Page 1 of 7 123 ... LastLast
Results 1 to 10 of 67
  1. #1
    Member
    Join Date
    Apr 2012
    Posts
    45
    Points
    0

    Default Regisrty File problems

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:40:25 AM, on 4/9/2012
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\iTunes\iTunes.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Search
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ixquick.com/eng/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Search
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\IPSBHO.DLL
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O2 - BHO: Juno DSL Toolbar Helper - {FE3098B4-04A3-41fd-8CA9-BEA39CB14C87} - C:\Program Files (x86)\Juno DSL\ucreg.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Juno DSL - {63B834D7-CFCD-442A-9B0A-921F54D3E792} - C:\Program Files (x86)\Juno DSL\Toolbar.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
    O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O13 - Gopher Prefix:
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
    O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12278 bytes
    I am using a Toshiba Satellite L655 ....my computer is very slow....Thanks!

  2. #2
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi minimn,

    Welcome to Help2Go!

    My apologies for the delay. You have signs of 2 AV's on your system. Norton and AVG.

    Two antivirus programs may conflict with each other and cause the following:
    • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
    • Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
    • Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
    • Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.


    Please download AppRemover from here and install to the desktop.
    • Double click the icon and click Run
    • Click Next>>
    • Under Select Removal Type click on Remove Security Application then click on Next>>


    The program will perform a detailed scan on your computer for security applications.

    Once it is finished:

    • Click Next>>
    • In the next pane place a check mark next to the AV that you would like to uninstall and click Next>>.


    This will remove the Anti-Virus from your system.



    Next:

    I see you have Malwarebytes Anti-malware installed. When was the last time you ran a scan? If not recently, please scan your computer and save the log to post in your next reply. If you have scanned within the last day or so and MBAM found and quarantined entries, please post that log. The log can be found by opening the program and clicking on the Logs tab.

    Then:

    Download and scan with SUPERAntiSpyware Free for Home Users
    • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
    • Under "Configuration and Preferences", click the Preferences button.
    • Click the Scanning Control tab.
    • Under Scanner Options make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Scan for tracking cookies.
      • Terminate memory threats before quarantining.
    • Click the "Close" button to leave the control center screen.
    • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan.
    • Click "Next" to start the scan. Please be patient while it scans your computer.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes".
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click Preferences, then click the Statistics/Logs tab.
      • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
      • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
      • Please copy and paste the Scan Log results in your next reply.
    • Click Close to exit the program.


    Finally:

    After you have completed those tasks scan with HiJackThis again and let me know if your computer is running any faster. Also include any other issues you might be experiencing.

    In your next post please include the following:

    SUPERAntiSpyware Scan Log
    Malwarebytes Scan Log
    HijackThis Scan Log

    Thank you!

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #3
    Member
    Join Date
    Apr 2012
    Posts
    45
    Points
    0

    Default

    after ran SUPERAntiSpyware scan Internet Explorer keeps crashing....heres log:

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 04/09/2012 at 09:24 PM

    Application Version : 5.0.1146

    Core Rules Database Version : 8431
    Trace Rules Database Version: 6243

    Scan type : Complete Scan
    Total Scan Time : 00:45:22

    Operating System Information
    Windows 7 Home Premium 64-bit (Build 6.01.7600)
    UAC On - Limited User

    Memory items scanned : 594
    Memory threats detected : 0
    Registry items scanned : 63530
    Registry threats detected : 0
    File items scanned : 106078
    File threats detected : 50

    Adware.Tracking Cookie
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@a1.interclick[2].txt [ /a1.interclick ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@accounts.google[2].txt [ /accounts.google ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@ad2.adfarm1.adition[1].txt [ /ad2.adfarm1.adition ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@adfarm1.adition[2].txt [ /adfarm1.adition ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@ads.pubmatic[1].txt [ /ads.pubmatic ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@at.atwola[2].txt [ /at.atwola ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@casalemedia[2].txt [ /casalemedia ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@collective-media[1].txt [ /collective-media ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@collective-media[2].txt [ /collective-media ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@collective-media[3].txt [ /collective-media ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@dmtracker[1].txt [ /dmtracker ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@insightexpressai[2].txt [ /insightexpressai ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@interclick[2].txt [ /interclick ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@invitemedia[1].txt [ /invitemedia ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@kontera[1].txt [ /kontera ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@legolas-media[1].txt [ /legolas-media ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@lucidmedia[2].txt [ /lucidmedia ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@media6degrees[2].txt [ /media6degrees ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@mediamm.sitecompass[1].txt [ /mediamm.sitecompass ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@mediaservices-d.openxenterprise[2].txt [ /mediaservices-d.openxenterprise ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@mm.chitika[2].txt [ /mm.chitika ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@network.realmedia[1].txt [ /network.realmedia ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@realmedia[1].txt [ /realmedia ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@revsci[2].txt [ /revsci ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@uol.realmedia[2].txt [ /uol.realmedia ]
    C:\Users\Kojo\AppData\Roaming\Microsoft\Windows\Cookies\kojo@www.googleadservices[1].txt [ /www.googleadservices ]
    C:\USERS\KOJO\AppData\Roaming\Microsoft\Windows\Cookies\kojo@adsonar[4].txt [ Cookie:kojo@adsonar.com/adserving ]
    C:\USERS\KOJO\AppData\Roaming\Microsoft\Windows\Cookies\Low\kojo@collective-media[3].txt [ Cookie:kojo@collective-media.net/ ]
    C:\USERS\KOJO\Cookies\kojo@adfarm1.adition[2].txt [ Cookie:kojo@adfarm1.adition.com/ ]
    C:\USERS\KOJO\Cookies\kojo@insightexpressai[2].txt [ Cookie:kojo@insightexpressai.com/ ]
    C:\USERS\KOJO\Cookies\kojo@collective-media[1].txt [ Cookie:kojo@collective-media.net/ ]
    C:\USERS\KOJO\Cookies\kojo@realmedia[1].txt [ Cookie:kojo@realmedia.com/ ]
    C:\USERS\KOJO\Cookies\kojo@dmtracker[1].txt [ Cookie:kojo@dmtracker.com/ ]
    C:\USERS\KOJO\Cookies\kojo@kontera[1].txt [ Cookie:kojo@kontera.com/ ]
    C:\USERS\KOJO\Cookies\kojo@adsonar[4].txt [ Cookie:kojo@adsonar.com/adserving ]
    C:\USERS\KOJO\Cookies\kojo@invitemedia[1].txt [ Cookie:kojo@invitemedia.com/ ]
    C:\USERS\KOJO\Cookies\kojo@revsci[2].txt [ Cookie:kojo@revsci.net/ ]
    C:\USERS\KOJO\Cookies\kojo@lucidmedia[2].txt [ Cookie:kojo@lucidmedia.com/ ]
    C:\USERS\KOJO\Cookies\kojo@legolas-media[1].txt [ Cookie:kojo@legolas-media.com/ ]
    C:\USERS\KOJO\Cookies\kojo@www.googleadservices[1].txt [ Cookie:kojo@www.googleadservices.com/pagead/conversion/1039912809/ ]
    C:\USERS\KOJO\Cookies\kojo@media6degrees[2].txt [ Cookie:kojo@media6degrees.com/ ]
    C:\USERS\KOJO\Cookies\kojo@mm.chitika[2].txt [ Cookie:kojo@mm.chitika.net/ ]
    C:\USERS\KOJO\Cookies\kojo@at.atwola[2].txt [ Cookie:kojo@at.atwola.com/ ]
    C:\USERS\KOJO\Cookies\kojo@mediamm.sitecompass[1].txt [ Cookie:kojo@mediamm.sitecompass.com/ ]
    C:\USERS\KOJO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KOJO@COLLECTIVE-MEDIA[1].TXT [ /COLLECTIVE-MEDIA ]
    C:\USERS\KOJO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KOJO@COLLECTIVE-MEDIA[2].TXT [ /COLLECTIVE-MEDIA ]
    C:\USERS\KOJO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KOJO@NETWORK.REALMEDIA[1].TXT [ /NETWORK.REALMEDIA ]
    C:\USERS\KOJO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KOJO@NETWORK.REALMEDIA[3].TXT [ /NETWORK.REALMEDIA ]
    C:\USERS\KOJO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KOJO@YIELDMANAGER[2].TXT [ /YIELDMANAGER ]

    PUP.CNETInstaller
    C:\USERS\KOJO\DOWNLOADS\CNET2_PRIVACYMANTRA_EXE.EXE

    heres Malwarebytes log:
    2012/04/09 08:00:53 -0700 KB11PC Kojo MESSAGE Starting protection
    2012/04/09 08:00:55 -0700 KB11PC Kojo MESSAGE Protection started successfully
    2012/04/09 08:00:58 -0700 KB11PC Kojo MESSAGE Starting IP protection
    2012/04/09 08:00:58 -0700 KB11PC Kojo ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
    2012/04/09 21:34:33 -0700 KB11PC Kojo MESSAGE Starting protection
    2012/04/09 21:34:37 -0700 KB11PC Kojo MESSAGE Protection started successfully
    2012/04/09 21:34:40 -0700 KB11PC Kojo MESSAGE Starting IP protection
    2012/04/09 21:34:40 -0700 KB11PC Kojo ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753

    can't seem to copy HiJackThis Log list????

  4. #4
    Member
    Join Date
    Apr 2012
    Posts
    45
    Points
    0

    Default

    also Malwarebytes scan came up clean....also removed Norton and kept AVG 2012: http://nie-spamuj.eu/wirusy.html ....
    Last edited by PartieHonteuse; 08-10-2014 at 11:01 AM.

  5. #5
    Member
    Join Date
    Apr 2012
    Posts
    45
    Points
    0

    Default

    another note: computer is running faster

  6. #6
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Is IE9 still crashing after you've rebooted?

    can't seem to copy HiJackThis Log list????
    Could you elaborate a bit more please. Are you able to right click and choose Select All then choose Copy
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  7. #7
    Member
    Join Date
    Apr 2012
    Posts
    45
    Points
    0

    Default

    yes, IE is still crashing but not on this site...??? i did a pc analyzer scan Sunday with AVG and keptr gettng registies that were severe threats so i went in manually and kept takn them out but it was futile..hope i didnt mess up any registry file programs...thank you for takn the time to help here!

  8. #8
    Member
    Join Date
    Apr 2012
    Posts
    45
    Points
    0

    Default

    note:cannot copy HiJackThis log report will not show select all etc...it actually comes up with an error sign when I try to perform a scan and log...

  9. #9
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    thank you for takn the time to help here!
    You're welcome minimn!

    i did a pc analyzer scan Sunday with AVG and keptr gettng registies that were severe threats
    Are there any logs available that show what severe threats were found?

    You should never try to edit the registry manually if you are not familiar with the territory. Do you happen to have a Win7 OS disk handy? If so, I'll need to know exactly what type of disk it is.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  10. #10
    Member
    Join Date
    Apr 2012
    Posts
    45
    Points
    0

    Default

    yes 2 trojans IDP.Trojan.340E2EC2 & IDP. Trojan764E3014 from AVG scan...but there were a whole lotta viruses in the Virus vault when I used Avira Antivirus but i switched over AVG a couple weeks ago...sorry if this isnt helpn much

Page 1 of 7 123 ... LastLast