Jump to content

IE can not display web page error


Anderson
 Share

Recommended Posts

HI! My computer caught another virus or two. I was getting IE can not dispIay web page errors. I ran Avast (full scan) and it removed one threat. Since I had this same problem with the IE errors not to long ago, I was able to go back and read through my sessions with JonTom in the HJT forum. I ran an ESET scan and it found and removed "a variant of Win32/Toolbar.Widgi.Application". I am not getting as many IE errors now, but am still getting a few. I'm hoping someone can help me see if there are any lingering bad files left on my computer. Thanks to anyone who is willing to help me out.

Link to comment
Share on other sites

OK, lets try this again. Thank you caintry_boy for helping me out again. Here are my log files.

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:56:33 AM, on 12/31/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe

C:Program Files (x86)NETGEARWNA3100WNA3100.exe

C:WindowsCNYHKey.exe

C:Program Files (x86)IOISmart CopyButtonMonitor.exe

C:Program Files (x86)SeagateSeagateManagerFreeAgent Statusstxmenumgr.exe

C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe

C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe

C:Program FilesAVAST SoftwareAvastAvastUI.exe

C:Program Files (x86)RealRealPlayerUpdaterealsched.exe

C:Program Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe

C:Program Files (x86)NETGEARWPN311wlancfg5.exe

C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe

C:WindowsModLedKey.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:UsersJacqueDownloadsHijackThis (1).exe

c:program files (x86)realrealplayerRealPlay.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0111&m=dx4710-05

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {167d9323-f7cc-48f5-948a-6f012831a69f} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ÿþ127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:Program Files (x86)WOTWOT.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll" (file missing)

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll" (file missing)

O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:Program Files (x86)WOTWOT.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

O4 - HKLM..Run: [LchDrvKey] LchDrvKey.exe

O4 - HKLM..Run: [LedKey] CNYHKey.exe

O4 - HKLM..Run: [Trigger New Acer AlaunchX] c:AcerPreloadCommandAlaunchXAppInRun.exe

O4 - HKLM..Run: [smart Copy] "C:Program Files (x86)IOISmart CopyButtonMonitor.exe" -A

O4 - HKLM..Run: [MaxMenuMgr] "C:Program Files (x86)SeagateSeagateManagerFreeAgent StatusStxMenuMgr.exe"

O4 - HKLM..Run: [LWS] C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe -hide

O4 - HKLM..Run: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

O4 - HKLM..Run: [info Center] "C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe"

O4 - HKLM..Run: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui

O4 - HKLM..Run: [TkBellExe] "C:Program Files (x86)RealRealPlayerupdaterealsched.exe" -osboot

O4 - HKLM..Run: [HTC Sync Loader] "C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe" -startup

O4 - HKLM..RunOnce: [New Acer AlaunchX] c:AcerPreloadCommandAlaunchXLaunchAlaunchX.exe

O4 - HKCU..Run: [swg] "C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe"

O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe

O4 - Global Startup: NETGEAR WNA3100 Smart Wizard.lnk = ?

O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:Program Files (x86)NETGEARWPN311wlancfg5.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:Program Files (x86)WOTWOT.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dll

O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:Program FilesAVAST SoftwareAvastAvastSvc.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:Program FilesGATEWAYGateway Recovery ManagementServiceETService.exe

O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:Program Files (x86)WildTangent GamesAppGamesAppService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program Files (X86)IntelIntel Matrix Storage ManagerIaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe

O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)

O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)

O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe

O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:Program Files (x86)Common FileslogishrdLVMVFMUMVPFSrv.exe

O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)

O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)

O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

O23 - Service: WSWNA3100 - Unknown owner - C:Program Files (x86)NETGEARWNA3100WifiSvc.exe

O23 - Service: XAudioService - Unknown owner - C:Windowssystem32DRIVERSxaudio64.exe (file missing)

--

End of file - 10602 bytes

 

Malwarebytes Anti-Malware 1.60.0.1800

www.malwarebytes.org

Database version: v2011.12.28.03

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 9.0.8112.16421

Jacque :: JACQUE-PC [administrator]

12/30/2011 11:58:34 PM

mbam-log-2011-12-30 (23-58-34).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 229058

Time elapsed: 2 minute(s), 46 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to comment
Share on other sites

Let's flush the dirty DNS cache and restore MS's Hosts file:

 

Copy and paste these lines in Note pad.

 

@Echo on

pushdwindowssystem32driversetc

attrib -h -s -r hosts

echo 127.0.0.1 localhost>HOSTS

attrib +r +h +s hosts

popd

ipconfig /release

ipconfig /renew

ipconfig /flushdns

netsh winsock reset all

netsh int ip reset all

shutdown -r -t 1

del %0

 

Save as flush.bat to your desktop.

Double click on the flush.bat file to run it.Vista and Windows 7... right click the .bat file and choose to run as Administrator. Your computer will reboot itself.

Link to comment
Share on other sites

Hi Maude, thank you for helping! I did as you said. I am still getting the IE error when trying to access my home page. However, I seem to be able to access all of my "favorites". I saved this page in favorites and it loaded right up, but this is my second time to post this, the first one wouldn't post. Is there anything else I need to do?

Link to comment
Share on other sites

Download DDS from one of these links:

Mirror 1 Mirror 2 Mirror 3

  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.

The scan will instruct you to post Attach.txt as an attachment.

No need for that though ..... just post it's contents as you would any other log.

Link to comment
Share on other sites

Thank you Jacee! I have both log files saved to desk top, but neither one will let me copy and paste to the forums. I've tried select all, copy and then try to paste, but paste is never highlighted to allow me that option. Am I doing something wrong?

Edited by Anderson
Link to comment
Share on other sites

OK, for whatever reason...it is now letting me copy and paste. SMH

 

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Jacque at 12:21:19 on 2012-01-04

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6132.3851 [GMT -6:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:Windowssystem32wininit.exe

C:Windowssystem32lsm.exe

C:Windowssystem32svchost.exe -k DcomLaunch

C:Windowssystem32svchost.exe -k rpcss

c:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe

C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted

C:Windowssystem32svchost.exe -k netsvcs

C:Windowssystem32svchost.exe -k GPSvcGroup

C:Windowssystem32SLsvc.exe

C:Windowssystem32svchost.exe -k LocalService

C:Windowssystem32svchost.exe -k NetworkService

C:Program FilesAVAST SoftwareAvastAvastSvc.exe

C:Windowssystem32WLANExt.exe

C:WindowsSystem32spoolsv.exe

C:Windowssystem32svchost.exe -k LocalServiceNoNetwork

C:Program Files (x86)MicrosoftBingBarSeaPort.EXE

C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe

C:Program Files (X86)IntelIntel Matrix Storage ManagerIaantmon.exe

C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe

C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted

C:Windowssystem32svchost.exe -k imgsvc

C:WindowsSystem32svchost.exe -k WerSvcGroup

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

C:Windowssystem32SearchIndexer.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe

C:Windowssystem32WUDFHost.exe

C:Windowssystem32DRIVERSxaudio64.exe

c:Program FilesMicrosoft Security ClientAntimalwareNisSrv.exe

C:Windowssystem32Dwm.exe

C:Windowssystem32taskeng.exe

C:WindowsExplorer.EXE

C:Windowssystem32taskeng.exe

C:Windowssystem32taskeng.exe

C:WindowsMHotKey.exe

C:WindowsChiFuncExt.exe

C:Program FilesRealtekAudioHDARAVCpl64.exe

C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe

C:WindowsSystem32igfxtray.exe

C:Program FilesCanonMyPrinterBJMYPRT.EXE

C:Program FilesMicrosoft Security Clientmsseces.exe

C:Windowsehomeehtray.exe

C:Program Files (x86)NETGEARWNA3100WNA3100.exe

C:WindowsCNYHKey.exe

C:Program Files (x86)IOISmart CopyButtonMonitor.exe

C:Program Files (x86)SeagateSeagateManagerFreeAgent Statusstxmenumgr.exe

C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe

C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe

C:Program FilesAVAST SoftwareAvastAvastUI.exe

C:Program Files (x86)NETGEARWPN311wlancfg5.exe

C:Program Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe

C:WindowsModLedKey.exe

C:Windowsehomeehmsas.exe

C:Program Files (x86)RealRealPlayerUpdaterealsched.exe

C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation

C:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:WindowsSysWOW64NOTEPAD.EXE

C:WindowsSysWOW64NOTEPAD.EXE

C:Program Files (x86)Windows LiveMailwlmail.exe

C:Windowssystem32SearchProtocolHost.exe

C:Program Files (x86)Windows LiveContactswlcomm.exe

C:Windowssystem32wbemwmiprvse.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:Windowssystem32SearchFilterHost.exe

C:Windowssystem32DllHost.exe

C:Windowssystem32DllHost.exe

C:WindowsSysWOW64cmd.exe

C:WindowsSysWOW64cscript.exe

.

============== Pseudo HJT Report ===============

.

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0111&m=dx4710-05

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:Program Files (x86)WOTWOT.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll"

BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll"

TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:Program Files (x86)WOTWOT.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

TB: {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - No File

uRun: [swg] "C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe"

uRun: [ehTray.exe] C:WindowsehomeehTray.exe

mRun: [LchDrvKey] LchDrvKey.exe

mRun: [LedKey] CNYHKey.exe

mRun: [Trigger New Acer AlaunchX] c:AcerPreloadCommandAlaunchXAppInRun.exe

mRun: [smart Copy] "C:Program Files (x86)IOISmart CopyButtonMonitor.exe" -A

mRun: [MaxMenuMgr] "C:Program Files (x86)SeagateSeagateManagerFreeAgent StatusStxMenuMgr.exe"

mRun: [LWS] C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe -hide

mRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

mRun: [info Center] "C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe"

mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui

mRun: [TkBellExe] "C:Program Files (x86)RealRealPlayerupdaterealsched.exe" -osboot

mRun: [HTC Sync Loader] "C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe" -startup

mRunOnce: [New Acer AlaunchX] c:AcerPreloadCommandAlaunchXLaunchAlaunchX.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupNETGEA~2.LNK - C:Program Files (x86)NETGEARWNA3100WNA3100.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupNETGEA~1.LNK - C:Program Files (x86)NETGEARWPN311wlancfg5.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000

IE: Google Sidewiki... - C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces{2FC6B3EB-D5AC-4AF8-944D-1F82FBE7CA60} : DhcpNameServer = 192.168.1.254

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:Program Files (x86)WOTWOT.dll

BHO-X64: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:Program Files (x86)WOTWOT.dll

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll"

BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:Program Files (x86)MicrosoftBingBarBingExt.dll"

TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:Program Files (x86)WOTWOT.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

TB-X64: {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - No File

mRun-x64: [LchDrvKey] LchDrvKey.exe

mRun-x64: [LedKey] CNYHKey.exe

mRun-x64: [Trigger New Acer AlaunchX] c:AcerPreloadCommandAlaunchXAppInRun.exe

mRun-x64: [smart Copy] "C:Program Files (x86)IOISmart CopyButtonMonitor.exe" -A

mRun-x64: [MaxMenuMgr] "C:Program Files (x86)SeagateSeagateManagerFreeAgent StatusStxMenuMgr.exe"

mRun-x64: [LWS] C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe -hide

mRun-x64: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

mRun-x64: [info Center] "C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe"

mRun-x64: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui

mRun-x64: [TkBellExe] "C:Program Files (x86)RealRealPlayerupdaterealsched.exe" -osboot

mRun-x64: [HTC Sync Loader] "C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe" -startup

mRunOnce-x64: [New Acer AlaunchX] c:AcerPreloadCommandAlaunchXLaunchAlaunchX.exe

.

================= FIREFOX ===================

.

FF - ProfilePath - C:UsersJacqueAppDataRoamingMozillaFirefoxProfilesfsgyl71l.default

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:Program Files (x86)GoogleUpdate1.3.21.79npGoogleUpdate3.dll

FF - plugin: C:Program Files (x86)Guffinsbar1.binNPu4Stub.dll

FF - plugin: C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll

FF - plugin: c:Program Files (x86)Microsoft Silverlight4.0.60831.0npctrlui.dll

FF - plugin: C:Program Files (x86)VeetlePlayernpvlc.dll

FF - plugin: C:Program Files (x86)VeetlepluginsnpVeetle.dll

FF - plugin: C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegistered7NP_wtapp.dll

FF - plugin: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll

FF - plugin: C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll

FF - plugin: C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:Windowssystem32DriversPxHlpa64.sys --> C:Windowssystem32DriversPxHlpa64.sys [?]

R0 SCMNdisP;General NDIS Protocol Driver;C:Windowssystem32DRIVERSscmndisp.sys --> C:Windowssystem32DRIVERSscmndisp.sys [?]

R1 aswSnx;aswSnx;C:Windowssystem32driversaswSnx.sys --> C:Windowssystem32driversaswSnx.sys [?]

R1 aswSP;aswSP;C:Windowssystem32driversaswSP.sys --> C:Windowssystem32driversaswSP.sys [?]

R1 MpFilter;Microsoft Malware Protection Driver;C:Windowssystem32DRIVERSMpFilter.sys --> C:Windowssystem32DRIVERSMpFilter.sys [?]

R2 aswFsBlk;aswFsBlk;C:Windowssystem32driversaswFsBlk.sys --> C:Windowssystem32driversaswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;??C:Windowssystem32driversaswMonFlt.sys --> C:Windowssystem32driversaswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2011-11-30 44768]

R2 BBUpdate;BBUpdate;C:Program Files (x86)MicrosoftBingBarSeaPort.EXE [2011-6-15 249648]

R2 FontCache;Windows Font Cache Service;C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 FreeAgentGoNext Service;Seagate Service;C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe [2009-12-18 189736]

R2 PassThru Service;Internet Pass-Through Service;C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe [2011-8-12 87040]

R2 sbapifs;sbapifs;C:Windowssystem32DRIVERSsbapifs.sys --> C:Windowssystem32DRIVERSsbapifs.sys [?]

R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:Windowssystem32DRIVERSbcmwlhigh664.sys --> C:Windowssystem32DRIVERSbcmwlhigh664.sys [?]

R3 CAXHWBS2;CAXHWBS2;C:Windowssystem32DRIVERSCAXHWBS2.sys --> C:Windowssystem32DRIVERSCAXHWBS2.sys [?]

R3 LVRS64;Logitech RightSound Filter Driver;C:Windowssystem32DRIVERSlvrs64.sys --> C:Windowssystem32DRIVERSlvrs64.sys [?]

R3 LVUVC64;Logitech HD Webcam C270(UVC);C:Windowssystem32DRIVERSlvuvc64.sys --> C:Windowssystem32DRIVERSlvuvc64.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:Windowssystem32DRIVERSNisDrvWFP.sys --> C:Windowssystem32DRIVERSNisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:Program FilesMicrosoft Security ClientAntimalwareNisSrv.exe [2011-4-27 288272]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]

S3 BBSvc;Bing Bar Update Service;C:Program Files (x86)MicrosoftBingBarBBSvc.EXE [2011-7-7 195336]

S3 ETService;Empowering Technology Service;C:Program FilesGATEWAYGateway Recovery ManagementServiceETService.exe [2011-1-30 24576]

S3 fssfltr;FssFltr;C:Windowssystem32DRIVERSfssfltr.sys --> C:Windowssystem32DRIVERSfssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:Program Files (x86)Windows LiveFamily Safetyfsssvc.exe [2011-5-13 1492840]

S3 GamesAppService;GamesAppService;C:Program Files (x86)WildTangent GamesAppGamesAppService.exe [2010-10-12 206072]

S3 gupdate;Google Update Service (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2011-1-30 135664]

S3 gupdatem;Google Update Service (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2011-1-30 135664]

S3 htcnprot;HTC NDIS Protocol Driver;C:Windowssystem32DRIVERShtcnprot.sys --> C:Windowssystem32DRIVERShtcnprot.sys [?]

S3 LVPr2M64;Logitech LVPr2M64 Driver;C:Windowssystem32DRIVERSLVPr2M64.sys --> C:Windowssystem32DRIVERSLVPr2M64.sys [?]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:Windowssystem32DRIVERSMpNWMon.sys --> C:Windowssystem32DRIVERSMpNWMon.sys [?]

S3 NPF;Netgroup Packet Filter;C:Windowssystem32DRIVERSnpf.sys --> C:Windowssystem32DRIVERSnpf.sys [?]

S3 PerfHost;Performance Counter DLL Host;C:WindowsSysWOW64perfhost.exe [2008-1-20 19968]

S3 TomTomHOMEService;TomTomHOMEService;C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe [2011-3-9 92592]

S3 UMVPFSrv;UMVPFSrv;C:Program Files (x86)Common FileslogishrdLVMVFMUMVPFSrv.exe [2011-3-31 428640]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:WindowsMicrosoft.NETFramework64v4.0.30319WPFWPFFontCache_v0400.exe [2010-3-18 1020768]

S3 WSWNA3100;WSWNA3100;C:Program Files (x86)NETGEARWNA3100WifiSvc.exe [2011-3-14 278528]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2011-1-31 89920]

.

=============== File Associations ===============

.

JSEFile=C:WindowsSysWOW64WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2012-01-04 18:17:08 -------- d-----w- C:UsersJacqueAppDataLocal{29D0207A-23E8-4C8C-A1FB-8A252433A154}

2012-01-04 18:16:54 -------- d-----w- C:UsersJacqueAppDataLocal{7A90DB7F-BE6A-4DCA-A6EC-1B5F8D768B2C}

2012-01-04 17:59:31 69000 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{7C5A441A-57E0-4F51-AC5D-EA829DD41469}offreg.dll

2012-01-03 22:31:58 8822856 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{7C5A441A-57E0-4F51-AC5D-EA829DD41469}mpengine.dll

2011-12-31 07:54:49 -------- d-----w- C:UsersJacqueAppDataLocal{D3BD523E-61A7-4984-9931-C41EBEECDC07}

2011-12-31 07:54:39 -------- d-----w- C:UsersJacqueAppDataLocal{0695E938-B678-4E43-B7FE-16D04B3E0B3B}

2011-12-30 03:48:34 -------- d-----w- C:UsersJacqueAppDataLocal{3A609F76-2F89-44F0-BB2B-D0C878622DDB}

2011-12-30 03:48:23 -------- d-----w- C:UsersJacqueAppDataLocal{AC5EC3F0-1D6C-4B2E-9ABC-3FB811452474}

2011-12-28 19:32:21 -------- d-----w- C:UsersJacqueAppDataLocal{7B301B45-872A-4B96-AA59-109962ED3494}

2011-12-28 19:32:11 -------- d-----w- C:UsersJacqueAppDataLocal{51BA9C9A-F4AB-49C4-BC66-06EDCE600A0F}

2011-12-27 01:35:03 -------- d-----w- C:UsersJacqueAppDataLocal{8BFFFCB0-F61E-4668-BD39-8444A103F187}

2011-12-27 01:34:53 -------- d-----w- C:UsersJacqueAppDataLocal{05465A5B-8B9A-4704-BE3C-C539A7B2765B}

2011-12-23 02:55:11 -------- d-----w- C:UsersJacqueAppDataLocal{BA500DA7-5E16-4FA3-A9EB-E59FCA62F89D}

2011-12-23 02:55:01 -------- d-----w- C:UsersJacqueAppDataLocal{649C5084-2258-4C1C-8673-0EF92673E38E}

2011-12-21 16:43:31 -------- d-----w- C:UsersJacqueAppDataLocal{85082305-FBB1-4D07-A4FA-C9779038E38C}

2011-12-21 16:43:21 -------- d-----w- C:UsersJacqueAppDataLocal{4F02901C-C163-4AF6-B614-F0EF3BC0888C}

2011-12-20 19:56:56 -------- d-----w- C:UsersJacqueAppDataLocal{45DC17D4-57FB-4809-9B78-FDBCAD651D91}

2011-12-20 19:56:46 -------- d-----w- C:UsersJacqueAppDataLocal{09F11349-E9D6-4911-A8D3-299442F6085B}

2011-12-20 02:27:06 -------- d-----w- C:UsersJacqueAppDataLocal{503D315E-1E54-485F-87A5-BC088B9126A4}

2011-12-20 02:26:56 -------- d-----w- C:UsersJacqueAppDataLocal{19698A96-FC63-4C7E-9232-BA3E6259E484}

2011-12-18 19:52:50 -------- d-----w- C:UsersJacqueAppDataLocal{FC89E989-5BE5-4765-8E43-2F7EAF448D32}

2011-12-18 19:52:39 -------- d-----w- C:UsersJacqueAppDataLocal{2D5095B7-D30B-44F8-BCBC-BD03640E1CCC}

2011-12-15 22:12:38 677136 ----a-w- C:ProgramDataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll

2011-12-15 20:02:04 85504 ----a-w- C:WindowsSystem32csrsrv.dll

2011-12-15 20:02:02 2048 ----a-w- C:WindowsSysWow64tzres.dll

2011-12-15 20:02:02 2048 ----a-w- C:WindowsSystem32tzres.dll

2011-12-15 20:01:59 559616 ----a-w- C:WindowsSystem32EncDec.dll

2011-12-15 20:01:59 429056 ----a-w- C:WindowsSysWow64EncDec.dll

2011-12-15 20:01:59 2764800 ----a-w- C:WindowsSystem32win32k.sys

2011-12-15 20:01:58 2409784 ----a-w- C:Program FilesWindows MailOESpamFilter.dat

2011-12-15 20:01:58 2409784 ----a-w- C:Program Files (x86)Windows MailOESpamFilter.dat

2011-12-14 14:57:17 -------- d-----w- C:UsersJacqueAppDataLocal{D89C7A0E-6B5B-43CC-A3F6-2B8E543A4BCD}

2011-12-14 14:57:07 -------- d-----w- C:UsersJacqueAppDataLocal{E0F68D9B-A520-4413-AE76-A0C60BA3CD55}

2011-12-14 02:56:27 -------- d-----w- C:UsersJacqueAppDataLocal{A2656282-A9B1-40EB-8977-B4C2343E4AF0}

2011-12-14 02:56:17 -------- d-----w- C:UsersJacqueAppDataLocal{28AD364C-8236-4339-A6B2-CA1652916E26}

2011-12-13 14:56:05 -------- d-----w- C:UsersJacqueAppDataLocal{7DF7E463-A21C-4271-8319-EF0F077A746A}

2011-12-13 14:55:55 -------- d-----w- C:UsersJacqueAppDataLocal{0A13D748-872D-42DF-8159-B92B02EBA57B}

2011-12-12 04:19:01 -------- d-----w- C:UsersJacqueAppDataLocalHtc

2011-12-12 04:18:42 -------- d-----w- C:UsersJacqueAppDataRoamingHTC

2011-12-12 04:15:19 -------- d-----w- C:Program Files (x86)Spirent Communications

2011-12-12 04:14:28 -------- d-----w- C:Program Files (x86)HTC

2011-12-12 03:29:58 652296 ----a-w- C:ProgramDataMicrosofteHomePackagesSportsTemplateSportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll

2011-12-12 03:29:40 416128 ----a-w- C:ProgramDataMicrosofteHomePackagesNetTVBrowseNetTVResources.dll

2011-12-12 02:32:07 -------- d-----w- C:UsersJacqueAppDataLocal{5E604384-E496-4301-B8F5-D969AEB08EF4}

2011-12-12 02:31:56 -------- d-----w- C:UsersJacqueAppDataLocal{BE2DBF73-343E-4435-8AF6-34F9D9A21753}

2011-12-06 02:02:04 -------- d-----w- C:UsersJacqueAppDataLocal{069704A6-F5EF-4F31-9461-C241F9C364FC}

2011-12-06 02:01:54 -------- d-----w- C:UsersJacqueAppDataLocal{19758B4E-914A-46F0-BB67-44625C84346E}

.

==================== Find3M ====================

.

2011-12-13 14:10:00 414368 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl

2011-12-10 21:24:08 23152 ----a-w- C:WindowsSystem32driversmbam.sys

2011-12-02 00:03:03 499712 ----a-w- C:WindowsSysWow64msvcp71.dll

2011-12-02 00:03:03 348160 ----a-w- C:WindowsSysWow64msvcr71.dll

2011-11-28 18:01:25 41184 ----a-w- C:WindowsavastSS.scr

2011-11-28 17:54:06 591192 ----a-w- C:WindowsSystem32driversaswSnx.sys

2011-11-28 17:52:11 66904 ----a-w- C:WindowsSystem32driversaswMonFlt.sys

2011-11-25 21:35:05 627600 ----a-w- C:WindowsSystem32deployJava1.dll

2011-11-16 18:53:45 5359888 ----a-w- C:Windowsuninst.exe

2011-11-04 01:53:39 2309120 ----a-w- C:WindowsSystem32jscript9.dll

2011-11-04 01:44:47 1390080 ----a-w- C:WindowsSystem32wininet.dll

2011-11-04 01:44:21 1493504 ----a-w- C:WindowsSystem32inetcpl.cpl

2011-11-04 01:34:43 2382848 ----a-w- C:WindowsSystem32mshtml.tlb

2011-11-03 22:47:42 1798144 ----a-w- C:WindowsSysWow64jscript9.dll

2011-11-03 22:40:21 1427456 ----a-w- C:WindowsSysWow64inetcpl.cpl

2011-11-03 22:39:47 1127424 ----a-w- C:WindowsSysWow64wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb

2011-10-24 19:29:02 94208 ----a-w- C:WindowsSysWow64QuickTimeVR.qtx

2011-10-24 19:29:02 69632 ----a-w- C:WindowsSysWow64QuickTime.qts

.

============= FINISH: 12:21:43.68 ===============

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: DeviceHarddiskVolume2

Install Date: 1/30/2011 12:16:39 PM

System Uptime: 1/4/2012 11:59:13 AM (1 hours ago)

.

Motherboard: Gateway | | G33M05G1

Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 586 GiB total, 474.769 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: NETGEAR WPN311 RangeMax Wireless PCI Adapter

Device ID: PCIVEN_168C&DEV_0013&SUBSYS_5E001385&REV_014&31E4133E&0&08F0

Manufacturer: Atheros Communications Inc.

Name: NETGEAR WPN311 RangeMax Wireless PCI Adapter #3

PNP Device ID: PCIVEN_168C&DEV_0013&SUBSYS_5E001385&REV_014&31E4133E&0&08F0

Service: athr

.

==== System Restore Points ===================

.

RP555: 12/30/2011 4:25:07 PM - Scheduled Checkpoint

RP556: 12/30/2011 5:29:01 PM - Windows Update

RP557: 12/31/2011 12:56:38 PM - Scheduled Checkpoint

RP558: 12/31/2011 8:22:06 PM - Windows Update

RP559: 1/1/2012 12:41:03 PM - Scheduled Checkpoint

RP560: 1/2/2012 7:37:23 PM - Windows Update

RP561: 1/3/2012 4:31:16 PM - Windows Update

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Reader 8.1.2

Apple Application Support

Apple Software Update

avast! Free Antivirus

Bing Bar

CameraHelperMsi

Canon MP Navigator EX 2.0

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities Solution Menu

Carbonite Online Backup Setup

Click to Call with Skype

Compatibility Pack for the 2007 Office system

Coupon Printer for Windows

CyberLink Power2Go

D3DX10

DING!

erLT

ESET Online Scanner v3

Freemake Video Converter version 2.1.0

GameSpy Arcade

Gateway Games

Gateway Recovery Management

Google Toolbar for Internet Explorer

Google Update Helper

Graboid Video 2.01

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

I Can Color!

iLivid

Info Center 1.0.0.7

IrfanView (remove only)

Junk Mail filter update

KB0817 Keyboard Driver

LabelPrint

Logitech Vid HD

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware version 1.60.0.1800

Microsoft Money Essentials

Microsoft Money Shared Libraries

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ Run Time Lib Setup

Mozilla Firefox 8.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

muvee Reveal Seagate Edition

Napster

Napster Burn Engine

NETGEAR WNA3100 wireless USB 2.0 adapter

NETGEAR WPN311 Wireless Adapter

OpenOffice.org 3.3

Photo Explosion Deluxe

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

Samsung PC Studio 3 USB Driver Installer

Seagate Manager Installer

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Segoe UI

Skype™ 5.5

Smart Copy 3.1.1.1

Stronghold Crusader Extreme

TomTom HOME 2.8.1.2218

TomTom HOME Visual Studio Merge Modules

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update Installer for WildTangent Games App

Veetle TV

VLC media player 1.0.1

vShare.tv plugin 1.3

Wheel Of Fortune

WildTangent Games App (Gateway Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Wizard101

.

==== Event Viewer Messages From Past Week ========

.

12/31/2011 8:11:39 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/31/2011 11:49:17 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/31/2011 10:48:38 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/30/2011 9:45:46 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/30/2011 2:40:51 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/29/2011 9:14:43 PM, Error: iaStor [9] - The device, DeviceIdeiaStor0, did not respond within the timeout period.

12/29/2011 9:07:01 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/29/2011 11:47:24 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/29/2011 10:53:53 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Real-time protection has stopped functioning for an unknown reason. Restart the service in order to recover.

12/28/2011 12:40:08 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/28/2011 1:56:59 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/4/2012 12:01:13 PM, Error: Service Control Manager [7000] - The int15 service failed to start due to the following error: A device attached to the system is not functioning.

1/4/2012 11:59:49 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/3/2012 3:16:26 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/2/2012 7:26:53 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/1/2012 11:25:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

1/1/2012 11:25:22 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/1/2012 11:23:51 AM, Error: EventLog [6008] - The previous system shutdown at 9:32:13 PM on 12/31/2011 was unexpected.

.

==== End Of File ===========================

Link to comment
Share on other sites

You have two anti-virus programs running. Uninstall one of them ... either Avast or MSE. They are resource hogs and will fight for your system's resources!

 

Also, Uninstall Bing Toolbar, then navigate to C:Program Files (x86)MicrosoftBingBar, and delete this folder.

 

Next, download TFC by Old Timer http://www.geekstogo.com/forum/TFC-Temp-File-Cleaner-OldTimer-file187.html and save it to your desktop.

Save any unsaved work. TFC will close ALL open programs including your browser!

Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.

Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

 

Let me know if this helps or not.

Link to comment
Share on other sites

Hi Jacee, I did as you advised. I'm still having issues. A lot of IE errors and the computer is really sluggish. If it does load a page, it is taking a long time to do so. Is there anything else I can do? I really appreciate you helping me!

Link to comment
Share on other sites

Download DDS from one of these links:

Mirror 1 Mirror 2 Mirror 3

  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.

The scan will instruct you to post Attach.txt as an attachment.

No need for that though ..... just post it's contents as you would any other log.

Link to comment
Share on other sites

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Jacque at 21:46:53 on 2012-01-06

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6132.3615 [GMT -6:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:Windowssystem32wininit.exe

C:Windowssystem32lsm.exe

C:Windowssystem32svchost.exe -k DcomLaunch

C:Windowssystem32svchost.exe -k rpcss

C:WindowsSystem32svchost.exe -k secsvcs

C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted

C:Windowssystem32svchost.exe -k netsvcs

C:Windowssystem32svchost.exe -k GPSvcGroup

C:Windowssystem32SLsvc.exe

C:Windowssystem32svchost.exe -k LocalService

C:Windowssystem32svchost.exe -k NetworkService

C:Program FilesAVAST SoftwareAvastAvastSvc.exe

C:Windowssystem32WLANExt.exe

C:WindowsSystem32spoolsv.exe

C:Windowssystem32svchost.exe -k LocalServiceNoNetwork

C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe

C:Program Files (X86)IntelIntel Matrix Storage ManagerIaantmon.exe

C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe

C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted

C:Windowssystem32svchost.exe -k imgsvc

C:WindowsSystem32svchost.exe -k WerSvcGroup

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

C:Windowssystem32SearchIndexer.exe

C:Windowssystem32DRIVERSxaudio64.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe

C:Windowssystem32WUDFHost.exe

C:Windowssystem32Dwm.exe

C:Windowssystem32taskeng.exe

C:Windowssystem32taskeng.exe

C:WindowsExplorer.EXE

C:Windowssystem32taskeng.exe

C:WindowsMHotKey.exe

C:Program FilesWindows DefenderMSASCui.exe

C:Program FilesRealtekAudioHDARAVCpl64.exe

C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe

C:WindowsSystem32igfxtray.exe

C:Program FilesCanonMyPrinterBJMYPRT.EXE

C:Windowsehomeehtray.exe

C:Program Files (x86)NETGEARWNA3100WNA3100.exe

C:WindowsCNYHKey.exe

C:Program Files (x86)NETGEARWPN311wlancfg5.exe

C:Program Files (x86)IOISmart CopyButtonMonitor.exe

C:Program Files (x86)SeagateSeagateManagerFreeAgent Statusstxmenumgr.exe

C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe

C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe

C:Program FilesAVAST SoftwareAvastAvastUI.exe

C:Program Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe

C:Program Files (x86)RealRealPlayerUpdaterealsched.exe

C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe

C:Windowsehomeehmsas.exe

C:WindowsModLedKey.exe

C:WindowsChiFuncExt.exe

C:Windowssystem32SearchProtocolHost.exe

C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation

C:Program Files (x86)Internet ExplorerIELowutil.exe

C:Windowssystem32taskeng.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:Windowssystem32SearchFilterHost.exe

C:Windowssystem32DllHost.exe

C:Windowssystem32DllHost.exe

C:WindowsSysWOW64cmd.exe

C:WindowsSysWOW64cscript.exe

C:Windowssystem32wbemwmiprvse.exe

.

============== Pseudo HJT Report ===============

.

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0111&m=dx4710-05

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:Program Files (x86)WOTWOT.dll

BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File

TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:Program Files (x86)WOTWOT.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

TB: {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - No File

uRun: [swg] "C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe"

uRun: [ehTray.exe] C:WindowsehomeehTray.exe

mRun: [LchDrvKey] LchDrvKey.exe

mRun: [LedKey] CNYHKey.exe

mRun: [Trigger New Acer AlaunchX] c:AcerPreloadCommandAlaunchXAppInRun.exe

mRun: [smart Copy] "C:Program Files (x86)IOISmart CopyButtonMonitor.exe" -A

mRun: [MaxMenuMgr] "C:Program Files (x86)SeagateSeagateManagerFreeAgent StatusStxMenuMgr.exe"

mRun: [LWS] C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe -hide

mRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

mRun: [info Center] "C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe"

mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui

mRun: [TkBellExe] "C:Program Files (x86)RealRealPlayerupdaterealsched.exe" -osboot

mRun: [HTC Sync Loader] "C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe" -startup

mRunOnce: [New Acer AlaunchX] c:AcerPreloadCommandAlaunchXLaunchAlaunchX.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupNETGEA~2.LNK - C:Program Files (x86)NETGEARWNA3100WNA3100.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupNETGEA~1.LNK - C:Program Files (x86)NETGEARWPN311wlancfg5.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000

IE: Google Sidewiki... - C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces{2FC6B3EB-D5AC-4AF8-944D-1F82FBE7CA60} : DhcpNameServer = 192.168.1.254

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:Program Files (x86)WOTWOT.dll

BHO-X64: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:Program Files (x86)WOTWOT.dll

BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File

TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:Program Files (x86)WOTWOT.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

TB-X64: {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - No File

mRun-x64: [LchDrvKey] LchDrvKey.exe

mRun-x64: [LedKey] CNYHKey.exe

mRun-x64: [Trigger New Acer AlaunchX] c:AcerPreloadCommandAlaunchXAppInRun.exe

mRun-x64: [smart Copy] "C:Program Files (x86)IOISmart CopyButtonMonitor.exe" -A

mRun-x64: [MaxMenuMgr] "C:Program Files (x86)SeagateSeagateManagerFreeAgent StatusStxMenuMgr.exe"

mRun-x64: [LWS] C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe -hide

mRun-x64: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

mRun-x64: [info Center] "C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe"

mRun-x64: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui

mRun-x64: [TkBellExe] "C:Program Files (x86)RealRealPlayerupdaterealsched.exe" -osboot

mRun-x64: [HTC Sync Loader] "C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe" -startup

mRunOnce-x64: [New Acer AlaunchX] c:AcerPreloadCommandAlaunchXLaunchAlaunchX.exe

.

================= FIREFOX ===================

.

FF - ProfilePath -

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:Windowssystem32DriversPxHlpa64.sys --> C:Windowssystem32DriversPxHlpa64.sys [?]

R0 SCMNdisP;General NDIS Protocol Driver;C:Windowssystem32DRIVERSscmndisp.sys --> C:Windowssystem32DRIVERSscmndisp.sys [?]

R1 aswSnx;aswSnx;C:Windowssystem32driversaswSnx.sys --> C:Windowssystem32driversaswSnx.sys [?]

R1 aswSP;aswSP;C:Windowssystem32driversaswSP.sys --> C:Windowssystem32driversaswSP.sys [?]

R2 aswFsBlk;aswFsBlk;C:Windowssystem32driversaswFsBlk.sys --> C:Windowssystem32driversaswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;??C:Windowssystem32driversaswMonFlt.sys --> C:Windowssystem32driversaswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2011-11-30 44768]

R2 FontCache;Windows Font Cache Service;C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 FreeAgentGoNext Service;Seagate Service;C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe [2009-12-18 189736]

R2 PassThru Service;Internet Pass-Through Service;C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe [2011-8-12 87040]

R2 sbapifs;sbapifs;C:Windowssystem32DRIVERSsbapifs.sys --> C:Windowssystem32DRIVERSsbapifs.sys [?]

R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:Windowssystem32DRIVERSbcmwlhigh664.sys --> C:Windowssystem32DRIVERSbcmwlhigh664.sys [?]

R3 CAXHWBS2;CAXHWBS2;C:Windowssystem32DRIVERSCAXHWBS2.sys --> C:Windowssystem32DRIVERSCAXHWBS2.sys [?]

R3 LVRS64;Logitech RightSound Filter Driver;C:Windowssystem32DRIVERSlvrs64.sys --> C:Windowssystem32DRIVERSlvrs64.sys [?]

R3 LVUVC64;Logitech HD Webcam C270(UVC);C:Windowssystem32DRIVERSlvuvc64.sys --> C:Windowssystem32DRIVERSlvuvc64.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]

S3 ETService;Empowering Technology Service;C:Program FilesGATEWAYGateway Recovery ManagementServiceETService.exe [2011-1-30 24576]

S3 fssfltr;FssFltr;C:Windowssystem32DRIVERSfssfltr.sys --> C:Windowssystem32DRIVERSfssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:Program Files (x86)Windows LiveFamily Safetyfsssvc.exe [2011-5-13 1492840]

S3 GamesAppService;GamesAppService;C:Program Files (x86)WildTangent GamesAppGamesAppService.exe [2010-10-12 206072]

S3 gupdate;Google Update Service (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2011-1-30 135664]

S3 gupdatem;Google Update Service (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2011-1-30 135664]

S3 htcnprot;HTC NDIS Protocol Driver;C:Windowssystem32DRIVERShtcnprot.sys --> C:Windowssystem32DRIVERShtcnprot.sys [?]

S3 LVPr2M64;Logitech LVPr2M64 Driver;C:Windowssystem32DRIVERSLVPr2M64.sys --> C:Windowssystem32DRIVERSLVPr2M64.sys [?]

S3 NPF;Netgroup Packet Filter;C:Windowssystem32DRIVERSnpf.sys --> C:Windowssystem32DRIVERSnpf.sys [?]

S3 PerfHost;Performance Counter DLL Host;C:WindowsSysWOW64perfhost.exe [2008-1-20 19968]

S3 TomTomHOMEService;TomTomHOMEService;C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe [2011-3-9 92592]

S3 UMVPFSrv;UMVPFSrv;C:Program Files (x86)Common FileslogishrdLVMVFMUMVPFSrv.exe [2011-3-31 428640]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:WindowsMicrosoft.NETFramework64v4.0.30319WPFWPFFontCache_v0400.exe [2010-3-18 1020768]

S3 WSWNA3100;WSWNA3100;C:Program Files (x86)NETGEARWNA3100WifiSvc.exe [2011-3-14 278528]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2011-1-31 89920]

.

=============== File Associations ===============

.

JSEFile=C:WindowsSysWOW64WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

.

==================== Find3M ====================

.

.

============= FINISH: 21:47:23.19 ===============

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: DeviceHarddiskVolume2

Install Date: 1/30/2011 12:16:39 PM

System Uptime: 1/6/2012 9:26:52 AM (12 hours ago)

.

Motherboard: Gateway | | G33M05G1

Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 586 GiB total, 476.162 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: NETGEAR WPN311 RangeMax Wireless PCI Adapter

Device ID: PCIVEN_168C&DEV_0013&SUBSYS_5E001385&REV_014&31E4133E&0&08F0

Manufacturer: Atheros Communications Inc.

Name: NETGEAR WPN311 RangeMax Wireless PCI Adapter #3

PNP Device ID: PCIVEN_168C&DEV_0013&SUBSYS_5E001385&REV_014&31E4133E&0&08F0

Service: athr

.

==== System Restore Points ===================

.

RP560: 1/2/2012 7:37:23 PM - Windows Update

RP561: 1/3/2012 4:31:16 PM - Windows Update

RP562: 1/4/2012 4:20:43 PM - Scheduled Checkpoint

RP563: 1/5/2012 10:03:10 AM - Windows Update

RP564: 1/5/2012 12:22:58 PM - Removed Bing Bar

RP565: 1/6/2012 11:40:49 AM - Windows Update

RP566: 1/6/2012 3:34:09 PM - Windows Update

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Reader 8.1.2

Apple Application Support

Apple Software Update

avast! Free Antivirus

CameraHelperMsi

Canon MP Navigator EX 2.0

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities Solution Menu

Carbonite Online Backup Setup

Click to Call with Skype

Compatibility Pack for the 2007 Office system

Coupon Printer for Windows

CyberLink Power2Go

D3DX10

DING!

erLT

ESET Online Scanner v3

Freemake Video Converter version 2.1.0

GameSpy Arcade

Gateway Games

Gateway Recovery Management

Google Toolbar for Internet Explorer

Google Update Helper

Graboid Video 2.01

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

I Can Color!

iLivid

Info Center 1.0.0.7

IrfanView (remove only)

Junk Mail filter update

KB0817 Keyboard Driver

LabelPrint

Logitech Vid HD

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware version 1.60.0.1800

Microsoft Money Essentials

Microsoft Money Shared Libraries

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ Run Time Lib Setup

Mozilla Firefox 8.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

muvee Reveal Seagate Edition

Napster

Napster Burn Engine

NETGEAR WNA3100 wireless USB 2.0 adapter

NETGEAR WPN311 Wireless Adapter

OpenOffice.org 3.3

Photo Explosion Deluxe

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

Samsung PC Studio 3 USB Driver Installer

Seagate Manager Installer

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Segoe UI

Skype™ 5.5

Smart Copy 3.1.1.1

Stronghold Crusader Extreme

TomTom HOME 2.8.1.2218

TomTom HOME Visual Studio Merge Modules

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update Installer for WildTangent Games App

Veetle TV

VLC media player 1.0.1

vShare.tv plugin 1.3

Wheel Of Fortune

WildTangent Games App (Gateway Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Wizard101

.

==== Event Viewer Messages From Past Week ========

.

1/6/2012 9:28:52 AM, Error: Service Control Manager [7000] - The int15 service failed to start due to the following error: A device attached to the system is not functioning.

1/6/2012 4:44:41 PM, Error: iaStor [9] - The device, DeviceIdeiaStor0, did not respond within the timeout period.

1/5/2012 9:48:27 AM, Error: Microsoft Antimalware [3002] -

1/5/2012 3:34:16 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Jacque-PCJacque SID (S-1-5-21-1643210993-2232105442-2364694577-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

1/1/2012 11:25:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

1/1/2012 11:23:51 AM, Error: EventLog [6008] - The previous system shutdown at 9:32:13 PM on 12/31/2011 was unexpected.

.

==== End Of File ===========================

Link to comment
Share on other sites

Download Combofix from any of the links below, and save it to your desktop.<--Important

Link 1

Link 2

Link 3

 

Click on this link Here to see a list of programs that should be disabled.

The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

If your anti-virus or firewall complains, please allow this script to run as it is not malicious.

Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.

Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.

This includes Antivirus, Firewall, and any Spyware scanners that run in the background.

  • Double click combofix.exe and follow the prompts.
  • When finished, it will produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Please be patient while the scan runs, at times it may appear to stall.

When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.

Post this log in your next reply together with a new hijackthislog.

After rebooting ensure your Security applications have been re-enabled.

 

In your next reply post:

ComboFix.txt

New HJT log taken after the above scan has run

***A guide and tutorial on "How to use Combofix" can be found here:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

 

IF CF won't run:

During the download, rename Combofix.exe to sVchost.exe

Link to comment
Share on other sites

I'm hoping this is the right log. My computer is just acting crazy. I can not access this page from IE, I had to switch to FireFox. I still need to run an HJT log, but thought I would post this log first since I am having such a hard time accessing this page.

 

ComboFix 12-01-06.03 - Jacque 01/07/2012 12:34:00.2.4 - x64

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6132.4419 [GMT -6:00]

Running from: c:usersJacqueDownloadsComboFix.exe

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Previous Run -------

.

c:windowssystem32java.exe

c:windowsSysWow64Packet.dll

c:windowsSysWow64pthreadVC.dll

c:windowsSysWow64wpcap.dll

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------Service_NPF

.

.

((((((((((((((((((((((((( Files Created from 2011-12-07 to 2012-01-07 )))))))))))))))))))))))))))))))

.

.

2012-01-07 18:46 . 2012-01-07 18:46 69000 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{EF1A9E3F-3448-4979-A90E-9DA3F3E27783}offreg.dll

2012-01-07 18:45 . 2012-01-07 18:47 -------- d-----w- c:usersJacqueAppDataLocaltemp

2012-01-07 18:45 . 2012-01-07 18:45 -------- d-----w- c:usersKCAppDataLocaltemp

2012-01-07 18:45 . 2012-01-07 18:45 -------- d-----w- c:usersHarleyAppDataLocaltemp

2012-01-07 18:45 . 2012-01-07 18:45 -------- d-----w- c:usersGuestAppDataLocaltemp

2012-01-07 18:45 . 2012-01-07 18:45 -------- d-----w- c:usersDefaultAppDataLocaltemp

2012-01-06 17:41 . 2011-11-30 08:21 8822856 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{EF1A9E3F-3448-4979-A90E-9DA3F3E27783}mpengine.dll

2011-12-19 21:09 . 2012-01-05 00:50 -------- d-----w- c:usersKCAppDataLocalHtc

2011-12-19 21:09 . 2011-12-19 21:09 -------- d-----w- c:usersKCAppDataRoamingHTC

2011-12-18 00:04 . 2012-01-01 02:12 -------- d-----w- c:usersGuestAppDataLocalHtc

2011-12-18 00:04 . 2011-12-25 15:52 -------- d-----w- c:usersGuestAppDataRoamingHTC

2011-12-15 22:12 . 2011-12-15 22:12 677136 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll

2011-12-15 20:02 . 2011-10-25 16:09 85504 ----a-w- c:windowssystem32csrsrv.dll

2011-12-15 20:02 . 2011-11-08 14:58 2048 ----a-w- c:windowssystem32tzres.dll

2011-12-15 20:02 . 2011-11-08 14:42 2048 ----a-w- c:windowsSysWow64tzres.dll

2011-12-15 20:01 . 2011-11-23 13:57 2764800 ----a-w- c:windowssystem32win32k.sys

2011-12-15 20:01 . 2011-10-14 17:30 559616 ----a-w- c:windowssystem32EncDec.dll

2011-12-15 20:01 . 2011-10-14 16:02 429056 ----a-w- c:windowsSysWow64EncDec.dll

2011-12-15 20:01 . 2011-11-08 12:10 2409784 ----a-w- c:program filesWindows MailOESpamFilter.dat

2011-12-15 20:01 . 2011-11-08 12:10 2409784 ----a-w- c:program files (x86)Windows MailOESpamFilter.dat

2011-12-12 23:01 . 2012-01-07 04:20 -------- d-----w- c:usersHarleyAppDataLocalHtc

2011-12-12 23:00 . 2011-12-17 14:19 -------- d-----w- c:usersHarleyAppDataRoamingHTC

2011-12-12 04:19 . 2012-01-07 18:47 -------- d-----w- c:usersJacqueAppDataLocalHtc

2011-12-12 04:18 . 2011-12-14 14:12 -------- d-----w- c:usersJacqueAppDataRoamingHTC

2011-12-12 04:15 . 2011-12-12 04:15 -------- d-----w- c:program files (x86)Spirent Communications

2011-12-12 04:14 . 2011-12-12 04:18 -------- d-----w- c:program files (x86)HTC

2011-12-12 03:29 . 2011-12-12 03:29 652296 ----a-w- c:programdataMicrosofteHomePackagesSportsTemplateSportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll

2011-12-12 03:29 . 2011-12-12 03:29 416128 ----a-w- c:programdataMicrosofteHomePackagesNetTVBrowseNetTVResources.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-13 14:10 . 2011-06-02 12:34 414368 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2011-12-10 21:24 . 2011-11-19 00:19 23152 ----a-w- c:windowssystem32driversmbam.sys

2011-12-02 00:03 . 2011-12-02 00:03 348160 ----a-w- c:windowsSysWow64msvcr71.dll

2011-12-02 00:03 . 2011-12-02 00:03 499712 ----a-w- c:windowsSysWow64msvcp71.dll

2011-11-28 18:01 . 2011-11-30 18:18 41184 ----a-w- c:windowsavastSS.scr

2011-11-28 18:01 . 2011-11-30 18:18 199816 ----a-w- c:windowsSysWow64aswBoot.exe

2011-11-28 18:01 . 2011-11-30 18:19 256960 ----a-w- c:windowssystem32aswBoot.exe

2011-11-28 17:54 . 2011-11-30 18:19 591192 ----a-w- c:windowssystem32driversaswSnx.sys

2011-11-28 17:53 . 2011-11-30 18:19 304472 ----a-w- c:windowssystem32driversaswSP.sys

2011-11-28 17:52 . 2011-11-30 18:19 42328 ----a-w- c:windowssystem32driversaswRdr.sys

2011-11-28 17:52 . 2011-11-30 18:19 58712 ----a-w- c:windowssystem32driversaswTdi.sys

2011-11-28 17:52 . 2011-11-30 18:19 66904 ----a-w- c:windowssystem32driversaswMonFlt.sys

2011-11-28 17:51 . 2011-11-30 18:19 24408 ----a-w- c:windowssystem32driversaswFsBlk.sys

2011-11-25 21:35 . 2011-11-25 21:35 627600 ----a-w- c:windowssystem32deployJava1.dll

2011-11-16 18:53 . 2011-11-16 18:54 5359888 ----a-w- c:windowsuninst.exe

2011-11-15 20:29 . 2011-01-30 23:47 270720 ------w- c:windowssystem32MpSigStub.exe

2011-10-24 19:29 . 2011-10-24 19:29 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx

2011-10-24 19:29 . 2011-10-24 19:29 69632 ----a-w- c:windowsSysWow64QuickTime.qts

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"swg"="c:program files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe" [2011-01-30 68856]

"ehTray.exe"="c:windowsehomeehTray.exe" [2008-01-21 138240]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"LchDrvKey"="LchDrvKey.exe" [2007-03-29 36864]

"LedKey"="CNYHKey.exe" [2008-04-24 339968]

"Trigger New Acer AlaunchX"="c:acerPreloadCommandAlaunchXAppInRun.exe" [2008-07-17 8192]

"Smart Copy"="c:program files (x86)IOISmart CopyButtonMonitor.exe" [2008-05-21 53248]

"MaxMenuMgr"="c:program files (x86)SeagateSeagateManagerFreeAgent StatusStxMenuMgr.exe" [2009-12-18 197928]

"LWS"="c:program files (x86)LogitechLWSWebcam SoftwareLWS.exe" [2011-03-02 190808]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2011-09-27 59240]

"Info Center"="c:program files (x86)PCPitstopInfo CenterInfoCenter.exe" [2011-09-26 24216]

"avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2011-11-28 3744552]

"TkBellExe"="c:program files (x86)RealRealPlayerupdaterealsched.exe" [2011-12-02 296056]

"HTC Sync Loader"="c:program files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe" [2011-11-01 593920]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRunOnce]

"New Acer AlaunchX"="c:acerPreloadCommandAlaunchXLaunchAlaunchX.exe" [2008-07-17 200704]

.

c:usersGuestAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

OpenOffice.org 3.3.lnk - c:program files (x86)OpenOffice.org 3programquickstart.exe [2010-12-13 1198592]

.

c:programdataMicrosoftWindowsStart MenuProgramsStartup

NETGEAR WNA3100 Smart Wizard.lnk - c:program files (x86)NETGEARWNA3100WNA3100.exe [2011-3-14 4562944]

NETGEAR WPN311 Smart Wizard.lnk - c:program files (x86)NETGEARWPN311wlancfg5.exe [2007-4-10 1695744]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"EnableUIADesktopToggle"= 0 (0x0)

.

Contents of the 'Scheduled Tasks' folder

.

2012-01-07 c:windowsTasksGoogleUpdateTaskMachineCore.job

- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-01-31 02:40]

.

2012-01-07 c:windowsTasksGoogleUpdateTaskMachineUA.job

- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-01-31 02:40]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]

2011-11-28 18:01 134384 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2011-08-26 12681320]

"IAAnotif"="c:program files (x86)IntelIntel Matrix Storage ManagerIaanotif.exe" [2007-03-21 174872]

"IgfxTray"="c:windowssystem32igfxtray.exe" [2008-04-01 138264]

"CanonSolutionMenu"="c:program files (x86)CanonSolutionMenuCNSLMAIN.exe" [2008-03-11 689488]

"CanonMyPrinter"="c:program filesCanonMyPrinterBJMyPrt.exe" [2008-03-04 2114376]

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0111&m=dx4710-05

IE: E&xport to Microsoft Excel - c:progra~2MICROS~2Office12EXCEL.EXE/3000

IE: Google Sidewiki... - c:program files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.254

CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%SysWow64browseui.dll

FF - ProfilePath - c:usersJacqueAppDataRoamingMozillaFirefoxProfilesfsgyl71l.default

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - (no file)

HKLM-Run-Windows Defender - c:program files (x86)Windows DefenderMSASCui.exe

HKLM-Run-combofix - c:combofixCF31011.3XE

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}LocalServer32]

@="c:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeTypeLib{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeTypeLib{D27CDB6B-AE6D-11CF-96B8-444553540000}1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeTypeLib{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeTypeLib{FAB3E735-69C7-453B-A446-B6823C6DF1C9}1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClasses]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0000AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0001AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

------------------------ Other Running Processes ------------------------

.

c:program filesAVAST SoftwareAvastAvastSvc.exe

c:program files (x86)SeagateSeagateManagerSyncFreeAgentService.exe

c:program files (x86)IntelIntel Matrix Storage ManagerIaantmon.exe

c:program files (x86)HTCInternet Pass-ThroughPassThruSvr.exe

c:windowsMHotKey.exe

c:windowsChiFuncExt.exe

c:windowsCNYHKey.exe

c:program files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe

c:windowsModLedKey.exe

.

**************************************************************************

.

Completion time: 2012-01-07 12:52:43 - machine was rebooted

ComboFix-quarantined-files.txt 2012-01-07 18:52

.

Pre-Run: 511,079,837,696 bytes free

Post-Run: 511,597,740,032 bytes free

.

- - End Of File - - F36A0A7EB9858B29717DC42EA46817CD

Link to comment
Share on other sites

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 1:18:47 PM, on 1/7/2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:WindowsMHotKey.exe

C:WindowsChiFuncExt.exe

C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe

C:Program Files (x86)NETGEARWNA3100WNA3100.exe

C:WindowsCNYHKey.exe

C:Program Files (x86)NETGEARWPN311wlancfg5.exe

C:Program Files (x86)IOISmart CopyButtonMonitor.exe

C:Program Files (x86)SeagateSeagateManagerFreeAgent Statusstxmenumgr.exe

C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe

C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe

C:Program FilesAVAST SoftwareAvastAvastUI.exe

C:Program Files (x86)RealRealPlayerUpdaterealsched.exe

C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe

C:Program Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exe

C:WindowsModLedKey.exe

C:Program Files (x86)Mozilla Firefoxfirefox.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:Program Files (x86)Internet Exploreriexplore.exe

C:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe

C:UsersJacqueDesktopHijackThis.exe

 

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0111&m=dx4710-05

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:Program Files (x86)WOTWOT.dll

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)

O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:Program Files (x86)WOTWOT.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll

O4 - HKLM..Run: [LchDrvKey] LchDrvKey.exe

O4 - HKLM..Run: [LedKey] CNYHKey.exe

O4 - HKLM..Run: [Trigger New Acer AlaunchX] c:AcerPreloadCommandAlaunchXAppInRun.exe

O4 - HKLM..Run: [smart Copy] "C:Program Files (x86)IOISmart CopyButtonMonitor.exe" -A

O4 - HKLM..Run: [MaxMenuMgr] "C:Program Files (x86)SeagateSeagateManagerFreeAgent StatusStxMenuMgr.exe"

O4 - HKLM..Run: [LWS] C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe -hide

O4 - HKLM..Run: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

O4 - HKLM..Run: [info Center] "C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe"

O4 - HKLM..Run: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui

O4 - HKLM..Run: [TkBellExe] "C:Program Files (x86)RealRealPlayerupdaterealsched.exe" -osboot

O4 - HKLM..Run: [HTC Sync Loader] "C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe" -startup

O4 - HKLM..RunOnce: [New Acer AlaunchX] c:AcerPreloadCommandAlaunchXLaunchAlaunchX.exe

O4 - HKCU..Run: [swg] "C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe"

O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe

O4 - Global Startup: NETGEAR WNA3100 Smart Wizard.lnk = ?

O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:Program Files (x86)NETGEARWPN311wlancfg5.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:Program Files (x86)WOTWOT.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dll

O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:Program FilesAVAST SoftwareAvastAvastSvc.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:Program FilesGATEWAYGateway Recovery ManagementServiceETService.exe

O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:Program Files (x86)WildTangent GamesAppGamesAppService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program Files (X86)IntelIntel Matrix Storage ManagerIaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe

O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)

O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)

O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe

O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:Program Files (x86)Common FileslogishrdLVMVFMUMVPFSrv.exe

O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)

O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)

O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

O23 - Service: WSWNA3100 - Unknown owner - C:Program Files (x86)NETGEARWNA3100WifiSvc.exe

O23 - Service: XAudioService - Unknown owner - C:Windowssystem32DRIVERSxaudio64.exe (file missing)

 

--

End of file - 9860 bytes

Link to comment
Share on other sites

You have wot and avast! "WebRep" module, which basically do the same thing ---> shows safety ratings for websites and search results in Internet Explorer.

 

See if disabling one or the other helps with pages loading and being displayed.

Link to comment
Share on other sites

Please download TFC by Old Timer http://www.geekstogo.com/forum/TFC-Temp-File-Cleaner-OldTimer-file187.html and save it to your desktop.

 

Save any unsaved work. TFC will close ALL open programs including your browser!

Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.

Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

 

Next,

update MBam, select Perform full scan, then click Scan.

* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location. Copy and Paste that log into your next reply.

Link to comment
Share on other sites

Malwarebytes Anti-Malware 1.60.0.1800

www.malwarebytes.org

Database version: v2012.01.11.06

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 9.0.8112.16421

Jacque :: JACQUE-PC [administrator]

1/11/2012 12:31:24 PM

mbam-log-2012-01-11 (12-31-24).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 563814

Time elapsed: 1 hour(s), 2 minute(s), 38 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to comment
Share on other sites

Good to know!

 

Uninstall Combofix:

Click on the Start button and then select Run from the menu. This will open up the Run box.

Copy/Paste combofix /uninstall (Please note that there is a space between combofix and /uninstall), click on the OK button or Enter on your keyboard.

You can now delete the ComboFix.exe program from your computer

For Vista / Windows 7

• Click START Search

 

If you haven't updated Java, please do so... Older versions have vulnerabilities that malware can use to infect your system.

  • Download the latest version of Java Runtime Environment (JRE) 7.

    http://www.oracle.com/technetwork/java/javase/downloads/index.html

  • Scroll down to where it says "Java Runtime Environment (JRE) 7u2 allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u2-windows-i586-p.exe to install the newest version.
Link to comment
Share on other sites

 Share

×
×
  • Create New...