Custom Search
Join the PC homebuilding revolution! Read the all-new, FREE 200-page online guide: How to Build Your Own PC!
NOTE: Using robot software to mass-download the site degrades the server and is prohibited. See here for more.
Find The PC Guide helpful? Please consider a donation to The PC Guide Tip Jar. Visa/MC/Paypal accepted.
Results 1 to 25 of 25

Thread: Infected computer

  1. #1

    Infected computer

    My son has a Dell computer he bought a while ago with Vista installed as the OS. He called me a few days ago and said that he could not get an internet connection. His wife could on her computer and they have the same service provider. He therefore decided that it must be something with the computer. He took it back to where he bought it to have one of their technetions look at it. I wonít mention where he took it as itís not necessary. The service tech checked it and said that the software was OK and so was the hardware. But it was badly infected. They charged him $59.00 and said it would be another $150 to clean the infections. So my son just paid them the $50.00 and took his computer home and called me. I told him to bring it to my house and I would clean the infections for him. I said I have never heard of a virus that would cause you no loose an internet connection, but I could be wrong. When I booted it up I kept getting a pop-up message from a utility called Kaspersly Anti-virus which kept telling me that the license has expired. I could do nothing until I shut down the pop-up, but it insisted on coming up again. It then said that updating will temporarily shut down the internet connection. I then un-installed it and was able to run a scan after running Malwarebytes which removed 34 infections. I was then able to get a connection but Iím not sure the original problem was with the infections, I suspected it was because of the Kaspersky utility that was on there. I then got on Google and did a search and discover that othesr had an issue with it as it would shut down there connection as it was upgrading. I then put in my thumb drive to install something and found out that it would not boot with the thumb drive in as it was looking for a bootable medium. I went into the BIOS and in the boot order it has ďRemovable mediumĒ listed as to what to look at first. By removable medium it did not mean the CD drive as that listed at the bottom. I changed the BIOS to the defaults and that fixed it as it will now boot with the thumb drive in. So Iím wondering, doesnít it sound like the problem of the internet connection was because of the Kaspersky utility? And do you think that the technetion who looked at his computer changed the BIOS setting for some reason, but then forgot to change it back? Thanks for taking the time to read all of this.----Frank
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  2. #2
    Join Date
    Jan 2007
    Posts
    1,138
    If you still have the computer, you may want to post an HJT log for review to help make sure the machine is clean.

    I have never used Kapersky but don't recall much negative about them either. But then again, this site does not score them very highly, but seems they have some other surprisingly low rated sites I would have never thought to be so bad.

    Kapersky's review per the above site here

    Make sure before you return the computer to your son that he has some good protection that WONT expire!

  3. #3

    Log part 1

    Here is the first part of the hjt log:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:05:02 PM, on 3/19/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\AVG\AVG9\avgtray.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Iminent\IMBooster\IMBooster.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Users\Sal\AppData\Roaming\Smilebox\SmileboxTray .exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Users\Sal\AppData\Roaming\Genieo\Application\Up dater\bin\genupdater.exe
    C:\Users\Sal\AppData\Roaming\Genieo\Application\Tr ayUi\bin\gentray.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Java\jre6\bin\javaw.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/SearchTheW...e/Default.aspx
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: (no name) - *{3d68e927-6002-6bb4-7940-c297f1177192} - (no file)
    R3 - URLSearchHook: (no name) - *{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: My Personal Homepage - {0538CF1C-8419-4800-ADBB-0C00C799FDA2} - C:\Users\Sal\AppData\Roaming\Genieo\Application\IE Plugins\bin\IEWrapper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Freecause Shopping BHO - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: TTB000000 - {62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: FCTBPos00Pos - {7C4155B9-EFE5-2364-45E9-6679A6060ED5} - C:\Program Files\Shopping4Causes Shopping Plugin\Toolbar.dll
    O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\s wg.dll
    O2 - BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll
    O2 - BHO: Updater For My.Freeze.com Toolbar - {C26CD490-5F01-41E3-B150-EB29F19DA056} - C:\Program
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  4. #4

    Part 2 of log

    Files\myfreezetoolbar\auxi\myfreezetoolbAu.dll (file missing)
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: (no name) - {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - (no file)
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [SmileboxTray] "C:\Users\Sal\AppData\Roaming\Smilebox\SmileboxTra y.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [GenieoUpdaterService] "C:\Users\Sal\AppData\Roaming\Genieo\Application\U pdater\bin\genupdater.exe" -wait 5
    O4 - HKCU\..\Run: [GenieoSystemTray] "C:\Users\Sal\AppData\Roaming\Genieo\Application\T rayUi\bin\gentray.exe"
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6; FunWebProducts; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; MDDC; InfoPath.2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; msn OptimizedIE8;ENUS)" -"http://www8.agame.com/games/shockwave/d/dance_trends_3d/dance_trends_3d_girlsgogames_com.htm"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: MRI_DISABLED
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gateway.com/support/s...vest/gwCID.CAB
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
    O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files\Cozi Express\CoziProtocolHandler.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O18 - Filter: x-sdch - (no CLSID) - (no file)
    O20 - AppInit_DLLs: avgrsstx.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
    O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 13031 bytes
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  5. #5
    Join Date
    Jan 2007
    Posts
    1,138
    There's some junk in the trunk Frank, please await further instructions from our malware fighters.

  6. #6
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,270
    Run MBAM:
    How to run a scan with Malwarebytes' Anti-Malware

    Download Malwarebytes' Anti-Malware from Here or Here

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    Note:
    If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
    Click OK to either and let MBAM proceed with the disinfection process.
    If asked to restart the computer, please do so immediately.
    [/QUOTE]

    Then:

    • Post a new HJT log
    • Post the MBAM Log
    • Rell me how the system is running.
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  7. #7
    Thanks, Classic--I'll do that and post the new log. Enjoy the nice weather we're having!
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  8. #8
    Here is the first part of HJT log. I'll then post the log I got with Malwarebytes:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:14:08 AM, on 3/20/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: FCToolbarURLSearchHook Class - {3d68e927-6002-6bb4-7940-c297f1177192} - C:\Program Files\Shopping4Causes Shopping Plugin\Helper.dll
    R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: My Personal Homepage - {0538CF1C-8419-4800-ADBB-0C00C799FDA2} - C:\Users\Sal\AppData\Roaming\Genieo\Application\IE Plugins\bin\IEWrapper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Freecause Shopping BHO - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: FCTBPos00Pos - {7C4155B9-EFE5-2364-45E9-6679A6060ED5} - C:\Program Files\Shopping4Causes Shopping Plugin\Toolbar.dll
    O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
    O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\s wg.dll
    O2 - BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: (no name) - {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - (no file)
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  9. #9

    Part 2 of hjt log

    Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6; FunWebProducts; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; MDDC; InfoPath.2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; msn OptimizedIE8;ENUS)" -"http://www8.agame.com/games/shockwave/d/dance_trends_3d/dance_trends_3d_girlsgogames_com.htm"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - Global Startup: MRI_DISABLED
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gateway.com/support/s...vest/gwCID.CAB
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files\Cozi Express\CoziProtocolHandler.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
    O18 - Filter: x-sdch - (no CLSID) - (no file)
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 11452 bytes
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  10. #10

    Malwarebytes log

    It did find one issue which I clicked to fix. I should mention that after I submitted the first post I did a scan with SpyBot S&D. It found 55 issues (most--if not all-were entries in the registry) If there is a log that SpyBot made and if I know where it is, I'd send it to you. The registry entry that this morning's scan found is simular to one of the ones that I found on the previous scan. If there is a utility that he has that is puting that entry in the registry, I'd remove it.

    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.03.20.03

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Sal :: SAL-PC [administrator]

    3/20/2012 8:31:54 AM
    mbam-log-2012-03-20 (08-31-54).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 186215
    Time elapsed: 5 minute(s), 45 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 1
    HKCU\Software\Cr_Installer\1950 (Adware.GamePlayLab) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  11. #11
    Have you had a chance to look at these log files yet; and is there anything that I need to do? Thanks--I do appreciate your time.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  12. #12
    After running Malwarebytes, it seems to run alright and I haven't encountered any problems. I think it's OK now unless you see something in the log that needs attention. Thanks for your time.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  13. #13
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,270
    Does it get on line?
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  14. #14
    Yes, It gets on line with no problems. It seems to be OK now.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  15. #15
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,270
    I'll look at the logs more carefully when I get back...
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  16. #16
    Join Date
    Jan 2007
    Posts
    1,138
    Frank,
    To find the previous reports in SS&D;

    Open Spybot. Mode Tab choose Advanced. Expand the Tools sidebar. Click View report and then there's another 'view report' with a green radio button. Then export to something like NotePad. If you have other, older entries, they will be in the next choice over labeled 'previous reports'.

  17. #17
    Quote Originally Posted by FTT View Post
    Frank,
    To find the previous reports in SS&D;

    Open Spybot. Mode Tab choose Advanced. Expand the Tools sidebar. Click View report and then there's another 'view report' with a green radio button. Then export to something like NotePad. If you have other, older entries, they will be in the next choice over labeled 'previous reports'.
    I may have picked the wrong file. It has 2,893 words. Does that sound right?
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  18. #18
    Join Date
    Jan 2007
    Posts
    1,138
    Not sure how you are getting that kind of info but I have one text named SS&D reports that is 44KB and 3 more at 4 or less KB in the Logs folder of SS&D, two named checks and one called updates.

    If you choose export, you can drop down the address window and figure out the path to the folder to see any other logs which may be there.

    Incidentally, my logs aren't showing much as far as detected and/or cleaned,but my latest scan was fine. I don't know, perhaps yours has more in it especially if it found issues.

  19. #19
    Quote Originally Posted by FTT View Post
    Not sure how you are getting that kind of info but I have one text named SS&D reports that is 44KB and 3 more at 4 or less KB in the Logs folder of SS&D, two named checks and one called updates.

    If you choose export, you can drop down the address window and figure out the path to the folder to see any other logs which may be there.

    Incidentally, my logs aren't showing much as far as detected and/or cleaned,but my latest scan was fine. I don't know, perhaps yours has more in it especially if it found issues.
    I'm going to try it again as I didn't think that was the log you are looking for. The scan I did with SpyBot found over 50 issues.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  20. #20
    I've tried everything, but when I click on View Report--the one with the green icon--all I get is that extremely long log. I am sending just a very small portion of the file so that you have some idea of what I have. Below is that small portion:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  21. #21
    I've tried everything, but when I click on View Report--the one with the green icon, I get that extremely long worded file. I'm going to post just a very small portion if it so that you have some idea of what I'm getting. I'm sure I'm doing something wrong, but below is a little bit of it:

    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2012-03-19 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-11-04 advcheck.dll (1.6.5.20)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2009-01-26 Tools.dll (2.1.6.10)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2012-01-16 Includes\Adware.sbi
    2012-03-13 Includes\AdwareC.sbi
    2010-08-13 Includes\Cookies.sbi
    2010-12-14 Includes\Dialer.sbi
    2011-11-29 Includes\DialerC.sbi
    2012-01-31 Includes\HeavyDuty.sbi
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  22. #22
    Join Date
    Jan 2007
    Posts
    1,138
    That looks like my log as well, but mine is about 4x as big as yours! Possibly because it is an old build of Win XP and things have accrued over time.

    But I don't think the log would be of much use for analysis unless you can find some errors/warnings listed in the log with the checksums, BHO list or Active X list. In mine there's several lines that state "classification: Legitimate" If you find any that state otherwise, you may want to copy/paste portions of that area to save space and to keep from going over the 'character' (not word as you said which confused me for a sec) limit in your posts.

  23. #23
    When I ran SpyBot it did clean everything. So I think the computer is running fine now. If you can find anything in the HJT log, let me know.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

  24. #24
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,270
    It;s more likely the MBAM cleaned it. Spybot is pretty useless these days. You need to remove some of those tool bars. Also, you have to AV programs going on that PC, pick one....
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  25. #25
    Quote Originally Posted by classicsoftware View Post
    It;s more likely the MBAM cleaned it. Spybot is pretty useless these days. You need to remove some of those tool bars. Also, you have to AV programs going on that PC, pick one....
    I see what you mean by removing some of the tool bars. I hadn't noticed that he had so many. I'm now running AVG. After that I'm going to turn the computer back over to my son. Thanks for your help.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    No One Stands So Tall As When They Stoop To Help A Child.
    _________________________________________________
    Children have never been very good at listening to their elders, but they have never failed to imitate them.
    ~James Baldwin~
    _________________________________________________
    Life is more accurately measured by the lives you touch than by the things you acquire.
    ~Author unknown~

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •