have run MalwareBytes and have bad stuff and slow computer still

View previous topic View next topic Go down

have run MalwareBytes and have bad stuff and slow computer still

Post by matnic on 18th January 2010, 5:14 pm

I have had some problems with different viruses/trojans/malware in the last week or so, getting so bad that I couldn't even start my machine! Finally broke down and had a local comp. guy get it back up and installed Malwarebytes, but it still is running terribly slow and keep getting fake virus detection software, like Malware Defender and the like.

Here is the HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 12:08:41 PM, on 1/18/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Mailpc2.MAIL2\Application Data\Color_Server_Client_Tools\JRE\JRE1.5\bin\DEX_CX700_V1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\newhj.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page
O2 - BHO: (no name) - {0948A35C-7F37-4E83-A695-ACFC9A8DFFAA} - \
O2 - BHO: (no name) - {131C19DF-D06E-8BB7-4912-898DBB50D799} - (no file)
O2 - BHO: (no name) - {141B1E83-826A-8DE2-4912-898DBB50D09B} - (no file)
O2 - BHO: (no name) - {15104D83-D269-DEE7-4F12-898DBB50D2C8} - (no file)
O2 - BHO: (no name) - {1A101D88-DF6C-8EB0-1812-898DBB50D399} - (no file)
O2 - BHO: (no name) - {1A1F4983-D06B-DAB6-1E12-898DBB5785C3} - (no file)
O2 - BHO: (no name) - {3557ACCB-FA30-4FF6-BDCF-7185AFDF3B2E} - \
O2 - BHO: (no name) - {3D3EFA86-A8E0-4BF5-9064-68575B0AC943} - \
O2 - BHO: (no name) - {45491DDB-D36D-80E5-4F12-898DBB57849B} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {C7ED19A2-6081-4821-B9FB-EC80BCE74C11} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [DexStarter_CX700_V1] "C:\Documents and Settings\Mailpc2.MAIL2\Application Data\Color_Server_Client_Tools\PrinterDriver\CX700_V1\DexRunner.bat"
O4 - HKCU\..\Run: [cliconfg64.exe] C:\DOCUME~1\MAILPC~1.MAI\LOCALS~1\Temp\cliconfg64.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - [You must be registered and logged in to see this link.] Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CCS\Services\Tcpip\..\{09DE896A-FACA-4E38-890F-413AB2A6BEFB}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{09DE896A-FACA-4E38-890F-413AB2A6BEFB}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{09DE896A-FACA-4E38-890F-413AB2A6BEFB}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{09DE896A-FACA-4E38-890F-413AB2A6BEFB}: NameServer = 192.168.1.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: awtqn - C:\WINDOWS\system32\awtqn.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

Any help/suggestions would be greatly appreciated!

matnic
Novice
Novice

Posts Posts : 8
Joined Joined : 2010-01-09
OS OS : Windows XP
Points Points : 25391
# Likes # Likes : 0

View user profile

Back to top Go down

Re: have run MalwareBytes and have bad stuff and slow computer still

Post by Belahzur on 18th January 2010, 9:48 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page
    O2 - BHO: (no name) - {0948A35C-7F37-4E83-A695-ACFC9A8DFFAA} - \
    O2 - BHO: (no name) - {131C19DF-D06E-8BB7-4912-898DBB50D799} - (no file)
    O2 - BHO: (no name) - {141B1E83-826A-8DE2-4912-898DBB50D09B} - (no file)
    O2 - BHO: (no name) - {15104D83-D269-DEE7-4F12-898DBB50D2C8} - (no file)
    O2 - BHO: (no name) - {1A101D88-DF6C-8EB0-1812-898DBB50D399} - (no file)
    O2 - BHO: (no name) - {1A1F4983-D06B-DAB6-1E12-898DBB5785C3} - (no file)
    O2 - BHO: (no name) - {3557ACCB-FA30-4FF6-BDCF-7185AFDF3B2E} - \
    O2 - BHO: (no name) - {3D3EFA86-A8E0-4BF5-9064-68575B0AC943} - \
    O2 - BHO: (no name) - {45491DDB-D36D-80E5-4F12-898DBB57849B} - (no file)
    O2 - BHO: (no name) - {C7ED19A2-6081-4821-B9FB-EC80BCE74C11} - (no file)
    O4 - HKCU\..\Run: [cliconfg64.exe] C:\DOCUME~1\MAILPC~1.MAI\LOCALS~1\Temp\cliconfg64.exe
    O20 - Winlogon Notify: awtqn - C:\WINDOWS\system32\awtqn.dll (file missing)



  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: have run MalwareBytes and have bad stuff and slow computer still

Post by matnic on 19th January 2010, 2:03 pm

Fixed the checked HJT lines, ran MBAM again, found nothing. I also updated to Service Pack 3.

MBAM log:

Malwarebytes' Anti-Malware 1.44
Database version: 3598
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

1/19/2010 9:02:41 AM
mbam-log-2010-01-19 (09-02-41).txt

Scan type: Quick Scan
Objects scanned: 121626
Time elapsed: 6 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

matnic
Novice
Novice

Posts Posts : 8
Joined Joined : 2010-01-09
OS OS : Windows XP
Points Points : 25391
# Likes # Likes : 0

View user profile

Back to top Go down

Re: have run MalwareBytes and have bad stuff and slow computer still

Post by Belahzur on 19th January 2010, 6:29 pm

Hello.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste BOTH LOGS back here, use more than one post if needed.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: have run MalwareBytes and have bad stuff and slow computer still

Post by matnic on 19th January 2010, 8:18 pm

DDS.txt:

DDS (Ver_09-12-01.01) - NTFSx86
Run by Mailpc2 at 15:09:20.17 on Tue 01/19/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.495.274 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Mailpc2.MAIL2\Application Data\Color_Server_Client_Tools\JRE\JRE1.5\bin\DEX_CX700_V1.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Mailpc2.MAIL2\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uSearch Page = [You must be registered and logged in to see this link.]
uSearch Bar = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [DexStarter_CX700_V1] "c:\documents and settings\mailpc2.mail2\application data\color_server_client_tools\printerdriver\cx700_v1\DexRunner.bat"
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil9f.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
mRun: [IntelliType] "c:\program files\microsoft hardware\keyboard\type32.exe"
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: DirectAnimation Java Classes - [You must be registered and logged in to see this link.]
DPF: Microsoft XML Parser for Java - [You must be registered and logged in to see this link.]
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - [You must be registered and logged in to see this link.]
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - [You must be registered and logged in to see this link.]
DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
TCP: {09DE896A-FACA-4E38-890F-413AB2A6BEFB} = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli centsvc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\mailpc~1.mai\applic~1\mozilla\firefox\profiles\jhsg4fnj.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - plugin: c:\program files\mozilla firefox\plugins\npLAUNCH.dll
FF - hȋdden: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - hȋdden: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - hȋdden: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - hȋdden: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - hȋdden: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - hȋdden: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2006-10-10 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2007-2-27 74480]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]
S3 hwi4857;Duo Digital Media Player;c:\windows\system32\drivers\hwi4857.sys [2005-11-8 10532]
S3 PortRst;BaromTec HMS30C6001 Reset Driver;c:\windows\system32\drivers\PortRst.sys [2002-1-29 18560]

=============== Created Last 30 ================

2010-01-19 08:14:01 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-01-18 18:04:10 0 d-----w- c:\windows\system32\scripting
2010-01-18 18:04:08 0 d-----w- c:\windows\l2schemas
2010-01-18 18:04:07 0 d-----w- c:\windows\system32\en
2010-01-18 17:58:38 0 d-----w- c:\windows\network diagnostic
2010-01-13 13:32:45 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-13 13:32:44 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-01-13 13:32:44 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-01-11 21:29:06 69120 ------w- c:\windows\system32\wlanapi.dll
2010-01-11 21:28:08 50688 ------w- c:\windows\system32\tspkg.dll
2010-01-11 21:28:05 53248 ------w- c:\windows\system32\tsgqec.dll
2010-01-11 21:26:56 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2010-01-11 21:26:52 32768 ------w- c:\windows\system32\setupn.exe
2010-01-11 21:26:12 290304 ------w- c:\windows\system32\rhttpaa.dll
2010-01-11 21:26:06 61952 ------w- c:\windows\system32\rasqec.dll
2010-01-11 21:26:04 76800 ------w- c:\windows\system32\qutil.dll
2010-01-11 21:26:01 62464 ------w- c:\windows\system32\qcliprov.dll
2010-01-11 21:26:01 291328 ------w- c:\windows\system32\qagentrt.dll
2010-01-11 21:26:01 150528 ------w- c:\windows\system32\qagent.dll
2010-01-11 21:25:47 144384 ------w- c:\windows\system32\onex.dll
2010-01-11 21:24:56 176640 ------w- c:\windows\system32\napstat.exe
2010-01-11 21:24:55 638 ------w- c:\windows\system32\wbem\napclientprov.mof
2010-01-11 21:24:55 3990 ------w- c:\windows\system32\wbem\napclientschema.mof
2010-01-11 21:24:55 30208 ------w- c:\windows\system32\napipsec.dll
2010-01-11 21:24:55 193024 ------w- c:\windows\system32\napmontr.dll
2010-01-11 21:24:51 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2010-01-11 21:24:51 79872 ----a-w- c:\windows\system32\msxml6r.dll
2010-01-11 21:24:50 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2010-01-11 21:24:32 76800 ------w- c:\windows\system32\msshavmsg.dll
2010-01-11 21:24:31 155136 ------w- c:\windows\system32\mssha.dll
2010-01-11 21:23:27 33792 ------w- c:\windows\system32\mmcperf.exe
2010-01-11 21:23:25 397312 ------w- c:\windows\system32\mmcex.dll
2010-01-11 21:23:25 106496 ------w- c:\windows\system32\mmcfxcommon.dll
2010-01-11 21:23:23 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll
2010-01-11 21:22:06 37376 ------w- c:\windows\system32\l2gpstore.dll
2010-01-11 21:21:53 61440 ------w- c:\windows\system32\kmsvc.dll
2010-01-11 21:21:48 6144 ------w- c:\windows\system32\kbdpash.dll
2010-01-11 21:21:47 6144 ------w- c:\windows\system32\kbdnepr.dll
2010-01-11 21:21:46 6144 ------w- c:\windows\system32\kbdiultn.dll
2010-01-11 21:21:44 6144 ------w- c:\windows\system32\kbdbhc.dll
2010-01-11 21:21:24 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll
2010-01-11 21:21:24 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2010-01-11 21:20:19 10752 ------w- c:\windows\system32\smtpapi.dll
2010-01-11 21:20:17 974 ------w- c:\windows\system32\pid.inf
2010-01-11 21:20:17 9728 ------w- c:\windows\system32\rwnh.dll
2010-01-11 21:19:34 144384 ------w- c:\windows\system32\drivers\hdaudbus.sys
2010-01-11 21:17:45 12800 ------w- c:\windows\system32\credssp.dll
2010-01-11 21:17:11 7168 ------w- c:\windows\system32\bitsprx4.dll
2010-01-11 21:17:09 233472 ------w- c:\windows\system32\azroles.dll
2010-01-11 21:16:13 136192 ------w- c:\windows\system32\aaclient.dll
2010-01-11 19:32:50 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-01-11 19:32:37 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-01-11 19:32:20 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-11 19:32:17 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-11 19:32:16 2066048 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-01-11 19:30:31 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-01-11 19:28:34 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-01-11 19:26:59 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-01-11 19:26:58 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-01-11 19:26:58 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-01-11 19:26:57 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-01-11 19:26:56 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-01-11 19:26:55 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-01-11 19:26:54 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-01-11 19:26:54 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-01-11 19:26:53 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-01-11 19:22:58 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-01-11 19:22:53 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2010-01-11 19:22:45 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-01-11 18:33:53 0 d-----w- c:\docume~1\mailpc~1.mai\applic~1\Malwarebytes
2010-01-11 18:33:34 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-11 18:33:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-01-11 18:33:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-11 18:33:23 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-11 18:20:27 155648 ----a-w- c:\windows\system32\igfxres.dll
2010-01-11 18:03:04 28288 -c--a-w- c:\windows\system32\dllcache\xjis.nls
2010-01-11 18:01:57 77824 -c--a-w- c:\windows\system32\dllcache\quick.ime
2010-01-11 18:00:58 6144 -c--a-w- c:\windows\system32\dllcache\kbdinpun.dll
2010-01-11 17:59:57 78848 -c--a-w- c:\windows\system32\dllcache\dayi.ime
2010-01-11 17:58:55 7680 -c--a-w- c:\windows\system32\dllcache\inetmgr.exe
2010-01-11 17:58:55 19968 -c--a-w- c:\windows\system32\dllcache\inetsloc.dll
2010-01-11 17:58:54 5632 -c--a-w- c:\windows\system32\dllcache\iisrstap.dll
2010-01-11 17:58:54 169984 -c--a-w- c:\windows\system32\dllcache\iisui.dll
2010-01-11 17:58:53 6144 -c--a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2010-01-11 17:58:53 14336 -c--a-w- c:\windows\system32\dllcache\iisreset.exe
2010-01-11 17:58:46 94720 -c--a-w- c:\windows\system32\dllcache\certmap.ocx
2010-01-11 17:55:01 488 ---ha-r- c:\windows\system32\logonui.exe.manifest
2010-01-11 17:54:51 749 ---ha-r- c:\windows\WindowsShell.Manifest
2010-01-11 17:54:51 749 ---ha-r- c:\windows\system32\wuaucpl.cpl.manifest
2010-01-11 17:54:51 749 ---ha-r- c:\windows\system32\sapi.cpl.manifest
2010-01-11 17:54:51 749 ---ha-r- c:\windows\system32\nwc.cpl.manifest
2010-01-11 17:54:51 749 ---ha-r- c:\windows\system32\ncpa.cpl.manifest
2010-01-11 17:54:21 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-01-11 17:39:16 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-01-11 17:39:16 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-01-11 17:39:16 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-01-11 17:39:16 13312 ----a-w- c:\windows\system32\irclass.dll
2010-01-11 17:38:56 8574 -c--a-w- c:\windows\system32\dllcache\IASNT4.CAT
2010-01-11 17:38:56 7382 -c--a-w- c:\windows\system32\dllcache\OEMBIOS.CAT
2010-01-11 17:38:56 7334 -c--a-w- c:\windows\system32\dllcache\wmerrenu.cat
2010-01-11 17:38:55 797189 -c--a-w- c:\windows\system32\dllcache\NT5IIS.CAT
2010-01-11 17:38:55 399645 -c--a-w- c:\windows\system32\dllcache\MAPIMIG.CAT
2010-01-11 17:38:55 37484 -c--a-w- c:\windows\system32\dllcache\MW770.CAT
2010-01-11 17:38:55 13472 -c--a-w- c:\windows\system32\dllcache\HPCRDP.CAT
2010-01-11 17:38:55 1042903 -c--a-w- c:\windows\system32\dllcache\SP2.CAT
2010-01-11 17:38:46 13753 ----a-r- c:\windows\SET158.tmp
2010-01-11 17:38:41 1086058 ----a-r- c:\windows\SET14C.tmp
2010-01-11 17:38:38 1042903 ----a-r- c:\windows\SET149.tmp
2010-01-11 17:03:43 8913 ----a-w- c:\windows\setupapi.old
2010-01-11 12:27:15 0 d-----w- c:\windows\addins
2010-01-06 17:48:03 1015 ----a-r- C:\logFile.xsl
2010-01-06 17:47:07 0 d-----w- c:\program files\Flip Video

==================== Find3M ====================

2010-01-11 17:52:51 22736 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-03 01:42:06 195456 ----a-w- c:\windows\system32\MpSigStub.exe
2009-10-29 05:38:23 667136 ----a-w- c:\windows\system32\wininet.dll
2005-11-09 20:35:17 3797975 ----a-w- c:\program files\BitTorrent-4.0.4.exe
2005-06-02 16:56:59 206571 ----a-w- c:\program files\The_Weather_Channel_Application.exe
2005-06-02 16:56:57 8076 ----a-w- c:\program files\stubinstaller.ini
2005-06-02 16:56:56 43 ----a-w- c:\program files\blank.gif
2005-06-02 16:56:51 203392 ----a-w- c:\program files\TheWeatherChannel_Stubweather1.exe
2007-08-02 13:07:25 1733271 --sha-w- c:\windows\system32\hhkmp.bak2
2009-07-09 17:54:06 9625 --sha-w- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 15:10:18.03 ===============


attach.txt:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/11/2010 1:03:19 PM
System Uptime: 1/19/2010 9:27:56 AM (6 hours ago)

Motherboard: Intel Corporation | | D865GLC
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | J2E1 | 2793/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 41.182 GiB free.
D: is CDROM ()
F: is NetworkDisk (NTFS) - 65 GiB total, 40.946 GiB free.
G: is NetworkDisk (NTFS) - 65 GiB total, 40.946 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 1/11/2010 1:16:57 PM - System Checkpoint
RP2: 1/11/2010 1:39:11 PM - Software Distribution Service 3.0
RP3: 1/11/2010 2:24:15 PM - Removed Norton WMI Update
RP4: 1/11/2010 2:35:58 PM - Removed Windows Defender
RP5: 1/11/2010 3:17:12 PM - Software Distribution Service 3.0
RP6: 1/12/2010 3:00:27 AM - Software Distribution Service 3.0
RP7: 1/12/2010 9:32:35 AM - Removed AVG 9.0
RP8: 1/12/2010 9:34:59 AM - Installed AVG 9.0
RP9: 1/12/2010 9:38:42 AM - Software Distribution Service 3.0
RP10: 1/12/2010 9:42:42 AM - Software Distribution Service 3.0
RP11: 1/13/2010 3:00:25 AM - Software Distribution Service 3.0
RP12: 1/14/2010 3:00:25 AM - Software Distribution Service 3.0
RP13: 1/14/2010 8:27:16 AM - Software Distribution Service 3.0
RP14: 1/15/2010 8:56:32 AM - System Checkpoint
RP15: 1/18/2010 10:10:59 AM - System Checkpoint
RP16: 1/18/2010 12:45:24 PM - Software Distribution Service 3.0
RP17: 1/19/2010 3:00:34 AM - Software Distribution Service 3.0
RP18: 1/19/2010 8:36:00 AM - Software Distribution Service 3.0

==== Installed Programs ======================

3D Live Pool
3ivx MPEG-4 5.0.3 (remove only)
Adobe Acrobat 7.0 Standard
Adobe Acrobat 7.1.0 Standard
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Photoshop CS
Adobe Shockwave Player
Ahead InCD
Ahead NeroMediaPlayer
Apple Mobile Device Support
Apple Software Update
CCleaner
Compatibility Pack for the 2007 Office system
DUO_Manager
EPSON Printer Software
FlipShare
Google Earth
Google Gmail Notifier
Hijackthis 1.99.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Indeo® Software
Intel(R) Extreme Graphics Driver
Intel(R) PRO Network Adapters and Drivers
iTunes
Java(TM) 6 Update 16
LAUNCH! Web Helper (remove only)
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Macromedia Flash Player
Malwarebytes' Anti-Malware
Matroska Pack (remove only)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Data Access Components KB870669
Microsoft IntelliPoint 4.0
Microsoft IntelliType Pro 2.1
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Publisher 2003
Microsoft Office XP Professional
Microsoft Reader
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows XP Video Decoder Checkup Utility
Mozilla Firefox (3.5.3)
Mozilla Thunderbird (2.0.0.23)
MP3 Player Utilities 3.68
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB973686)
Nero - Burning Rom
PhotoFiltre
QuickTime
RealPlayer
Security Update for CAPICOM (KB931906)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB976325)
SUPERAntiSpyware Free Edition
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Winamp (remove only)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player Plugin
Windows XP Service Pack 3
WinRAR archiver
WinZip

==== Event Viewer Messages From Past Week ========

1/18/2010 11:03:00 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL sf Tcpip
1/18/2010 11:03:00 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
1/18/2010 11:03:00 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/18/2010 11:03:00 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/18/2010 11:03:00 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
1/18/2010 11:03:00 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/18/2010 11:02:35 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/18/2010 11:00:13 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm SASDIFSV SASKUTIL sf
1/18/2010 10:59:16 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/14/2010 2:39:26 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}

==== End Of File ===========================

in a side note, the machine does seem to be running better. Thanks.

matnic
Novice
Novice

Posts Posts : 8
Joined Joined : 2010-01-09
OS OS : Windows XP
Points Points : 25391
# Likes # Likes : 0

View user profile

Back to top Go down

Re: have run MalwareBytes and have bad stuff and slow computer still

Post by Belahzur on 19th January 2010, 8:51 pm

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Hijackthis 1.99.1
    Java(TM) 6 Update 16

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTM.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\windows\SET149.tmp
    c:\windows\SET158.tmp
    c:\windows\SET14C.tmp
    c:\program files\BitTorrent-4.0.4.exe


  • Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: have run MalwareBytes and have bad stuff and slow computer still

Post by matnic on 19th January 2010, 9:16 pm

========== FILES ==========
c:\windows\SET149.tmp moved successfully.
c:\windows\SET158.tmp moved successfully.
c:\windows\SET14C.tmp moved successfully.
c:\program files\BitTorrent-4.0.4.exe moved successfully.

OTM by OldTimer - Version 3.1.6.0 log created on 01192010_161703

matnic
Novice
Novice

Posts Posts : 8
Joined Joined : 2010-01-09
OS OS : Windows XP
Points Points : 25391
# Likes # Likes : 0

View user profile

Back to top Go down

Re: have run MalwareBytes and have bad stuff and slow computer still

Post by Belahzur on 19th January 2010, 10:25 pm

We can remove OTMoveIt now.

  • Please double-click OTM.exe to run it again.
  • Press the green CleanUp! button.
  • Press Yes cleanup process prompt, do the same for the reboot prompt.
How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: have run MalwareBytes and have bad stuff and slow computer still

Post by matnic on 20th January 2010, 1:39 pm

Running faster, starting up faster...I had a printer problem after one of the processes, but got it linked back up no problem...I assume I will have those little glitches from time to time, right?

Thanks again for all the help.

matnic
Novice
Novice

Posts Posts : 8
Joined Joined : 2010-01-09
OS OS : Windows XP
Points Points : 25391
# Likes # Likes : 0

View user profile

Back to top Go down

Re: have run MalwareBytes and have bad stuff and slow computer still

Post by Belahzur on 20th January 2010, 6:37 pm

Yep, that's just computers for you, they do things no one can explain. LMBO or ROFL


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum