Jump to content

Search the Community

Showing results for tags 'virus'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • PC Matic Site
    • Information Desk
    • OverDrive Test or AutoFix Problems
    • PC Matic's Paid Products
    • Site Feedback
    • Tech Talk
  • Community
    • Networking, Email, and Internet Connections
    • Viruses, Spyware, Adware
    • User to User Help
    • Tips 'n' Tricks
    • Post Your Pit Test Results
    • Linux
    • Custom PCs, case mods, overclocking
    • Smart Phones and Hand-held Devices
    • Games and Gear
    • Distributed Computing Teams
    • General Discussions

Calendars

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


System Specifications:


TechExpress Link:

Found 21 results

  1. This is probably a stupid question but I want to know every detail. I did a scan and it found 3 red level threats and in the summary said the red dot means 'automatic removal'. I just wish to be completely sure these viruses were completely removed. Thanks.
  2. Can someone please tell me why PC Matic isn't catching this? I have gotten it twice on my own laptop and once on another laptop that PC Matic is supposed to be protecting. Also, how to make sure the malware is removed? I'm disappointed that PC Matic isn't protecting our machines from this.
  3. I went to a site from search and clicked on a music file. I saw a small flash at the side of my monitor like a very fast download. Next a voice came through my computer speakers and said that my computer had been compromised. I then found a pop up on my screen instructing me to call microsoft at the number on the screen. I did not touch anything but used the task manager to close the site and pop up. I use pcmatic Evergreen and also keep malwarebytes pro on my computer to run manually. I use windows firewall and supershield. I ran extensive scans but nothing turned up. My concern is because of an article I read about a virus or bad program that gets into your computer and silently collects sensitive information and you may never know it is there until you start getting strange charges on your credit cards and other unauthorized transactions. I have changed passwords on accounts but wonder if that would do any good if something is already in my computer collecting everything I do. I am also watching my accounts really close. Should I be concerned if I have not seen any evidence in over a week, and since my security programs did not turn up anything? I have Windows 7 Ultimate with latest service pack if it matters. Windows update on is on auto, pcmatic is on auto. I shut down and unplug my computer every night and also unplug my external drives.
  4. One of my computers has been hacked by something called Supreme AdBlocker. It pops up whenever I try to search for anything on the internet whether I use Firefox or Google Chrome. I used the Control Panel and removed this yesterday, but it is back. I have run a full PC-Matic scan, but nothing has been found. Does anyone know anything about this AND how to remove it for good?
  5. This has shown up twice on a Malwarebytes scan. Keeps coming back after I delete. What should I do, Am i missing something? Thanks
  6. I had a problem a few days ago and ran Avira. It came back with 91 viruses, cleared those out. Ran Malwarebytes Anti-Malware - It had hits, cleaned those out. Now my computer does not appear to like certain security settings but I might have just fixed that. The main issue that I am noticing now is that the process "dllhost.exe" is using a HUGE amount of system resources. As of right now between 11 and 46 on the task manager under CPU and the mem usage at 760,000 to 770,000 k. I tried to terminate the process and copy a new version of the file over to "reset" the program but since it is a system file it is protected and the computer said No. Now Avira and Anti-malware are both running clean. I installed Spybot search and destroy and it found some minor things like tracking cookies etc but my laptop is still misbehaving. What else can I try?
  7. I could really use some help here. I can get on IE at least but can not download anything that could help my computer. It keeps saying that it is a virus and deletes it. For what reason, I did get to download Spybot and did a scan and it found a few viruses. The two I saw were Win32.Downloader.gen and W3i.IQ.fraud. At first the computer wouldn't even load, now it comes on can't get on google and it seems limited on IE. I tried to download dds to give a report but it won't let me. This is my moms computer and I am not sure what else to do here. Thank You so much for your help
  8. OH NO!!!!! I just discovered that whatever is on my hard drive is wiping out all my files!!!!!!!!!!!!!!!!!! Many are GONE!!!!!! (Yes, I have my hard drive backed up). Help anyone! Caintry-Boy sent me to this forum from my post/thread at http://forums.pcpitstop.com/index.php?/topic/201014-werfaultexe-application-error-cant-do-tests-etc/page-8 . He tolld me to download that file and when I went to save it in my download folder, I doscovered that my files are being deleted from my computer!!!!!!! They are not 'all' gone yet, but many of my folders are now EMPTY. Please help!!!
  9. Can someone please help me? I am working on an win xp Sp3, home edition laptop that up until about a week ago was working like a charm. However, something seems to have gone bad , and Isuspect it's a virus I can't get rid of.CPU is running at 100%, I get error messages when I try to install software; especially any kind of diagnostic software...When I try to open some programs, I get error messages such as: "The application or DLL name.DLL is not a valid windows Image. Please check this against your installation diskette.""the server threw an exception, clas ID xxxxxx" "xxxxxx is not a valid win32 application""Access violation at address xxxxxxx in module xxxxxx"I've run Spybot and malawarebytes, and they've found and removed malware. My Norton anti virus only finds cookies, and I am unable to install or run any other virus scanners, even online scanners such as ESET return an error message. Regards, Sylvia
  10. Trick your address book! Who among us doesn't know someone who has experienced the embarrassmentof unknowingly spreading a computer virus via their email address book? It's time to STOP this from happening by TAKING CONTROL of your emailprogram! For those who are unaware, many computer viruses spreadthemselves by sending themselves to everyone in your address book. Imaginehow you would feel if you were unknowingly infected with a computer virus,and worse yet, your friends, family, and business contacts were beingtargeted by your computer! Well, if you want to avoid this sort of thing,here's a great tip: This tip won't prevent YOU from getting any viruses (you have to scanthose attachments yourself before opening them to do that), but it willstop those viruses from latching onto your address book and sending itselfout to others. To avoid spreading computer viruses, create a contact in your email addressbook with the name : 10000 with no email address in the details. This contact will then show up as your first contact. If a virus attemptsto do a "send all" on your contact list, your pc will put up an errormessage saying that: "The Message could not be sent. One or more recipientsdo not have an e-mail address. Please check your Address Book and make sureall the recipients have a valid e-mail address." Your messages to anindividual or individual addressees will not be affected. You click on OKand the offending (virus) message would not have been sent to anyone. Ofcourse no changes have been made to your original contacts list. Theoffending (virus) message may then be automatically stored inyour "Drafts" or "Outbox" folder. Go in there and delete the offendingmessage. Problem is solved and virus is not spread. Also change your email password regularly Not sure where I found this tip originally but I think this site below might have been the source http://tech.groups.yahoo.com/group/PCTechTalk/message/23025?threaded=1&var=1&p=4
  11. Hi! Help! I have a Dell Windows XP computer and recently I keep receiving a DLL bad image error message for just about every program on my computer which says something like "The application or DLL name.DLL is not a valid windows Image. Please check this against your installation diskette." I've run AVG and no threats appear. I did a full Malwarebytes scan and although it did remove some malware, it didn't fix the problem. I also tried to do a system restore but that didn't fix it either. I'm thinking about trying to do a clean install reinstallation of Windows but I know this is a long process and I'm wondering if there's a faster, better way to get rid of the infection. Any help will be so very greatly appreciated!! I never know what to do with computers when these things happen. Thanks! Kate
  12. Hey, I am new to this forum and like to stick around to learn more about various aspect in technology. However my first question and not the last one is my curiosity on restore softwares like Deep Freeze or Drive Vaccine. My question lies whether when a restore takes place does it remove the Virus or Malware from the system. Keep in mind, the restore point is in the same system as of the restore software. Any information will be great. Cheers
  13. Hi guys, my pc has been really laggy lately and i dont understand why? it lags in video games and when im on my homescreen and when im doing anything really. I do have Bullguard antivirus. and not much programs,i thought i had and ok pc... and i also ran Norton PC Checkup and it found nothing. Here are my specs: -------------------------------------- Summary -------------------------------------- Computer Brand Name: HP-Pavilion BT437AA-ABA s5623w Operating System: Microsoft Windows 7 Home Premium (x64) Build 7601 Service Pack: Service Pack 1 Processor: AMD Phenom II X4 840 (3200.0 MHz) Motherboard: PEGATRON CORPORATION NARRA5 (nVidia nForce 6100-405/430) Memory: 3 GBytes (Dual-Channel) Hard Drive: Seagate ST3320418AS (305,245 MBytes (320 GB)) Optical Drive: hp DVD-RAM GH60L (DVD+R DL) Display Adapter: EVGA e-GeForce GT 430 Audio Adapter: nVIDIA MCP61 - High Definition Audio Controller nVIDIA GF108 - High Definition Audio Controller Network Adapter: Belkin USB Wireless Adaptor Monitor: Hewlett-Packard [unknown Model: HWP292F] -------------------------------------- Processor -------------------------------------- CPU ID: 00100F53 Extended CPU ID: 00100F53 Code Name: Propus CPU Stepping: BL-C3 CPU Platform: Socket AM2r2 Microcode Update Revision: 10000AF Core(s): 4 Thread(s): 4 Original Frequency: 3200.0 MHz Current Frequency: 3214.7 MHz = 16.00 x 200.9 MHz @ 1.3750 V CPU Core Temperature: N/A L1 Cache: Instruction: 4 x 64 KBytes, Data: 4 x 64 KBytes L2 Cache: Integrated: 4 x 512 KBytes CPU Thermal Design Power: 95.0 W CPU Thermal Design Current: 76.0 A -------------------------------------- Motherboard -------------------------------------- Model: PEGATRON CORPORATION NARRA5 Chipset: nVidia nForce 6100-405/430 Slots: 1xPCI, 2xPCI Express x1, 1xPCI Express x16 PCI Express Version Supported: v1.0 USB Version Supported: v2.0 Super IO/LPC Chip: Fintek A8000B BIOS Manufacturer: Phoenix - AwardBIOS v6.00PG BIOS Date: 05/20/10 BIOS Version: 5.59 -------------------------------------- Memory -------------------------------------- Module Number: 0 Module Size: 1024 MBytes Memory Type: DDR2-SDRAM Memory Speed: 400.0 MHz (PC2-6400) Module Manufacturer: Kingston Error Check/Correction: None Number Of Banks: 8 Number Of Ranks: 1 Supported CAS Latencies: 6.0, 5.0, 4.0 Min. RAS-to-CAS Delay: 15.00 ns Min. Row Precharge Time: 15.00 ns Min. RAS Pulse Width: 45 ns Supported Module Timing at 400.0 MHz: 6.0-6-6-18 Supported Module Timing at 333.3 MHz: 5.0-5-5-15 Supported Module Timing at 266.7 MHz: 4.0-4-4-12 Min. Row-Activate To Row-Activate Delay: 7.50 ns Write Recovery Time: 15.00 ns Internal write to read command delay: 7.50 ns Internal read to precharge command delay: 7.50 ns Minimum Activate to Activate/Refresh Time: 60.00 ns Minimum Refresh to Activate/Refresh Command Period: 127.50 ns Address and Command Setup Time Before Clock: 0.17 ns Address and Command Setup Time After Clock: 0.25 ns Data Input Setup Time Before Strobe: 0.05 ns Data Input Setup Time After Strobe: 0.12 ns Module Number: 1 Module Size: 2048 MBytes Memory Type: DDR2-SDRAM Memory Speed: 400.0 MHz (PC2-6400) Module Manufacturer: Micron Tech. Error Check/Correction: None Number Of Banks: 8 Number Of Ranks: 2 Supported CAS Latencies: 6.0, 5.0, 4.0 Min. RAS-to-CAS Delay: 15.00 ns Min. Row Precharge Time: 15.00 ns Min. RAS Pulse Width: 45 ns Supported Module Timing at 400.0 MHz: 6.0-6-6-18 Supported Module Timing at 333.3 MHz: 5.0-5-5-15 Supported Module Timing at 266.7 MHz: 4.0-4-4-12 Min. Row-Activate To Row-Activate Delay: 7.50 ns Write Recovery Time: 15.00 ns Internal write to read command delay: 7.50 ns Internal read to precharge command delay: 7.50 ns Minimum Activate to Activate/Refresh Time: 60.00 ns Minimum Refresh to Activate/Refresh Command Period: 127.50 ns Address and Command Setup Time Before Clock: 0.17 ns Address and Command Setup Time After Clock: 0.25 ns Data Input Setup Time Before Strobe: 0.05 ns Data Input Setup Time After Strobe: 0.12 ns -------------------------------------- Hard Drive -------------------------------------- Drive Model: Seagate ST3320418AS Drive Controller: Serial ATA 3Gb/s Drive Serial Number: 9VMKPJZ0 Firmware Revision: HP35 Drive Capacity: 305,245 MBytes (320 GB) Media Rotation Rate: 7200 RPM Temperature: N/A Cache Buffer Size: 16384 KBytes Number of Cylinders: 16383 Number of Heads: 16 Number of Sectors: Unknown Sectors Per Track: 63 Native Command Queuing: Supported, Max. Depth: 32 TRIM Command: Not Supported Write Cache: Present, Active S.M.A.R.T. Feature: Present, Active Security Feature: Present, Inactive Removable Media Feature: Not Present, Disabled Power Management: Present, Active Advanced Power Management: Not Present, Inactive Packet Interface: Not Present, Disabled Look-Ahead Buffer: Present, Active Host Protected Area: Not Present, Disabled Power-Up In Standby: Not Supported, Inactive Automatic Acoustic Management: Not Supported, Inactive 48-bit LBA: Supported, Active Raw Read Error Rate: 119/6, Worst: 99 (Data = 228223807) Reallocated Sector Count: 100/36, Worst: 100 Power-On Hours/Cycle Count: 94/Always OK, Worst: 94 (Data = 5493) Power Cycle Count: 100/20, Worst: 100 (Data = 985) SATA Interface Downshift / Runtime Bad Block: 100/Always OK, Worst: 100 Reported Uncorrectable Errors: 100/Always OK, Worst: 100 Command Timeout: 100/Always OK, Worst: 98 (Data = 12) Spin Up Time: 98/Always OK, Worst: 97 Start/Stop Count: 99/20, Worst: 99 (Data = 1992) Seek Error Rate: 82/30, Worst: 60 (Data = 168181565) Spin Retry Count: 100/97, Worst: 100 Temperature: 29/Always OK, Worst: 47 (Data = 29.0 C) Reallocation Event Count: 100/36, Worst: 100 Current Pending Sector Count: 100/Always OK, Worst: 100 Off-Line Uncorrectable Sector Count: 100/Always OK, Worst: 100 Ultra DMA/SATA CRC Error Rate: 200/Always OK, Worst: 200 -------------------------------------- Optical Drive -------------------------------------- Drive Model: hp DVD-RAM GH60L Device Type: DVD+R DL Drive Serial Number: 027CD022497 Firmware Revision: RD01 Supported Disk Type (Read): CD-R, CD-RW, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-RAM, DVD+R DL Supported Disk Type (Write): CD-R, CD-RW, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-RAM, DVD+R DL -------------------------------------- Display Adapter -------------------------------------- Video Card: EVGA e-GeForce GT 430 Video Chipset: nVIDIA GeForce GT 430 (GF108-300) Video Memory: 1048256 KBytes of DDR3 SDRAM Bus Type: PCIe v2.0 x16 (2.5 Gb/s) @ x16 (2.5 Gb/s) Video BIOS Version: 70.08.29.00.38 Video Chipset Revision: A1 Memory Bus Width: 64-bit Number Of Pixel Pipelines: 4 Number Of Unified Shaders: 96 GPU Temperature: N/A GPU Clock(Geometry Domain): 699.5 MHz GPU Clock(Shader Domain): 1399.1 MHz Memory Clock: 597.9 MHz (Effective 1195.7 MHz) -------------------------------------- Audio Adapter -------------------------------------- Audio Adapter: nVIDIA MCP61 - High Definition Audio Controller High Definition Audio Codec: RealTek ALC888 Audio Adapter: nVIDIA GF108 - High Definition Audio Controller High Definition Audio Codec: nVidia HDMI -------------------------------------- Network Adapter -------------------------------------- Network Adapter: Belkin USB Wireless Adaptor MAC Address: 94-44-52-EB-AA-72 Maximum Link Speed: 65 Mbps -------------------------------------- Monitor -------------------------------------- Monitor Name: Hewlett-Packard [unknown Model: HWP292F] Serial Number: CNT031S1K3 Date Of Manufacture: Week: 31, Year: 2010 Max Vertical Size: 23 cm Max Horizontal Size: 41 cm Standby: Not Supported Suspend: Not Supported Standard Colour Space: Supported Preferred Timing Mode: Supported Default GTF Supported: Not Supported -------------------------------------- Time of this report: 9/21/2012 7:47:22 AM HWiNFO32.dll: 3.9.6.0 HWiNFO32.sys: 8.72.0.0 HWiNFO64A.sys: 8.72.0.0 Here is some stuff i got from Hijack this!: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:58:36 AM, on 9/21/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Sidebar\sidebar.exe C:\Program Files (x86)\BitTorrent\BitTorrent.exe C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1819839267-1696124477-317962788-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1819839267-1696124477-317962788-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{F272961C-CC80-4369-8BAA-B24B5490FD71}: NameServer = 192.168.1.1 O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - PowerUp Software, LLC - C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9255 bytes
  14. I have gotten infected by start.funmoods.com on my google chrome search engine. I originally posted in another forum here is the link to that original post: http://forums.pcpitstop.com/index.php?/topic/199704-i-know-im-infected-but-none-of-my-security-programs-find-it/ I posted my malware log and was directed to get the DDS log, come to this forum and post here. DDS Log: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1 Run by Suzi at 17:29:04 on 2012-08-25 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.489 [GMT -5:00] . AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\spoolsv.exe c:\program files\idt\wdm\STacSV.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\IDT\WDM\sttray.exe C:\WINDOWS\system32\AESTFltr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HPBTWD.exe C:\Program Files\Everything\Everything.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\PdaNet for Android\PdaNetPC.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/?ilc=17 BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0559.0\msneshellx.dll BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - c:\documents and settings\all users\application data\wecarereminder\IEHelperv2.5.0.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0559.0\msneshellx.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [Google Update] "c:\documents and settings\suzi\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [HP Mobile Broadband] c:\swsetup\hpqwwan\HPMobileBroadband.exe /TrayMode mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [HP BTW Detect Program] c:\program files\hp\HPBTWD.exe mRun: [Everything] "c:\program files\everything\Everything.exe" -startup mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\docume~1\suzi\startm~1\programs\startup\pdanet~1.lnk - c:\program files\pdanet for android\PdaNetPC.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: facebook.com\www Trusted Zone: yahoo.com\login DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll TCP: DhcpNameServer = 8.8.8.8 TCP: Interfaces\{62745325-20C1-4F0C-A6BD-2AC3CD7BA611} : DhcpNameServer = 8.8.8.8 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\suzi\application data\mozilla\firefox\profiles\03u3rlxy.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\suzi\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.funmoods.hmpg - true FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutDtDtByCtAyB0B0DtAzyyEtByD0FtD0FtN0D0Tzu0CtBtAtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=463652123 FF - user.js: extensions.funmoods.dfltSrch - false FF - user.js: extensions.funmoods.srchPrvdr - Search FF - user.js: extensions.funmoods.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutDtDtByCtAyB0B0DtAzyyEtByD0FtD0FtN0D0Tzu0CtBtAtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=463652123 FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutDtDtByCtAyB0B0DtAzyyEtByD0FtD0FtN0D0Tzu0CtBtAtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=463652123&q= FF - user.js: extensions.funmoods.id - 002637BD39425F0F FF - user.js: extensions.funmoods.instlDay - 15571 FF - user.js: extensions.funmoods.vrsn - 1.5.23.22 FF - user.js: extensions.funmoods.vrsni - 1.5.23.22 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2218:54:16 FF - user.js: extensions.funmoods.prtnrId - funmoods FF - user.js: extensions.funmoods.prdct - funmoods FF - user.js: extensions.funmoods.aflt - axl FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods.tlbrId - base FF - user.js: extensions.funmoods.instlRef - axl FF - user.js: extensions.funmoods.dfltLng - FF - user.js: extensions.funmoods.excTlbr - false FF - user.js: extensions.funmoods.autoRvrt - false FF - user.js: extensions.funmoods.envrmnt - production FF - user.js: extensions.funmoods.isdcmntcmplt - true FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0 . ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-1-26 36000] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-1-26 86224] R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-1-26 110032] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-1-26 83392] R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2009-5-7 113664] R3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2012-2-26 13440] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-2-26 121192] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-7-21 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-29 250056] S3 cpuz128;cpuz128; [x] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-7-21 116648] S3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys --> c:\windows\system32\drivers\l1c51x86.sys [?] S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2008-9-23 20480] S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2009-7-26 174336] S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\rts5121.sys --> c:\windows\system32\drivers\RTS5121.sys [?] S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-15 14336] S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2012-8-24 77312] . =============== Created Last 30 ================ . 2012-08-24 13:41:03 -------- d-----w- c:\documents and settings\all users\application data\PCPitstop 2012-08-24 13:39:46 -------- d-----w- c:\program files\PCPitstop 2012-08-23 12:01:27 -------- d-----w- c:\documents and settings\suzi\local settings\application data\Paint.NET 2012-08-23 11:59:59 -------- d-----w- c:\documents and settings\suzi\local settings\application data\FreeEditorEditTemp 2012-08-23 11:50:15 175616 ----a-w- c:\windows\system32\unrar.dll 2012-08-23 11:50:08 -------- d-----w- c:\program files\K-Lite Codec Pack 2012-08-23 11:49:42 -------- d-----w- c:\program files\Free Editor 2012-08-23 11:22:07 -------- d-----w- c:\documents and settings\suzi\local settings\application data\Software Assist 2012-08-23 11:22:02 -------- d-----w- c:\program files\Software Assist 2012-08-20 01:07:53 -------- d-----w- c:\documents and settings\all users\application data\YTD Video Downloader 2012-08-20 01:07:41 -------- d-----w- c:\program files\GreenTree Applications 2012-08-20 00:15:18 -------- d-----w- c:\program files\VideoLAN 2012-08-19 23:59:08 33958 ----a-w- c:\documents and settings\all users\application data\uninstaller.exe 2012-08-19 23:59:04 -------- d-----w- c:\documents and settings\all users\application data\WeCareReminder 2012-08-19 23:55:33 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer 2012-08-19 14:52:24 -------- d-----w- c:\program files\Tweaks 2012-08-17 00:32:22 -------- d-----w- c:\documents and settings\all users\application data\firebird 2012-08-17 00:30:37 -------- d-----w- c:\documents and settings\suzi\application data\Chrysanth 2012-08-17 00:30:19 -------- d-----w- c:\program files\Chrysanth 2012-08-17 00:08:52 249856 ------w- c:\windows\Setup1.exe 2012-08-17 00:08:51 73216 ----a-w- c:\windows\ST6UNST.EXE 2012-08-16 23:52:29 -------- d-----w- C:\myDiary 2012-08-07 18:49:20 4608000 ----a-w- c:\documents and settings\all users\application data\ReadOnlyInstaller.msi 2012-08-07 14:25:17 -------- d-----w- c:\documents and settings\suzi\local settings\application data\Sun 2012-08-02 04:14:06 -------- d-----w- c:\documents and settings\suzi\local settings\application data\Google 2012-08-02 04:12:31 -------- d-----w- c:\documents and settings\suzi\local settings\application data\Deployment 2012-08-01 13:36:41 -------- d-----w- c:\program files\Oracle . ==================== Find3M ==================== . 2012-08-25 04:22:33 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-25 04:22:32 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-06 03:07:08 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-07-06 03:06:30 772544 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 18:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:49:32 43520 ------w- c:\windows\system32\licmgr10.dll 2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05:43 385024 ------w- c:\windows\system32\html.iec 2012-06-08 14:26:20 8462848 ----a-w- c:\windows\system32\SETB9.tmp 2012-06-07 01:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\SET7D.tmp 2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 22:35:26 222448 ----a-w- c:\windows\system32\muweb.dll 2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\SETB1.tmp 2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 20:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 20:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 20:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 20:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 20:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 20:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 20:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll . ============= FINISH: 17:29:35.26 =============== Here is the Attach Log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 6/18/2009 3:34:14 AM System Uptime: 8/25/2012 5:09:21 PM (0 hours ago) . Motherboard: Hewlett-Packard | | 308F Processor: Intel® Atom CPU N270 @ 1.60GHz | CPU 1 | 1596/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 149 GiB total, 130.954 GiB free. D: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: Description: Ethernet Controller Device ID: PCI\VEN_1969&DEV_1062&SUBSYS_308F103C&REV_C0\4&23C6FC68&0&00E1 Manufacturer: Name: Ethernet Controller PNP Device ID: PCI\VEN_1969&DEV_1062&SUBSYS_308F103C&REV_C0\4&23C6FC68&0&00E1 Service: . Class GUID: Description: Samsung Android ACM Device ID: USB\VID_04E8&PID_681C&MI_00\M820C1278B0B_00 Manufacturer: Name: Samsung Android ACM PNP Device ID: USB\VID_04E8&PID_681C&MI_00\M820C1278B0B_00 Service: . ==== System Restore Points =================== . RP13: 5/25/2012 6:33:40 AM - Software Distribution Service 3.0 RP14: 5/27/2012 10:17:55 AM - Software Distribution Service 3.0 RP15: 5/27/2012 11:43:21 AM - Software Distribution Service 3.0 RP16: 5/30/2012 5:27:38 PM - System Checkpoint RP17: 6/15/2012 5:59:07 PM - Software Distribution Service 3.0 RP18: 6/15/2012 6:20:55 PM - Software Distribution Service 3.0 RP19: 6/26/2012 9:17:00 AM - Installed %1 %2. RP20: 6/26/2012 9:27:48 AM - Installed %1 %2. RP21: 6/26/2012 9:30:25 AM - Installed Windows XP KB2492386. RP22: 6/26/2012 10:05:42 AM - Installed Windows Internet Explorer 8. RP23: 6/26/2012 10:06:58 AM - Software Distribution Service 3.0 RP24: 7/13/2012 11:39:05 PM - Software Distribution Service 3.0 RP25: 7/13/2012 11:45:50 PM - Installed Windows Internet Explorer 8. RP26: 7/13/2012 11:46:48 PM - Software Distribution Service 3.0 RP27: 7/14/2012 12:49:27 AM - 07/13/12 RP28: 7/14/2012 1:32:02 AM - Software Distribution Service 3.0 RP29: 7/14/2012 9:19:53 AM - Removed iComment 2.0.2 RP30: 7/14/2012 9:22:04 AM - Software Distribution Service 3.0 RP31: 7/15/2012 10:53:10 AM - System Checkpoint RP32: 7/15/2012 11:19:14 AM - Software Distribution Service 3.0 RP33: 7/15/2012 11:21:38 AM - Software Distribution Service 3.0 RP34: 7/15/2012 11:22:47 AM - Installed Windows XP KB2699988. RP35: 7/15/2012 11:23:17 AM - Software Distribution Service 3.0 RP36: 7/19/2012 3:25:23 PM - System Checkpoint RP37: 7/21/2012 10:41:37 AM - Software Distribution Service 3.0 RP38: 7/28/2012 11:46:52 AM - running very well RP39: 8/1/2012 8:35:56 AM - Installed Java 7 Update 5 RP40: 8/1/2012 8:36:38 AM - Installed JavaFX 2.1.1 RP41: 8/17/2012 6:26:03 AM - Software Distribution Service 3.0 RP42: 8/18/2012 8:14:53 AM - System Checkpoint RP43: 8/19/2012 10:01:28 AM - Removed WinZip 16.5 RP44: 8/20/2012 10:29:52 PM - System Checkpoint RP45: 8/23/2012 6:53:14 AM - IObit Uninstaller restore point RP46: 8/23/2012 6:53:48 AM - Removed Atheros Communications Inc.® AR81Family Gigabit/Fast E RP47: 8/23/2012 6:55:31 AM - IObit Uninstaller restore point RP48: 8/24/2012 7:16:20 AM - System Checkpoint . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.2 Adobe Shockwave Player 11.5 ASPCA Reminder by We-Care.com v4.1.18.1 Avira Free Antivirus Broadcom 802.11 Wireless LAN Adapter Compatibility Pack for the 2007 Office system Critical Update for Windows Media Player 11 (KB959772) Default Manager Everything 1.2.1.371 File Extractor Free Editor Google Chrome Google Earth Plug-in Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB949764) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP BatteryCheck 2.10 A2 HP Doc Viewer HP Driver Diagnostics HP Help and Support HP Mobile Broadband Setup Utility HP User Guides 0139 HP Wireless Assistant HpSdpAppCoreApp IDT Audio Intel® Graphics Media Accelerator Driver Internet Explorer (Enable DEP) Java Auto Updater Java 6 Update 32 Java 7 Update 5 JavaFX 2.1.1 K-Lite Codec Pack 8.7.0 (Standard) Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Live Search Toolbar Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WinUsb 1.0 Microsoft Works Mozilla Firefox 10.0.2 (x86 en-US) MSN MSVCRT MSXML 6.0 Parser PC Pitstop Exterminate2 2.0 PdaNet for Android 3.25 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB2183461) Security Update for Windows Internet Explorer 7 (KB2360131) Security Update for Windows Internet Explorer 7 (KB2416400) Security Update for Windows Internet Explorer 7 (KB2544521) Security Update for Windows Internet Explorer 7 (KB2618444) Security Update for Windows Internet Explorer 7 (KB2647516) Security Update for Windows Internet Explorer 7 (KB2675157) Security Update for Windows Internet Explorer 7 (KB2699988) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Internet Explorer 7 (KB978207) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Segoe UI Skype™ 3.8 Software Assist Synaptics Pointing Device Driver TeamViewer 7 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 7 (KB980182) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2641690) Update for Windows XP (KB2718704) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Viewpoint Media Player WebFldrs XP Windows Backup Utility Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Management Framework Core Windows Media Format 11 runtime Windows Media Player 11 YTD Video Downloader 3.9 . ==== Event Viewer Messages From Past Week ======== . 8/24/2012 11:35:32 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AliIde IntelIde ViaIde 8/24/2012 11:34:25 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 8/23/2012 9:18:51 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the hpqwmiex service to connect. 8/23/2012 9:18:51 PM, error: Service Control Manager [7000] - The hpqwmiex service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/23/2012 9:18:51 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E} 8/22/2012 5:35:18 AM, error: ACPI [43] - The system sleep operation failed 8/19/2012 10:01:41 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The system cannot find the file specified. . ==== End Of File =========================== I am so lost as to what to do I really appreciate any help. Thank you.
  15. I found this page with good information about what are them. http://www.emsisoft.com/en/kb/articles/tec120308/ Thanks to, Emisoft newsletter
  16. Hello all What started out looking like a minor problem or annoyance. Has now become a major headache & looks like a major problem. I was surfing the net, at my usual places. Im using Firefox's newest browser, because I know its safer the IE. I use the Noscripts add on, as well as their popup blocker all the time. And at the time the original problem started. I was also using Nortons 360, along with Malwarebytes. My problem originally started with what seemed like a minor loss of internet connection. But then every few minutes or half hour or hour. I would once again be disconnected from the net. I've had connection problems with my cable before, so I immediately called my service provider. In the mean time, I ran my virus program & Malwarebytes & they both came up clean. So knowing my Nortons was soon to expire, I uninstalled it & downloaded AVG. Did a scan with that, which came up clean too. So then I put my disc for Nortons back in & noticed problem number two. The disc wasnt reading & when I went in to My Computer, the drive also wasnt showing up on my list. So after I had unisntalled AVG, I went to delete if from my programs folder & I couldnt delete it. I also found other files in there that looked exactly like the AVG file, and after uninstalling them. Noticed I couldnt delete them either. ( the icons dont look at all like they ones for the programs they are for. All the icons look exactly the same. But anyway, after my service provider sent out a truck & found no problems outside the house. I started checking the lines inside. Eventually, I have now replaced all wires/cables, got a brand new modem, & splitters. And Im still having the same problem staying connected to the net. Like I said, I finally downloaded & ran Hijackthis, & I see A LOT of nasties on the list. Should I make a new ppst in that forum as well? Thank you very much in adavance, for all help offered.
  17. HI! My computer caught another virus or two. I was getting IE can not dispIay web page errors. I ran Avast (full scan) and it removed one threat. Since I had this same problem with the IE errors not to long ago, I was able to go back and read through my sessions with JonTom in the HJT forum. I ran an ESET scan and it found and removed "a variant of Win32/Toolbar.Widgi.Application". I am not getting as many IE errors now, but am still getting a few. I'm hoping someone can help me see if there are any lingering bad files left on my computer. Thanks to anyone who is willing to help me out.
  18. Hard drive recently crashed - folks at the pc store were nice enough to update my OS to Windows 7. Windows 7 has microsoft security essentials installed. On my previous platform I was running SpywareBlaster, AVG Antivirus, Spybot S&D, AdAware, and Malwarebytes. My question is should I have all these programs installed, or is it a bit excessive? Now that I have the microsoft security essentials installed, which ones should I have in addition? Are there any I'm missing from this list? Thanks!
  19. here is my HJT log i have ran AVG and it removed about 30 trojans now i cannot access the internet Logfile of HijackThis v1.99.1 Scan saved at 7:47:04 PM, on 11/29/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Digital Media Reader\readericon45G.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\AVG\AVG2012\avgui.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Logitech\Easy Synchronization\servicestub.exe C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wuauclt.exe K:\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gatewaybiz.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gatewaybiz.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo....r=mcafee&p=%s%s R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe O4 - HKLM\..\Run: [EPSON Stylus CX7800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE /P26 "EPSON Stylus CX7800 Series" /O6 "USB001" /M "Stylus CX7800" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Unknown owner - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE (file missing) O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS O23 - Service: Security Center (wscsvc) - Unknown owner - C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)
  20. My computer can no longer detect and load into Windows Explorer my USB external hard drives (3 different manufacturers) when I insert the USB cables but can detect my USB flash drives (same manufacturer). These drives have lots of video footage and photographs I have shot. I use them all at this time of year each year and really need to be able to insert and remove them regularly over the next month. Really bad timing for this problem. The safely remove hardware icon appears on the taskbar but the drive does not appear in Windows Explorer. When I press the safely remove hardware button the safely remove hardware dialog box does not load (at one point it was loading but no drive was listed). Eventually the system freezes and programs (any running) stop responding. They drives are visible in Windows Explorer when loaded in safe mode. Does that mean the Windows filed running the USB ports are not corrupt? My antiviral software is up to date and says my system is clean and so does Microsoft System Sweeper. I did get a couple of trojans recently maybe names like ?Java/Agent DU and Java/Agent U... (letters were U or DU or DP I believe) System was cleaned and says it is clean today. Uninstalling all the USB stuff in device manager did not help. I cannot figure out if this is a Virus problem or Windows problem. The hard drives connect normally on my sister's computer so I do not think it is a hardware problem. Thank you for any help, Samantha
×
×
  • Create New...