Page 1 of 4 123 ... LastLast
Results 1 to 10 of 32
  1. #1
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default IE9 keeps stopping responding

    Can somebody please check my logs?


    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 02/22/2012 at 06:08 PM

    Application Version : 5.0.1144

    Core Rules Database Version : 8264
    Trace Rules Database Version: 6076

    Scan type : Complete Scan
    Total Scan Time : 01:13:09

    Operating System Information
    Windows 7 Home Premium 64-bit (Build 6.01.7600)
    UAC On - Limited User

    Memory items scanned : 620
    Memory threats detected : 0
    Registry items scanned : 64300
    Registry threats detected : 0
    File items scanned : 63008
    File threats detected : 1

    Adware.Tracking Cookie
    ec.atdmt.com [ C:\USERS\STEVE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MJP2ZCFW ]






    Malwarebytes Anti-Malware 1.60.1.1000
    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Database version: v2012.02.22.03

    Windows 7 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Steve :: ACERLAPTOP [administrator]

    22/02/2012 15:21:32
    mbam-log-2012-02-22 (15-21-32).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 300199
    Time elapsed: 1 hour(s), 29 minute(s), 42 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)






    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:17:33, on 22/02/2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, Latest news, Sport, Music, Movies, Cars - MSN UK
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = EMACHINES MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O17 - HKLM\System\CCS\Services\Tcpip\..\{21154EE5-7CB2-46C2-920A-33F508D8E011}: NameServer = 8.26.56.26,156.154.70.22
    O17 - HKLM\System\CCS\Services\Tcpip\..\{92561FF0-8786-484A-876F-FC411C5ED3A6}: NameServer = 8.26.56.26,156.154.70.22
    O17 - HKLM\System\CS1\Services\Tcpip\..\{21154EE5-7CB2-46C2-920A-33F508D8E011}: NameServer = 8.26.56.26,156.154.70.22
    O17 - HKLM\System\CS2\Services\Tcpip\..\{21154EE5-7CB2-46C2-920A-33F508D8E011}: NameServer = 8.26.56.26,156.154.70.22
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
    O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: Updater Service - Acer Group - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 9785 bytes

  2. #2
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello and welcome to Help2Go

    We apologize for the delay in responding to your request for help. Here at Help2Go we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

    Please take note:

    1. If you have since resolved the original problem you were having, we would appreciate you letting us know.
    2. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
      • If you are unsure about any of these characteristics just post what you can and we will guide you.
    3. Please tell us if you have your original Windows CD/DVD available.
    4. If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
    5. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
    6. Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.
    7. If you have already posted a DDS log, please do so again, as your situation may have changed.
    8. Use the 'Add Reply' and add the new log to this thread.


    We need to see some information about what is happening in your machine. Please perform the following scan again:

    • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE


    We also need a new log from the GMER anti-rootkit Scanner.

    Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Then proceed to run aswMbr.exe as noted below.

    Please first disable any CD emulation programs using the steps found in this topic:

    Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:


    Note:
    If you are unable to run a Gmer scan due the fact you are running a 64bit machine please run the following tool and post its log.

    Please download aswMBR ( 511KB ) to your desktop.
    • Double click the aswMBR.exe icon to run it
    • Click the Scan button to start the scan
    • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.




    Thanks and again sorry for the delay.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  3. #3
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    No probs. I appreciate that you're busy


    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Steve at 19:48:09 on 2012-02-24
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.1783.194 [GMT 0:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
    FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
    C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.mail.yahoo.com/
    uWindow Title = Internet Explorer, optimized for Bing and MSN
    mStart Page = hxxp://emachines.msn.com
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
    TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe -update activex
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\Users\Steve\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{21154EE5-7CB2-46C2-920A-33F508D8E011} : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6} : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6} : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6}\34F607079646028496C6C60274575637470284F6573756 : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6}\34F607079646028496C6C60274575637470284F6573756 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6}\36F6D6475637F536C69656E64737 : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6}\36F6D6475637F536C69656E64737 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6}\36F6D6475637F536C69656E64737F594A5 : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6}\36F6D6475637F536C69656E64737F594A5 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6}\6556E65737 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6}\D416277616275647D4363416C6C6 : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6}\D416277616275647D4363416C6C6 : DhcpNameServer = 192.168.0.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO-X64: Search Helper - No File
    BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
    TB-X64: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
    R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
    R3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-02-17 22:24:39 509952 ----a-w- C:\Windows\System32\ntshrui.dll
    2012-02-17 22:24:38 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
    2012-02-16 16:56:18 515584 ----a-w- C:\Windows\System32\timedate.cpl
    2012-02-16 16:56:17 478208 ----a-w- C:\Windows\SysWow64\timedate.cpl
    2012-02-16 16:56:16 3143168 ----a-w- C:\Windows\System32\win32k.sys
    2012-02-16 16:54:52 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
    2012-02-16 16:54:39 634368 ----a-w- C:\Windows\System32\msvcrt.dll
    2012-02-16 16:54:38 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
    2012-02-03 09:11:50 203264 ----a-w- C:\Windows\SysWow64\Go your own way.scr
    2012-02-03 09:11:50 -------- d-----w- C:\Windows\SysWow64\Go your own way dir
    .
    ==================== Find3M ====================
    .
    2012-01-20 23:16:54 40960 ----a-w- C:\Windows\Moto Guzzi.dll
    2012-01-20 23:16:53 599624 ----a-w- C:\Windows\Moto Guzzi.exe
    2012-01-20 23:16:53 18192 ----a-w- C:\Windows\Moto Guzzi.dat
    2012-01-20 23:16:52 372032 ----a-w- C:\Windows\Moto Guzzi.scr
    2012-01-17 21:00:44 577824 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
    2011-12-19 18:59:17 43248 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
    2011-12-19 18:59:15 22696 ----a-w- C:\Windows\System32\drivers\cmderd.sys
    2011-12-19 18:58:57 41200 ----a-w- C:\Windows\System32\cmdcsr.dll
    2011-12-19 18:58:55 301224 ----a-w- C:\Windows\SysWow64\guard32.dll
    2011-12-19 18:58:54 389840 ----a-w- C:\Windows\System32\guard64.dll
    2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
    2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
    2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
    2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-12-10 15:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-12-03 08:41:37 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    .
    ============= FINISH: 19:51:02.12 ===============






    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 11/02/2011 18:28:58
    System Uptime: 23/02/2012 08:27:21 (35 hours ago)
    .
    Motherboard: eMachines | | HM55_CP
    Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz | CPU | 2399/1066mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 220 GiB total, 153.586 GiB free.
    D: is CDROM ()
    E: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP95: 18/01/2012 23:46:32 - Scheduled Checkpoint
    RP96: 20/01/2012 06:36:41 - Windows Update
    RP97: 25/01/2012 07:40:30 - Windows Update
    RP98: 02/02/2012 00:00:07 - Scheduled Checkpoint
    RP99: 09/02/2012 09:51:41 - Scheduled Checkpoint
    RP100: 17/02/2012 00:07:40 - Scheduled Checkpoint
    RP101: 17/02/2012 03:00:18 - Windows Update
    RP102: 18/02/2012 03:00:22 - Windows Update
    .
    ==== Installed Programs ======================
    .
    3 USB Modem
    Acrobat.com
    Adobe AIR
    Agatha Christie - Death on the Nile
    Alcor Micro USB Card Reader
    Audacity 1.2.6
    Bejeweled 2 Deluxe
    Bing Bar
    Bing Bar Platform
    Build-a-lot 2
    Chuzzle Deluxe
    Diner Dash 2 Restaurant Rescue
    eBay Worldwide
    eMachines Game Console
    eMachines Games
    eMachines Power Management
    eMachines Recovery Management
    eMachines Registration
    eMachines ScreenSaver
    eMachines Updater
    Farm Frenzy
    FATE
    Final Drive Nitro
    Foxit Reader
    Go your own way Screen Saver
    HiJackThis
    Identity Card
    Insaniquarium Deluxe
    Intel(R) Control Center
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Management Engine Components
    Intel(R) Rapid Storage Technology
    Java Auto Updater
    Java(TM) 6 Update 29
    Jewel Quest Solitaire 2
    John Deere Drive Green
    Junk Mail filter update
    Launch Manager
    Malwarebytes Anti-Malware version 1.60.1.1000
    MediaMonkey 4.0
    Microsoft Choice Guard
    Microsoft Default Manager
    Microsoft Office 2010
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    MSVCRT
    Norton Online Backup
    NTI Media Maker 9
    OpenOffice.org 3.3
    Penguins!
    Plants vs. Zombies
    Polar Bowler
    Polar Golfer
    Realtek High Definition Audio Driver
    SDFormatter
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    SopCast 2.0.4
    Spybot - Search & Destroy
    SpywareBlaster 4.4
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Video Web Camera
    Virtual Villagers 4 - The Tree of Life
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    Visual Studio 2008 x64 Redistributables
    Welcome Center
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    Yahoo! Detect
    Zero Assumption Recovery Version 9
    Zuma's Revenge
    Zuma Deluxe
    .
    ==== Event Viewer Messages From Past Week ========
    .
    24/02/2012 10:09:52, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
    22/02/2012 14:02:30, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.
    22/02/2012 14:02:30, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
    17/02/2012 09:26:47, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    17/02/2012 09:25:18, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
    17/02/2012 03:34:25, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS service.
    17/02/2012 03:33:22, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
    17/02/2012 03:03:27, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2647516).
    .
    ==== End Of File ===========================






    aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
    Run date: 2012-02-24 19:54:11
    -----------------------------
    19:54:11.054 OS Version: Windows x64 6.1.7600
    19:54:11.054 Number of processors: 4 586 0x2505
    19:54:11.064 ComputerName: ACERLAPTOP UserName: Steve
    19:54:17.544 Initialize success
    19:54:34.102 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    19:54:34.112 Disk 0 Vendor: Hitachi_ PB2O Size: 238475MB BusType: 3
    19:54:34.192 Disk 0 MBR read successfully
    19:54:34.192 Disk 0 MBR scan
    19:54:34.202 Disk 0 Windows 7 default MBR code
    19:54:34.202 Service scanning
    19:54:39.452 Modules scanning
    19:54:39.452 Disk 0 trace - called modules:
    19:54:39.672 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
    19:54:39.682 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80025eb060]
    19:54:39.682 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800238e050]
    19:54:39.692 Scan finished successfully
    19:55:10.254 Disk 0 MBR has been saved successfully to "C:\Users\Steve\Desktop\MBR.dat"
    19:55:10.254 The log file has been saved successfully to "C:\Users\Steve\Desktop\aswMBR.txt"

  4. #4
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    I think my windows 7 is 64 bit but not sure

  5. #5
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    I don't see anything in your logs to indicate any kind of malware.

    Let's try running your Ie without any addons.

    1.
    Right click your Inernet Explorer Icon and select Start without Addons and see if it runs better.


    2.
    • Download RogueKiller on the desktop
    • Close all the running processes
    • Under Vista/Seven, right click -> Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • When prompted, Click Scan
    • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  6. #6
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    I don't have a 'start without add ons' option. If I click on start though, I do notice in the list of applications that I hace 2 versons of IE listed. One says 64 bit


    RogueKiller V7.1.0 [02/15/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: RogueKiller - Geeks to Go Forums
    Blog: tigzy-RK

    Operating System: Windows 7 (6.1.7600 ) 64 bits version
    Started in : Normal mode
    User: Steve [Admin rights]
    Mode: Scan -- Date: 02/27/2012 09:55:34

    Bad processes: 0

    Registry Entries: 6
    [DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{21154EE5-7CB2-46C2-920A-33F508D8E011} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
    [DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
    [DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{21154EE5-7CB2-46C2-920A-33F508D8E011} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
    [DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{92561FF0-8786-484A-876F-FC411C5ED3A6} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
    [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    Particular Files / Folders:

    Driver: [NOT LOADED]

    Infection :

    HOSTS File:
    1

    MBR Check:

    +++++ PhysicalDrive0: Hitachi HTS545025B9A300 +++++
    --- User ---
    [MBR] 601f2eb2568f60b8a1e2a763443c83da
    [BSP] b170e8480018669e8793807a4f9a14bd : Windows 7 MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 225061 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: USB Disk +++++
    --- User ---
    [MBR] b979638d84067059dbc14f4a905a0179
    [BSP] 3e0576930943cb5fc495cd08ecca1981 : MBR Code unknown
    Partition table:
    0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 15450 Mo
    Error reading LL1 MBR!
    Error reading LL2 MBR!

    Finished : << RKreport[1].txt >>
    RKreport[1].txt

  7. #7
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    • Re-Run RogueKiller
    • Close all the running processes
    • Under Vista/Seven, right click -> Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • When prompted, Click Delete
    • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again



    • Re-Run RogueKiller
    • Close all the running processes
    • Under Vista/Seven, right click -> Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • When prompted, Click HOSTFIX
    • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  8. #8
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    Here you go:

    RogueKiller V7.2.1 [02/29/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: RogueKiller - Geeks to Go Forums
    Blog: tigzy-RK

    Operating System: Windows 7 (6.1.7600 ) 64 bits version
    Started in : Normal mode
    User: Steve [Admin rights]
    Mode: HOSTSFix -- Date: 02/29/2012 18:44:59

    Bad processes: 0

    Driver: [NOT LOADED]

    HOSTS File:
    1

    Resetted HOSTS:
    127.0.0.1 localhost

    Finished : << RKreport[3].txt >>
    RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

  9. #9
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    How is IE responding now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  10. #10
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    No better....did we find anything?

    Sometimes I get prompts telling me that webpages have stopped responding, sometimes I get an AVG popup saying that IE is taking a lot of memory, sometimes the bar at the bottom of my browser dissapears except the start button

Page 1 of 4 123 ... LastLast