Author Topic: Pc Problems (Read 56129 times)

thammondwis · « **Reply #60 on:** November 12, 2010, 04:23:50 PM »

For IE I get the following message:

Internet Explorer cannot display the webpage

For both FireFox and IE it does not matter if I type the web page address or click on a link to the Windows Update site I get the same result every time. Its as if something is blocking that web site on both programs.

thammondwis · « **Reply #61 on:** November 13, 2010, 05:58:55 AM »

SuperDave,

I have been doing a bit of investigation on my windows update problem (although difficult with the redirect issues but I have found a workaround but it is somewhat cumbersome).

Some of the information I have found lead me to check Automatic Updates Service via Sevices.msc. Running that command shows that the Automatic Updates service is stopped. I tried to start it but received the following error message:

Could not start the automatic updates service on local computer. Error 1053 the service did not respond to the start or control request in a timely fashion.

Other things that I found in my research that got my interest were:

Issues with older versions of Java. When I click on Add-ons from the Tools menu in FireFox it lists a number of different versions of Java Console (6.0.15, 6.0.17, 6.0.20, 6.0.22, 6.0.14). This seems strange to me because I used a program earlier in this thread to remove older versions of Java. There is an option to uninstall in this Add-ons list. Should I uninstall all but the 6.0.22 version? Also when I click on the Java Console under the Tools menu item in FireFox, nothing happens.

Issues with .net.framework(?). I don't recall any of the specific details, but in the last few weeks while working on this computer with you I have noticed a couple times .net messages or errors of some type occurring.

Issues with defrag. You asked me about that and I have not performed a defrag on this computer in a long time. I am going to perform a defrag now.

thammondwis · « **Reply #62 on:** November 13, 2010, 08:35:11 AM »

I ran defrag on both drives which went OK. It did give a message that it could not defrag everything on each drive (don't know if that is normal or an issue). I then rebooted. I checked the services right away after it rebooted and the Automatic Update service was listed as started. I tried to get to the Windows Update site but got the same results as before. I then went back and looked at the Services again and then the Windows Update service is listed as starting. Went back after a while and it is still listed as starting.

thammondwis · « **Reply #63 on:** November 13, 2010, 11:18:47 AM »

FYI, when I came back to my computer after a while there was a AVG Alert window open stating that a threat was blocked. Info on the threat:

File Name: 195.54.171.169/index.php?...(lot of various characters)
Threat Name: Exploit Rogue Scanner (type 1652)
Process Name: C:\Windows\system32\svchost.exe
Process ID: 4584

Is this type of info useful to you?

SuperDave · « **Reply #64 on:** November 13, 2010, 12:58:06 PM »

Quote

IIs this type of info useful to you?

Not Really. There's no information about it. I'm going to consult my mentor about this problem. In the meantime, could you please run OTL again as instructed in Reply #17

SuperDave · « **Reply #65 on:** November 13, 2010, 06:39:14 PM »

Before you do these scans please reset your router. Power off for more than 10 secs.

Download this << file >> & extract TDSSKiller.exe onto your Desktop

Then create this batch file to be placed next to TDSSKiller

=====

Open NOTEPAD.exe and copy/paste the text in the quotebox below into it:

Code: [Select]

@ECHO OFF
START /WAIT TDSSKILLER.exe -l Logit.txt -v
START Logit.txt
del %0

Save this as fix.bat Choose to "Save type as - All Files"
It should look like this:

Double click on fix.bat & allow it to run

Post back to tell me what it says
*********************************

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

Link 1
Link 2
Link 3

•Double-click on MBRCheck.exe to run it.

•It will open a black window...please do not fix anything (if it gives you an option).

•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.

thammondwis · « **Reply #66 on:** November 13, 2010, 07:51:05 PM »

I get an error message when I run fix.bat. The error message is:

Valid command line parameters: (it then has a listing of all the valid command line parameters)

Not sure if this is what you are looking for or if I copied, pasted, or did something else incorrectly? For what its worth, I don't see a -v as one of the valid command line parameters in the listing?

BTW I had already run the OTL before I saw your last posting so let me know if you still want me to post those logs.

SuperDave · « **Reply #67 on:** November 14, 2010, 01:02:35 PM »

Are you certain that you followed the instructions precisely? This should work because I've used it before.
Were you able to run the MBR scan?

thammondwis · « **Reply #68 on:** November 14, 2010, 03:01:33 PM »

Yes I believe I am following it precisely??? Should the encoding drop down box be selected as ANSI? Anyways searching the internet I found various other people that have reported the same condition I have and have seemed to be able to run without the -v parameter. Should I try that?

Here is the MRB log:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version:      Windows XP Professional
Windows Information:      Service Pack 3 (build 2600)
Logical Drives Mask:      0x0000013d

Kernel Drivers (total 140):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0x86CF3000 \WINDOWS\system32\KDCOM.DLL
0xF789B000 \WINDOWS\system32\BOOTVID.dll
0xF7358000 ACPI.sys
0xF7987000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7347000 pci.sys
0xF7487000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7497000 MountMgr.sys
0xF7328000 ftdisk.sys
0xF7989000 dmload.sys
0xF7302000 dmio.sys
0xF770F000 PartMgr.sys
0xF74A7000 VolSnap.sys
0xF72EA000 atapi.sys
0xF72D0000 nvata.sys
0xF74B7000 disk.sys
0xF74C7000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF72B0000 fltmgr.sys
0xF729E000 sr.sys
0xF74D7000 PxHelp20.sys
0xF7287000 KSecDD.sys
0xF71FA000 Ntfs.sys
0xF71CD000 NDIS.sys
0xF71B3000 Mup.sys
0xF7717000 avgrkx86.sys
0xF74E7000 AVGIDSEH.Sys
0xF7927000 \SystemRoot\system32\DRIVERS\tunmp.sys
0xF7607000 \SystemRoot\system32\DRIVERS\processr.sys
0xF7807000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF7617000 \SystemRoot\system32\DRIVERS\serial.sys
0xF792F000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF7157000 \SystemRoot\system32\DRIVERS\parport.sys
0xF7627000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7847000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7857000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7867000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xF7133000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7727000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF710B000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7637000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7647000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7657000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF70E8000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7667000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xF7677000 \SystemRoot\system32\DRIVERS\nvnetbus.sys
0xF6FCC000 \SystemRoot\system32\DRIVERS\NVNRM.SYS
0xF68B4000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xF68A0000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7B4A000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7687000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7967000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6889000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7697000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF76A7000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF780F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF781F000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF782F000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF6831000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF76B7000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7997000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6733000 \SystemRoot\system32\DRIVERS\update.sys
0xF718B000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7187000 \SystemRoot\system32\drivers\WmBEnum.sys
0xF76C7000 \SystemRoot\system32\drivers\WmXlCore.sys
0xF76D7000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF77C7000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF76F7000 \SystemRoot\system32\DRIVERS\NVENETFD.sys
0xF7517000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF799F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF4139000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xF4115000 \SystemRoot\system32\drivers\portcls.sys
0xF7537000 \SystemRoot\system32\drivers\drmk.sys
0xF7557000 \SystemRoot\system32\DRIVERS\avgmfx86.sys
0xF79A9000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7B9B000 \SystemRoot\System32\Drivers\Null.SYS
0xF79AD000 \SystemRoot\System32\Drivers\Beep.SYS
0xF774F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF775F000 \SystemRoot\System32\drivers\vga.sys
0xF79B1000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79B5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF776F000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF777F000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF793B000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF40BA000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF7567000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF4061000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF4001000 \SystemRoot\system32\DRIVERS\tcpip6.sys
0xF3FDB000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF7577000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF3EF3000 \SystemRoot\system32\DRIVERS\avgtdix.sys
0xF7587000 \SystemRoot\system32\drivers\ip6fw.sys
0xF3ECB000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF3EA9000 \SystemRoot\System32\drivers\afd.sys
0xF7597000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF3E87000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0xF778F000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0xF3E5C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF7A6D000 \SystemRoot\System32\Drivers\PQNTDrv.SYS
0xF3DEC000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF75A7000 \SystemRoot\System32\Drivers\Fips.SYS
0xF3DB0000 \SystemRoot\system32\DRIVERS\avgldx86.sys
0xF77F7000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF7817000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xF3F6B000 \SystemRoot\system32\drivers\usbaudio.sys
0xF4111000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF75C7000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF3D64000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xF7547000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF3CD2000 \SystemRoot\System32\Drivers\dump_nvata.sys
0xF7A0B000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF3D34000 \SystemRoot\System32\drivers\Dxapi.sys
0xF77CF000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7A9C000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xF784F000 \SystemRoot\system32\drivers\WmFilter.sys
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xF3DAC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xBA38B000 \SystemRoot\system32\drivers\wdmaud.sys
0xBA5B8000 \SystemRoot\system32\drivers\sysaudio.sys
0xBA12C000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7A33000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xF6801000 \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys
0xBA118000 \??\C:\WINDOWS\system32\drivers\cpuz134_x32.sys
0xB9F95000 \SystemRoot\system32\DRIVERS\srv.sys
0xB9D76000 \??\C:\WINDOWS\system32\drivers\mqac.sys
0xB9B61000 \??\C:\WINDOWS\system32\drivers\RMCast.sys
0xF7995000 \SystemRoot\system32\drivers\WmVirHid.sys
0xB9BC3000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB9BAB000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xBA4A0000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
0xB9722000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
0xB92F6000 \SystemRoot\System32\Drivers\HTTP.sys
0xB93C7000 \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys
0xB84C2000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 60):
0 System Idle Process
4 System
484 C:\WINDOWS\system32\smss.exe
516 C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
692 csrss.exe
728 C:\WINDOWS\system32\winlogon.exe
784 C:\WINDOWS\system32\services.exe
800 C:\WINDOWS\system32\lsass.exe
988 C:\WINDOWS\system32\svchost.exe
1076 svchost.exe
1260 svchost.exe
1328 svchost.exe
1496 C:\WINDOWS\system32\LEXBCES.EXE
1540 C:\WINDOWS\system32\LEXPPS.EXE
1548 C:\WINDOWS\system32\spoolsv.exe
1904 C:\WINDOWS\explorer.exe
2008 svchost.exe
192 msdtc.exe
352 C:\Program Files\AVG\AVG10\avgwdsvc.exe
312 C:\Program Files\Java\jre6\bin\jqs.exe
976 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
932 C:\mjusbsp\srvany.exe
1700 C:\Program Files\Common Files\Motive\McciCMService.exe
1780 C:\WINDOWS\RTHDCPL.exe
1784 C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
396 C:\Program Files\AVG\AVG10\avgnsx.exe
1584 C:\Program Files\AVG\AVG10\avgemcx.exe
2184 C:\Program Files\Logitech\Gaming Software\LWEMon.exe
2200 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2256 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2272 C:\Program Files\AVG\AVG10\avgtray.exe
2296 C:\WINDOWS\system32\ctfmon.exe
2320 C:\Program Files\E-Color\Common\IconMgr.exe
2352 C:\WINDOWS\system32\nvsvc32.exe
2436 C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
2796 C:\WINDOWS\system32\tcpsvcs.exe
2968 C:\WINDOWS\system32\snmp.exe
3088 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
3096 C:\Program Files\E-Color\E-Color Indicator\TICIcon.exe
3100 C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
3156 C:\WINDOWS\system32\svchost.exe
3280 C:\WINDOWS\system32\mqsvc.exe
3412 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
3476 C:\WINDOWS\system32\wuauclt.exe
3684 C:\WINDOWS\system32\mqtgsvc.exe
2852 C:\Program Files\Mozilla Firefox\firefox.exe
464 alg.exe
2740 C:\Documents and Settings\NetworkService\Application Data\mjusbsp\magicJack.exe
2780 C:\PROGRA~1\AVG\AVG10\avgrsx.exe
3408 C:\Program Files\AVG\AVG10\avgcsrvx.exe
4044 C:\WINDOWS\system32\wuauclt.exe
3788 C:\WINDOWS\system32\wuauclt.exe
2316 C:\WINDOWS\system32\wuauclt.exe
2072 C:\WINDOWS\system32\wuauclt.exe
676 C:\WINDOWS\system32\wuauclt.exe
2068 C:\WINDOWS\system32\wuauclt.exe
672 C:\WINDOWS\system32\wuauclt.exe
3504 C:\WINDOWS\system32\wuauclt.exe
924 C:\WINDOWS\system32\svchost.exe
2152 C:\Documents and Settings\Home\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000012`86551200 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGSP2004C, Rev: VM100-49

Size Device Name MBR Status
--------------------------------------------
186 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644 A

Done!

SuperDave · « **Reply #69 on:** November 14, 2010, 11:46:12 PM »

Ok. Please try this:

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory..

thammondwis · « **Reply #70 on:** November 15, 2010, 05:22:11 AM »

OK I am now able to connect to the Windows update site. Not sure about any of the other issues I have been having yet. Here is the log:

2010/11/15 06:14:12.0875   TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22
2010/11/15 06:14:12.0875   ================================================================================
2010/11/15 06:14:12.0875   SystemInfo:
2010/11/15 06:14:12.0875
2010/11/15 06:14:12.0875   OS Version: 5.1.2600 ServicePack: 3.0
2010/11/15 06:14:12.0875   Product type: Workstation
2010/11/15 06:14:12.0890   ComputerName: HOME
2010/11/15 06:14:12.0890   UserName: Home
2010/11/15 06:14:12.0890   Windows directory: C:\WINDOWS
2010/11/15 06:14:12.0890   System windows directory: C:\WINDOWS
2010/11/15 06:14:12.0890   Processor architecture: Intel x86
2010/11/15 06:14:12.0890   Number of processors: 2
2010/11/15 06:14:12.0890   Page size: 0x1000
2010/11/15 06:14:12.0890   Boot type: Normal boot
2010/11/15 06:14:12.0890   ================================================================================
2010/11/15 06:14:13.0406   Initialize success
2010/11/15 06:14:18.0015   ================================================================================
2010/11/15 06:14:18.0015   Scan started
2010/11/15 06:14:18.0015   Mode: Manual;
2010/11/15 06:14:18.0015   ================================================================================
2010/11/15 06:14:19.0328   ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/11/15 06:14:19.0468   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/11/15 06:14:19.0796   aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/11/15 06:14:19.0984   AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/11/15 06:14:20.0343   AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/11/15 06:14:20.0421   atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/11/15 06:14:20.0468   Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/11/15 06:14:20.0546   audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/11/15 06:14:20.0640   AVGIDSDriver (0c61f066f4d94bd67063dc6691935143) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
2010/11/15 06:14:20.0687   AVGIDSEH (84853f800cd69252c3c764fe50d0346f) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
2010/11/15 06:14:20.0750   AVGIDSFilter (28d6adcd03e10f3838488b9b5d407dd4) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
2010/11/15 06:14:20.0828   AVGIDSShim (0eb16f4dbbb946360af30d2b13a52d1d) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
2010/11/15 06:14:20.0921   Avgldx86 (1119e5bec6e749e0d292f0f84d48edba) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
2010/11/15 06:14:20.0953   Avgmfx86 (54f1a9b4c9b540c2d8ac4baa171696b1) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
2010/11/15 06:14:20.0968   Avgrkx86 (8da3b77993c5f354cc2977b7ea06d03a) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
2010/11/15 06:14:21.0015   Avgtdix (2fd3e3a57fb90679a3a83eeed0360cfd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
2010/11/15 06:14:21.0062   Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/11/15 06:14:21.0125   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/11/15 06:14:21.0218   Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/11/15 06:14:21.0312   Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/11/15 06:14:21.0375   Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/11/15 06:14:21.0531   cpuz134 (75fa19142531cbf490770c2988a7db64) C:\WINDOWS\system32\drivers\cpuz134_x32.sys
2010/11/15 06:14:21.0625   Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/11/15 06:14:21.0671   dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/11/15 06:14:21.0750   dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/11/15 06:14:21.0781   dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/11/15 06:14:21.0828   DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/11/15 06:14:21.0937   drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/11/15 06:14:22.0015   DualCoreCenter (994d42a1c15f0a64662d9c06b3345964) C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys
2010/11/15 06:14:22.0046   Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/11/15 06:14:22.0078   Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/11/15 06:14:22.0156   Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/11/15 06:14:22.0203   Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/11/15 06:14:22.0296   FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/11/15 06:14:22.0328   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/11/15 06:14:22.0359   Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/11/15 06:14:22.0406   GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2010/11/15 06:14:22.0453   Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/11/15 06:14:22.0515   HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/11/15 06:14:22.0578   HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/11/15 06:14:22.0687   HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/11/15 06:14:22.0750   i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/11/15 06:14:22.0843   Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/11/15 06:14:23.0078   IntcAzAudAddService (001aaca6ed0e6b00fc5b8faf74977e81) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/11/15 06:14:23.0218   Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/11/15 06:14:23.0250   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/11/15 06:14:23.0296   IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/11/15 06:14:23.0390   IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/11/15 06:14:23.0421   IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/11/15 06:14:23.0468   IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/11/15 06:14:23.0593   isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/11/15 06:14:23.0625   Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/11/15 06:14:23.0656   kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/11/15 06:14:23.0687   kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/11/15 06:14:23.0718   KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/11/15 06:14:23.0859   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/11/15 06:14:23.0906   Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/11/15 06:14:23.0953   Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/11/15 06:14:23.0984   mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/11/15 06:14:24.0015   MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/11/15 06:14:24.0062   MQAC (70c14f5cca5cf73f8a645c73a01d8726) C:\WINDOWS\system32\drivers\mqac.sys
2010/11/15 06:14:24.0203   MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
2010/11/15 06:14:24.0265   MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
2010/11/15 06:14:24.0343   MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/11/15 06:14:24.0406   MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/11/15 06:14:24.0437   Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/11/15 06:14:24.0484   MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/11/15 06:14:24.0578   MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/11/15 06:14:24.0609   MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/11/15 06:14:24.0687   mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/11/15 06:14:24.0703   Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/11/15 06:14:24.0765   NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/11/15 06:14:24.0796   NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/11/15 06:14:24.0875   Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/11/15 06:14:24.0906   NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/11/15 06:14:24.0984   NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/11/15 06:14:25.0031   NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/11/15 06:14:25.0078   NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/11/15 06:14:25.0140   Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/11/15 06:14:25.0203   Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/11/15 06:14:25.0265   Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/11/15 06:14:25.0515   nv (8c0456001b6900114bbb1c548bd8aaf5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/11/15 06:14:25.0796   nvata (9eccd189a9554c30a0d18a429778c7ba) C:\WINDOWS\system32\DRIVERS\nvata.sys
2010/11/15 06:14:25.0843   NVENETFD (4d6f0d3fb17c1ba64942f415c73adcdb) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2010/11/15 06:14:25.0906   nvnetbus (921e63aa1e1a20302223d016acafb52b) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2010/11/15 06:14:26.0015   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/11/15 06:14:26.0046   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/11/15 06:14:26.0093   Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/11/15 06:14:26.0140   PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/11/15 06:14:26.0187   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/11/15 06:14:26.0218   PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/11/15 06:14:26.0265   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/11/15 06:14:26.0312   Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/11/15 06:14:26.0515   PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/11/15 06:14:26.0578   PQNTDrv (04f3971b70a7855f04d351aa4bee7799) C:\WINDOWS\system32\drivers\PQNTDrv.sys
2010/11/15 06:14:26.0609   Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/11/15 06:14:26.0656   PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/11/15 06:14:26.0718   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/11/15 06:14:26.0781   PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/11/15 06:14:26.0906   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/11/15 06:14:26.0953   Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/11/15 06:14:27.0015   RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/11/15 06:14:27.0109   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/11/15 06:14:27.0156   Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/11/15 06:14:27.0187   RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/11/15 06:14:27.0250   rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/11/15 06:14:27.0296   RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/11/15 06:14:27.0343   redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/11/15 06:14:27.0453   RMCAST (96f7a9a7bf0c9c0440a967440065d33c) C:\WINDOWS\system32\drivers\RMCast.sys
2010/11/15 06:14:27.0671   SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2010/11/15 06:14:27.0703   SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2010/11/15 06:14:27.0781   Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/11/15 06:14:27.0890   serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/11/15 06:14:27.0937   Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/11/15 06:14:28.0000   Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/11/15 06:14:28.0140   splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/11/15 06:14:28.0203   sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2010/11/15 06:14:28.0265   sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/11/15 06:14:28.0328   Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/11/15 06:14:28.0375   swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/11/15 06:14:28.0406   swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/11/15 06:14:28.0546   sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/11/15 06:14:28.0640   Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/11/15 06:14:28.0687   Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
2010/11/15 06:14:28.0765   TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/11/15 06:14:28.0828   TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/11/15 06:14:28.0875   TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/11/15 06:14:28.0968   tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
2010/11/15 06:14:29.0000   Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/11/15 06:14:29.0062   Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/11/15 06:14:29.0140   usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/11/15 06:14:29.0203   usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/11/15 06:14:29.0281   usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/11/15 06:14:29.0328   usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/11/15 06:14:29.0390   usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/11/15 06:14:29.0406   usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/11/15 06:14:29.0453   usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/11/15 06:14:29.0531   USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/11/15 06:14:29.0562   VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/11/15 06:14:29.0625   VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/11/15 06:14:29.0671   Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/11/15 06:14:29.0718   wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/11/15 06:14:29.0781   WmBEnum (59c90bc8317bd3f6e5559a4deaf35090) C:\WINDOWS\system32\drivers\WmBEnum.sys
2010/11/15 06:14:29.0828   WmFilter (999a4539ad634a741afd357e290bd461) C:\WINDOWS\system32\drivers\WmFilter.sys
2010/11/15 06:14:29.0906   WmVirHid (0b8c64b13776f17537f0705fe62799c6) C:\WINDOWS\system32\drivers\WmVirHid.sys
2010/11/15 06:14:29.0953   WmXlCore (8d388aeb1a12c1192aa9b4ebceabcba6) C:\WINDOWS\system32\drivers\WmXlCore.sys
2010/11/15 06:14:30.0015   WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/11/15 06:14:30.0062   WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/11/15 06:14:30.0140   \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2010/11/15 06:14:30.0140   ================================================================================
2010/11/15 06:14:30.0140   Scan finished
2010/11/15 06:14:30.0140   ================================================================================
2010/11/15 06:14:30.0156   Detected object count: 1
2010/11/15 06:14:44.0718   \HardDisk0 - will be cured after reboot
2010/11/15 06:14:44.0718   Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2010/11/15 06:14:51.0921   Deinitialize success

thammondwis · « **Reply #71 on:** November 15, 2010, 05:51:43 AM »

Just a bit more feedback, after using both IE and FireFox for a little while I did not have any redirects or pop ups.

SuperDave · « **Reply #72 on:** November 15, 2010, 01:32:00 PM »

Quote

Just a bit more feedback, after using both IE and FireFox for a little while I did not have any redirects or pop ups.

Well, that's good news. Please run ESET again as instructed in Reply # 45

thammondwis · « **Reply #73 on:** November 16, 2010, 04:16:07 AM »

ESET picked up a couple of threats. Here is the log:

C:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\47\fa54f6f-332ad8a6 a variant of Java/Rowindal.C trojan deleted - quarantined
C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\36\6b20c64-75814c05 a variant of Java/TrojanDownloader.OpenStream.NAU trojan deleted - quarantined

SuperDave · « **Reply #74 on:** November 16, 2010, 01:08:20 PM »

I would say that your computer appears to be clean. This has been a long process. Than your for being so patient.Let's do some cleanup.

* Click START then RUN - Vista users press the Windows Key and the R keys together for the Run box.
* Now type blackpudding /uninstall in the runbox
* Make sure there's a space between blackpudding and /Uninstall
* Then hit Enter

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.

***********************************
To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

Click the CleanUp button.
Select Yes when the "Begin cleanup Process?" prompt appears.
If you are prompted to Reboot during the cleanup, select Yes.
The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
******************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
*******************************************
Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
*********************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Computer Hope Forum

News:

Author Topic: Pc Problems (Read 56129 times)

thammondwis

Re: Pc Problems

thammondwis

Re: Pc Problems

thammondwis

Re: Pc Problems

thammondwis

Re: Pc Problems

SuperDave

Re: Pc Problems

SuperDave

Re: Pc Problems

thammondwis

Re: Pc Problems

SuperDave

Re: Pc Problems

thammondwis

Re: Pc Problems

SuperDave

Re: Pc Problems

thammondwis

Re: Pc Problems

thammondwis

Re: Pc Problems

SuperDave

Re: Pc Problems

thammondwis

Re: Pc Problems

SuperDave

Re: Pc Problems