C:\Users\jessica\AppData\Roaming\Web Cake File Deleted : C:\END File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Ask.xml File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\safeguard-secure-search.xml File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShoppingBHO.DLL Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Key Deleted : HKCU\Software\5b28c88bc69e549 Key Deleted : HKLM\SOFTWARE\Classes\FCSB000062385.JSOptionsImpl Key Deleted : HKLM\SOFTWARE\Classes\FCSB000062385.JSOptionsImpl.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EB583FE1-9458-4EDA-AC68-24D24F17C70F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\GlobalUpdate Key Deleted : HKCU\Software\Optimizer Pro Key Deleted : HKCU\Software\Tutorials Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc Key Deleted : HKCU\Software\AppDataLow\Software\DailyBibleGuideEI Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\GlobalUpdate Key Deleted : HKLM\SOFTWARE\Tarma Installer Key Deleted : HKLM\SOFTWARE\Tutorials ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17280 -\\ Google Chrome v37.0.2062.120 [ File : C:\Users\jessica\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} Deleted [Extension] : iklgpchfbohgmghgfagediakopecfmbm Deleted [Extension] : jpnbdefcbnoefmmcpelplabbkfmfhlho Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof ************************* AdwCleaner[R0].txt - [9261 octets] - [03/10/2014 10:50:15] AdwCleaner[s0].txt - [9426 octets] - [03/10/2014 10:55:07] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [9486 octets] ########## JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.2.7 (10.03.2014:1) OS: Windows 7 Ultimate x86 Ran by jessica on Fri 10/03/2014 at 11:43:30.86 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ClearThink_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ClearThink_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateClearThink_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateClearThink_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilClearThink_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilClearThink_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConduitHelper_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConduitHelper_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67E810CD-CC9D-4D82-B358-7A30C6155271} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\jessica\Local Settings\Application Data\rivalgaming" Successfully deleted: [Folder] "C:\Program Files\dailybibleguide" Successfully deleted: [Folder] "C:\Users\jessica\AppData\Roaming\microsoft\windows\start menu\programs\rivalgaming" Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin" Successfully deleted: [Folder] "C:\ai_recyclebin" ~~~ Chrome Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [blacklisted Policy] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 10/03/2014 at 11:46:34.98 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  6. I've been getting a bunch of pop ups. its getting pretty bad as to i can hardly even get on the internet and the pop ups want let me close the web pages. I've scanned and cleaned the system several times with malware bytes and ccleaner but the pop ups always come back. plz help me remove this from my system.
  7. Thanks for the help man. I did everything you said but still want open up a web page this thing is driving me crazy lol
  8. Also when I check my internet connection it shows I identified network and then a red x in between internet
  9. I did everything just as you said except I didn't see a "use the following address" to put a dot beside of. When I rebooted still no internet and everything I changed had gone away and the dot was back to obtain an IP address automatically
  10. I did forget I have a ps3 hard wired to the modem/router and it connects just fine. Just neither computer
  11. Neither computer will connect to the internet. Only wireless devices will connect. My router/modem is an all in one unit. The make and model is a Sagem Fast 1704 Windstream
  12. Thanks for the help sorry it took so long for me to get back to you. I scanned my computer and everything came back clean. I reset the router and checked the connections and still no internet. Here are the following things you asked for Physical address: 00-1c-25-5e-8d-11 DHCP enabled: Yes IPV4 Address: 192.168.254.1<preferred> Default Gateway: 192.168.254.254
  13. My computer just recently started not connecting to the internet. I haven't changed anything so I don't know what caused this. The computer is e machine windows 7. It is hard wired straight to the modem/router. All other devices work for but the are all connected by wifi. I don't have another computer to hard wire to the router to test. I tried to restore the computer to a date before the problem started but it's still not connecting. I'm lost any help would be appreciated
  14. Thanks for all the help. I think the computer was just old and slow. I gave the computer to my cousin. All she planned on doing with it was typing her college papers with it. It should be fine for that. Thanks again for all the help
  15. is there anyrhing else i can do or is the computer just old and slow
  16. The computer is still running very slowly and freezes up.
  17. Thanks i found the file its above ^^^^^^^^^ I cleaned all that off and now when i run adwcleaner the file is clean. I hope i didn't mess up by clicking on clean
  18. T # AdwCleaner v3.003 - Report created 09/09/2013 at 22:32:14 # Updated 07/09/2013 by Xplode # Operating System : Microsoft Windows XP Service Pack 2 (32 bits) # Username : Owner - MUSE-752CFD4AB2 # Running from : C:Documents and SettingsOwnerDesktopAdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:Documents and SettingsAll UsersApplication Datablekko toolbars Folder Deleted : C:Documents and SettingsAll UsersApplication DataSweetIM Folder Deleted : C:Documents and SettingsAll UsersApplication DataTrymedia Folder Deleted : C:Program FilesConduit Folder Deleted : C:Program Filesmapsgalaxy_39 Folder Deleted : C:Program FilesMyPC Backup Folder Deleted : C:Program Filesregistry mechanic Folder Deleted : C:Program FilesSweetIM Folder Deleted : C:Documents and SettingsOwnerIECompatCache Folder Deleted : C:Documents and SettingsOwnerLocal SettingsApplication DataConduit Folder Deleted : C:DOCUME~1OwnerLOCALS~1TempAskSearch Folder Deleted : C:Documents and SettingsOwnerApplication Dataadawaretb Folder Deleted : C:Documents and SettingsOwnerApplication DataPriceGong ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLMSOFTWAREMozillaFirefoxExtensions [{8E9E3331-D360-4f87-8803-52DE43566502}] Value Deleted : HKLMSOFTWAREMozillaFirefoxExtensions [[email protected]_39.com] Key Deleted : HKLMSOFTWAREClassesSWEETIE.IEToolbar Key Deleted : HKLMSOFTWAREClassesSWEETIE.IEToolbar.1 Key Deleted : HKLMSOFTWAREClassessweetim_urlsearchhook.toolbarurlsearchhook Key Deleted : HKLMSOFTWAREClassessweetim_urlsearchhook.toolbarurlsearchhook.1 Key Deleted : HKLMSOFTWAREClassesToolbar3.sweetie Key Deleted : HKLMSOFTWAREClassesToolbar3.sweetie.1 Value Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionSharedDLLs [C:Program FilesSweetIMToolbarsInternet ExplorermgHelperApp.exe] Value Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionSharedDLLs [C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarProxy.dll] Key Deleted : [email protected]_39.com/Plugin Key Deleted : HKLMSOFTWAREClassesToolbar.CT3042917 Key Deleted : HKLMSOFTWAREClassesAppID{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKLMSOFTWAREClassesCLSID{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLMSOFTWAREClassesCLSID{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKLMSOFTWAREClassesCLSID{EEE6C35D-6118-11DC-9C72-001320C79847} Key Deleted : HKLMSOFTWAREClassesInterface{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : HKLMSOFTWAREClassesInterface{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLMSOFTWAREClassesInterface{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : HKLMSOFTWAREClassesTypeLib{EEE6C35E-6118-11DC-9C72-001320C79847} Key Deleted : HKLMSOFTWAREClassesTypeLib{EEE6C35F-6118-11DC-9C72-001320C79847} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{21608B66-026F-4DCB-9244-0DACA328DCED} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{8F0B76E1-4E46-427B-B55B-B90593468AC6} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{C4B22C87-45EF-4F43-89F2-40DB2078864E} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{DA71FD14-5F7B-46AE-B8B1-44074A38F331} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EEE6C35D-6118-11DC-9C72-001320C79847} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{21608B66-026F-4DCB-9244-0DACA328DCED} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{C4B22C87-45EF-4F43-89F2-40DB2078864E} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{DA71FD14-5F7B-46AE-B8B1-44074A38F331} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{8F0B76E1-4E46-427B-B55B-B90593468AC6} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{EEE6C360-6118-11DC-9C72-001320C79847} Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}] Value Deleted : HKLMSYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList [C:WINDOWSsystem32ARFCwrtc.exe] Key Deleted : HKCUSoftwareConduit Key Deleted : HKCUSoftwareConduitSearchScopes Key Deleted : HKCUSoftwareIM Key Deleted : HKCUSoftwareImInstaller Key Deleted : HKCUSoftwareMapsGalaxy_39 Key Deleted : HKCUSoftwarePriceGong Key Deleted : HKCUSoftwareYahooPartnerToolbar Key Deleted : HKCUSoftwareAppDataLowSoftwareConduit Key Deleted : HKCUSoftwareAppDataLowSoftwareFreecause Key Deleted : HKLMSoftwareadawaretb Key Deleted : HKLMSoftwareConduit Key Deleted : HKLMSoftwareMapsGalaxy_39 Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCache{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCache{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCachealotToolbar Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheWajam ***** [ Browsers ] ***** - Internet Explorer v8.0.6001.18702 ************************* AdwCleaner[R0].txt - [7305 octets] - [09/09/2013 22:27:06] AdwCleaner[s0].txt - [7365 octets] - [09/09/2013 22:32:14] ########## EOF - C:AdwCleanerAdwCleaner[s0].txt - [7425 octets] ##########
  19. I must not have got it all copied cause the log was pretty long. It want pull the old log back up :/ I rescanned it with the adwcleaner and now the log shows nothing since i cleaned it the first scan. The computer is still running very slow and freezing. Sorry i lost the log :/ Is there anything else i can do?
  20. I ran the ADWCLEANER and cleaned it all of when it finished. The computer still doesn't seem to be working any better though. here the log file from adwcleaner 1` ws
  21. My computer is running very slow and freezing up at times. i've ran multiple programs and they are coming up clean. i've ran Malwarebytes, adaware and super antispyware with none showing anything. i"ve did all the maitnance and clean the hard drive up but its still slow and tries to freeze. I really dont know what else to do. Any help would be greatly appreciated.
  22. Thank you very much TomJon for your time and help. It was greatly appreciated.
  23. Combofix log: ComboFix 12-07-16.01 - jessica 07/17/2012 11:47:26.3.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.1255 [GMT -5:00] Running from: c:usersjessicaDesktopComboFix.exe Command switches used :: c:usersjessicaDesktopCFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:usersjessicaAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5U0T8ZRGY78dee9e271084cb2[1].htm" "c:usersjessicaAppDataRoamingMozillaExtensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[email protected]" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:usersjessicaAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5U0T8ZRGY78dee9e271084cb2[1].htm c:usersjessicaAppDataRoamingMozillaExtensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[email protected] . . ((((((((((((((((((((((((( Files Created from 2012-06-17 to 2012-07-17 ))))))))))))))))))))))))))))))) . . 2012-07-17 17:04 . 2012-07-17 17:05 -------- d-----w- c:usersjessicaAppDataLocaltemp 2012-07-17 17:04 . 2012-07-17 17:04 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-07-17 15:46 . 2012-07-17 15:46 56200 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{705814E6-4213-428E-A4A3-18230839F997}offreg.dll 2012-07-16 23:12 . 2012-07-16 23:12 -------- d-----w- c:program filesESET 2012-07-16 23:04 . 2012-07-16 23:04 -------- d-----w- c:program filesCommon FilesJava 2012-07-16 23:04 . 2012-07-16 23:03 772592 ----a-w- c:windowssystem32npDeployJava1.dll 2012-07-16 23:03 . 2012-07-16 23:03 -------- d-----w- c:program filesJava 2012-07-16 02:03 . 2012-06-12 02:40 2345984 ----a-w- c:windowssystem32win32k.sys 2012-07-16 02:03 . 2012-03-01 05:46 19824 ----a-w- c:windowssystem32driversfs_rec.sys 2012-07-16 02:03 . 2012-03-01 05:29 5120 ----a-w- c:windowssystem32wmi.dll 2012-07-16 02:03 . 2012-03-01 05:37 172544 ----a-w- c:windowssystem32wintrust.dll 2012-07-16 02:03 . 2012-03-01 05:33 159232 ----a-w- c:windowssystem32imagehlp.dll 2012-07-16 02:00 . 2012-03-31 04:29 936960 ----a-w- c:program filesCommon FilesMicrosoft Sharedinkjournal.dll 2012-07-16 02:00 . 2012-03-31 04:30 1221632 ----a-w- c:program filesWindows JournalNBDoc.DLL 2012-07-16 02:00 . 2012-03-31 04:29 989184 ----a-w- c:program filesWindows JournalJNTFiltr.dll 2012-07-16 02:00 . 2012-03-31 04:29 969216 ----a-w- c:program filesWindows JournalJNWDRV.dll 2012-07-16 02:00 . 2012-06-06 05:05 1019904 ----a-w- c:program filesCommon FilesSystemadomsado15.dll 2012-07-16 02:00 . 2012-06-06 05:05 57344 ----a-w- c:program filesCommon FilesSystemadomsador15.dll 2012-07-16 02:00 . 2012-06-06 05:05 352256 ----a-w- c:program filesCommon FilesSystemadomsadomd.dll 2012-07-16 02:00 . 2012-06-06 05:05 212992 ----a-w- c:program filesCommon FilesSystemmsadcmsadco.dll 2012-07-16 02:00 . 2012-06-06 05:03 805376 ----a-w- c:windowssystem32cdosys.dll 2012-07-16 02:00 . 2012-06-06 05:05 143360 ----a-w- c:program filesCommon FilesSystemadomsjro.dll 2012-07-16 02:00 . 2012-06-06 05:05 372736 ----a-w- c:program filesCommon FilesSystemadomsadox.dll 2012-07-16 01:58 . 2012-03-31 04:39 3913072 ----a-w- c:windowssystem32ntoskrnl.exe 2012-07-16 01:58 . 2012-06-02 04:40 369336 ----a-w- c:windowssystem32driverscng.sys 2012-07-16 01:58 . 2012-06-02 04:45 134000 ----a-w- c:windowssystem32driversksecpkg.sys 2012-07-16 01:58 . 2012-06-02 04:40 225280 ----a-w- c:windowssystem32schannel.dll 2012-07-16 01:58 . 2012-06-02 04:39 219136 ----a-w- c:windowssystem32ncrypt.dll 2012-07-16 01:58 . 2012-06-02 04:45 67440 ----a-w- c:windowssystem32driversksecdd.sys 2012-07-16 01:58 . 2012-04-28 04:41 919040 ----a-w- c:windowssystem32rdpcorets.dll 2012-07-16 01:58 . 2012-04-28 03:17 183808 ----a-w- c:windowssystem32driversrdpwd.sys 2012-07-16 01:58 . 2012-03-17 07:27 56176 ----a-w- c:windowssystem32driverspartmgr.sys 2012-07-15 19:57 . 2012-07-15 19:57 -------- d-----w- c:programdataGFI Software 2012-07-14 20:32 . 2012-07-14 20:32 -------- d-----w- c:usersjessicaAppDataRoamingSUPERAntiSpyware.com 2012-07-14 20:31 . 2012-07-14 20:32 -------- d-----w- c:program filesSUPERAntiSpyware 2012-07-14 20:31 . 2012-07-14 20:31 -------- d-----w- c:programdataSUPERAntiSpyware.com 2012-07-14 19:30 . 2012-07-14 19:30 -------- d-----w- c:usersjessicaAppDataLocaladaware 2012-07-14 19:30 . 2012-07-17 15:02 -------- d-----w- c:programdataAd-Aware Browsing Protection 2012-07-14 19:29 . 2012-07-15 19:58 -------- d-----w- c:program filesAd-Aware Antivirus 2012-07-14 05:24 . 2012-07-03 16:21 353688 ----a-w- c:windowssystem32driversaswSP.sys 2012-07-14 05:24 . 2012-07-03 16:21 21256 ----a-w- c:windowssystem32driversaswFsBlk.sys 2012-07-14 05:24 . 2012-07-03 16:21 54232 ----a-w- c:windowssystem32driversaswTdi.sys 2012-07-14 05:24 . 2012-07-03 16:21 44784 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-07-14 05:24 . 2012-07-03 16:21 721000 ----a-w- c:windowssystem32driversaswSnx.sys 2012-07-14 05:24 . 2012-07-03 16:21 57656 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-07-14 05:23 . 2012-07-03 16:21 41224 ----a-w- c:windowsavastSS.scr 2012-07-14 05:23 . 2012-07-03 16:21 227648 ----a-w- c:windowssystem32aswBoot.exe 2012-07-14 05:23 . 2012-07-14 05:23 -------- d-----w- c:programdataAVAST Software 2012-07-14 05:23 . 2012-07-14 05:23 -------- d-----w- c:program filesAVAST Software 2012-07-14 05:00 . 2012-07-14 05:00 -------- d-sh--w- c:windowssystem32%APPDATA% 2012-07-13 10:26 . 2012-05-31 03:41 6762896 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{705814E6-4213-428E-A4A3-18230839F997}mpengine.dll 2012-06-21 15:25 . 2012-06-02 22:19 53784 ----a-w- c:windowssystem32wuauclt.exe 2012-06-21 15:25 . 2012-06-02 22:19 45080 ----a-w- c:windowssystem32wups2.dll 2012-06-21 15:25 . 2012-06-02 22:19 1933848 ----a-w- c:windowssystem32wuaueng.dll 2012-06-21 15:25 . 2012-06-02 22:12 2422272 ----a-w- c:windowssystem32wucltux.dll 2012-06-21 15:25 . 2012-06-02 22:19 35864 ----a-w- c:windowssystem32wups.dll 2012-06-21 15:25 . 2012-06-02 22:19 577048 ----a-w- c:windowssystem32wuapi.dll 2012-06-21 15:25 . 2012-06-02 22:12 88576 ----a-w- c:windowssystem32wudriver.dll 2012-06-21 15:25 . 2012-06-02 20:19 171904 ----a-w- c:windowssystem32wuwebv.dll 2012-06-21 15:25 . 2012-06-02 20:12 33792 ----a-w- c:windowssystem32wuapp.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-16 23:03 . 2011-09-02 23:35 687600 ----a-w- c:windowssystem32deployJava1.dll 2012-07-03 18:46 . 2011-09-09 23:23 22344 ----a-w- c:windowssystem32driversmbam.sys 2011-03-18 17:53 . 2011-09-02 23:30 142296 ----a-w- c:program filesmozilla firefoxcomponentsbrowsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:program filesAVAST SoftwareAvastashShell.dll . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "SystemExplorerAutoStart"="c:program filesSystem ExplorerSystemExplorer.exe" [2011-03-24 2801472] "ASUS SmartDoctor"="c:program filesASUSSmartDoctorSmartDoctor.exe" [2008-12-18 1175552] "uTorrent"="c:program filesuTorrentuTorrent.exe" [2012-05-27 880496] "SUPERAntiSpyware"="c:program filesSUPERAntiSpywareSUPERAntiSpyware.exe" [2012-07-09 4777856] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "itype"="c:program filesMicrosoft IntelliType Proitype.exe" [2011-08-10 1313640] "ASUSGamerOSD"="c:program filesASUSGamerOSDGamerOSD.exe" [2008-09-08 380928] "StartCCC"="c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2012-03-09 636032] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-07-03 4273976] "Ad-Aware Browsing Protection"="c:programdataAd-Aware Browsing Protectionadawarebp.exe" [2011-10-21 198032] "SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2012-01-17 252296] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal!SASCORE] @="" . R1 SBRE;SBRE;c:windowssystem32driversSBREdrv.sys [x] R2 gupdate;Google Update Service (gupdate);c:program filesGoogleUpdateGoogleUpdate.exe [x] R3 gupdatem;Google Update Service (gupdatem);c:program filesGoogleUpdateGoogleUpdate.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:windowssystem32driverssynth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:windowssystem32driverstsusbhub.sys [x] R3 UsbGps;LGE CDMA USB GPS NMEA Port;c:windowssystem32DRIVERSlgusbgps.sys [x] R3 VGPU;VGPU;c:windowssystem32driversrdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [x] S0 amacpi;Microsoft Away Mode System;c:windowssystem32DRIVERSnull.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [x] S1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [x] S2 !SASCORE;SAS Core Service;c:program filesSUPERAntiSpywareSASCORE.EXE [x] S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:program filesATI TechnologiesATI.ACEFuelFuel.Service.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [x] S2 SBSDWSCService;SBSD Security Center Service;c:program filesSpybot - Search & DestroySDWinSec.exe [x] S3 amdiox86;AMD IO Driver;c:windowssystem32DRIVERSamdiox86.sys [x] S3 amdkmdag;amdkmdag;c:windowssystem32DRIVERSatikmdag.sys [x] S3 amdkmdap;amdkmdap;c:windowssystem32DRIVERSatikmpag.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW73.sys [x] S3 VST_DPV;VST_DPV;c:windowssystem32DRIVERSVSTDPV3.SYS [x] S3 VSTHWBS2;VSTHWBS2;c:windowssystem32DRIVERSVSTBS23.SYS [x] . . Contents of the 'Scheduled Tasks' folder . 2012-07-16 c:windowsTasksFacebookUpdateTaskUserS-1-5-21-3015948515-3564511641-1953394043-1000Core.job - c:usersjessicaAppDataLocalFacebookUpdateFacebookUpdate.exe [2012-01-31 21:50] . 2012-07-17 c:windowsTasksFacebookUpdateTaskUserS-1-5-21-3015948515-3564511641-1953394043-1000UA.job - c:usersjessicaAppDataLocalFacebookUpdateFacebookUpdate.exe [2012-01-31 21:50] . 2012-07-17 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program filesGoogleUpdateGoogleUpdate.exe [2011-09-09 21:56] . 2012-07-17 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program filesGoogleUpdateGoogleUpdate.exe [2011-09-09 21:56] . 2012-07-17 c:windowsTasksRGames Updater.job - c:usersjessicaAppDataLocalRivalGamingUpdater.exe [2012-06-11 05:59] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ TCP: DhcpNameServer = 97.64.209.36 97.64.168.13 FF - ProfilePath - c:usersjessicaAppDataRoamingMozillaFirefoxProfiles7006k2wj.default FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/web?l=dis&o=APN10022&gct=hp&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^A4D&apn_uid=4337058056144117&p2=^A4D^YYYYYY^YY^US FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?l=dis&o=APN10022&gct=kwd&qsrc=2869&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^A4D&apn_uid=4337058056144117&p2=^A4D^YYYYYY^YY^US&q= . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINEsystemControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . Completion time: 2012-07-17 12:07:24 ComboFix-quarantined-files.txt 2012-07-17 17:07 ComboFix2.txt 2012-07-16 20:45 ComboFix3.txt 2012-07-15 17:44 . Pre-Run: 210,704,867,328 bytes free Post-Run: 210,834,522,112 bytes free . - - End Of File - - F1C6586FD3B01695D430581F633637FD dds log: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.0 Run by jessica at 12:32:05 on 2012-07-17 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.1221 [GMT -5:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32svchost.exe -k RPCSS C:Windowssystem32atiesrxx.exe C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k NetworkService C:Windowssystem32atieclxx.exe C:Program FilesAVAST SoftwareAvastAvastSvc.exe C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Program FilesASUSGamerOSDATKFastUserSwitching.exe C:Windowssystem32taskeng.exe C:Windowssystem32taskhost.exe C:Program FilesSUPERAntiSpywareSASCORE.EXE C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe C:WindowsExplorer.EXE C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Windowssystem32svchost.exe -k imgsvc C:WindowsSystem32svchost.exe -k secsvcs C:Program FilesSpybot - Search & DestroySDWinSec.exe C:Program FilesMicrosoft IntelliType Proitype.exe C:Program FilesASUSGamerOSDGamerOSD.exe C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe C:Program FilesAVAST SoftwareAvastAvastUI.exe C:Windowssystem32WUDFHost.exe C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe C:Program FilesCommon FilesJavaJava Updatejusched.exe C:Program FilesSystem ExplorerSystemExplorer.exe C:Windowssystem32SearchIndexer.exe C:Program FilesuTorrentuTorrent.exe C:Program FilesWindows Media Playerwmpnetwk.exe C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Windowssystem32SearchProtocolHost.exe C:WindowsSystem32svchost.exe -k LocalServicePeerNet C:Windowssystem32wbemwmiprvse.exe C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe C:Windowssystem32sppsvc.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Windowssystem32wuauclt.exe C:Windowssystem32SearchFilterHost.exe C:Windowssystem32ctfmon.exe C:Windowssystem32DllHost.exe C:Windowssystem32DllHost.exe C:Windowssystem32DllHost.exe C:Windowssystem32conhost.exe C:Windowssystem32wbemwmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uURLSearchHooks: H - No File BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:program filesspybot - search & destroySDHelper.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:program filesjavajre7binssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:program filesavast softwareavastaswWebRepIE.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre7binjp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:program filesavast softwareavastaswWebRepIE.dll uRun: [systemExplorerAutoStart] "c:program filessystem explorerSystemExplorer.exe" /TRAY uRun: [ASUS SmartDoctor] c:program filesasussmartdoctorSmartDoctor.exe /start uRun: [uTorrent] "c:program filesutorrentuTorrent.exe" /MINIMIZED uRun: [sUPERAntiSpyware] c:program filessuperantispywareSUPERAntiSpyware.exe mRun: [itype] "c:program filesmicrosoft intellitype proitype.exe" mRun: [ASUSGamerOSD] c:program filesasusgamerosdGamerOSD.exe mRun: [startCCC] "c:program filesati technologiesati.acecore-staticCLIStart.exe" MSRun mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:program filesamd avtbinkdbsync.exe" aml mRun: [avast] "c:program filesavast softwareavastavastUI.exe" /nogui mRun: [Ad-Aware Browsing Protection] "c:programdataad-aware browsing protectionadawarebp.exe" mRun: [sunJavaUpdateSched] "c:program filescommon filesjavajava updatejusched.exe" mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:program filesspybot - search & destroySDHelper.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: DhcpNameServer = 97.64.209.36 97.64.168.13 TCP: Interfaces{26826C5A-7B8B-4D9D-9382-B2EB53B8A733} : DhcpNameServer = 97.64.209.36 97.64.168.13 . ================= FIREFOX =================== . FF - ProfilePath - c:usersjessicaappdataroamingmozillafirefoxprofiles7006k2wj.default FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/web?l=dis&o=APN10022&gct=hp&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^A4D&apn_uid=4337058056144117&p2=^A4D^YYYYYY^YY^US FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?l=dis&o=APN10022&gct=kwd&qsrc=2869&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^A4D&apn_uid=4337058056144117&p2=^A4D^YYYYYY^YY^US&q= . ============= SERVICES / DRIVERS =============== . R0 amacpi;Microsoft Away Mode System;c:windowssystem32driversnull.sys [2009-7-13 4608] R1 aswSnx;aswSnx;c:windowssystem32driversaswSnx.sys [2012-7-14 721000] R1 aswSP;aswSP;c:windowssystem32driversaswSP.sys [2012-7-14 353688] R1 SASDIFSV;SASDIFSV;c:program filessuperantispywaresasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:program filessuperantispywareSASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:program filessuperantispywareSASCore.exe [2011-8-11 116608] R2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2012-3-9 163328] R2 AMD FUEL Service;AMD FUEL Service;c:program filesati technologiesati.acefuelFuel.Service.exe [2012-3-9 291840] R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [2012-7-14 21256] R2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-7-14 57656] R2 avast! Antivirus;avast! Antivirus;c:program filesavast softwareavastAvastSvc.exe [2012-7-14 44808] R2 SBSDWSCService;SBSD Security Center Service;c:program filesspybot - search & destroySDWinSec.exe [2011-9-9 1153368] R3 amdiox86;AMD IO Driver;c:windowssystem32driversamdiox86.sys [2011-9-10 37944] R3 amdkmdag;amdkmdag;c:windowssystem32driversatikmdag.sys [2012-3-9 9183232] R3 amdkmdap;amdkmdap;c:windowssystem32driversatikmpag.sys [2012-3-8 265216] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW73.sys [2011-12-5 86032] R3 VST_DPV;VST_DPV;c:windowssystem32driversVSTDPV3.SYS [2009-7-13 980992] R3 VSTHWBS2;VSTHWBS2;c:windowssystem32driversVSTBS23.SYS [2009-7-13 266752] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2011-9-9 136176] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-13 229888] S3 gupdatem;Google Update Service (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2011-9-9 136176] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2011-9-9 15872] S3 TsUsbFlt;TsUsbFlt;c:windowssystem32driversTsUsbFlt.sys [2011-9-9 52224] S3 UsbGps;LGE CDMA USB GPS NMEA Port;c:windowssystem32driverslgusbgps.sys [2011-11-27 19968] S3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32watWatAdminSvc.exe [2011-9-7 1343400] . =============== Created Last 30 ================ . 2012-07-17 17:12:01 -------- d-sh--w- C:$RECYCLE.BIN 2012-07-17 17:07:29 -------- d-----w- c:usersjessicaappdatalocaltemp 2012-07-17 16:41:17 -------- d-----w- C:ComboFix 2012-07-16 23:12:50 -------- d-----w- c:program filesESET 2012-07-16 23:04:11 772592 ----a-w- c:windowssystem32npDeployJava1.dll 2012-07-16 02:03:54 2345984 ----a-w- c:windowssystem32win32k.sys 2012-07-16 02:03:40 5120 ----a-w- c:windowssystem32wmi.dll 2012-07-16 02:03:40 19824 ----a-w- c:windowssystem32driversfs_rec.sys 2012-07-16 02:03:39 172544 ----a-w- c:windowssystem32wintrust.dll 2012-07-16 02:03:39 159232 ----a-w- c:windowssystem32imagehlp.dll 2012-07-16 02:00:32 936960 ----a-w- c:program filescommon filesmicrosoft sharedinkjournal.dll 2012-07-16 02:00:31 1221632 ----a-w- c:program fileswindows journalNBDoc.DLL 2012-07-16 02:00:30 989184 ----a-w- c:program fileswindows journalJNTFiltr.dll 2012-07-16 02:00:29 969216 ----a-w- c:program fileswindows journalJNWDRV.dll 2012-07-16 02:00:25 1019904 ----a-w- c:program filescommon filessystemadomsado15.dll 2012-07-16 02:00:24 805376 ----a-w- c:windowssystem32cdosys.dll 2012-07-16 02:00:24 57344 ----a-w- c:program filescommon filessystemadomsador15.dll 2012-07-16 02:00:24 352256 ----a-w- c:program filescommon filessystemadomsadomd.dll 2012-07-16 02:00:24 212992 ----a-w- c:program filescommon filessystemmsadcmsadco.dll 2012-07-16 02:00:23 372736 ----a-w- c:program filescommon filessystemadomsadox.dll 2012-07-16 02:00:23 143360 ----a-w- c:program filescommon filessystemadomsjro.dll 2012-07-16 01:58:59 3913072 ----a-w- c:windowssystem32ntoskrnl.exe 2012-07-16 01:58:53 369336 ----a-w- c:windowssystem32driverscng.sys 2012-07-16 01:58:52 225280 ----a-w- c:windowssystem32schannel.dll 2012-07-16 01:58:52 219136 ----a-w- c:windowssystem32ncrypt.dll 2012-07-16 01:58:52 134000 ----a-w- c:windowssystem32driversksecpkg.sys 2012-07-16 01:58:51 67440 ----a-w- c:windowssystem32driversksecdd.sys 2012-07-16 01:58:49 919040 ----a-w- c:windowssystem32rdpcorets.dll 2012-07-16 01:58:48 183808 ----a-w- c:windowssystem32driversrdpwd.sys 2012-07-16 01:58:46 56176 ----a-w- c:windowssystem32driverspartmgr.sys 2012-07-15 19:57:55 -------- d-----w- c:programdataGFI Software 2012-07-15 17:01:06 98816 ----a-w- c:windowssed.exe 2012-07-15 17:01:06 518144 ----a-w- c:windowsSWREG.exe 2012-07-15 17:01:06 256000 ----a-w- c:windowsPEV.exe 2012-07-15 17:01:06 208896 ----a-w- c:windowsMBR.exe 2012-07-14 20:32:02 -------- d-----w- c:usersjessicaappdataroamingSUPERAntiSpyware.com 2012-07-14 20:31:50 -------- d-----w- c:programdataSUPERAntiSpyware.com 2012-07-14 20:31:50 -------- d-----w- c:program filesSUPERAntiSpyware 2012-07-14 19:30:20 -------- d-----w- c:usersjessicaappdatalocaladaware 2012-07-14 19:30:19 -------- d-----w- c:programdataAd-Aware Browsing Protection 2012-07-14 19:29:50 -------- d-----w- c:program filesAd-Aware Antivirus 2012-07-14 05:24:27 44784 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-07-14 05:24:26 721000 ----a-w- c:windowssystem32driversaswSnx.sys 2012-07-14 05:24:23 57656 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-07-14 05:23:30 41224 ----a-w- c:windowsavastSS.scr 2012-07-14 05:23:15 -------- d-----w- c:programdataAVAST Software 2012-07-14 05:23:15 -------- d-----w- c:program filesAVAST Software 2012-07-14 05:00:43 -------- d-sh--w- c:windowssystem32%APPDATA% 2012-07-13 10:26:18 6762896 ----a-w- c:programdatamicrosoftwindows defenderdefinition updates{705814e6-4213-428e-a4a3-18230839f997}mpengine.dll 2012-06-21 15:25:28 2422272 ----a-w- c:windowssystem32wucltux.dll 2012-06-21 15:25:16 88576 ----a-w- c:windowssystem32wudriver.dll 2012-06-21 15:25:02 33792 ----a-w- c:windowssystem32wuapp.exe 2012-06-21 15:25:02 171904 ----a-w- c:windowssystem32wuwebv.dll . ==================== Find3M ==================== . 2012-07-16 23:03:48 687600 ----a-w- c:windowssystem32deployJava1.dll 2012-07-03 18:46:44 22344 ----a-w- c:windowssystem32driversmbam.sys 2012-06-06 05:05:52 1390080 ----a-w- c:windowssystem32msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- c:windowssystem32msxml3.dll 2012-06-02 08:33:25 1800192 ----a-w- c:windowssystem32jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- c:windowssystem32wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- c:windowssystem32inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- c:windowssystem32ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- c:windowssystem32mshtml.tlb 2012-05-01 04:44:12 164352 ----a-w- c:windowssystem32profsvc.dll 2012-04-26 04:45:55 58880 ----a-w- c:windowssystem32rdpwsx.dll 2012-04-26 04:45:54 129536 ----a-w- c:windowssystem32rdpcorekmts.dll 2012-04-26 04:41:16 8192 ----a-w- c:windowssystem32rdrmemptylst.exe 2012-04-24 04:36:42 140288 ----a-w- c:windowssystem32cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- c:windowssystem32crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- c:windowssystem32cryptnet.dll . ============= FINISH: 12:33:25.98 =============== attach txt. . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: DeviceHarddiskVolume1 Install Date: 9/2/2011 6:24:17 PM System Uptime: 7/17/2012 12:27:01 PM (0 hours ago) . Motherboard: Dell Inc. | | 0RY206 Processor: AMD Athlon 64 X2 Dual Core Processor 4000+ | Socket AM2 | 2100/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 196.507 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: SBRE Device ID: ROOTLEGACY_SBRE0000 Manufacturer: Name: SBRE PNP Device ID: ROOTLEGACY_SBRE0000 Service: SBRE . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Null Device ID: ROOTLEGACY_NULL0000 Manufacturer: Name: Null PNP Device ID: ROOTLEGACY_NULL0000 Service: Null . ==== System Restore Points =================== . RP70: 6/13/2012 1:29:23 AM - Scheduled Checkpoint RP71: 6/20/2012 2:57:10 AM - Scheduled Checkpoint RP72: 6/21/2012 10:24:36 AM - Windows Update RP73: 7/4/2012 1:53:34 AM - Scheduled Checkpoint RP74: 7/4/2012 4:48:56 AM - Windows Update RP75: 7/10/2012 3:27:25 AM - Windows Update RP76: 7/13/2012 5:25:47 AM - Windows Update RP77: 7/14/2012 12:22:52 AM - avast! Free Antivirus Setup RP78: 7/15/2012 9:00:49 PM - Windows Update RP79: 7/16/2012 5:55:42 PM - Removed Java 6 Update 24 RP80: 7/16/2012 6:03:17 PM - Installed Java 7 Update 5 . ==== Installed Programs ====================== . ĀµTorrent 7-Zip 9.20 Ad-Aware Browsing Protection Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD VISION Engine Control Center ASUS Gamer OSD ASUS Smart Doctor ASUS Utilities ASUS VideoSecurity Online avast! Free Antivirus BurnAware Free 3.1.6 Canon MP250 series MP Drivers Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Codec-V ConvertXtoDVD 4.1.19.365 DivX Codecs 20100820 doPDF 7.2 printer EasyBCD 2.0 ESET Online Scanner v3 Facebook Video Calling 1.2.0.159 Google Toolbar for Internet Explorer Google Update Helper ImgBurn Java Auto Updater Java 7 Update 5 K-Lite Codec Pack 7.1.0 (Full) Lame ACM MP3 Codec LG USB Modem driver LibreOffice 3.3 Malwarebytes Anti-Malware version 1.62.0.1300 Media Player Classic HC MediaInfo Lite 0.7.42 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft IntelliType Pro 8.2 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 4.0 (x86 en-US) PeaZip 3.6.2 PeerBlock 1.1 (r518) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Spybot - Search & Destroy SUPERAntiSpyware System Explorer 2.7.6 The Weather Channel Desktop 6 Universal Extractor 1.6.1 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) VLC Player WinRAR 4.01 (32-bit) WinZip 15.0 XviD MPEG-4 Video Codec . ==== Event Viewer Messages From Past Week ======== . 7/17/2012 12:27:35 PM, Error: Service Control Manager [7034] - The ATK Fast User Switch Service service terminated unexpectedly. It has done this 1 time(s). 7/17/2012 12:27:35 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Null SBRE 7/17/2012 12:24:55 PM, Error: Service Control Manager [7034] - The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s). 7/17/2012 12:05:20 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/15/2012 7:38:35 AM, Error: Service Control Manager [7000] - The sbwtis service failed to start due to the following error: There are no more endpoints available from the endpoint mapper. 7/15/2012 2:48:45 PM, Error: Service Control Manager [7034] - The Ad-Aware service terminated unexpectedly. It has done this 2 time(s). 7/15/2012 2:47:01 PM, Error: Service Control Manager [7034] - The Ad-Aware service terminated unexpectedly. It has done this 1 time(s). 7/15/2012 2:46:34 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Null 7/15/2012 11:59:13 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 7/15/2012 11:59:13 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 7/15/2012 11:57:44 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 7/15/2012 11:43:16 AM, Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed. 7/14/2012 8:35:13 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 7/14/2012 8:35:13 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 7/14/2012 8:34:58 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0xadfd8064, 0x000000ff, 0x00000000, 0x996f7a34). A dump was saved in: C:WindowsMEMORY.DMP. Report Id: 071412-16770-01. 7/14/2012 2:05:39 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 7/14/2012 2:05:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 7/14/2012 2:05:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 7/14/2012 2:05:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 7/14/2012 2:05:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 7/14/2012 2:05:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 7/14/2012 2:05:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 7/14/2012 2:05:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi CSC DfsC discache EIO_XP NetBIOS NetBT nsiproxy Null Psched rdbss spldr tdx Wanarpv6 WfpLwf 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 7/14/2012 2:05:22 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 7/14/2012 1:50:08 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243 7/14/2012 1:50:04 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting. 7/13/2012 11:11:01 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccSet_N360 CSC DfsC discache eeCtrl EIO_XP IDSVix86 NetBIOS NetBT nsiproxy Null Psched rdbss spldr SRTSPX SymIRON SymNetS tdx Wanarpv6 WfpLwf . ==== End Of File ===========================
  24. Thanks JonTom. The pc seems to be running much better now. Avast doesn't keep popping up saying its blocking viruses. Heres the ESETScan. C:QooboxQuarantineCUsersjessicaAppDataLocal{e31e39b3-bede-f9cc-7ff7-1d832729312e}n.vir Win32/Sirefef.EV trojan C:QooboxQuarantineCWindowsInstaller{e31e39b3-bede-f9cc-7ff7-1d832729312e}n.vir Win32/Sirefef.EV trojan C:QooboxQuarantineCWindowsInstaller{e31e39b3-bede-f9cc-7ff7-1d832729312e}[email protected] a variant of Win32/Sirefef.FA trojan C:QooboxQuarantineCWindowsInstaller{e31e39b3-bede-f9cc-7ff7-1d832729312e}[email protected] a variant of Win32/Sirefef.FD trojan C:QooboxQuarantineCWindowsSystem32services.exe.vir Win32/Sirefef.FC trojan C:UsersjessicaAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5U0T8ZRGY78dee9e271084cb2[1].htm JS/TrojanDownloader.FraudLoad.NAY trojan C:UsersjessicaAppDataRoamingMozillaExtensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[email protected] a variant of Win32/Adware.Gamevance.BH application
×
×
  • Create New...