Spyware , malware and virus removal help pls

scorpio6916 · March 14, 2014

Ive recently noticed slow computer , addresses typed in address bar not going to where they should be and several "internet explorer has enc

Version: 3.4.0.1480

Date: 2014/03/10 21:09:09

----------------------------------

01 - Operating System

----------------------------------

0101 - Operating System : Windows XP Professional (5.1, Build 2600) Service Pack 3 (2600.xpsp_sp3_qfe.130704-0421)

0102 - Language : English (Regional Setting: English)

0103 - BIOS : BIOS Date: 08/27/10 11:46:43 Ver: 08.00.12

0104 - Processor : Intel® Core2 Duo CPU E8400 @ 3.00GHz (2 CPUs)

0105 - Memory : 3584MB RAM

0107 - Page File : 836MB used, 6165MB available

0108 - Windows Dir : C:\WINDOWS

0109 - DirectX Version : DirectX 9.0c (4.09.0000.0904)

0110 - DX Setup Parameters : Not found

0114 - DxDiag Version : 5.03.2600.5512

----------------------------------

02 - Processor

----------------------------------

0201 - Caption : Intel® Core2 Duo CPU E8400 @ 3.00GHz x2 ~3446MHz

0202 - Current Clock Speed : 3446MHz

0203 - L1-Cache : 64.00 KB

0204 - L2-Cache : 6.00 MB

----------------------------------

03 - Video Adapter

----------------------------------

0301 - Card Name : AMD Radeon HD 6800 Series

0302 - Manufacturer : Advanced Micro Devices, Inc.

0303 - Chip Type : AMD Radeon Graphics Processor (0x6739)

0304 - DAC Type : Internal DAC(400MHz)

0305 - Device Key : Enum\PCI\VEN_1002&DEV_6739&SUBSYS_0B001787&REV_00

0306 - Display Memory : 1024.0 MB

0307 - AdapterRAM : 1.00 GB

0308 - Current Mode : 1280 x 960 (32 bit) (60Hz)

0309 - Monitor Name : Plug and Play Monitor

0310 - Driver Name : ati2dvag.dll

0311 - Driver Version : 6.14.0010.7279

0312 - Driver Language : English

0313 - DDI Version : 9 (or higher)

0315 - Driver Beta : False

0316 - Driver Debug : False

0317 - Driver Date : 3/10/2014 20:55:31

0318 - Driver Size : 306176

0319 - VDD : n/a

0320 - Mini VDD : ati2mtag.sys

0321 - Mini VDD Date : 3/10/2014 20:55:31

0322 - Mini VDD Size : 6852096

0323 - Device Identifier : {D7B71EE2-2479-11CF-5868-0A2BA1C2CB35}

0324 - Vendor ID : 0x1002

0325 - Device ID : 0x6739

0326 - SubSys ID : 0x0B001787

0327 - Revision ID : 0x0000

0330 - Video Accel : ModeMPEG2_C ModeMPEG2_D

0331 - Deinterlace Caps : {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch

{6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch

{3C5323C1-6FB7-44F5-9081-056BF2EE449D}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive

{552C0DAD-CCBC-420B-83C8-74943CF9F1A6}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive

{6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch

0334 - DDraw Status : Enabled

0335 - D3D Status : Enabled

0336 - AGP Status : Enabled

0337 - Notes : No problems found.

To test DirectDraw functionality, click the "Test DirectDraw" button above.

To test Direct3D functionality, click the "Test Direct3D" button above.

0338 - OpenGL : 5.1.2600.5512 (xpsp.080413-0845)

----------------------------------

04 - Memory

----------------------------------

0401 - Total Memory : 3.50 GB

0402 - Free Memory : 2.61 GB

0403 - Total Pagefile : 6.84 GB

0404 - Free Pagefile : 6.02 GB

0405 - Bank Label : BANK0

0406 - Speed : 800 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 2.00 GB

0405 - Bank Label : BANK1

0406 - Speed : 800 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 2.00 GB

----------------------------------

05 - Network

----------------------------------

0501 - Description : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller

0502 - Driver Date : 12-2-2009

0503 - Driver Version : 1.0.0.41

0501 - Description : GoTrusted-x64 Adapter

----------------------------------

06 - Motherboard

----------------------------------

0601 - Model : P5KPL-CM

0602 - Manufacturer : ASUSTeK Computer INC.

----------------------------------

07 - Sound Device

----------------------------------

0701 - Description : VIA HD Audio Output

0702 - Default Sound Playback : True

0703 - Default Voice Playback : True

0704 - Hardware ID : HDAUDIO\FUNC_01&VEN_1106&DEV_E721&SUBSYS_104382EA&REV_1001

0705 - Manufacturer ID : 1

0706 - Product ID : 100

0707 - Type : WDM

0708 - Driver Name : viahduaa.sys

0709 - Driver Version : 6.00.0010.1600

0710 - Driver attributes : Final Retail

0711 - Date and Size : 3/10/2014 20:59:47

0713 - Driver Provider : VIA Technologies, Inc.

0714 - Min/Max Sample Rate : 5372218, 5372218

0715 - Static/Strm HW Mix Bufs : 5372218, 5372218

0716 - Static/Strm HW 3D Bufs : 5372218, 5372218

0717 - HW Memory : 5372226

0718 - Voice Management : False

0719 - EAX 2.0 Listen/Src : True, True

0720 - I3DL2 Listen/Src : True, True

0721 - Notes : To test DirectSound functionality, click the "Test DirectSound" button above.

No problems found.

0701 - Description : AMD HD Audio rear output

0702 - Default Sound Playback : False

0703 - Default Voice Playback : False

0704 - Hardware ID : HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1002

0705 - Manufacturer ID : 1

0706 - Product ID : 100

0707 - Type : WDM

0708 - Driver Name : AtihdXP3.sys

0709 - Driver Version : 5.18.0000.5514

0710 - Driver attributes : Final Retail

0711 - Date and Size : 5/14/2012 02:12:12

0713 - Driver Provider : AMD

0714 - Min/Max Sample Rate : 5372218, 5372218

0715 - Static/Strm HW Mix Bufs : 5372218, 5372218

0716 - Static/Strm HW 3D Bufs : 5372218, 5372218

0717 - HW Memory : 5372226

0718 - Voice Management : False

0719 - EAX 2.0 Listen/Src : False, False

0720 - I3DL2 Listen/Src : False, False

0721 - Notes : To test DirectSound functionality, click the "Test DirectSound" button above.

No problems found.

----------------------------------

08 - Hard Disk

----------------------------------

0801 - Model : WDC WD5000AAKS-00WWPA0(Western Digital)

0802 - Media Type : Fixed hard disk media

0803 - Size : 465.76 GB

0804 - Interface Type : Serial ATA

0805 - Driver Date : 7-1-2001

0806 - Driver Version : 5.1.2535.0

0807 - Caption : C:\

0808 - Capacity : 465.75 GB

0809 - Free Space : 149.87 GB

0810 - Drive Type : 3-Fixed

0811 - File System : NTFS

----------------------------------

09 - Process

----------------------------------

0901 - 000 Idle 0 0

0901 - 004 SYSTEM 0 0 normal

0901 - 21c smss.exe 0 0 normal C:\WINDOWS\system32

0901 - 250 csrss.exe 61 59 normal C:\WINDOWS\system32

0901 - 278 winlogon.exe 60 14 high C:\WINDOWS\system32

0901 - 2a4 services.exe 4 2 normal C:\WINDOWS\system32

0901 - 2b0 lsass.exe 4 2 normal C:\WINDOWS\system32

0901 - 364 ascsvc.exe 40 34 high C:\Program Files\IObit\Advanced SystemCare Ultimate

0901 - 380 ascavsvc.exe 38 28 normal C:\Program Files\IObit\Advanced SystemCare Ultimate

0901 - 3c8 Ati2evxx.exe 11 6 normal C:\WINDOWS\system32

0901 - 3d8 svchost.exe 4 1 normal C:\WINDOWS\system32

0901 - 418 svchost.exe 4 1 normal C:\WINDOWS\system32

0901 - 474 svchost.exe 11 40 normal C:\WINDOWS\System32

0901 - 4a0 svchost.exe 4 1 normal C:\WINDOWS\system32

0901 - 508 svchost.exe 4 1 normal C:\WINDOWS\system32

0901 - 560 Ati2evxx.exe 11 5 normal C:\WINDOWS\system32

0901 - 5e8 LEXBCES.EXE 4 2 normal C:\WINDOWS\system32

0901 - 600 spoolsv.exe 7 8 normal C:\WINDOWS\system32

0901 - 66c IMFsrv.exe 26 17 normal C:\Program Files\IObit\IObit Malware Fighter

0901 - 0d4 Explorer.EXE 232 114 normal C:\WINDOWS

0901 - 188 GoogleCrashHandler.exe 4 1 below normal C:\Program Files\Google\Update\1.3.22.5

0901 - 1cc Monitor.exe 215 40 normal C:\Program Files\IObit\Advanced SystemCare Ultimate

0901 - 248 avgui.exe 110 63 normal C:\Program Files\AVG\AVG2014

0901 - 28c jusched.exe 8 2 normal C:\Program Files\Common Files\Java\Java Update

0901 - 440 WeatherEye.exe 225 104 normal C:\Documents and Settings\Peter\Local Settings\Application Data\The Weather Network

0901 - 4a8 ctfmon.exe 28 11 normal C:\WINDOWS\system32

0901 - 68c aaCenter.exe 42 26 normal C:\Program Files\ASUS\AASP\1.00.65

0901 - 698 SASCORE.EXE 4 1 normal C:\Program Files\SUPERAntiSpyware

0901 - 6b8 avgidsagent.exe 4 1 normal C:\Program Files\AVG\AVG2014

0901 - 6dc avgwdsvc.exe 4 5 normal C:\Program Files\AVG\AVG2014

0901 - 75c FsUsbExService.Exe 9 2 normal C:\WINDOWS\system32

0901 - 80c InCDsrv.exe 4 5 normal C:\Program Files\Nero\Nero 7\InCD

0901 - 828 jqs.exe 4 2 idle C:\Program Files\Java\jre7\bin

0901 - 878 KaraokeSer.exe 4 3 normal C:\WINDOWS\system32

0901 - 8ac mbamscheduler.exe 4 1 normal C:\Program Files\Malwarebytes' Anti-Malware

0901 - 8ec mbamservice.exe 4 1 normal C:\Program Files\Malwarebytes' Anti-Malware

0901 - 96c RichVideo.exe 8 3 normal C:\Program Files\CyberLink\Shared Files

0901 - 990 svchost.exe 4 2 normal C:\WINDOWS\system32

0901 - 9bc WLIDSVC.EXE 5 5 normal C:\Program Files\Common Files\Microsoft Shared\Windows Live

0901 - 9c4 mbamgui.exe 22 17 normal C:\Program Files\Malwarebytes' Anti-Malware

0901 - a24 YahooAUService.exe 4 4 normal C:\Program Files\Yahoo!\SoftwareUpdate

0901 - ac0 wuauclt.exe 4 4 normal C:\WINDOWS\system32

0901 - c2c IMF.exe 157 105 normal C:\Program Files\IObit\IObit Malware Fighter

0901 - c3c WLIDSvcM.exe 4 1 normal C:\Program Files\Common Files\Microsoft Shared\Windows Live

0901 - cb0 avgnsx.exe 4 2 normal C:\Program Files\AVG\AVG2014

0901 - cc0 avgemcx.exe 4 1 normal C:\Program Files\AVG\AVG2014

0901 - ee0 svchost.exe 4 1 normal C:\WINDOWS\system32

0901 - f34 avgrsx.exe 0 0 normal C:\Program Files\AVG\AVG2014

0901 - 3e4 avgcsrvx.exe 0 0 normal C:\Program Files\AVG\AVG2014

0901 - 29c alg.exe 4 2 normal C:\WINDOWS\System32

0901 - 518 wmiprvse.exe 7 8 normal C:\WINDOWS\system32\wbem

0901 - 91c wmiprvse.exe 7 6 normal C:\WINDOWS\system32\wbem

0901 - df0 GameBooster.exe 1548 96 normal C:\Program Files\IObit\Game Booster 3

0901 - a98 gbtray.exe 74 43 normal C:\Program Files\IObit\Game Booster 3

----------------------------------

10 - Service

----------------------------------

1001 - SAS Core Service - ["C:\Program Files\SUPERAntiSpyware\SASCORE.EXE"]

1001 - Advanced SystemCare Service 6 - [C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe]

1001 - Application Layer Gateway Service - [C:\WINDOWS\System32\alg.exe]

1001 - AdvancedSystemCareAntivirus - [C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe]

1001 - Ati HotKey Poller - [C:\WINDOWS\system32\Ati2evxx.exe]

1001 - Windows Audio - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - AVGIDSAgent - ["C:\Program Files\AVG\AVG2014\avgidsagent.exe"]

1001 - AVG WatchDog - ["C:\Program Files\AVG\AVG2014\avgwdsvc.exe"]

1001 - Cryptographic Services - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - DCOM Server Process Launcher - [C:\WINDOWS\system32\svchost -k DcomLaunch]

1001 - DHCP Client - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Logical Disk Manager - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - DNS Client - [C:\WINDOWS\system32\svchost.exe -k NetworkService]

1001 - Event Log - [C:\WINDOWS\system32\services.exe]

1001 - COM+ Event System - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Fast User Switching Compatibility - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - FsUsbExService - [C:\WINDOWS\system32\FsUsbExService.Exe]

1001 - Help and Support - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - HID Input Service - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - IMF Service - [C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe]

1001 - InCD Helper - [C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe]

1001 - Java Quick Starter - ["C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"]

1001 - VIA Karaoke digital mixer Service - [C:\WINDOWS\system32\KaraokeSer.exe]

1001 - Server - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Workstation - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - LexBce Server - [C:\WINDOWS\system32\LEXBCES.EXE]

1001 - MBAMScheduler - ["C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe"]

1001 - MBAMService - ["C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"]

1001 - Network Connections - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - Network Location Awareness (NLA) - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Plug and Play - [C:\WINDOWS\system32\services.exe]

1001 - Protected Storage - [C:\WINDOWS\system32\lsass.exe]

1001 - Remote Access Connection Manager - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Cyberlink RichVideo Service(CRVS) - ["C:\Program Files\CyberLink\Shared Files\RichVideo.exe"]

1001 - Remote Procedure Call (RPC) - [C:\WINDOWS\system32\svchost -k rpcss]

1001 - Security Accounts Manager - [C:\WINDOWS\system32\lsass.exe]

1001 - Task Scheduler - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - System Event Notification - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Windows Firewall/Internet Connection Sharing (ICS) - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Shell Hardware Detection - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - Print Spooler - [C:\WINDOWS\system32\spoolsv.exe]

1001 - System Restore Service - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - SSDP Discovery Service - [C:\WINDOWS\system32\svchost.exe -k LocalService]

1001 - Windows Image Acquisition (WIA) - [C:\WINDOWS\system32\svchost.exe -k imgsvc]

1001 - Telephony - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - Terminal Services - [C:\WINDOWS\System32\svchost -k DComLaunch]

1001 - Themes - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - Distributed Link Tracking Client - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Windows Time - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - Windows Management Instrumentation - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Windows Live ID Sign-in Assistant - ["C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"]

1001 - Security Center - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - Automatic Updates - [C:\WINDOWS\system32\svchost.exe -k netsvcs]

1001 - Windows Driver Foundation - User-mode Driver Framework - [C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup]

1001 - Wireless Zero Configuration - [C:\WINDOWS\System32\svchost.exe -k netsvcs]

1001 - Yahoo! Updater - ["C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe"]

----------------------------------

12 - Event Log

----------------------------------

1201 - Time : 3/11/2014 8:58:29 AM

1202 - Source : Application Error

1203 - Description : Faulting application iexplore.exe, version 8.0.6001.18702, faulting module gdiplus.dll, version 5.2.6002.23084, fault address 0x0000f09f.

1201 - Time : 3/10/2014 4:08:05 AM

1202 - Source : Application Error

1203 - Description : Faulting application iexplore.exe, version 8.0.6001.18702, faulting module gdiplus.dll, version 5.2.6002.23084, fault address 0x0000f47d.

1201 - Time : 3/11/2014 9:04:51 AM

1202 - Source : Service Control Manager

1203 - Description : The following boot-start or system-start driver(s) failed to load:

i8042prt

1201 - Time : 3/11/2014 7:31:55 AM

1202 - Source : atapi

1203 - Description : The device, \Device\Ide\IdePort2, did not respond within the timeout period.

1201 - Time : 3/11/2014 7:31:49 AM

1202 - Source : atapi

1203 - Description : The device, \Device\Ide\IdePort2, did not respond within the timeout period.

1201 - Time : 3/11/2014 7:31:43 AM

1202 - Source : atapi

1203 - Description : The device, \Device\Ide\IdePort2, did not respond within the timeout period.

1201 - Time : 3/11/2014 5:58:39 AM

1202 - Source : Service Control Manager

1203 - Description : The following boot-start or system-start driver(s) failed to load:

i8042prt

1201 - Time : 3/11/2014 12:19:07 AM

1202 - Source : Service Control Manager

1203 - Description : The following boot-start or system-start driver(s) failed to load:

i8042prt

1201 - Time : 3/10/2014 9:25:07 AM

1202 - Source : Service Control Manager

1203 - Description : The following boot-start or system-start driver(s) failed to load:

i8042prt

1201 - Time : 3/10/2014 6:49:37 AM

1202 - Source : atapi

1203 - Description : The device, \Device\Ide\IdePort0, did not respond within the timeout period.

1201 - Time : 3/10/2014 6:49:11 AM

1202 - Source : atapi

1203 - Description : The device, \Device\Ide\IdePort0, did not respond within the timeout period.

1201 - Time : 3/10/2014 6:48:46 AM

1202 - Source : atapi

1203 - Description : The device, \Device\Ide\IdePort0, did not respond within the timeout period.

----------------------------------

End of file - 21449 Bytes

ountered a problem and needs to close errors. Please help.

scorpio6916 · March 14, 2014

dds

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.51.2

Run by Peter at 22:54:44 on 2014-03-10

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3583.2437 [GMT -4:00]

.

AV: Advanced SystemCare Ultimate *Enabled/Outdated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}

AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ================

.

C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe

C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe

C:\Program Files\IObit\Advanced SystemCare Ultimate\Monitor.exe

C:\Program Files\ASUS\PC Probe II\Probe2.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Documents and Settings\Peter\Local Settings\Application Data\The Weather Network\WeatherEye.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ASUS\AASP\1.00.65\aaCenter.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\WINDOWS\system32\FsUsbExService.Exe

C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\WINDOWS\system32\KaraokeSer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\IObit\IObit Malware Fighter\IMF.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k LocalService

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://yahoo.ca/

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Ads Removal: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - c:\program files\iobit\iobit malware fighter\adsremoval\ie\Adblock.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

uRun: [WeatherEye] c:\documents and settings\peter\local settings\application data\the weather network\WeatherEye.exe

uRun: [Advanced SystemCare Ultimate] "c:\program files\iobit\advanced systemcare ultimate\ASCTray.exe" /AutoStart

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY

mRun: [Launch PC Probe II] "c:\program files\asus\pc probe ii\Probe2.exe" 1

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [iObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoWinKeys = dword:1

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://www.asus.com/support/asusTek_sys_ctrl3.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1352709831109

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1352710479203

DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v414.cab

DPF: {E734BF43-7194-4E3A-832F-307606DDF665} - hxxps://ds.na.collabserv.com/components/WDPLUGIN.CAB

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{4C083DDF-9FD5-41C1-8F68-0C14BF830767} : DHCPNameServer = 192.168.0.1

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\belarcadvisor\system\BAVoilaX.dll

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\peter\application data\mozilla\firefox\profiles\we5agv6s.default-1392955696281\

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: c:\program files\ubisoft\ubisoft game launcher\npuplaypc.dll

FF - plugin: c:\program files\ubisoft\ubisoft game launcher\npuplaypchub.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_44.dll

FF - ExtSQL: 2014-02-20 23:08; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\documents and settings\peter\application data\mozilla\firefox\profiles\we5agv6s.default-1392955696281\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-10-24 149272]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448]

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2014-2-13 15808]

R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-5 120600]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-4 210712]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-17 22808]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-11-1 176952]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare ultimate\ASCSvc.exe [2013-6-4 1051088]

R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files\iobit\advanced systemcare ultimate\ASCAvSvc.exe [2013-6-4 621008]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-1-22 3788816]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]

R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-11-12 238952]

R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2014-3-10 342336]

R2 KaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\KaraokeSer.exe [2014-3-10 88696]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-2-26 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2014-2-26 701512]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2013-8-25 103040]

R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2014-3-10 247968]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2013-11-12 36608]

R3 gttap1;GoTrusted-x64 Adapter;c:\windows\system32\drivers\gttap1.sys [2012-8-29 33568]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-2-26 22856]

R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\RegFilter.sys [2014-3-10 31776]

R3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\UrlFilter.sys [2014-3-10 17360]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2013-3-25 2561968]

S1 avgtp;avgtp;\??\c:\windows\system32\drivers\avgtpx86.sys --> c:\windows\system32\drivers\avgtpx86.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 BIOSCHK;BIOSCHK;\??\c:\docume~1\peter\locals~1\temp\tii1a.tmp\disk1\bioschk.sys --> c:\docume~1\peter\locals~1\temp\tii1a.tmp\disk1\BIOSCHK.SYS [?]

S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]

S3 cpuz135;cpuz135;c:\program files\cpuid\pc wizard 2012\pcwiz_x32.sys [2013-6-4 24880]

S3 DIRECTIO;DIRECTIO;c:\program files\performancetest\DirectIo32.sys [2013-6-4 22120]

S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]

S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\futuremark\futuremark systeminfo\FMSISvc.exe [2012-12-22 136896]

S3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [2014-3-10 30976]

S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]

S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]

S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187.sys --> c:\windows\system32\drivers\RTL8187.sys [?]

S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2013.sp4\RpcAgentSrv.exe [2013-8-27 72344]

S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2013-11-12 98560]

S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2013-11-12 14848]

S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2013-11-12 123648]

S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\iobit\game booster 3\driver\WinRing0.sys [2013-2-10 14416]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]

.

=============== Created Last 30 ================

.

2014-03-11 02:40:14 30976 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys

2014-03-11 00:59:48 88696 ----a-w- c:\windows\system32\KaraokeSer.exe

2014-03-10 23:50:26 -------- d-----w- c:\documents and settings\peter\LocalLow

2014-03-01 04:47:02 -------- d-----w- c:\windows\system32\AGEIA

2014-03-01 04:41:05 -------- d-----w- c:\program files\AMD

2014-03-01 04:40:59 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll

2014-03-01 04:40:59 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll

2014-03-01 04:40:59 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe

2014-03-01 04:40:59 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll

2014-03-01 04:40:59 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll

2014-03-01 04:40:59 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll

2014-03-01 04:40:58 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll

2014-03-01 04:40:57 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll

2014-02-26 22:58:12 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-02-26 22:58:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2014-02-26 19:13:45 -------- d-----w- c:\program files\HitmanPro

2014-02-26 19:13:00 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro

2014-02-17 07:37:19 145408 ----a-w- c:\windows\system32\javacpl.cpl

2014-02-17 07:37:13 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-02-13 15:37:59 31008 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2014-02-13 15:37:39 -------- d-----w- c:\program files\common files\Spigot

2014-02-13 15:37:24 109888 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll

2014-02-13 15:10:22 15808 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys

2014-02-11 07:04:52 643072 ----a-w- c:\windows\system32\ati2evxx.exe

2014-02-11 07:01:58 -------- d-----w- C:\AMD

2014-02-11 03:03:15 -------- d-----w- c:\documents and settings\peter\application data\library_dir

2014-02-11 03:01:46 -------- d-----w- c:\program files\Raptr

.

==================== Find3M ====================

.

2014-03-11 00:59:47 2561968 ----a-w- c:\windows\system32\drivers\viahduaa.sys

2014-02-21 05:07:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-02-21 05:07:27 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-02-11 07:05:53 143 ----a-w- c:\documents and settings\all users\application data\LaunchURL.bat

2014-02-05 23:26:52 920064 ----a-w- c:\windows\system32\wininet.dll

2014-02-05 23:26:43 43520 ------w- c:\windows\system32\licmgr10.dll

2014-02-05 23:26:42 1469440 ------w- c:\windows\system32\inetcpl.cpl

2014-02-05 23:26:37 18944 ------w- c:\windows\system32\corpol.dll

2014-02-05 22:24:05 385024 ------w- c:\windows\system32\html.iec

2014-01-20 02:46:54 22808 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

2014-01-04 03:13:05 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-01-19 07:44:40 2174976 ----a-w- c:\program files\common files\atimpenc.dll

2011-03-01 20:24:18 360328 ----a-w- c:\program files\SansaUpdaterInstall.exe

2010-12-16 05:24:22 1445888 ----a-w- c:\program files\WinsockxpFix.exe

.

============= FINISH: 22:55:38.46 ===============

scorpio6916 · March 14, 2014

dds attachment

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 11/11/2012 6:57:44 PM

System Uptime: 3/10/2014 10:50:12 PM (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5KPL-CM

Processor: Intel Pentium III Xeon processor | Socket 775 | 3446/385mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 466 GiB total, 150.38 GiB free.

D: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}

Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard

Device ID: ACPI\PNP0303\4&2C575ACB&0

Manufacturer: (Standard keyboards)

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard

PNP Device ID: ACPI\PNP0303\4&2C575ACB&0

Service: i8042prt

.

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}

Description: Microsoft PS/2 Mouse

Device ID: ACPI\PNP0F03\4&2C575ACB&0

Manufacturer: Microsoft

Name: Microsoft PS/2 Mouse

PNP Device ID: ACPI\PNP0F03\4&2C575ACB&0

Service: i8042prt

.

==== System Restore Points ===================

.

RP180: 12/10/2013 9:20:54 PM - Software Distribution Service 3.0

RP181: 12/12/2013 11:40:05 AM - System Checkpoint

RP182: 12/12/2013 4:33:49 PM - Removed AVG 2014

RP183: 12/12/2013 4:34:38 PM - Removed AVG 2014

RP184: 12/12/2013 4:44:12 PM - Installed AVG 2014

RP185: 12/12/2013 4:44:35 PM - Installed AVG 2014

RP186: 12/13/2013 3:20:25 AM - Software Distribution Service 3.0

RP187: 12/14/2013 4:54:07 AM - System Checkpoint

RP188: 12/15/2013 5:39:29 AM - System Checkpoint

RP189: 12/16/2013 3:09:21 PM - System Checkpoint

RP190: 12/17/2013 4:15:23 PM - System Checkpoint

RP191: 12/18/2013 8:10:51 PM - System Checkpoint

RP192: 12/19/2013 8:56:04 PM - System Checkpoint

RP193: 12/21/2013 6:39:25 PM - System Checkpoint

RP194: 12/23/2013 10:41:06 AM - System Checkpoint

RP195: 12/24/2013 3:31:09 PM - System Checkpoint

RP196: 12/25/2013 9:55:28 AM - Installed Windows Internet Explorer 8.

RP197: 12/25/2013 9:56:06 AM - Software Distribution Service 3.0

RP198: 12/25/2013 10:14:32 AM - Software Distribution Service 3.0

RP199: 12/25/2013 10:42:35 AM - DLL-Files Fixer Wed, Dec 25, 13 10:42

RP200: 12/25/2013 5:53:08 PM - Software Distribution Service 3.0

RP201: 12/27/2013 7:28:55 PM - System Checkpoint

RP202: 12/28/2013 3:31:06 AM - Installed Driver Tool.

RP203: 12/28/2013 3:34:32 AM - Removed Driver Tool.

RP204: 12/29/2013 4:58:40 AM - System Checkpoint

RP205: 12/30/2013 1:22:00 PM - System Checkpoint

RP206: 12/31/2013 1:34:40 PM - System Checkpoint

RP207: 1/1/2014 5:24:28 PM - System Checkpoint

RP208: 1/1/2014 9:24:38 PM - Removed Google Chrome Frame

RP209: 1/3/2014 2:56:46 AM - System Checkpoint

RP210: 1/4/2014 3:33:50 AM - System Checkpoint

RP211: 1/5/2014 12:30:58 PM - System Checkpoint

RP212: 1/6/2014 1:05:44 PM - System Checkpoint

RP213: 1/7/2014 5:15:58 PM - System Checkpoint

RP214: 1/8/2014 6:29:14 PM - System Checkpoint

RP215: 1/9/2014 6:55:47 PM - System Checkpoint

RP216: 1/10/2014 10:16:27 PM - System Checkpoint

RP217: 1/11/2014 10:48:17 PM - System Checkpoint

RP218: 1/13/2014 10:39:23 AM - System Checkpoint

RP219: 1/14/2014 12:00:49 AM - Software Distribution Service 3.0

RP220: 1/15/2014 7:49:33 PM - System Checkpoint

RP221: 1/15/2014 9:41:46 PM - Software Distribution Service 3.0

RP222: 1/17/2014 11:55:36 AM - System Checkpoint

RP223: 1/18/2014 3:50:45 PM - System Checkpoint

RP224: 1/19/2014 5:32:05 PM - System Checkpoint

RP225: 1/20/2014 5:33:29 PM - System Checkpoint

RP226: 1/21/2014 1:30:59 AM - Software Distribution Service 3.0

RP227: 1/22/2014 11:22:36 AM - System Checkpoint

RP228: 1/23/2014 11:36:14 AM - System Checkpoint

RP229: 1/24/2014 12:06:42 PM - System Checkpoint

RP230: 1/25/2014 11:28:29 PM - System Checkpoint

RP231: 1/27/2014 3:34:00 AM - System Checkpoint

RP232: 1/28/2014 4:03:37 PM - System Checkpoint

RP233: 1/29/2014 8:15:42 PM - System Checkpoint

RP234: 1/31/2014 5:03:43 PM - System Checkpoint

RP235: 2/1/2014 6:42:33 PM - System Checkpoint

RP236: 2/2/2014 8:01:55 PM - System Checkpoint

RP237: 2/4/2014 10:28:24 AM - System Checkpoint

RP238: 2/5/2014 2:54:50 PM - System Checkpoint

RP239: 2/7/2014 2:49:14 PM - System Checkpoint

RP240: 2/8/2014 8:56:12 PM - System Checkpoint

RP241: 2/10/2014 1:15:15 AM - System Checkpoint

RP242: 2/11/2014 2:32:44 AM - System Checkpoint

RP243: 2/12/2014 11:59:19 AM - Installed AVG 2014

RP244: 2/12/2014 12:01:10 PM - Removed AVG 2014

RP245: 2/13/2014 10:16:31 AM - Software Distribution Service 3.0

RP246: 2/15/2014 9:17:11 PM - System Checkpoint

RP247: 2/17/2014 2:36:31 AM - Installed Java 7 Update 51

RP248: 2/17/2014 2:42:55 AM - Removed IObit Apps Toolbar v8.7.

RP249: 2/18/2014 6:34:06 AM - System Checkpoint

RP250: 2/19/2014 12:36:17 AM - Removed PC Connectivity Solution

RP251: 2/20/2014 8:42:47 AM - System Checkpoint

RP252: 2/21/2014 7:57:08 PM - System Checkpoint

RP253: 2/23/2014 12:15:59 PM - Software Distribution Service 3.0

RP254: 2/24/2014 7:00:36 PM - System Checkpoint

RP255: 2/26/2014 12:35:23 PM - System Checkpoint

RP256: 2/27/2014 2:14:27 PM - System Checkpoint

RP257: 2/28/2014 4:44:35 AM - Installed DirectX

RP258: 2/28/2014 4:45:17 AM - Installed Microsoft Visual C++ 2005 Redistributable

RP259: 2/28/2014 11:40:07 PM - Installed DirectX

RP260: 2/28/2014 11:41:04 PM - Installed AMD Processor Driver

RP261: 2/28/2014 11:46:10 PM - Installed DirectX

RP262: 3/2/2014 2:39:42 PM - System Checkpoint

RP263: 3/5/2014 6:03:07 PM - System Checkpoint

RP264: 3/7/2014 11:58:49 AM - System Checkpoint

RP265: 3/8/2014 1:20:36 PM - System Checkpoint

RP266: 3/9/2014 10:03:52 PM - System Checkpoint

RP267: 3/10/2014 8:55:02 PM - Driver Booster : AMD Radeon HD 6800 Series

.

==== Installed Programs ======================

.

Adobe Flash Player 12 ActiveX

Adobe Flash Player 12 Plugin

Adobe Reader XI (11.0.06)

Advanced SystemCare Ultimate 6

AMD Catalyst Install Manager

AMD Processor Driver

Anno 2070

ASUSUpdate

Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

Atheros Ethernet Utility

Auslogics Disk Defrag

AVG 2013

AVG 2014

Belarc Advisor 8.3

Bioshock Demo

Call of Duty: Black Ops

Carrier Command: Gaea Mission Demo

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Company of Heroes Singleplayer Demo

CPUID CPU-Z 1.63.0

CPUID CPU-Z OC 1.62.2

CutePDF Writer 3.0

Deadfall Adventures

Driver Booster

Driver Sweeper version 3.2.0

DVD Suite

Empire: Total War Demo

F.E.A.R.

F.E.A.R. 2: Project Origin

F.E.A.R. 3

F.E.A.R.: Extraction Point

F.E.A.R.: Perseus Mandate

F1 Race Stars Demo

FaxTools

FLV to MP4 Converter 2009.2.20

Futuremark SystemInfo

Game Booster 3

Google Earth

Google Update Helper

Grand Theft Auto IV

Half-Life 2: Demo

HitmanPro 3.7

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2779562)

Internet Explorer (Enable DEP)

IObit Malware Fighter

Java 7 Update 51

Java Auto Updater

K-Lite Mega Codec Pack 10.1.5

LG ODD Auto Firmware Update

Malwarebytes Anti-Malware version 1.75.0.1300

Mass Effect

Mass Effect 2

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Automated Troubleshooting Services Shim

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Fix it Center

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSI Afterburner 2.3.1

MSVC80_x86

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 7 Essentials

neroxml

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.1031

OpenAL

Paltalk Messenger 11.2

PC Probe II

PC Wizard 2012.2.11

PerformanceTest v8.0

Platform

Plex Media Server

PowerDVD

PowerProducer

Rapture3D 2.5.1 Game

RPS CRT

Samsung New PC Studio

SAMSUNG USB Driver for Mobile Phones

Sansa Updater

Sapphire TRIXX

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2862772)

Security Update for Windows Internet Explorer 8 (KB2888505)

Security Update for Windows Internet Explorer 8 (KB2898785)

Security Update for Windows Internet Explorer 8 (KB2909210)

Security Update for Windows Internet Explorer 8 (KB2909921)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2834904-v2)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB2834886)

Security Update for Windows XP (KB2839229)

Security Update for Windows XP (KB2847311)

Security Update for Windows XP (KB2849470)

Security Update for Windows XP (KB2850869)

Security Update for Windows XP (KB2859537)

Security Update for Windows XP (KB2862152)

Security Update for Windows XP (KB2862330)

Security Update for Windows XP (KB2862335)

Security Update for Windows XP (KB2864063)

Security Update for Windows XP (KB2868038)

Security Update for Windows XP (KB2868626)

Security Update for Windows XP (KB2876217)

Security Update for Windows XP (KB2876315)

Security Update for Windows XP (KB2876331)

Security Update for Windows XP (KB2883150)

Security Update for Windows XP (KB2892075)

Security Update for Windows XP (KB2893294)

Security Update for Windows XP (KB2893984)

Security Update for Windows XP (KB2898715)

Security Update for Windows XP (KB2900986)

Security Update for Windows XP (KB2914368)

Security Update for Windows XP (KB2916036)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Simple Adblock

SiSoftware Sandra Lite 2014.RTM

Smart Defrag 3

Steam

SUPERAntiSpyware

System Requirements Lab for Intel

TechPowerUp GPU-Z

The Weather Network

Tomb Raider: Anniversary Demo

UBCD4Win 3.60

Ubisoft Game Launcher

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2492386)

Update for Windows XP (KB2863058)

Update for Windows XP (KB2904266)

VIA Platform Device Manager

Visual Studio 2012 x86 Redistributables

Warhammer® 40,000™: Dawn of War® II - Single Player Demo

WebFldrs XP

Windows Internet Explorer 8

Windows Live ID Sign-in Assistant

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

WinRAR 4.20 (32-bit)

XCOM: Enemy Unknown Demo

Youtube Downloader HD v. 2.9.6

.

==== Event Viewer Messages From Past Week ========

.

3/8/2014 3:22:45 AM, error: atapi [9] - The device, \Device\Ide\IdePort2, did not respond within the timeout period.

3/7/2014 10:49:56 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt

3/6/2014 1:31:32 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.

3/5/2014 12:47:18 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The VIA Karaoke digital mixer Service service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The InCD Helper service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The IMF Service service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The FsUsbExService service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The AdvancedSystemCareAntivirus service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7034] - The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 9:50:26 PM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

3/10/2014 9:23:22 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.

3/10/2014 10:43:19 PM, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 10:43:19 PM, error: Service Control Manager [7034] - The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly. It has done this 1 time(s).

3/10/2014 10:43:19 PM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

3/10/2014 10:41:02 PM, error: Service Control Manager [7024] - The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error 0 (0x0).

3/10/2014 10:07:27 PM, error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Thanks for any help i may recieve.

scorpio6916 · March 15, 2014

more possible symptoms

I have also noticed that when java wants to auto update the installation fails . This pc was subjected to a flood where it was imersed in 4' inches of water . It would still boot but graphics were horible making screen unreadable . I replaced graghics card and all was good except my usb ports ( front and back ) only work for a few seconds before i get a error hub controller is experiencing problems and has shut down. I built this computer myself and have a little sentimental attachment to it and thats why i persisted in fixing it after the flood . Besides the usb problems it was working great until recently which im sure is that its infected with somthing . No matter what scans i run , they find somthing but not all . It a core 2 duo 3ghz and im running it at 3.45ghz which it handles easily . Plenty of air flow and rarely does it go over 35 degrees celsious. Please help because my normally very fast homebuilt baby is acting like its being haunted by something , thanks

scorpio6916 · March 15, 2014

core 2 duo

Dont get me wrong , im well aware this isnt the best pc around , especially by todays standards, but im not rolling in cash and would like to get another year or two out of it . Summary of pc = running xp pro , 4 gigs of ram , core 2 duo 3ghz running at 3.45 ghz, asus p5kpl-cm motherboard , 4 various fans, 550 watt psu, 6850 sapphire graphics card .......... , thanks ahead of time for any and all input.

Superdave · March 15, 2014

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************************

I noticed that you have two AV's active on your computer. One will have to be de-activated or uninstalled otherwise it can cause conflicts.

Please download AdwCleaner by Xplode onto your Desktop.

Before starting AdwCleaner, close all open programs and internet browsers, then double-click on the AdwCleaner icon.

http://i424.photobucket.com/albums/pp322/digistar/AdwCleaner-icon.jpg[/url]

If Windows prompts you as to whether or not you wish to run AdwCleaner, please allow it to run.

When the AdwCleaner program will open, click on the Scan button as shown below.

http://i424.photobucket.com/albums/pp322/digistar/untitled.png[/url]

AdwCleaner will now start to search for malicious files that may be installed on your computer.

To remove the files that were detected in the previous step, please click on the Clean button.

http://i424.photobucket.com/albums/pp322/digistar/3.png[/url]

AdwCleaner will now prompt you to save any open files or data as the program will need to reboot the computer. Please do so and then click on the OK button. AdwCleaner will now delete all detected adware from your computer. When it is done it will display an alert that explains what PUPs (Potentially Unwanted Programs) and Adware are. Please read through this information and then press the OK button. You will now be presented with an alert that states AdwCleaner needs to reboot your computer.

Please click on the OK button to allow AdwCleaner reboot your computer.A log will be produced. Please copy and paste this log in your next reply.

**************************************************

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

*************************************************

Please download Junkware Removal Tool to your desktop.

•Warning! Once the scan is complete JRT will shut down your browser with NO warning.

•Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.

scorpio6916 · March 15, 2014

adw cleaner txt log

# AdwCleaner v3.022 - Report created 15/03/2014 at 15:34:39

# Updated 13/03/2014 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Peter - SCORPION-0338E0

# Running from : C:\Documents and Settings\Peter\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v20.0.1 (en-US)

[ File : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\we5agv6s.default-1392955696281\prefs.js ]

*************************

AdwCleaner[R0].txt - [20379 octets] - [07/11/2013 22:51:45]

AdwCleaner[R1].txt - [4467 octets] - [14/03/2014 18:13:45]

AdwCleaner[R2].txt - [1068 octets] - [15/03/2014 15:31:31]

AdwCleaner[s0].txt - [20909 octets] - [07/11/2013 22:52:33]

AdwCleaner[s1].txt - [4628 octets] - [14/03/2014 18:15:02]

AdwCleaner[s2].txt - [991 octets] - [15/03/2014 15:34:39]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1050 octets] ##########

scorpio6916 · March 16, 2014

malwarebytes log txt

2014/03/15 16:25:17 -0400 SCORPION-0338E0 Peter MESSAGE Starting database refresh

2014/03/15 16:25:24 -0400 SCORPION-0338E0 Peter MESSAGE Database refreshed successfully

scorpio6916 · March 16, 2014

jrt scan log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.2 (02.20.2014:1)

OS: Microsoft Windows XP x86

Ran by Peter on Sat 03/15/2014 at 19:35:10.15

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 03/15/2014 at 19:40:44.25

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scans are coming back clean now but i still feel somthing is hidingand not being found. IE especially is very slow.

scorpio6916 · March 16, 2014

just got more errors

When going to turn windows firewall back on had error " rundll / an exception occurred while trying to run "shell32.dll,control_RunDLL wscui.cpl" and also "internet explorer is having a problem and needs to close " but most of the time it dosent close and reopens page. thanks for all the help Superdave ( loved that show by the way lol )

Superdave · March 16, 2014

That MBAM log doesn't look correct. Could you please run it again?

Please run this again even if you don't have the OS disk.Please let me know what happens.

Do you have an XP CD?

If so, place it in your CD ROM drive and follow the instructions below:

•Click on Start > Run and type sfc /scannow then press Enter (note the space between scf and /scannow)

*Let this run undisturbed until the window with the blue progress bar goes away

SFC - Which stands for System File Checker, retrieves the correct version of the file from %Systemroot%\System32\Dllcache or the Windows installation source files, and then replaces the incorrect file.

*****************************************

Please download and run MS Fix-it from here.

scorpio6916 · March 17, 2014

Running mwb again

I running malwarebytes again and will post log, and i do have xp cd but dont like to use it other than to reinstall os because ive never found it usefull to repair ( again , im no expert ) The problem seems to be getting worse (getting a little nervous ) when online pages rarely fully load now . Will post mwb as soon as its finish . Want me to run hit man pro and post also?

scorpio6916 · March 17, 2014

One other thing

Did you read the posts of the scans i did at the begining of this thread , they were mush more in depth than the logs im getting now for some reason ?

scorpio6916 · March 17, 2014

mwb log

After updating mwb i ran another scan and it found nothing but i included lof file just in case it might tell you somthing.Malwarebytes Anti-Malware 1.75.0.1300

http://www.malwarebytes.org

Database version: v2014.03.17.01

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Peter :: SCORPION-0338E0 [administrator]

3/16/2014 8:26:45 PM

mbam-log-2014-03-16 (20-26-45).txt

Scan type: Full scan (C:\|)

Scan options disabled: P2P

Objects scanned: 395118

Time elapsed: 2 hour(s), 10 minute(s), 19 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

I am sure there is still somthing lurking in the shadows because my pc is not acting normally. Ive never seen it perform so badly . Do you want me to post hitman logs? Thanks again , Peter

scorpio6916 · March 17, 2014

hitman pro log

HitmanPro 3.7.9.212
www.hitmanpro.com

  Computer name . . . . : SCORPION-0338E0
  Windows . . . . . . . : 5.1.3.2600.X86/2
  User name . . . . . . : SCORPION-0338E0\Peter
  License . . . . . . . : Trial (25 days left)

  Scan date . . . . . . : 2014-03-16 22:41:04
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 11m 59s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 24

  Objects scanned . . . : 619,965
  Files scanned . . . . : 21,762
  Remnants scanned  . . : 147,899 files / 450,304 keys

Suspicious files ____________________________________________________________

  C:\Documents and Settings\Peter\Desktop\MW3\call of duty modern warfare 3\iw5sp.exe
     Size . . . . . . . : 4,753,480 bytes
     Age  . . . . . . . : 402.2 days (2013-02-07 16:45:44)
     Entropy  . . . . . : 6.7
     SHA-256  . . . . . : F809A874FF197D32C031EF76923AA95B664E444C75518E075803DD250B508D96
     RSA Key Size . . . : 1024
     Authenticode . . . : Invalid
     Fuzzy  . . . . . . : 26.0
        Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
     References
        C:\Documents and Settings\All Users\Application Data\IObit\Game Booster 3\BackLnk\Shortcut to iw5sp.lnk


Cookies _____________________________________________________________________

  C:\Documents and Settings\Peter\Cookies\037SRZKO.txt
  C:\Documents and Settings\Peter\Cookies\557QZQLS.txt
  C:\Documents and Settings\Peter\Cookies\9PNO7SFR.txt
  C:\Documents and Settings\Peter\Cookies\A596WD0R.txt
  C:\Documents and Settings\Peter\Cookies\CC73U26N.txt
  C:\Documents and Settings\Peter\Cookies\CDJ5TABV.txt
  C:\Documents and Settings\Peter\Cookies\D8U3ZOP6.txt
  C:\Documents and Settings\Peter\Cookies\D943RRDX.txt
  C:\Documents and Settings\Peter\Cookies\HLOZ4TAG.txt
  C:\Documents and Settings\Peter\Cookies\HOMN3UHQ.txt
  C:\Documents and Settings\Peter\Cookies\HPVIHKX7.txt
  C:\Documents and Settings\Peter\Cookies\IA12I6DU.txt
  C:\Documents and Settings\Peter\Cookies\IJXRB2LB.txt
  C:\Documents and Settings\Peter\Cookies\J6H2JEUM.txt
  C:\Documents and Settings\Peter\Cookies\JS293OFR.txt
  C:\Documents and Settings\Peter\Cookies\MFW0333R.txt
  C:\Documents and Settings\Peter\Cookies\NZ8TWW6H.txt
  C:\Documents and Settings\Peter\Cookies\NZDJSMZ0.txt
  C:\Documents and Settings\Peter\Cookies\OUZ6KGTS.txt
  C:\Documents and Settings\Peter\Cookies\PEVA70UX.txt
  C:\Documents and Settings\Peter\Cookies\V38VENFO.txt
  C:\Documents and Settings\Peter\Cookies\WG3P7PTD.txt

Superdave · March 17, 2014

Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save it to your desktop.

Be sure to print out and follow the instructions provided on that same page for performing a scan.
Caution: This is a beta version so also read the disclaimer and back up all your data before using.
When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
Copy and paste the contents of these two log files in your next reply.

scorpio6916 · March 17, 2014

Ran scan

I ran the mwb anti root kit scan and it came back clean, here are the logs you requested.---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1009

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 3.446000 GHz

Memory total: 3757158400, free: 2849398784

Downloaded database version: v2014.03.17.07

Downloaded database version: v2014.02.20.01

=======================================

Initializing...

------------ Kernel report ------------

03/17/2014 15:07:01

------------ Loaded modules -----------

\WINDOWS\system32\ntkrnlpa.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

intelide.sys

MountMgr.sys

ftdisk.sys

dmload.sys

dmio.sys

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

KSecDD.sys

WudfPf.sys

Ntfs.sys

NDIS.sys

SmartDefragDriver.sys

Mup.sys

avgrkx86.sys

avglogx.sys

avgmfx86.sys

avgidshx.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\ati2mtag.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\l1e51x86.sys

\SystemRoot\system32\DRIVERS\usbuhci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\ASACPI.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\drivers\InCDPass.sys

\SystemRoot\system32\drivers\InCDRm.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\gttap1.sys

\SystemRoot\system32\DRIVERS\rdpdr.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\AtihdXP3.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\viahduaa.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\InCDrec.SYS

\SystemRoot\system32\drivers\InCDFs.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\avgtdix.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\System32\Drivers\BANTExt.sys

\SystemRoot\system32\DRIVERS\avgldx86.sys

\SystemRoot\system32\DRIVERS\avgidsshimx.sys

\SystemRoot\system32\DRIVERS\avgidsdriverx.sys

\SystemRoot\system32\DRIVERS\avgdiskx.sys

\SystemRoot\system32\drivers\AsIO.sys

\SystemRoot\System32\Drivers\Udfs.SYS

\SystemRoot\System32\Drivers\Fastfat.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\ati2dvag.dll

\SystemRoot\System32\ati2cqag.dll

\SystemRoot\System32\atikvmag.dll

\SystemRoot\System32\atiok3x2.dll

\SystemRoot\System32\ati3duag.dll

\SystemRoot\System32\ativvaxx.dll

\SystemRoot\System32\ATMFD.DLL

\??\C:\WINDOWS\system32\drivers\mbam.sys

\SystemRoot\system32\DRIVERS\AegisP.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\HTTP.sys

\??\C:\WINDOWS\system32\FsUsbExDisk.SYS

\??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys

\??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys

\??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff8b3c1ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP2T1L0-e\

Lower Device Object: 0xffffffff8b3c6d98

Lower Device Driver Name: \Driver\atapi\

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff8b3c1ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8b3cde08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8b3c1ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8b438c98, DeviceName: \Device\00000075\, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff8b3c6d98, DeviceName: \Device\Ide\IdeDeviceP2T1L0-e\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 82378237

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 63 Numsec = 976751937

Partition file system is NTFS

Partition is bootable

Partition 1 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...

Done!

Scan finished

=======================================

Removal queue found; removal started

Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...

Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...

Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...

Removal finished

Malwarebytes Anti-Rootkit BETA 1.07.0.1009

http://www.malwarebytes.org

Database version: v2014.03.17.07

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

:: SCORPION-0338E0 [administrator]

3/17/2014 3:07:09 PM

mbar-log-2014-03-17 (15-07-09).txt

Scan type: Quick scan

Scan options disabled:

Objects scanned: 275170

Time elapsed: 37 minute(s), 50 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

Physical Sectors Detected: 0

(No malicious items detected)

(end)

Superdave · March 18, 2014

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.

ESET OnlineScan

•Click the http://i424.photobucket.com/albums/pp322/digistar/esetOnline.png button.

•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
Double click on the http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstallDesktopIcon-1.png icon on your desktop.

•Check http://i424.photobucket.com/albums/pp322/digistar/esetAcceptTerms.png

•Click the http://i424.photobucket.com/albums/pp322/digistar/esetStart.png button.

•Accept any security warnings from your browser.

Leave the check mark next to Remove found threats.

•Check http://i424.photobucket.com/albums/pp322/digistar/esetScanArchives.png

•Push the Start button.

•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

•When the scan completes, push http://i424.photobucket.com/albums/pp322/digistar/esetListThreats.png

•Push http://i424.photobucket.com/albums/pp322/digistar/esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

•Push the http://i424.photobucket.com/albums/pp322/digistar/esetBack.png button.

•Push http://i424.photobucket.com/albums/pp322/digistar/esetFinish.png

A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

scorpio6916 · March 19, 2014

eset scan wont finish

twice got stuck at 43 % , both times found two threats but didnt seem to remoC:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll.vir probably a variant of Win32/Adware.Yontoo.B application

C:\AdwCleaner\Quarantine\C\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\0syyfrfx.default\Extensions\plugin@getwebcake.com\content\overlay.js.vir JS/Adware.Yontoo.C application

ve . Will try once more. This is log from second scan

Superdave · March 19, 2014

Go into AdwCleaner and delete all items in the quarantine folder and try to run ESET again.

scorpio6916 · March 19, 2014

Eset success

whent to delete quarintined in adware but i dont see a way to do it? How do i delete items in quarintine in adware ? Ran eset again and it found and eliminated 2 threats but wouldnt let me save log , then ran it again and it came up clean.

Superdave · March 19, 2014

Ok, ESET took care of them. How's your computer running now?

scorpio6916 · March 20, 2014

Thanks Superdave

It seems to be running much better, thanks, your the man Superdave

Superdave · March 21, 2014

Click Start> Computer> right click the C Drive and choose Properties> enter

Click Disk Cleanup from there.

http://i424.photobucket.com/albums/pp322/digistar/diskcleanup2.jpg

Click OK on the Disk Cleanup Screen.

Click Yes on the Confirmation screen.

http://i424.photobucket.com/albums/pp322/digistar/diskcleanup.jpg

This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)

***********************************************

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.

Safe Surfing!

scorpio6916 · March 24, 2014

Just ran a superatispyware scan / log

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 03/23/2014 at 09:53 PM

Application Version : 5.7.1018

Core Rules Database Version : 11117

Trace Rules Database Version: 8929

Scan type : Complete Scan

Total Scan Time : 01:15:47

Operating System Information

Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

Memory items scanned : 445

Memory threats detected : 0

Registry items scanned : 38996

Registry threats detected : 0

File items scanned : 41002

File threats detected : 46

Adware.Tracking Cookie

C:\Documents and Settings\Peter\Cookies\JQBC7VEM.txt [ /picadmedia.com ]

C:\Documents and Settings\Peter\Cookies\A7NBFDAD.txt [ /smartadserver.com ]

C:\Documents and Settings\Peter\Cookies\1BXI2L9V.txt [ /ad.mlnadvertising.com ]

C:\Documents and Settings\Peter\Cookies\60OT230J.txt [ /c.atdmt.com ]

C:\Documents and Settings\Peter\Cookies\8X79TM7Q.txt [ /ad.360yield.com ]

C:\Documents and Settings\Peter\Cookies\3C7TEZAI.txt [ /bs.serving-sys.com ]

C:\Documents and Settings\Peter\Cookies\HLH4PFII.txt [ /lucidmedia.com ]

C:\Documents and Settings\Peter\Cookies\3I17GUMM.txt [ /c1.adform.net ]

C:\Documents and Settings\Peter\Cookies\YGP9GF27.txt [ /media6degrees.com ]

C:\Documents and Settings\Peter\Cookies\K7XYB0T3.txt [ /zedo.com ]

C:\Documents and Settings\Peter\Cookies\R93H2ZGG.txt [ /serving-sys.com ]

C:\Documents and Settings\Peter\Cookies\X8O921QK.txt [ /atdmt.com ]

C:\Documents and Settings\Peter\Cookies\3DNH7NIW.txt [ /adform.net ]

C:\Documents and Settings\Peter\Cookies\2U172EDB.txt [ /ads.yahoo.com ]

C:\Documents and Settings\Peter\Cookies\6BZCHXJE.txt [ /server.adformdsp.net ]

C:\Documents and Settings\Peter\Cookies\XSOB1EXV.txt [ /dmtracker.com ]

C:\Documents and Settings\Peter\Cookies\GJSYCHF6.txt [ /imrworldwide.com ]

C:\Documents and Settings\Peter\Cookies\LFV3YRF2.txt [ /rbc.bridgetrack.com ]

C:\Documents and Settings\Peter\Cookies\8ZIIS6E7.txt [ /burstnet.com ]

C:\Documents and Settings\Peter\Cookies\PBBHYZLG.txt [ /casalemedia.com ]

C:\Documents and Settings\Peter\Cookies\TR4SYJJA.txt [ /demandmedia.trc.taboola.com ]

C:\Documents and Settings\Peter\Cookies\NS5HHSCP.txt [ /adtechus.com ]

C:\Documents and Settings\Peter\Cookies\KYE13DJS.txt [ /ru4.com ]

C:\Documents and Settings\Peter\Cookies\911DY2YL.txt [ /revsci.net ]

C:\Documents and Settings\Peter\Cookies\DA06JDQY.txt [ /accounts.google.com ]

C:\Documents and Settings\Peter\Cookies\XBJ99H55.txt [ /xiti.com ]

C:\Documents and Settings\Peter\Cookies\3JD87Z0O.txt [ /adformdsp.net ]

C:\Documents and Settings\Peter\Cookies\GV2R1Y3S.txt [ /estat.com ]

C:\Documents and Settings\Peter\Cookies\QPWZQN0V.txt [ /collective-media.net ]

C:\Documents and Settings\Peter\Cookies\AR8D93K1.txt [ /stats.royalbank.com ]

C:\Documents and Settings\Peter\Cookies\Y84H3CNM.txt [ /demandmedia.trc.taboola.com ]

C:\Documents and Settings\Peter\Cookies\CA0QUIYM.txt [ /mediaplex.com ]

C:\Documents and Settings\Peter\Cookies\J5V7B27P.txt [ /yieldmanager.net ]

C:\Documents and Settings\Peter\Cookies\6S7OZUUX.txt [ /interclick.com ]

C:\Documents and Settings\Peter\Cookies\BJ20CQV5.txt [ /doubleclick.net ]

C:\Documents and Settings\Peter\Cookies\93O8CYML.txt [ /fastclick.net ]

C:\Documents and Settings\Peter\Cookies\56IP1X0T.txt [ /tribalfusion.com ]

C:\Documents and Settings\Peter\Cookies\FR5U0BOF.txt [ /amazon-adsystem.com ]

Trojan.Agent/Gen-Chifrax

C:\DOCUMENTS AND SETTINGS\PETER\MY DOCUMENTS\DOWNLOADS\CALL OF DUTY MODERN WARFARE 2 FULL MULTIPLAYER + SP ^^NOSTEAM^^\CALL OF DUTY MODERN WARFARE 2\PLAY-SINGLEPLAYER.EXE

C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\IOBIT\GAME BOOSTER 3\BACKLNK\SHORTCUT TO PLAY-SINGLEPLAYER.EXE.LNK

C:\DOCUMENTS AND SETTINGS\PETER\DESKTOP\CALL OF DUTY MODERN WARFARE 2 NOSTEAM.PART2\CALL OF DUTY MODERN WARFARE 2\PLAY-MULTIPLAYER.EXE

C:\DOCUMENTS AND SETTINGS\PETER\DESKTOP\CALL OF DUTY MODERN WARFARE 2 NOSTEAM.PART2\CALL OF DUTY MODERN WARFARE 2\PLAY-SINGLEPLAYER.EXE

C:\DOCUMENTS AND SETTINGS\PETER\DESKTOP\CALL OF DUTY MODERN WARFARE 2 NOSTEAM.PART3\CALL OF DUTY MODERN WARFARE 2\PLAY-MULTIPLAYER.EXE

C:\DOCUMENTS AND SETTINGS\PETER\DESKTOP\CALL OF DUTY MODERN WARFARE 2 NOSTEAM.PART3\CALL OF DUTY MODERN WARFARE 2\PLAY-SINGLEPLAYER.EXE

C:\DOCUMENTS AND SETTINGS\PETER\DESKTOP\SHORTCUT (2) TO PLAY-SINGLEPLAYER.EXE.LNK

C:\DOCUMENTS AND SETTINGS\PETER\MY DOCUMENTS\DOWNLOADS\CALL OF DUTY MODERN WARFARE 2 FULL MULTIPLAYER + SP ^^NOSTEAM^^\CALL OF DUTY MODERN WARFARE 2\PLAY-MULTIPLAYER.EXE

I've had that game a long time . Cant understand why its now coming up as a trojon? Can files become infected? Dont know whether i should leave it ( false positive) or what? Dont know if superantispyware will give me the choice delete/quarintine . Im going to wait to see what you think before i deal with this. thanks

Spyware , malware and virus removal help pls

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived