Go Back   Cyber Tech Help Support Forums > Operating Systems > Windows 7

Notices

Reply
 
Topic Tools
  #31  
Old November 28th, 2010, 04:45 PM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
Part two

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{819ffe20-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{819ffe21-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{819ffe22-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{799391d3-eb86-4bac-9bd3-cbfea58a0e15} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d858dafc-9573-4811-b323-7011a3aa7e61} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\W MPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlo ok\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\ Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\MyWebSearchService (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files (x86)\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\setups (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Overlay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.FunWebProducts) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\1.bin\F3EZSETP.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3REGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\INSTALL.RDF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3DLGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

I did reboot also
thanks
Barbara
Reply With Quote


  #32  
Old November 28th, 2010, 11:21 PM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
things have been running good since I did the malware scan and removal... Was just sitting here and not using the computer...suddenly, the screen went totally white with pale blue vertical lines. moving the mouse did nothing. I had to push the power button and turn it off and then turn it back on...came up okay with no problems...but that was weird...first time it did anything like this.
thanks
Barbara
Reply With Quote
  #33  
Old November 29th, 2010, 01:16 AM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
Quote:
Was just sitting here and not using the computer...suddenly, the screen went totally white with pale blue vertical lines. moving the mouse did nothing
That's not good. That sounds like an issue where you either need to reinstall your video drivers or your Video Card may be going bad.


MalwareBytes cleaned up your Smiley Central and My Web Search issue. If you google funwebproducts, you'll see why.

When you install iWin, it can install adware along for the ride. When you installed, if you didn't read the warnings, you could have installed more than you thought you did. Games are fun, but a vector of infection if they're downloaded from the wrong place.


Before we continue, for insurance, why don't you back up any files you don't want to lose. If you have Video issues, I don't want to waste time and have you lose your files.


Let me know when you are ready to continue.
Reply With Quote
  #34  
Old November 29th, 2010, 01:49 AM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
I think all my data and picture files are saved over to an external drive. I have some stuff on the computer hard drive I don't want to lose...a copy is saved, but I have to leave it where it is..the main stuff... it's pictures I share with family in a dropbox...if I remove from harddrive, it will remove it from their end also. I'm hoping I don't lose anything I have on here ...so hoping whatever we do my stuff will be okay...what is left on the hard drive... my games and other programs...
the iwin that was installed was from a CD where I purchased a couple cd games.
I sure hope my video card isn't going out...this was the first time this happened... I didn't have this happen til I set up a screen saver...so got rid of the screen saver. So hopefully that fixes that problem.
since I ran the microsoft fixit and did the malwarebyte scan and clean up... my browser is not longer giving me a problem when I'm on Facebook...that is where it was really causing me a problem...and it was okay earlier..no issues. So far, since I unfroze the desktop, it's been okay and (knock on wood), so far haven't lost the sound..and I've used the headset and is still okay... Things are looking a bit better already....

thanks
Barbara
Reply With Quote
  #35  
Old November 29th, 2010, 02:44 AM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
OK. So there's nothing you want to copy over to another drive?


I am going to have you run dds again just to see if any new errors have been written to Event Viewer.

Be careful on Facebook.

Let's hope the screensaver was the culprit. You're going to need to keep an eye out for problems.

You might run Dxdiag (as Adminitratoir to test your display. See if there are any problems detected. On the start menu, type dxdiag in the Search Programs and files box, Then in the results, right click on DXDIAG.EXE and select Run AS Administrator.

When the program opens, click the run 64 bit DXDIAG button. When the 64 bit version opens, click the Display tab. That's it. Read the page and see if any problems were detected.
Reply With Quote
  #36  
Old November 29th, 2010, 04:02 AM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
I Ran the Dxdiag and it showed no problems found for display and sound.
here is DDS


DDS (Ver_10-11-27.01) - NTFS_AMD64
Run by Barbara Ortega at 20:58:51.37 on Sun 11/28/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1545 [GMT -6:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.e xe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.e xe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\SysWOW64\atashost.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\iWin Games\iWinTrusted.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Barbara Ortega\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\HP\QuickPlay\QPService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\OBroker.exe
C:\Program Files (x86)\UCS\Virtual Account Numbers\CitiUCS.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Barbara Ortega\Desktop\Malware fix programs\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://att.my.yahoo.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion &pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion &pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion &pf=cnnb
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
BHO: OToolbarHelper Class: {7aed0dc9-374e-440d-b966-be292971225b} - C:\Program Files (x86)\UCS\Virtual Account Numbers\CitiUCSHelper.dll
BHO: IEHlprObj Class: {8ca5ed52-f3fb-4414-a105-2e3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: hpBHO Class: {abd3b5e1-b268-407b-a150-2641dab8d898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstan ce.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Virtual Account Numbers: {a1bdf46b-9de6-4090-8791-84f26e00934c} - C:\Program Files (x86)\UCS\Virtual Account Numbers\CitiUCSToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [1194862116] C:\PROGRA~2\eGames\PUZZLE~1\Register\EGAMES~1.EXE /r "C:\PROGRA~2\eGames\PUZZLE~1\Register\EGAMES~1.rpd "
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\BARBAR~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Barbara Ortega\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Barbara Ortega\AppData\Roaming\DVDVideoSoftIEHelpers\youtu bedownload.htm
IE: Free YouTube to Mp3 Converter - C:\Users\Barbara Ortega\AppData\Roaming\DVDVideoSoftIEHelpers\youtu betomp3.htm
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8 574934B26AC4.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg64.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe"
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

part two to follow
Reply With Quote
  #37  
Old November 29th, 2010, 04:03 AM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
part two

================= FIREFOX ===================

FF - ProfilePath - C:\Users\BARBAR~1\AppData\Roaming\Mozilla\Firefox\ Profiles\v7cffo0h.default\
FF - prefs.js: browser.startup.homepage - hxxp://att.my.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\UCS\Virtual Account Numbers\components\SlimOrbAddonCitiUCS.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn. dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl. dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \Firefox\Ext\components\nprpffbrowserrecordlegacye xt.dll
FF - component: C:\Users\Barbara Ortega\AppData\Roaming\IDM\idmmzcc3\components\idm mzcc.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.d ll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Norton Toolbar: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF - Extension: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \Firefox\Ext
FF - Extension: Virtual Account Numbers for Firefox: citiucs@orbiscom - C:\Program Files (x86)\UCS\Virtual Account Numbers
FF - Extension: IDM CC: mozilla_cc@internetdownloadmanager.com - C:\Users\Barbara Ortega\AppData\Roaming\IDM\idmmzcc3

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHl pa64.sys [2009-11-1 55856]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\030 8000.029\SymEFA64.sys [2010-2-28 402992]
R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\System32\drivers\N360x64\0308000 .029\BHDrvx64.sys [2010-2-28 334384]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\N360x64\03080 00.029\cchpx64.sys [2010-2-28 583296]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101124. 002\IDSviA64.sys [2010-10-19 476720]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-6 169408]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileReposi tory\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AE STSr64.exe [2009-9-1 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-7-2 203264]
R2 atashost;WebEx Service Host for Support Center;C:\Windows\SysWOW64\atashost.exe [2009-10-26 20376]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.s ys [2010-11-17 137256]
R2 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2010-4-14 78104]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2010-2-28 117640]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-21 227896]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-5-30 132656]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-9-1 215040]
R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\System32\drivers\N360x64\0308000 .029\symndisv.sys [2010-2-28 56880]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2009-9-1 36408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-19 136176]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2010-10-21 271640]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-10-21 327704]
S3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-10-21 6379288]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-9-1 216576]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VS TAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VS TDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\driver s\VSTCNXT6.SYS [2009-7-13 740864]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-8 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]

=============== Created Last 30 ================

2010-11-28 15:14:50 -------- d-----w- C:\Users\BARBAR~1\AppData\Roaming\Malwarebytes
2010-11-28 15:14:32 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-11-28 15:14:31 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-11-28 15:14:30 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-28 15:14:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-11-28 12:15:22 191488 ----a-w- C:\Windows\System32\unrar.dll
2010-11-28 12:15:21 136704 ----a-w- C:\Windows\System32\ff_vfw.dll
2010-11-28 12:15:19 -------- d-----w- C:\Program Files\KLCP64
2010-11-26 14:12:26 -------- d-----w- C:\Users\BARBAR~1\AppData\Roaming\Windows Live Writer
2010-11-26 14:12:26 -------- d-----w- C:\Users\BARBAR~1\AppData\Local\Windows Live Writer
2010-11-24 21:48:51 -------- d-----w- C:\Windows\en
2010-11-24 21:43:17 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2010-11-24 21:43:17 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2010-11-24 21:43:16 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2010-11-24 21:43:16 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2010-11-24 21:42:36 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\81b8c14b1cb8c2008\DSETUP.dll
2010-11-24 21:42:36 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\81b8c14b1cb8c2008\DXSETUP.exe
2010-11-24 21:42:36 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\81b8c14b1cb8c2008\dsetup32.dll
2010-11-24 21:42:34 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\80031ba31cb8c2007\DSETUP.dll
2010-11-24 21:42:34 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\80031ba31cb8c2007\DXSETUP.exe
2010-11-24 21:42:34 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\80031ba31cb8c2007\dsetup32.dll
2010-11-24 21:42:05 -------- d-----w- C:\Users\BARBAR~1\AppData\Local\Windows Live
2010-11-24 21:41:12 206848 ----a-w- C:\Windows\System32\mfps.dll
2010-11-24 21:41:11 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2010-11-24 21:41:11 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2010-11-24 21:41:11 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2010-11-24 21:41:11 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2010-11-24 21:41:10 4068864 ----a-w- C:\Windows\System32\mf.dll
2010-11-24 21:41:04 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
2010-11-24 09:51:40 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-11-24 09:51:40 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-11-20 01:37:20 165376 ----a-w- C:\Windows\SysWow64\unrar.dll
2010-11-20 01:37:18 839680 ----a-w- C:\Windows\SysWow64\lameACM.acm
2010-11-20 01:37:18 217088 ----a-w- C:\Windows\SysWow64\yv12vfw.dll
2010-11-20 01:37:18 151552 ----a-w- C:\Windows\SysWow64\ac3acm.acm
2010-11-20 01:37:17 790528 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2010-11-20 01:37:17 134144 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
2010-11-20 01:37:17 108032 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2010-11-20 01:37:14 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2010-11-17 20:23:37 137256 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2010-11-14 20:10:10 -------- d-----w- C:\Program Files\IDT
2010-11-13 18:43:07 -------- d-----w- C:\Program Files\iTunes
2010-11-13 18:43:07 -------- d-----w- C:\Program Files\iPod
2010-11-08 18:52:02 -------- d-----w- C:\Users\BARBAR~1\AppData\Roaming\EuroTalk
2010-11-08 18:51:37 -------- d-----w- C:\Program Files (x86)\EuroTalk Interactive
2010-11-08 01:15:34 -------- d-----w- C:\Users\BARBAR~1\AppData\Roaming\DVDVideoSoftIEHe lpers
2010-11-07 19:52:32 -------- d-----w- C:\Users\BARBAR~1\AppData\Roaming\Merscom
2010-11-07 19:52:32 -------- d-----w- C:\PROGRA~3\Merscom
2010-11-07 19:48:39 -------- d-----w- C:\Users\BARBAR~1\AppData\Local\TimeParadox
2010-11-06 17:37:34 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 17:37:34 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\PLUGINS\nppdf32.dll
2010-11-06 14:28:43 -------- d-----w- C:\Users\BARBAR~1\AppData\Roaming\DVDVideoSoft
2010-11-06 14:28:41 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
2010-11-06 14:28:41 -------- d-----w- C:\Program Files (x86)\Common Files\DVDVideoSoft
2010-11-04 12:20:08 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2010-11-01 18:52:20 598368 ----a-w- C:\RealPlayer.exe

==================== Find3M ====================

2010-11-04 12:19:42 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2010-11-04 12:19:42 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2010-10-27 18:28:46 11320 ----a-w- C:\Windows\help\OEM\Scripts\HPSARedirectorLauncher .exe
2010-10-10 03:39:41 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2010-10-10 03:39:40 286768 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2010-10-10 03:39:40 204584 ----a-w- C:\Windows\System32\SynTPAPI.dll
2010-10-10 03:39:40 147752 ----a-w- C:\Windows\System32\SynTPCo4.dll
2010-10-10 03:39:40 107816 ----a-w- C:\Windows\SysWow64\SynTPCOM.dll
2010-10-10 03:39:39 395048 ----a-w- C:\Windows\System32\SynCOM.dll
2010-10-10 03:39:39 261928 ----a-w- C:\Windows\System32\SynCtrl.dll
2010-10-10 03:39:39 206120 ----a-w- C:\Windows\SysWow64\SynCtrl.dll
2010-10-10 03:39:39 169256 ----a-w- C:\Windows\SysWow64\SynCOM.dll
2010-09-29 18:31:28 210272 ----a-w- C:\Windows\SysWow64\idmmbc.dll
2010-09-23 06:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-09-23 06:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-09-21 20:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 20:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
2010-09-15 09:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-09-08 16:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-09-08 16:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll

============= FINISH: 21:00:00.13 ===============
Reply With Quote
  #38  
Old November 29th, 2010, 04:04 AM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
Attachment

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-27.01)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/26/2009 9:17:27 AM
System Uptime: 11/28/2010 4:13:55 PM (5 hours ago)

Motherboard: Quanta | | 363F
Processor: AMD Sempron(tm) M100 | Socket S1G3 | 2000/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 219 GiB total, 155.723 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 2.187 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 466 GiB total, 457.424 GiB free.

==== Disabled Device Manager Items =============

Class GUID:
Description: WD SES Device USB Device
Device ID: USBSTOR\OTHER&VEN_WD&PROD_SES_DEVICE&REV_1008\5758 38314337303636343333&1
Manufacturer:
Name: WD SES Device USB Device
PNP Device ID: USBSTOR\OTHER&VEN_WD&PROD_SES_DEVICE&REV_1008\5758 38314337303636343333&1
Service:

==== System Restore Points ===================

RP107: 11/8/2010 12:51:07 PM - Installed EuroTalk Talk Now!
RP108: 11/10/2010 10:37:36 PM - Windows Update
RP109: 11/18/2010 4:14:11 PM - Scheduled Checkpoint
RP110: 11/24/2010 11:26:03 AM - Norton 360 Registry Clean
RP112: 11/24/2010 3:40:35 PM - Windows Update
RP113: 11/25/2010 9:15:13 PM - Windows Update
RP114: 11/27/2010 2:46:46 PM - Installed Microsoft Fix it 50403
RP115: 11/27/2010 4:57:45 PM - Installed Microsoft Fix it 50403

==== Installed Programs ======================

1912 Titanic Mystery
7 Wonders II (remove only)
A Gypsy's Tale: The Tower of Secrets
Acrobat.com
Activate Norton Online Backup
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 7.0
Adobe Photoshop Elements 9
Adobe Photoshop.com Inspiration Browser
Adobe Reader 9.4.1 MUI
AMD USB Filter Driver
Ancient Mysteries
Ancient Secrets
Anime Studio Debut 7.0
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
Bejeweled 2 Deluxe 1.0
Big Fish Games: Game Manager
Bookworm Deluxe 1.03
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Classic Adventures: The Great Gatsby
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite
D3DX10
Dark Tales: ™ Edgar Allan Poe's The Black Cat
Dark Tales:™ Edgar Allan Poe`s Murders in the Rue Morgue Collector`s Edition
DataPilot
Detective Stories: Hollywood (remove only)
DinerTown Detective Agency
Dropbox
Echoes of the Past: Royal House of Stone
Echoes of the Past: The Castle of Shadows
eGames GameButler
Elements 9 Organizer
Elements STI Installer
Escape The Museum 2
EuroTalk Talk Now!
Free Studio version 4.9.13
Free Video to MP3 Converter version 4.1
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Hallmark Card Studio 2010 Deluxe
Hidden Expedition &reg; - Devil's Triangle
Hidden Mysteries - White House
Homepage Protection
HP Advisor
HP Customer Experience Enhancements
HP DVD Play 3.7
HP Games
HP Quick Launch Buttons
HP Setup
HP Support Assistant
HP Update
HP User Guides 0148
HP Wireless Assistant
HPAsset component for HP Active Support Library
IDT Audio
Internet Download Manager
iWin Games (remove only)
Java Auto Updater
Java(TM) 6 Update 22
Jewel Quest (remove only)
Junk Mail filter update
K-Lite Codec Pack 6.5.0 (Full)
LabelPrint
LightScribe System Software
Lost Secrets Bermuda Triangle
Lost Secrets Vatican Mysteries
Lost Worlds
Magic Encyclopedia - Moon Light
Magic Encyclopedia. First Story
Malwarebytes' Anti-Malware
Med-Flash Emergency Information Storage Tool
Microsoft .NET Framework 1.1
Microsoft Live Search Toolbar
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
Midnight Mysteries Salem Witch Trials
MonsterQuest
Mortimer Beckett and the Time Paradox
Mozilla Firefox (3.6.12)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
Mystery Case Files&reg;: Dire Grove™ Collector's Edition
Mystery Case Files: Ravenhearst &reg;
Mystery Legends: Sleepy Hollow
Mystery of Cleopatra
Nancy Drew Dossier: Resorting to Danger
Nancy Drew: Legend of the Crystal Skull
Natalie Brooks - The Treasures of the Lost Kingdom
Natalie Brooks: Mystery at Hillcrest High
Neptunia
Norton 360
Photo Print Gold
Power2Go
PowerDirector
PowerRecover
Project RainForest
Public Enemies: Bonnie and Clyde
Puzzle Master 5
QLBCASL
QuickTime
Real Crimes - Jack the Ripper
Real Crimes: The Unicorn Killer
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Samantha Swift and the Fountains of Fate
Save Out Spirit
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Shutter Island
Skype Toolbars
Skype™ 4.2
Slingbox - Watch Your TV Anywhere
SlingPlayer
Strange Cases - The Lighthouse Mystery
Strange Cases: The Tarot Card Mystery
Symantec Technical Support Web Controls
The Clockwork Man
The Lost Cases of Sherlock Holmes 2
The Serpent of Isis ™
The Treasures Of Mystery Island
The Wizard's Pen 1.01
Time Dreamer
Uninstall 1.0.0.1
Virtual Account Numbers
VIVA MEDIA GAME CENTER
VoiceOver Kit
WebEx
Wild West Quest
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Women's Murder Club A Darker Shade of Grey
Women's Murder Club Twice in a Blue Moon
Yahoo! Messenger
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

11/26/2010 5:02:29 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user BarbaraOrtega\Barbara Ortega SID (S-1-5-21-851903321-2217183862-1311633198-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/24/2010 3:53:42 AM, Error: NetBT [4321] - The name "BARBARA :1d" could not be registered on the interface with IP address 192.168.1.116. The computer with the IP address 192.168.1.115 did not allow the name to be claimed by this computer.
11/23/2010 4:02:58 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Com4QLBEx service to connect.
11/23/2010 4:02:58 AM, Error: Service Control Manager [7000] - The Com4QLBEx service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/23/2010 4:02:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service Com4QLBEx with arguments "" in order to run the server: {DB536E5D-10F7-4B34-B443-140161048E2E}
11/23/2010 3:45:05 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/23/2010 3:45:05 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/23/2010 3:45:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/21/2010 3:44:02 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
11/21/2010 3:44:02 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

==== End Of File ===========================

I'm going to lay down for the night...been up since 3:30am...and i'm falling asleep right now...
Have a good night and I'll be back on tomorrow...
thank you
Barbara
Appreciate your help
Reply With Quote
  #39  
Old November 29th, 2010, 05:57 PM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
Wanted to pass along that I've been on computer now for about 7 hours and no problems have come up...sound is working, nothing is freezing up, the IE is working okay on Facebook and other sites, I've turned off the screensaver so no problem with display at the moment..(hoping it stays that way). I probably need to update BIOS, but wasn't sure which one I should use...there are two on the HP site...one is version F.03 and the other is Version F.15

thanks ... just wanted to give you update on how the computer is doing at the moment...
Barbara
Reply With Quote
  #40  
Old November 29th, 2010, 07:37 PM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
It's looking good.

But this BHO is something you should disable or remove. If it reinstalls when you play a game, then you should uninstall it again.
BHO: IEHlprObj Class: {8ca5ed52-f3fb-4414-a105-2e3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll


I ran across 2 more issues related to IDM.
It can cause Firefox crashes.

It can also cause certain Online Games to crash. If that happens, then if you want to play, then use Task Manager to end the IEMonitor.exe Process.

IEMonitor.exe monitors your clicks so that if you click a download link, it will perform the download.


Do you know how to flush the restore points? That is a good thing to do after cleaning up. Flush and then create a new restore point.

Here's a page with directions if you need them:
http://www.ehow.com/how_6882515_flus...m-restore.html


After you have deleted the restore points, use the Create Restore Point button to create a new restore point.
Reply With Quote
  #41  
Old November 29th, 2010, 08:26 PM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
Okay will uninstall the BHO iwin... .. it might reinstall..not sure what it will do when I try to open game..haven't played in a little while, so may just take them off...
the IDM is my download manager.. It helps when I download something..makes it lots faster than otherwise... Firefox did crash once when I was on it, but most of the time, I use IE. I'll make note of the IEMoniter.exe to end process if it crashes me. Does it show a problem
with the IDM..? I generally don't play any games on Firefox...do the facebook stuff on IE.
I've never flushed restore points. I'll read article and do that...thanks so much
does everything else look pretty good? so far, it seems to be running good now...am sure hoping it continues to run good now.

thanks a lot
Barbara
Reply With Quote
  #42  
Old November 29th, 2010, 11:13 PM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
Okay... I did the uninstall of the Iwin and the two games that went with it. I did a flush of the restore point and created a new one.

thanks
Barbara
Reply With Quote
  #43  
Old November 30th, 2010, 06:27 PM
Mamacat104's Avatar
Mamacat104 Mamacat104 is offline
Senior Member
 
Join Date: Jan 2003
O/S: Windows 7 64-bit
Location: Texas
Posts: 490
Hi
Okay... wanted to post back and let you know that all seems to be working good today again. No problem with sound, display, websites now, no desktop icons freezing up... so am hoping we are good now
I do appreciate all your help...
thank you so very much. If I run into any more issues, I'll post back
with new issue post..

have a really wonderful day
Barbara
Reply With Quote
  #44  
Old November 30th, 2010, 09:08 PM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
That sounds great. Being back to normal is always a relief. You're very welcome.
I'll keep my fingers crossed that your video issue was a one time only fluke.

Thanks. You have a fun day too!

Mo
Reply With Quote
  #45  
Old December 3rd, 2010, 12:43 PM
nikole957 nikole957 is offline
New Member
 
Join Date: Dec 2010
Posts: 1
Quote:
Originally Posted by Sfcvaughn View Post
no problem just post back with the results
I am sorry for interrupting, but I feel you may have some kind of malware. Having that many instances of Internet Explorer running bothers me. We generally deal with the scans in the Malware Removal Forums.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 04:47 PM.