Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old March 14th, 2011, 06:09 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
shockwave flash

getting a message that my shockwave flash has crashed. Tried to reinstall from web site and still gettin the same message.
Please advise !
It directs me to a site you have to pay for the repair once the scan completes
Reply With Quote
  #2  
Old March 15th, 2011, 02:41 AM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
Let's get a scan and see if anything jumps out at us. That may be a fake message from a fake alert software.



Download Ccleaner: Here
Click on ->
“Download
Latest Version”

Once installed, run CCleaner click the Windows tab
Select the following:
Internet Explorer:
Temp Internet
History
Recently Typed URLs
Delete Index.dat files

System:
Empty Recycle Bin
Temporary Files
Chkdsk File Fragments
Then click Run Cleaner (bottom right) then Exit

Please download DDS: Here

If you are using Firefox, go to the toolbar and click File. Then go down to Save As & click.
Then save it on the desktop. Save as dds.scr
Save as Type : All files


to your Desktop and doubleclick on DDs.scr to run it. (For Windows 7 and Vista, ok the UAC prompt.)



If your security software includes script blocking features, please disable these before you run this utility.


When the scan has finished, two logs will open.
Copy and paste both reports in this topic.
The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.
Reply With Quote
  #3  
Old March 15th, 2011, 01:00 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
DDS (Ver_11-03-05.01) - NTFSx86
Run by HP_Administrator at 6:57:04.67 on 03/15/2011
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.203 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\arservice.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Xobni\XobniService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Yahoo!\Common\YMailAdvisor.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Yahoo!\Search Protection\YspService.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Messenger\msmsgs.exe
Reply With Quote
  #4  
Old March 15th, 2011, 01:01 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 4.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZNxmk996YYUS&fl=0&ptb=o9H3YsBBU7 gcCX2PEdDFQQ&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
uURLSearchHooks: H - No File
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn13\yt.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn13\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Yahooo Search Protection: {25bc7718-0bfa-40ea-b381-4b2d9732d686} - c:\program files\yahoo!\search protection\ysp.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: AT&&T Toolbar: {4e7bd74f-2b8d-469e-94be-fd60bb9aae29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
BHO: : {fccc63d1-d8e4-458d-bc4f-b0c3cabf31ab} - c:\progra~1\facemod\FaceMod_Dislike.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn13\YTSingleInst ance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn13\yt.dll
TB: AT&&T Toolbar: {4e7bd74f-2b8d-469e-94be-fd60bb9aae29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YahooMessenger.ex e" -quiet
uRun: [YSearchProtection] c:\program files\yahoo!\search protection\YspService.exe
uRun: [Google Update] "c:\documents and settings\hp_administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [YBrowser] c:\progra~1\yahoo!\browser\ybrwicon.exe
uRun: [RTHDCPL] RTHDCPL.EXE
uRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
uRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb0 4.exe
uRun: [ehTray] c:\windows\ehome\ehtray.exe
uRun: [DMAScheduler] c:\program files\sonic\digitalmedia plus\digitalmedia archive\DMAScheduler.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [YMailAdvisor] "c:\program files\yahoo!\common\YMailAdvisor.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe " -t
dRunOnce: [RunNarrator] Narrator.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
IE: {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - c:\program files\yahoo!\search protection\ysp.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1173298497781
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1173298488218
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
Reply With Quote
  #5  
Old March 15th, 2011, 01:02 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGI DSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R1 RapportCerberus_23645;RapportCerberus_23645;c:\doc uments and settings\all users\application data\trusteer\rapport\store\exts\rapportcerberus\b aseline\RapportCerberus_23645.sys [2011-2-6 53816]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-2-6 63160]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-2-6 156344]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 prt1xw2k;SEM 11 Mbps Wireless Card NDIS Interface;c:\windows\system32\drivers\PRT1XW2K.SYS [2010-7-23 13056]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-2-6 821048]
R2 XobniService;XobniService;c:\program files\xobni\XobniService.exe [2011-1-11 56040]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\driv ers\AVGIDSDriver.sys [2010-8-3 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\driv ers\AVGIDSFilter.sys [2010-8-3 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\ AVGIDSShim.sys [2010-8-3 26192]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-3-3 136176]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-2-4 517448]
S3 WlanUIG;2Wire 802.11g USB Driver;c:\windows\system32\drivers\WlanUIG.sys [2007-12-13 347648]
.
=============== Created Last 30 ================
.
2011-03-13 17:47:24 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\CursedOnboard
2011-03-13 17:43:45 -------- d-----w- c:\program files\Epic Adventures - Cursed Onboard
2011-03-12 18:54:49 -------- d-----w- c:\program files\Hallowed Legends - Samhain Collector's Edition
2011-03-12 16:04:24 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\DriverCure
2011-03-12 16:04:23 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\ParetoLogic
2011-03-12 16:04:06 -------- d-----w- c:\docume~1\alluse~1\applic~1\ParetoLogic
2011-03-08 04:21:10 -------- d-----w- c:\program files\Serpent of Isis - Your Journey Continues
2011-03-05 16:03:59 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\AVG
2011-03-04 19:52:46 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\margrave3_full
2011-03-04 19:24:51 -------- d-----w- c:\program files\Margrave - The Curse of the Severed Heart Collector's Edition
2011-02-26 19:57:23 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\GAMGO
2011-02-23 19:16:33 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\GestaltGames
2011-02-23 19:16:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\GestaltGames
2011-02-22 17:15:31 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\Trusteer
2011-02-22 17:15:19 -------- d-----w- c:\program files\Trusteer
2011-02-22 03:14:49 -------- d-----w- c:\docume~1\alluse~1\applic~1\Elephant Games
2011-02-22 03:07:32 -------- d-----w- c:\program files\Mystery Trackers - The Void
2011-02-16 21:31:43 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\Dying for Daylight Shared
2011-02-16 21:31:43 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\Dying for Daylight
2011-02-16 21:29:57 -------- d-----w- c:\docume~1\alluse~1\applic~1\Dying for Daylight
2011-02-16 19:53:14 -------- d-----w- c:\program files\Dying_for_Daylight
.
==================== Find3M ====================
.
2011-02-08 14:31:21 6533584 ----a-w- c:\documents and settings\hp_administrator\XobniSetup.exe
2011-02-04 23:48:32 456192 ------w- c:\windows\system32\encdec.dll
2011-02-04 23:48:30 291840 ----a-w- c:\windows\system32\sbe.dll
2011-02-02 07:58:35 2067456 ------w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ------w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ------w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:08:45 832512 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:08:45 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-12-20 23:08:45 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 23:08:45 17408 ----a-w- c:\windows\system32\corpol.dll
2010-12-20 17:26:00 730112 ------w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:25 389120 ----a-w- c:\windows\system32\html.iec
2006-09-02 04:07:00 774144 -c--a-w- c:\program files\RngInterstitial.dll
.
============= FINISH: 6:58:25.09 ===============
Reply With Quote
  #6  
Old March 15th, 2011, 01:02 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 12/09/2006 3:47:40 PM
System Uptime: 03/15/2011 6:22:47 AM (0 hours ago)
.
Motherboard: ASUSTek Computer INC. | | NAGAMI
Processor: AMD Athlon(tm) 64 Processor 3800+ | Socket 939 | 2405/199mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 178 GiB total, 119.453 GiB free.
D: is FIXED (NTFS) - 93 GiB total, 92.975 GiB free.
E: is FIXED (FAT32) - 8 GiB total, 0.484 GiB free.
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1253: 12/15/2010 10:45:29 AM - System Checkpoint
RP1254: 12/15/2010 10:03:02 PM - Software Distribution Service 3.0
RP1255: 12/17/2010 6:58:25 AM - System Checkpoint
RP1256: 12/17/2010 10:41:26 PM - Software Distribution Service 3.0
RP1257: 12/18/2010 11:14:52 PM - System Checkpoint
RP1258: 12/20/2010 8:39:07 AM - System Checkpoint
RP1259: 12/21/2010 9:40:19 AM - System Checkpoint
RP1260: 12/22/2010 9:40:44 AM - System Checkpoint
RP1261: 12/23/2010 9:54:57 AM - System Checkpoint
RP1262: 12/24/2010 10:46:58 AM - System Checkpoint
RP1263: 12/25/2010 11:08:07 AM - System Checkpoint
RP1264: 12/26/2010 11:11:51 AM - System Checkpoint
RP1265: 12/27/2010 12:37:38 PM - System Checkpoint
RP1266: 12/28/2010 12:38:17 PM - System Checkpoint
RP1267: 12/29/2010 12:57:09 PM - System Checkpoint
RP1268: 12/30/2010 1:53:01 PM - System Checkpoint
RP1269: 12/30/2010 3:23:57 PM - Installed DirectX
RP1270: 12/31/2010 3:26:19 PM - System Checkpoint
RP1271: 01/01/2011 1:04:08 AM - Software Distribution Service 3.0
RP1272: 01/02/2011 7:39:29 AM - System Checkpoint
RP1273: 01/02/2011 11:03:56 PM - Installed Java(TM) 6 Update 23
RP1274: 01/04/2011 7:10:49 AM - System Checkpoint
RP1275: 01/05/2011 7:36:00 AM - System Checkpoint
RP1276: 01/05/2011 10:09:45 PM - Software Distribution Service 3.0
RP1277: 01/07/2011 7:01:00 AM - System Checkpoint
RP1278: 01/08/2011 9:23:34 AM - System Checkpoint
RP1279: 01/09/2011 9:48:09 AM - System Checkpoint
RP1280: 01/10/2011 10:44:34 AM - System Checkpoint
RP1281: 01/11/2011 11:56:18 AM - System Checkpoint
RP1282: 01/12/2011 12:02:36 PM - System Checkpoint
RP1283: 01/12/2011 9:55:11 PM - Software Distribution Service 3.0
RP1284: 01/14/2011 7:30:06 AM - System Checkpoint
RP1285: 01/15/2011 8:59:05 AM - System Checkpoint
RP1286: 01/16/2011 9:26:21 AM - System Checkpoint
RP1287: 01/17/2011 11:15:09 AM - System Checkpoint
RP1288: 01/18/2011 11:24:10 AM - System Checkpoint
RP1289: 01/19/2011 11:58:12 AM - System Checkpoint
RP1290: 01/20/2011 12:23:42 PM - System Checkpoint
RP1291: 01/21/2011 2:58:16 PM - System Checkpoint
RP1292: 01/22/2011 3:15:01 PM - System Checkpoint
RP1293: 01/23/2011 3:16:45 PM - System Checkpoint
RP1294: 01/24/2011 4:43:02 PM - System Checkpoint
RP1295: 01/25/2011 5:03:55 PM - System Checkpoint
RP1296: 01/26/2011 5:13:27 PM - System Checkpoint
RP1297: 01/27/2011 5:41:33 PM - System Checkpoint
RP1298: 01/28/2011 6:35:20 PM - System Checkpoint
RP1299: 01/29/2011 6:38:22 PM - System Checkpoint
RP1300: 01/30/2011 6:43:40 AM - Restore Operation
RP1301: 01/31/2011 7:36:14 AM - System Checkpoint
RP1302: 02/01/2011 8:21:24 AM - System Checkpoint
RP1303: 02/02/2011 8:51:34 AM - System Checkpoint
RP1304: 02/03/2011 9:32:18 AM - System Checkpoint
RP1305: 02/04/2011 9:33:33 AM - System Checkpoint
RP1306: 02/04/2011 4:02:06 PM - Removed Kaspersky Internet Security 2010.
RP1307: 02/04/2011 4:15:56 PM - Installed AVG 2011
RP1308: 02/04/2011 4:16:31 PM - Installed AVG 2011
RP1309: 02/05/2011 4:28:45 PM - System Checkpoint
RP1310: 02/06/2011 4:54:46 PM - System Checkpoint
RP1311: 02/07/2011 5:45:43 PM - System Checkpoint
RP1312: 02/08/2011 6:10:52 PM - System Checkpoint
RP1313: 02/09/2011 6:44:12 PM - System Checkpoint
RP1314: 02/10/2011 6:58:23 AM - Software Distribution Service 3.0
RP1315: 02/11/2011 8:39:33 AM - System Checkpoint
RP1316: 02/12/2011 9:08:15 AM - System Checkpoint
RP1317: 02/13/2011 10:00:17 AM - System Checkpoint
RP1318: 02/14/2011 10:37:37 AM - System Checkpoint
RP1319: 02/15/2011 11:07:09 AM - System Checkpoint
RP1320: 02/16/2011 11:13:04 AM - System Checkpoint
RP1321: 02/17/2011 11:58:53 AM - System Checkpoint
RP1322: 02/18/2011 12:25:27 PM - System Checkpoint
RP1323: 02/19/2011 1:41:14 PM - System Checkpoint
RP1324: 02/20/2011 2:04:04 PM - System Checkpoint
RP1325: 02/21/2011 2:22:53 PM - System Checkpoint
RP1326: 02/22/2011 11:15:15 AM - Installed Rapport
RP1327: 02/23/2011 11:20:10 AM - System Checkpoint
RP1328: 02/24/2011 11:25:03 AM - System Checkpoint
RP1329: 02/25/2011 11:26:51 AM - System Checkpoint
RP1330: 02/26/2011 2:18:26 PM - System Checkpoint
RP1331: 02/27/2011 3:01:53 PM - System Checkpoint
RP1332: 02/28/2011 3:42:33 PM - System Checkpoint
RP1333: 03/01/2011 4:20:00 PM - System Checkpoint
RP1334: 03/02/2011 5:21:50 PM - System Checkpoint
RP1335: 03/03/2011 5:44:46 PM - Removed Google Earth.
RP1336: 03/04/2011 7:20:28 PM - System Checkpoint
RP1337: 03/05/2011 7:31:11 PM - System Checkpoint
RP1338: 03/07/2011 7:55:32 AM - System Checkpoint
RP1339: 03/08/2011 8:32:52 AM - System Checkpoint
RP1340: 03/09/2011 8:54:17 AM - System Checkpoint
RP1341: 03/10/2011 6:04:32 AM - Software Distribution Service 3.0
RP1342: 03/11/2011 5:29:05 AM - Software Distribution Service 3.0
RP1343: 03/11/2011 10:42:45 PM - Software Distribution Service 3.0
RP1344: 03/13/2011 7:44:03 AM - System Checkpoint
RP1345: 03/14/2011 7:56:00 AM - System Checkpoint
.
==== Installed Programs ======================
.
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11.5
Advanced WindowsCare Personal
Agere Systems PCI-SV92PP Soft Modem
AiO_Scan
AiO_Scan_CDA
AiOSoftware
AiOSoftwareNPI
Ancient Secrets - Mystery of the Vanishing Bride
Art of Murder: Cards of Destiny
AT&T Toolbar
AT&T Yahoo! Applications
AT&T Yahoo! DSL Activation
AVG 2011
AVG PC Tuneup 2011
Awakening: Moonfell Wood
Bejeweled(R) 3
Between the Worlds (remove only)
Big City Adventure - San Francisco (remove only)
Big Fish Games: Game Manager
Blue Madonna - A Carol Reed Mystery
Brain Training for Dummies
BufferChm
CameraDrivers
Carl the Caveman
CCleaner
Charlaine Harris: Dying for Daylight
Chuzzle Deluxe
City Sights - Hello, Seattle!
Columbus: Ghost of the Mystery Stone
Coupon Printer for Windows
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
Customer Experience Enhancement
Dark Tales: ™ Edgar Allan Poe's The Black Cat
Death at Fairing Point: A Dana Knightstone Novel
Destinations
DocProc
DocumentViewer
DocumentViewerQFolder
Download Manager 2.3.6
Downtown Secrets
Dream Day True Love
Dream Day Wedding Married in Manhattan (remove only)
DriverMax 5
Enhanced Multimedia Keyboard Solution
Epic Adventures: Cursed Onboard
Escape from Frankenstein's Castle
Escape Whisper Valley
ESET Online Scanner v3
FaceMod Dislike Button 1.5
Fax
Fax_CDA
Fear For Sale: Mystery of McInroy Manor
Finding Doggy
FullDPAppQFolder
GameHouse
Ghost in the Sheet (remove only)
Google Chrome
Google Update Helper
Hallowed Legends: Samhain Collector's Edition
Haunted Hotel: Lonely Dream
Hidden Identity(TM) - Chicago Blackout
Hidden Mysteries: Salem Secrets
HijackThis 2.0.2
Hodgepodge Hollow
Reply With Quote
  #7  
Old March 15th, 2011, 01:03 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
HP Boot Optimizer
hp deskjet 950c series
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP DVD Play 1.0
HP Photosmart for Media Center PC
HP Smart Web Printing
HP Web Helper
HPProductAssistant
HpSdpAppCoreApp
InstantShareDevices
iWin Toolbar
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 5
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 23
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6
Java(TM) SE Runtime Environment 6 Update 1
JoshGroban
Letters from Nowhere
LightScribe 1.4.62.1
Lost in Time: The Clockwork Tower
Mae Q'West and the Sign of the Stars
Malwarebytes' Anti-Malware
Margrave: The Curse of the Severed Heart Collector's Edition
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Standard 2006
Microsoft Digital Image Standard 2006 Editor
Microsoft Digital Image Standard 2006 Library
Microsoft Location Finder
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft Works Suite 2006 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Microsoft_VC90_CRT_x86
Millionaire Manor - The Hidden Object Show 3
Mishap 2: An Intentional Haunting
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Murder Island: Secret of Tantalus
muvee autoProducer 4.5
muvee autoProducer unPlugged 1.2
Mystery Age: The Dark Priests
Mystery Case Files &reg;: 13th Skull ™ Collector's Edition
Mystery Case Files: Madame Fate (remove only)
Mystery Case Files: Return to Ravenhearst ™
Mystery Legends: The Phantom of the Opera
Mystery of Mortlake Mansion
Mystery of the Earl
Mystery P.I.(TM) - Stolen in San Francisco
Mystery Trackers: The Void
Mystery Valley
Nancy Drew: The Haunting of Castle Malloy
Netopia Wireless LAN
NewCopy
NewCopy_CDA
Nightmare on the Pacific
NVIDIA Drivers
NVIDIA GAME System Software 2.8.1
NVIDIA nView Desktop Manager
OpenAL
OptionalContentQFolder
Otto
PanoStandAlone
Pastry Passion
Peter Flat's Inflatable Adventures (remove only)
Phantasmat
PhotoGallery
PSPrinters08
PSTAPlugin
PuppetShow: Souls of the Innocent
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
RandMap
Rapport
Readme
RealArcade
Realtek High Definition Audio Driver
Recuva (remove only)
Reincarnations: Uncover the Past
Saints & Sinners Bowling (remove only)
Sandlot Games Client Services 1.2.2
Scan
ScannerCopy
Scrapbook Paige (remove only)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows XP (KB2481109)
Shadow Wolf Mysteries: Curse of the Full Moon Collector's Edition
Shaolin Mystery: Tale of the Jade Dragon Staff
Sinister City
Sinking Island
SkinsHP1
Slingo Mystery (remove only)
Slingo Quest Hawaii
SolutionCenter
Sonic Express Labeler
Sonic Update Manager
Sonic_PrimoSDK
Spirit Seasons: Little Ghost Story
Status
Stray Souls: Dollhouse Story Collector's Edition
Superstar Chefs Full Version 1.29
Syberia 1 (remove only)
The Curse of the Ring
The Fall Trilogy Chapter 2: Reconstruction
The Mystery of the Dragon Prince
The Secret Legacy: A Kate Brooks Adventure
The Serpent of Isis: Your Journey Continues
The Weather Channel Desktop 6
The White Wolf of Icicle Creek
Time Mysteries: Inheritance
Time Zone Data Update Tool for Microsoft Office Outlook
TrayApp
TrueSwitch Wizard AT&T Yahoo!
Turtle Odyssey
Turtle Odyssey 2
Twisted Lands: Shadow Town
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
URGE
Valerie Porter and the Scarlet Scandal(TM)
Vault Cracker
Victorian Mysteries - Woman in White
Virtual Villagers - New Believers 1.0
Virtual Villagers - The Secret City 1.0
Web Games Player Plugin
WebFldrs XP
WebReg
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB2502898
Wisegal
Xobni
Xobni Core
Yahoo! Mail Advisor
Yahoo! Search Protection
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
03/13/2011 6:34:12 AM, error: Service Control Manager [7022] - The AVGIDSAgent service hung on starting.
03/11/2011 5:27:53 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
.
==== End Of File ===========================
Reply With Quote
  #8  
Old March 15th, 2011, 01:14 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
New message this morning... Gamevance Textlinks plugin has crashed'
I try to stay away from anything Gamevance because have had many problems in the past with them invading my system.
Reply With Quote
  #9  
Old March 18th, 2011, 04:41 PM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
In Add remove programs, please uninstall iWin Toolbar

Then, we need to get rid of all old versions of java and update to the newest version.

Please download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.


Which Browser do you use? IE, Firefox?
Reply With Quote
  #10  
Old March 18th, 2011, 07:50 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
computer won't allow me to delete the iwin toolbar. msg says "could not open Install.Log file. I use google chrome....IE caused me too many problems so I changed to google chrome.
Reply With Quote
  #11  
Old March 19th, 2011, 01:19 PM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
Download Malwarebytes' Anti-Malware. (Scroll to the bottom of the page and click on the Blue button labeled Download free version.Here.

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform full scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
* The log is automatically saved by Malwarebytes and can be viewed by clicking the Logs tab in Malwarebytes.
* Copy and Paste the entire report in your next reply. If it calls for a reboot to complete the repairs do that as well then.

----------
Quote:
IE caused me too many problems so I changed to google chrome.
What kind of prpblems did IE cause?
Reply With Quote
  #12  
Old March 19th, 2011, 07:11 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6106

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

03/19/2011 1:09:34 PM
mbam-log-2011-03-19 (13-09-34).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Objects scanned: 417368
Time elapsed: 1 hour(s), 55 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 12

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\AppDataLow\gvtl (Adware.GameVance) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\documents and settings\hp_administrator\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com (Adware.GamesVance) -> Quarantined and deleted successfully.
c:\documents and settings\hp_administrator\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\chrome (Adware.GamesVance) -> Quarantined and deleted successfully.
c:\documents and settings\hp_administrator\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components (Adware.GamesVance) -> Quarantined and deleted successfully.

Files Infected:
c:\Qoobox\quarantine\C\documents and settings\all users\application data\{bdfe88a4-0abc-4160-a8b6-263f4dddd33e}\OFFLINE\36F1A852\3E688669\mydll.dll. vir (Adware.DoubleD.Gen) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\all users\application data\{bdfe88a4-0abc-4160-a8b6-263f4dddd33e}\OFFLINE\50EF6DF6\3E688669\riched20sm iley.dll.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\all users\application data\{bdfe88a4-0abc-4160-a8b6-263f4dddd33e}\OFFLINE\mfilebagide.dll\bag\setup.ex e.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\all users\application data\{bdfe88a4-0abc-4160-a8b6-263f4dddd33e}\OFFLINE\mfilebagide.dll\bag\stbrewlm .exe.vir (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\all users\application data\{bdfe88a4-0abc-4160-a8b6-263f4dddd33e}\OFFLINE\mfilebagide.dll\bag\stbterm. exe.vir (Adware.ColorSoft) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files\search guard plus\searchguardplus.exe.vir (PUP.Fbsearch) -> Quarantined and deleted successfully.
c:\documents and settings\hp_administrator\my documents\downloads\updateddrivers (1).exe (PUP.Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\hp_administrator\my documents\downloads\updateddrivers.exe (PUP.Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\hp_administrator\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\chrome.manif est (Adware.GamesVance) -> Quarantined and deleted successfully.
c:\documents and settings\hp_administrator\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\install.rdf (Adware.GamesVance) -> Quarantined and deleted successfully.
c:\documents and settings\hp_administrator\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\chrome\gvtex tlinks.jar (Adware.GamesVance) -> Quarantined and deleted successfully.
c:\documents and settings\hp_administrator\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components\g vtlf.xpt (Adware.GamesVance) -> Quarantined and deleted successfully.


IE locked up or crashed when I used it before and problems were too frequent
Reply With Quote
  #13  
Old March 19th, 2011, 08:25 PM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
Did your problems with Internet Explorer start after you installed AVG or some other program?
Reply With Quote
  #14  
Old March 19th, 2011, 08:38 PM
kat81852 kat81852 is offline
Senior Member
 
Join Date: Dec 2005
O/S: Windows XP Home
Location: Texas
Posts: 370
It started up and I don't think it was after avg because I had uninstalled that and still had the same problem and my games were slow or failed to work and froze up while I was using IE. Several of my FB friends were having the same problem so we changed to GC.
Reply With Quote
  #15  
Old March 19th, 2011, 10:25 PM
Mosaic1 Mosaic1 is offline
Malware Removal Team Advisor
 
Join Date: Jun 2001
Posts: 4,783
Did you actually do the internet explorer installation yourself? Or was it installed for you?
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Shockwave Flash-Firefox english teacher Windows Vista 2 September 19th, 2015 06:03 AM
Shockwave flash. ncredsoxfan Windows 7 7 June 4th, 2013 02:44 PM
shockwave flash kat81852 Windows XP 1 March 14th, 2011 05:34 PM
(flash) (shockwave) DJoe Web Development & Graphic Design 2 August 5th, 2005 11:54 PM
Shockwave Flash and XP Nancy Windows XP 3 December 16th, 2004 11:00 PM


All times are GMT +1. The time now is 09:05 PM.