Dell desktop running extremely slow

Hi meg46,

Welcome to Dell Community Malware Removal Forums,

Sorry for the delay in getting to you, I'm K27 and i will be reviewing your log for you.

Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.

Please Print or Save to Notepad all instructions and please follow them carefully and if there's something you don't understand or that will not work please let me know and we will go through it together.

Please DO NOT use this system for anything apart from visiting this forum and other sites I direct you too, as this will only make the cleanup process all the more diffecult.

Failure to reply in three (3) days will result in this topic being closed and I will remove it from my notifications, If you require more time then that is fine but please let me know.

Download and scan with CCleaner
1. Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation. IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
3. Then select the items you wish to clean up.
In the Windows Tab:

• Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.

In the Applications Tab:

• Clean all except cookies in the Firefox/Mozilla section if you use it.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

Then Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

• Make sure you are connected to the Internet.
• Double-click on mbam-setup.exe to install the application.
• When the installation begins, follow the prompts and do not make any changes to default settings.
• When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

• If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
• If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

• Make sure the "Perform Quick Scan" option is selected.
• Then click on the Scan button.
• If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
• The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
• When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
• Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

• Click on the Show Results button to see a list of any malware that was found.
• Make sure that everything is checked, and click Remove Selected.
• When removal is completed, a log report will open in Notepad.
• The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
• Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

I then need to see some additional information about what is happening in your machine.
Please perform the following scan:

• Download DDS by sUBs from one of the following links. Save it to your desktop.
  • DDS.com
  • DDS.scr
  • DDS.pif
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explanation about the tool.
• When done, DDS will open two (2) logs
  1. DDS.txt
  2. Attach.txt
• Save both reports to your desktop.
• The instructions here ask you to attach the Attach.txt.
  
• Instead of attaching, please copy/past both logs into your next reply.

   

   

• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE

Please copy/paste back the MBAM log and BOTH DDS logs for review.

Thanks.

Hello,

I already have Ccleaner.  Do I need to download an update?

Meg

Hi,

If you start CCleaner and it prompts for an update then please allow it to do so. We are only running CCleaner to remove some of the temp files on the system so as to make the scan times of the other tools a little quicker.

Thanks.

Here are the results from the DDS scan:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/2/2006 7:52:29 PM
System Uptime: 3/29/2011 9:24:46 AM (4 hours ago)
.
Motherboard: Dell Inc.           |  | 0WG261
Processor:               Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 144 GiB total, 78.231 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP674: 3/19/2011 9:36:27 PM - System Checkpoint

AND:

.
DDS (Ver_11-03-05.01) - NTFSx86 
Run by Young Family at 13:19:34.46 on Tue 03/29/2011
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1022.108 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

3/29/2011 1:14:03 PM
mbam-log-2011-03-29 (13-14-03).txt

Scan type: Quick scan
Objects scanned: 131080
Time elapsed: 8 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

THe above is the results of Malwayre Bytes scan performed just now.

Thank you,

Meg

Hi,

All three of them logs are incomplete, please repost the full logs for me.

Open each log individually and then please click the mouse cursor anywhere on the notepad file and hold the "Ctrl" key and tap the "A" key to hightlight everything, then while still holding the "Ctrl" key tap the "C" key, this will copy everything you just highlighted.

Then in the reply window to this thread, hold the "Ctrl" key and then tap the "V" key, this will paste everything that you copied from the log,.

Please do the above in turn for each of the three logs.

Thanks.

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 3/2/2006 7:52:29 PM

System Uptime: 3/30/2011 4:16:30 AM (16 hours ago)

.

Motherboard: Dell Inc.           |  | 0WG261

Processor:               Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 144 GiB total, 78.239 GiB free.

D: is CDROM ()

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP679: 3/24/2011 6:03:13 PM - System Checkpoint

RP680: 3/24/2011 11:27:50 PM - Software Distribution Service 3.0

RP681: 3/26/2011 10:41:35 AM - System Checkpoint

RP682: 3/27/2011 1:02:33 PM - System Checkpoint

RP683: 3/28/2011 2:15:07 PM - System Checkpoint

RP684: 3/29/2011 2:37:53 PM - System Checkpoint

RP685: 3/30/2011 3:33:30 PM - System Checkpoint

.

==== Installed Programs ======================

.

Ad-Aware

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 7.1.0

Adobe Shockwave Player

AOLIcon

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Magic-i 3

ArcSoft Software Suite

ArcSoft VideoImpression 2

ArcSoft WebCam Companion 2

ATI Control Panel

ATI Display Driver

AVG 2011

Bonjour

CCleaner

CCScore

Compatibility Pack for the 2007 Office system

Corel Applications

Corel Paint Shop Pro X

Corel Photo Album 6

Creating Keepsakes Scrapbook Designer

Critical Update for Windows Media Player 11 (KB959772)

Dell CinePlayer

Dell Digital Jukebox Driver

Dell Driver Reset Tool

Dell Support Center

Dell System Restore

DellSupport

Digital Content Portal

DIGReqEx

Diskeeper Home Edition

EducateU

ELIcon

EPSON CardMonitor

EPSON PhotoStarter3.0

EPSON Print CD

EPSON Printer Software

EPSON SPR300 Reference Guide

ESPNMotion

ESSCDBK

ESScore

ESSgui

ESSini

ESSPCD

ESSSONIC

ESSTOOLS

essvatgt

Film Factory

Google

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

High Definition Audio Driver Package - KB835221

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB954708)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Button Manager

HP Webcam User's Guide

Intel(R) 537EP V9x DF PCI Modem

Intel(R) PRO Network Connections Drivers

Intel(R) PROSet for Wired Connections

iPod for Windows 2006-03-23

iTunes

J2SE Runtime Environment 5.0 Update 10

J2SE Runtime Environment 5.0 Update 6

J2SE Runtime Environment 5.0 Update 8

Java 2 Runtime Environment, SE v1.4.2_03

Java(TM) 6 Update 11

Java(TM) 6 Update 2

Java(TM) 6 Update 3

Java(TM) 6 Update 5

Junk Mail filter update

kgcbaby

kgcbase

kgchday

kgchlwn

kgcinvt

kgckids

kgcmove

kgcvday

Kodak EasyShare software

KSU

Malwarebytes' Anti-Malware

MathPlayer

MCU

Microsoft .NET Framework 1.0 Hotfix (KB953295)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office Live Add-in 1.3

Microsoft Office Outlook Connector

Microsoft Office Small Business Edition 2003

Microsoft Picture It! Express 9

Microsoft Picture It! Library 9

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Desktop Engine (LACERTEDB)

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Web Publishing Wizard 1.52

Modem Event Monitor

Modem Helper

Modem On Hold

Move Media Player

MSN

MSN Encarta Plus Support Files

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

netbrdg

Notifier

OfotoXMI

OLYMPUS Master

OLYMPUS Master 2

PCDADDIN

PCDHELP

Photo Story 3 for Windows

PHOTOfunSTUDIO -viewer-

PocketMirror 3.1.5 (Standard Edition)

QuickTime

Replay Converter 2.8

Roll

Roxio DLA

Roxio MyDVD LE

Roxio RecordNow Audio

Roxio RecordNow Copy

SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2183461)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360131)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2416400)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2482017)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB976325)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Segoe UI

SFR

SHASTA

Shockwave

SILKYPIX Developer Studio 3.0 SE

SKIN0001

SKINXSDK

Skype web features

Skype™ 4.1

Sonic Activation Module

Sonic Encoders

Sonic Update Manager

Spybot - Search & Destroy

staticcr

The Sims Complete Collection

The Sims™ 2 Double Deluxe

tooltips

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Media Player 10 (KB910393)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB943729)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB961503)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB978207)

Update for Windows XP (KB980182)

Update Rollup 2 for Windows XP Media Center Edition 2005

Viewpoint Manager (Remove Only)

Viewpoint Media Player

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VoiceOver Kit

VPRINTOL

WebFldrs XP

Windows Defender

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Installer 3.1 (KB893803)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 10 Hotfix - KB895316

Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]

Windows Media Player 11

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

WIRELESS

.

==== Event Viewer Messages From Past Week ========

.

3/25/2011 9:55:15 PM, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

3/25/2011 10:25:15 PM, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

3/23/2011 9:25:15 PM, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

3/23/2011 11:35:04 AM, error: Service Control Manager [7000]  - The Avira Upgrade Service service failed to start due to the following error:  The system cannot find the path specified.

.

==== End Of File ===========================

.

DDS (Ver_11-03-05.01) - NTFSx86  

Run by Young Family at 20:26:24.23 on Wed 03/30/2011

Internet Explorer: 6.0.2900.5512

Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1022.434 [GMT -5:00]

.

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\HP\Button Manager\BM.exe

svchost.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

C:\Program Files\ArcSoft\Magic-i 3\Magic-i.exe

C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\AVG\AVG10\avgtray.exe

C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\AVG\AVG10\avgwdsvc.exe

C:\Program Files\AVG\AVG10\avgrsx.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

C:\Program Files\AVG\AVG10\avgchsvx.exe

C:\Program Files\AVG\AVG10\avgnsx.exe

C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Young Family\My Documents\Downloads\dds.scr

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

mDefault_Search_URL = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = iexplore

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

mURLSearchHooks: H - No File

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [OM_Monitor] c:\program files\olympus\olympus master\Monitor.exe

uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart

uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB6; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; Windows-Media-Player/10.00.00.3990; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www2.edc.org/weblabs/IncompleteDom/incompletedominance.html"

mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe

mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [OM_Monitor] c:\program files\olympus\olympus master\FirstStart.exe

mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM

mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe

mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup

mRun: [IPHSend] c:\program files\common files\aol\iphsend\IPHSend.exe

mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe

mRun: [EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\creati~1.lnk - c:\program files\scrapbook designer\scrapremind.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpbutt~1.lnk - c:\program files\hp\button manager\BM.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\Kodak Software Updater.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\magic-i.lnk - c:\program files\arcsoft\magic-i 3\Magic-i.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\photof~1.lnk - c:\program files\panasonic\photofunstudio -viewer-\PhAutoRun.exe

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F}

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=67633

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170725738500

DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} - hxxps://accounting.quickbooks.com/c2/v18.181/qboax10.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - 

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-21 64288]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 299984]

R1 crlscsi;crlscsi;c:\windows\system32\drivers\crlscsi.sys [2006-9-17 6144]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-7-4 54752]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-8-12 1405384]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 26192]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-8-12 15232]

S2 AntiVirUpgradeService;Avira Upgrade Service;"c:\docume~1\youngf~1\locals~1\temp\avsetup_4b0b4e7a\basic\avupgsvc.exe" /tempstart:""c:\docume~1\youngf~1\locals~1\temp\avsetup_4b0b4e7a\basic\setup.exe" /notempcleanup /crossupgrade" --> c:\docume~1\youngf~1\locals~1\temp\avsetup_4b0b4e7a\basic\avupgsvc.exe [?]

S2 gupdate1c9657defac2b08;Google Update Service (gupdate1c9657defac2b08);c:\program files\google\update\GoogleUpdate.exe [2008-12-23 133104]

S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2010-12-2 517448]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 hpoid407;IEEE-1284.4 Driver;c:\windows\system32\drivers\hpoid407.sys --> c:\windows\system32\drivers\hpoid407.sys [?]

S3 hpoius07;USB to IEEE-1284.4 Translation Driver;c:\windows\system32\drivers\hpoius07.sys --> c:\windows\system32\drivers\hpoius07.sys [?]

S3 MSSQL$LACERTEDB;MSSQL$LACERTEDB;c:\program files\microsoft sql server\mssql$lacertedb\binn\sqlservr.exe -slacertedb --> c:\program files\microsoft sql server\mssql$lacertedb\binn\sqlservr.exe -sLACERTEDB [?]

S3 SQLAgent$LACERTEDB;SQLAgent$LACERTEDB;c:\program files\microsoft sql server\mssql$lacertedb\binn\sqlagent.exe -i lacertedb --> c:\program files\microsoft sql server\mssql$lacertedb\binn\sqlagent.EXE -i LACERTEDB [?]

S3 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-2-15 24652]

.

=============== Created Last 30 ================

.

2011-03-23 22:11:08 -------- d-----w- c:\program files\Photo Story 3 for Windows

2011-03-23 21:30:53 -------- d-----w- c:\docume~1\youngf~1\locals~1\applic~1\PackageAware

.

==================== Find3M  ====================

.

2011-03-30 00:44:33 6686 --sha-w- c:\windows\system32\KGyGaAvL.sys

2011-03-30 00:44:31 152 --sh--r- c:\windows\system32\B6E79ECE0A.sys

2011-02-08 12:55:21 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-02-04 23:48:32 456192 ----a-w- c:\windows\system32\encdec.dll

2011-02-04 23:48:30 291840 ----a-w- c:\windows\system32\sbe.dll

2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll

2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll

2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll

2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys

2007-12-09 18:21:46 2293848 -c--a-w- c:\program files\FLV PlayerFCSetup.exe

2007-12-09 18:20:50 3928264 -c--a-w- c:\program files\FLV PlayerRCATSetup.exe

2007-12-09 18:15:35 411248 ----a-w- c:\program files\FLV PlayerRCSetup.exe

2007-03-09 08:12:32 27648 --sha-w- c:\windows\system32\AVSredirect.dll

.

============= FINISH: 20:32:56.84 ===============

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512

3/30/2011 5:32:22 PM

mbam-log-2011-03-30 (17-32-22).txt

Scan type: Quick scan

Objects scanned: 130979

Time elapsed: 7 minute(s), 57 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Hi,

Please go to "Add/Remove Programs" in control panel and uninstall the following programs. Non of them are malicious but they are either outdated or not needed on the system.

Ad-Aware

AVG 2011

J2SE Runtime Environment 5.0 Update 10

J2SE Runtime Environment 5.0 Update 6

J2SE Runtime Environment 5.0 Update 8

Java 2 Runtime Environment, SE v1.4.2_03

Java(TM) 6 Update 2

Java(TM) 6 Update 3

Java(TM) 6 Update 5

Spybot - Search & Destroy

Viewpoint Manager (Remove Only)

Viewpoint Media Player

When you run the scan with MBAM, it was out of date, please proceed as follows.

• Double click your Malwarebytes desktop icon
• Click the UPDATE tab at the top
• Scan for and install any updates it finds
• Then choose the SCANNER tab and run a FULL SCAN
• Once finished if MBAM found anything please click Show Results
• Make sure EVERYTHING has a check in the box next to it and then click Remove Selected
• Post the MBAM log results back to this thread

Then please Go here to run an online scannner from ESET.

• Note: You will need to use Internet explorer for this scan
• Turn off the real time scanner of any existing antivirus program while performing the online scan
• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Click Start
• Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
• Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
• Click Scan
• Wait for the scan to finish
• Click the "Show Results" button
• Then click the "Export to Text File" button and save the log to the desktop
• Copy and paste that log as a reply to this topic and also let me know how things are now.

Please post the new MBAM log and the ESET report as well as a status report on how the system in running.

Thanks.

Hi,  System seems to be running faster.  I removed spybot search and destroy, adaware, and avg.  But don't I need them?  I use the first two to clean things up and isn't avg my virus software?  Just wondering.  Here are the results of today's scans:

C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\setup.exe probably a variant of Win32/Agent.HZHBURL trojan

C:\Documents and Settings\Young Family\My Documents\Downloads\registrybooster.exe Win32/RegistryBooster application

C:\Documents and Settings\Young Family\My Documents\Downloads\SmitfraudFix\Process.exe Win32/PrcView application

C:\Documents and Settings\Young Family\My Documents\Downloads\SmitfraudFix\restart.exe Win32/Shutdown.NAA application

Hi,

You are correct, you do need an Anti-Virus, but not just yet and certainly not AVG, there are much better ones out there.

Please navigate to and delete the following files and folders

C:\Documents and Settings\Young Family\My Documents\Downloads\registrybooster.exe 

C:\Documents and Settings\Young Family\My Documents\Downloads\SmitfraudFix

Please also uninstall RegistryBooster is you still have it installed on the system.

Then please Download a good FREE Anti-Virus, you can find a list of them HERE, I recommend either Avast of Microsoft Security Essentials.

Your Java is outdated

Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

• Download the latest version of Java Runtime Environment (JRE) 24 and save it to your desktop.
• Scroll down to where it says JDK 6 Update 24 (JDK or JRE)
• Click the Download JRE button to the right
• Select the Windows platform from the dropdown menu.
• Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6u24 with JavaFX 1 License Agreement". Click on Continue. The page will refresh.
• Click on the link to download Windows Offline Installation and save the file to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.
• Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java versions.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-6u24-windows-i586.exe to install the newest version.

• After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are two options in the window to clear the cache - Leave BOTH Checked
    • Applications and Applets
      Trace and Log Files
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.

  .

Adobe Acrobat/Reader is out of date please update to the latest version from HERE (NOTE: On the Download page, please make sure to uncheck the box next to the "McAfee Scan" item as it is not needed)
Once you have the latest version of Adobe Reader installed, please uninstall all outdated version that remain in the add/Remove programs list on your system in control panel.

Then please go to "Start > All Programs > Windows Update > Download and install all available updates.

You need InternetExploer9 and all the updates other updates. Please keep going back to Windows Update until no more are showing. Windows updates are released in layers, as one layer is installed, another layer becomes available. Please keep going back until you have checked for updates and none are showing, then reboot the system and check again, once you have reboot twice and there are still none showing,

Once you have deleted the files/folders, updated Java and Adobe, have installed an Anti-Virus and installed all the Windows Updates, please post a fresh set of DDS logs.

Thanks.

Hi,

I am not able to work on this right now, but will complete the above when I return on Thursday.  Thank you so much for helping me with this.

Thank you,

Meg

Thank You for letting me know :)

I have completed most of what you told me to.  I now am having a problem.  I couldn't download Internet Explorer 9 because I have Windows XP.  So, I tried to download Internet Explorer 8.  It crashed in the beginning of the download with some message about a Win32 file being invalid or not there.  So, I rebooted my computer to try it again and now I can't get on to Internet Explorer.  It keeps telling me the program is busy and not responding.  Do you have any suggestions?  Obviously, I'm getting on to Internet Explorer right now via a different computer.

Thank you!

Meg