Computer was infected, did a system restore but things still not quite right.

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Wed 18 May 2011, 7:36 am

First topic message reminder :

A couple of weeks ago my computer evidentally got infected. Lots of scary pop ups saying I was infected and I was unable to open any of my programs. I went into safe mode and did a system restore, pop ups went away and everything appeared to be working. Unfortunately several things are still running incredible slow...facebook, ebay for example. And just some weird things like when I look something up on eBay and there are multiple pages of whatever I'm looking up, I can only view page 1. When I click on on page 2 it doesn't even attempt to load. Same with a few random links on other pages. Earlier I tried to click on a link on AOL's main page and it didn't attempt to load either. I wasn't having these problems before the pop ups started so I'm worried that maybe there is still something lurking around. Any help is appreciated.

Here is my OTL scan:

OTL logfile created on: 5/17/2011 4:18:44 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Eric\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 437.18 Gb Free Space | 93.87% Space Free | Partition Type: NTFS

Computer Name: ERIC-9FEECA1834 | User Name: Eric | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/17 16:17:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.com
PRC - [2011/04/21 16:54:40 | 000,402,832 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/04/21 16:54:38 | 003,366,800 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASC.exe
PRC - [2011/04/21 16:54:38 | 000,352,656 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/01/17 20:01:51 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010/12/08 17:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/07/05 11:12:00 | 000,544,768 | ---- | M] (Oberon Media ) -- C:\Program Files\GamesBar\SearchEngineProtection.exe
PRC - [2010/05/14 12:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/04/30 10:47:00 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/02/26 02:18:00 | 000,065,795 | R--- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/02/26 02:17:54 | 000,634,880 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzeng09.exe
PRC - [2003/12/22 09:38:40 | 000,167,936 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
PRC - [2003/08/04 18:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe


========== Modules (SafeList) ==========

MOD - [2011/05/17 16:17:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric\Desktop\OTL.com
MOD - [2011/01/17 20:02:00 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2011/01/11 10:59:44 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcr90.dll
MOD - [2011/01/11 10:59:44 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcp90.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/05/16 16:45:09 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/04/21 16:54:38 | 000,352,656 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/04/30 10:47:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2004/02/26 02:18:00 | 000,065,795 | R--- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2009/10/20 23:22:32 | 001,425,280 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/07/28 04:55:00 | 000,143,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/05/23 08:15:00 | 000,547,744 | ---- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\A3AB.sys -- (A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB)
DRV - [2007/04/16 20:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2004/08/12 22:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001/08/17 10:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/01/17 20:02:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/17 23:11:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/17 23:11:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/11 08:19:37 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down


Re: Computer was infected, did a system restore but things still not quite right.

Post by Sneakyone on Fri 03 Jun 2011, 3:08 pm

Hi,

Please download DDS by sUBs from BleepingComputer.com or Forospyware.com and save it to your Desktop.

Note: Before scanning, make sure all other running programs are closed. There shouldn't be any scheduled antivirus scans running while the scan is being performed. Do not use your computer for anything else during the scan.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click Yes to the Optional_Scan
  • Please follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your Desktop.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Sat 04 Jun 2011, 11:58 pm

Here is the DDS txt:

.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Eric at 8:54:01 on 2011-06-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1127 [GMT -4:00]
.
AV: AVG Anti-Virus 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Gamesbar\SearchEngineProtection.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\AVG\AVG10\avgam.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Sneakyone on Sun 05 Jun 2011, 4:10 pm

Are you copying and pasting the entire log?


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Mon 06 Jun 2011, 1:48 pm

I copied the entire DDS.txt file. There is an Attach.txt file that the program says only post if requested. I am including it to next:

Attach.txt results

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-03.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/19/2010 11:54:37 AM
System Uptime: 5/28/2011 12:27:02 PM (202 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M4A785-M
Processor: AMD Athlon(tm) II X4 630 Processor | AM2 | 2812/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 436.838 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: D-Link AirPlus DWL-G520 Wireless PCI Adapter(rev.B)
Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_3A131186&REV_01\4&2966AB86&0&30A4
Manufacturer: D-Link
Name: D-Link AirPlus DWL-G520 Wireless PCI Adapter(rev.B)
PNP Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_3A131186&REV_01\4&2966AB86&0&30A4
Service: A3AB
.
==== System Restore Points ===================
.
RP140: 3/8/2011 11:16:07 PM - System Checkpoint
RP141: 3/10/2011 1:38:48 AM - System Checkpoint
RP142: 3/10/2011 3:00:13 AM - Software Distribution Service 3.0
RP143: 3/11/2011 5:56:27 AM - System Checkpoint
RP144: 3/12/2011 6:01:52 AM - System Checkpoint
RP145: 3/13/2011 7:37:33 AM - System Checkpoint
RP146: 3/14/2011 8:37:33 AM - System Checkpoint
RP147: 3/15/2011 9:23:06 AM - System Checkpoint
RP148: 3/16/2011 10:23:06 AM - System Checkpoint
RP149: 3/17/2011 3:00:13 AM - Software Distribution Service 3.0
RP150: 3/18/2011 3:00:14 AM - Software Distribution Service 3.0
RP151: 3/19/2011 5:37:18 AM - System Checkpoint
RP152: 3/20/2011 6:20:32 AM - System Checkpoint
RP153: 3/21/2011 7:20:32 AM - System Checkpoint
RP154: 3/22/2011 8:20:32 AM - System Checkpoint
RP155: 3/23/2011 9:20:32 AM - System Checkpoint
RP156: 3/24/2011 11:44:10 AM - System Checkpoint
RP157: 3/25/2011 3:00:13 AM - Software Distribution Service 3.0
RP158: 3/26/2011 3:20:18 AM - System Checkpoint
RP159: 3/27/2011 4:20:18 AM - System Checkpoint
RP160: 3/28/2011 5:20:18 AM - System Checkpoint
RP161: 3/29/2011 5:28:20 AM - System Checkpoint
RP162: 3/30/2011 6:20:18 AM - System Checkpoint
RP163: 3/31/2011 6:34:01 AM - System Checkpoint
RP164: 4/1/2011 7:20:00 AM - System Checkpoint
RP165: 4/2/2011 7:55:01 AM - System Checkpoint
RP166: 4/3/2011 8:55:00 AM - System Checkpoint
RP167: 4/4/2011 11:08:41 AM - System Checkpoint
RP168: 4/5/2011 1:36:22 PM - System Checkpoint
RP169: 4/6/2011 2:54:49 PM - System Checkpoint
RP170: 4/7/2011 2:55:00 PM - System Checkpoint
RP171: 4/8/2011 2:57:52 PM - System Checkpoint
RP172: 4/9/2011 4:52:26 PM - System Checkpoint
RP173: 4/10/2011 5:50:45 PM - System Checkpoint
RP174: 4/11/2011 6:36:17 PM - System Checkpoint
RP175: 4/12/2011 11:09:52 PM - System Checkpoint
RP176: 4/13/2011 3:00:13 AM - Software Distribution Service 3.0
RP177: 4/14/2011 3:25:01 AM - System Checkpoint
RP178: 4/15/2011 4:25:01 AM - System Checkpoint
RP179: 4/16/2011 4:30:41 AM - System Checkpoint
RP180: 4/17/2011 5:30:41 AM - System Checkpoint
RP181: 4/18/2011 6:30:42 AM - System Checkpoint
RP182: 4/19/2011 11:19:19 AM - System Checkpoint
RP183: 4/19/2011 5:13:29 PM - Restore Operation
RP184: 4/21/2011 8:31:56 PM - System Checkpoint
RP185: 4/22/2011 3:00:13 AM - Software Distribution Service 3.0
RP186: 4/23/2011 3:28:42 AM - System Checkpoint
RP187: 4/24/2011 3:42:38 AM - System Checkpoint
RP188: 4/25/2011 4:42:38 AM - System Checkpoint
RP189: 4/26/2011 5:42:38 AM - System Checkpoint
RP190: 4/27/2011 3:00:13 AM - Software Distribution Service 3.0
RP191: 4/28/2011 3:42:38 AM - System Checkpoint
RP192: 4/29/2011 4:42:32 AM - System Checkpoint
RP193: 4/30/2011 5:42:32 AM - System Checkpoint
RP194: 5/1/2011 6:42:32 AM - System Checkpoint
RP195: 5/2/2011 7:42:32 AM - System Checkpoint
RP196: 5/3/2011 8:38:23 AM - System Checkpoint
RP197: 5/3/2011 6:10:00 PM - Installed AVG 2011
RP198: 5/3/2011 6:11:25 PM - Removed AVG 2011
RP199: 5/3/2011 7:40:20 PM - Installed %1 %2.
RP200: 5/3/2011 7:40:30 PM - Installed Windows XP Update for Microsoft Windows (KB971513).
RP201: 5/3/2011 7:41:21 PM - Installed %1 %2.
RP202: 5/3/2011 7:42:26 PM - Installed Windows XP KB2447568.
RP203: 5/3/2011 7:43:02 PM - Installed Windows XP KB2492386.
RP204: 5/4/2011 9:20:26 PM - System Checkpoint
RP205: 5/5/2011 10:26:50 PM - System Checkpoint
RP206: 5/6/2011 11:49:59 PM - System Checkpoint
RP207: 5/8/2011 12:11:21 AM - System Checkpoint
RP208: 5/9/2011 1:20:22 AM - System Checkpoint
RP209: 5/10/2011 2:11:21 AM - System Checkpoint
RP210: 5/11/2011 3:11:21 AM - System Checkpoint
RP211: 5/12/2011 3:00:13 AM - Software Distribution Service 3.0
RP212: 5/13/2011 3:43:56 AM - System Checkpoint
RP213: 5/14/2011 4:50:05 AM - System Checkpoint
RP214: 5/15/2011 5:43:56 AM - System Checkpoint
RP215: 5/16/2011 6:43:56 AM - System Checkpoint
RP216: 5/17/2011 7:43:57 AM - System Checkpoint
RP217: 5/17/2011 4:19:11 PM - OTL Restore Point
RP218: 5/18/2011 4:43:56 PM - System Checkpoint
RP219: 5/18/2011 7:22:53 PM - OTL Restore Point
RP220: 5/19/2011 8:46:00 PM - System Checkpoint
RP221: 5/20/2011 9:05:25 PM - System Checkpoint
RP222: 5/21/2011 9:01:07 AM - Installed Java(TM) 6 Update 24
RP223: 5/21/2011 8:03:05 PM - Removed AVG 2011
RP224: 5/21/2011 8:07:18 PM - Removed AVG 2011
RP225: 5/21/2011 8:15:11 PM - Removed AVG 2011
RP226: 5/21/2011 8:16:22 PM - Removed AVG 2011
RP227: 5/21/2011 9:00:03 PM - Installed AVG 2011
RP228: 5/21/2011 9:00:18 PM - Installed AVG 2011
RP229: 5/22/2011 9:34:37 PM - System Checkpoint
RP230: 5/23/2011 10:54:35 PM - System Checkpoint
RP231: 5/24/2011 11:40:25 PM - System Checkpoint
RP232: 5/25/2011 11:41:30 PM - System Checkpoint
RP233: 5/27/2011 12:36:23 AM - System Checkpoint
RP234: 5/28/2011 1:36:23 AM - System Checkpoint
RP235: 5/29/2011 2:31:06 AM - System Checkpoint
RP236: 5/30/2011 3:31:06 AM - System Checkpoint
RP237: 5/31/2011 4:31:06 AM - System Checkpoint
RP238: 6/1/2011 4:34:23 AM - System Checkpoint
RP239: 6/2/2011 5:31:06 AM - System Checkpoint
RP240: 6/2/2011 9:44:32 PM - OTL Restore Point
RP241: 6/3/2011 11:12:23 PM - System Checkpoint
RP242: 6/4/2011 11:30:59 PM - System Checkpoint
.
==== Installed Programs ======================
.
1310
1310_Help
1310Tour
1310Trb
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader X (10.0.1)
Advanced SystemCare 4
AiO_Scan
AIOMinimal
AiOSoftware
Akamai NetSession Interface
AMD Processor Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
Bonjour
Build a Lot 4
CCleaner
Command & Conquer™ 4 Tiberian Twilight
Copy
Coupon Printer for Windows
CreativeProjects
Director
DivX Setup
DocProc
EA Download Manager
ESET Online Scanner v3
Farm Frenzy 3 American Pie
Fax
Fruit’s Inc
GamesBar 2.0.1.78
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Image Zone 3.5
HP PSC & OfficeJet 3.5
HP Software Update
HPSystemDiagnostics
InstantShare
iTunes
Java Auto Updater
Java(TM) 6 Update 24

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Mon 06 Jun 2011, 1:50 pm

Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MobileMe Control Panel
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA nView Desktop Manager
OpenOffice.org 3.2
Overland
PDF Settings CS5
PhotoGallery
Platform
PrintScreen
QFolder
QuickProjects
QuickTime
Readme
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
RealUpgrade 1.1
Roads of Rome
Roads of Rome 2
Royal Envoy TM
Safari
Scan
Seagate Dashboard
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
SkinsHP1
SkinsHP2
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.4053
VIA Platform Device Manager
WebFldrs XP
WebReg
Westward IV
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
5/30/2011 4:08:41 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference error message: The referenced assembly is not installed on your system. .
5/30/2011 4:08:41 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
5/30/2011 4:08:41 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.
.
==== End Of File ===========================

My computer actually seems worse than ever. Web pages take longer to load than they should.

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Sneakyone on Tue 07 Jun 2011, 5:58 pm

Hi,

Download Dr.Web CureIt to the desktop:
[You must be registered and logged in to see this link.]

  • Double-click the launch.exe or cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, just let it cure whatever it finds...
    o Now, go to Settings >> Change Settings
    o Go to Actions tab >> under Objects section, change the settings to below
    Infected objects - Cure
    Incurable objects - Report
    Suspicious objects - Report
    o Don't change any other settings
  • Start the scan again. This time, choose Complete Scan
  • Click the green arrow button at the right, and the scan will start.
  • After the scan finished, click Select all
  • Click on Cure and choose Report incurable (means take no actions.. Don't "move", or "rename" or "delete")
  • When the scan has finished, in the menu, click File and choose Save report list
  • Save the report to your Desktop. The report will be called DrWeb.csv
  • Post DrWeb.csv in your next reply (Open it as Notepad).. Do NOT reboot the computer yet..


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Thu 09 Jun 2011, 1:58 pm

So finally it looks like one of these many scans found something. I hope the report is what you need because I was unable to do one of the options.
•Click on Cure and choose Report incurable (means take no actions.. Don't "move", or "rename" or "delete")
After selecting all, when I clicked on CURE it did not give me the option of reporting incurable. The only actions I had were the ones listed as not choosing.

Here is the file I saved:

Dc15.com;C:\RECYCLER\S-1-5-21-796845957-616249376-117609710-1003;Trojan.Siggen2.25631;;
CouponPrinter.ocx;C:\WINDOWS;Adware.Coupons.34;;

That is all I got. Hope it is what you need.

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Belahzur on Fri 10 Jun 2011, 2:42 am

Hello.

Please download aswMBR from here

  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Click the Scan button to start the scan as illustrated below



Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

  • Once the scan finishes click Save log to save the log to your Desktop


  • Copy and paste the contents of aswMBR.txt back here for review


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Fri 10 Jun 2011, 9:52 am

aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-06-09 18:50:34
-----------------------------
18:50:34.359 OS Version: Windows 5.1.2600 Service Pack 3
18:50:34.359 Number of processors: 4 586 0x502
18:50:34.359 ComputerName: ERIC-9FEECA1834 UserName: Eric
18:50:35.640 Initialize success
18:50:41.093 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:50:41.093 Disk 0 Vendor: ST3500418AS CC38 Size: 476940MB BusType: 3
18:50:43.125 Disk 0 MBR read successfully
18:50:43.125 Disk 0 MBR scan
18:50:43.125 Disk 0 Windows XP default MBR code
18:50:45.125 Disk 0 scanning sectors +976752000
18:50:45.140 Disk 0 scanning C:\WINDOWS\system32\drivers
18:50:49.671 Service scanning
18:50:50.515 Disk 0 trace - called modules:
18:50:50.531 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
18:50:50.531 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5ecab8]
18:50:50.531 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\0000006a[0x8a5f6f18]
18:50:50.531 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a610940]
18:50:50.531 Scan finished successfully
18:51:22.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Eric\Desktop\MBR.dat"
18:51:22.109 The log file has been saved successfully to "C:\Documents and Settings\Eric\Desktop\aswMBR.txt"



dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Sun 12 Jun 2011, 7:01 am

Just bumping this up..its been almost 48 hrs and I'm anxious to get this trojan off my computer.

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Sneakyone on Sun 12 Jun 2011, 3:04 pm

Hi,

Please download TDSSKiller from here and save it to your Desktop.
  • Doubleclick TDSSKiller.exe to run the tool
  • Click the Start Scan button
  • After the scan has finished, click the Close button
  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Sun 12 Jun 2011, 3:22 pm

2011/06/12 00:22:09.0734 3516 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48
2011/06/12 00:22:10.0156 3516 ================================================================================
2011/06/12 00:22:10.0156 3516 SystemInfo:
2011/06/12 00:22:10.0156 3516
2011/06/12 00:22:10.0156 3516 OS Version: 5.1.2600 ServicePack: 3.0
2011/06/12 00:22:10.0156 3516 Product type: Workstation
2011/06/12 00:22:10.0156 3516 ComputerName: ERIC-9FEECA1834
2011/06/12 00:22:10.0156 3516 UserName: Eric
2011/06/12 00:22:10.0156 3516 Windows directory: C:\WINDOWS
2011/06/12 00:22:10.0156 3516 System windows directory: C:\WINDOWS
2011/06/12 00:22:10.0156 3516 Processor architecture: Intel x86
2011/06/12 00:22:10.0156 3516 Number of processors: 4
2011/06/12 00:22:10.0156 3516 Page size: 0x1000
2011/06/12 00:22:10.0156 3516 Boot type: Normal boot
2011/06/12 00:22:10.0156 3516 ================================================================================
2011/06/12 00:22:11.0046 3516 Initialize success

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Sneakyone on Mon 13 Jun 2011, 2:55 pm

How is your computer running now?


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Tue 14 Jun 2011, 10:26 am

I am going to say things appear better. Some things were very subtle and I haven't had a lot of time on the computer lately. I will say several of my issues improved when I switched to Google Chrome instead of IE. The one scan did say something about a trojan though so I am assuming it wasn't all in my head or my internet explorer. Right?

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Sneakyone on Tue 14 Jun 2011, 2:16 pm

What other issues are you experiencing?


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Sun 19 Jun 2011, 9:29 am

I am experiencing no issues at this time as long as we use google chrome. With IE, Facebook is very choppy when scrolling. Email on MSN wasn't opening up all the time and some video links weren't working. I don't know if this is a cause for concern or if I just need to use Google Chrome in the future.

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Sneakyone on Sun 19 Jun 2011, 3:10 pm

Hi,

See if this helps:

Please download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Tue 21 Jun 2011, 11:30 am

I did run this...not sure if it made a difference or not. Facebook is still very choppy on IE only. And Google Chrome loads everything almost instantly whereas IE takes a few seconds.

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Sneakyone on Tue 21 Jun 2011, 1:51 pm

IE is always that way. Chrome is just a faster browser and you have gotten used to the speed of Chrome.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by dizzywhizz on Wed 22 Jun 2011, 3:40 am

So before this thread is closed. What do you recommend I install on my computer for protection? Obviously what I have is not sufficient since I think this is my 3rd problem in a year. I have the free version of AVG 2011 and the free version of MalWarebytes Anti-malware.

dizzywhizz

Newbie Surfer
Newbie Surfer

Posts : 41
Joined : 2010-06-28
Operating System : Window XP

View user profile

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Sneakyone on Wed 22 Jun 2011, 12:10 pm

AVG should suffice. Remember don't install more than 1 antivirus.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Computer was infected, did a system restore but things still not quite right.

Post by Sponsored content Today at 1:01 am


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum