Jump to content

ewintr

Members
  • Content Count

    42
  • Joined

  • Last visited

Everything posted by ewintr

  1. It's been a long time since I have been here but I need help again please. 'Some' images are suddenly not showing up on pages, but some do. I have no idea what to do. Also, around the same time as the image problem, when I click on a link, or try to close a window, use the scroll bars , etc. it often doesn't work - seems to freeze for a while. Any help with these issues is much appreciated.
  2. I've been trying and trying and trying to do this and just can't seem to get it right. My computer is a bit different than the steps in the link you gave me. I can get the computer to connect by going through the steps but in a different way....I eventually found all the steps listed in the link....but then when I shut it off and start it again and try to connect...it still won't connect. Obviously I'm just not doing something right. Where do I find that "Automatically connect" you mentioned? I should find it anc check it while I am connected, correct?
  3. Well, I am obviously doing something wrong.... The steps in that link you gave me are not exactly the way my computer looks, but I finally did manage to figure out how to find all the steps and went through the process...and it worked. The computer connected fine. But, then when I went to start the computer up again, it wouldn't connect. It was exactly like it was before, even all those network connections that I had removed were showing up in the list again. I don't know what is wrong......
  4. Hello, thank you for being patient. health issues are a problem for me at times. When I click that icon, my wireless network does not show up. No networks show up. Just a message about using WCZ or something like that. I have no idea what that is.
  5. If the green bar is a light green and only 2/3 of the way across the bar box, does that mean it is a good signal? Or should it be a dark green and fill the bar box? I've been trying to connect by clicling on the wireless bars icon, but it never connects. It just tells me " This network is already configured. A profile to this network already exists. Click Back to create a profile to a different network or click Next to replace the existing profile". I don't know which to do.
  6. Well.....I have no clue why or how, but the 2 desktops computers with the wall adapters are working again. They are connecting just fine. But, i still don't know how to get the laptop to work with wifi again. I did the restore point thing and restored it to a much earlier setting but it still won't connect. And I have no idea how to set up a computer or a laptop to connect to the internet. Question......when I look at my connection in the list of connections in the area, the green bar thing is a pale green and only goes about 2/3 across the bar. Is that normal? Or should it be a dark green and cover the whole bar box? Just curious.
  7. I'm sorry, I should have looked at the laptop first. It has XP, not 7. I guess what we have is a wired connection then. My computer is the main one. It has the modem and the 'power box'(not sure what it is called) for the wall adapters....it plugs into my computer and a wall socket. Then we have a wall adapter plugged into my husband's computer and a wall socket. And we have another wall adapter plugged into the spare computer and a wall socket. They are all in different rooms. They all worked just find this way, until the other day when the spare computer and my husband's computer would no longer connect to the internet. The laptop did still connect, but doens't now because I must have messed something up. I have done the unplugging of the router several times but it didn't change anything. I will try it again though. If it doesn't fix the laptop, what can I do next?
  8. I apologize for not replying quickly. I am indeed an old lady and have numerous health problems that interrupt my days so please be patient and don't give up on me.. :-) I tried doing as suggested (Go to Start> Control Panel> Network and Internet> Network and Sharing Center> Change Adapter Settings (on the left). Click on your Wireless Adapter, then above it, click on: Disable this Network Device) but those steps are not available on this old laptop. When I got to Network and Sharing Center, there was nothing anywhere that said Change Adapter Settings. I have no idea how to find the 'Wireless adapter' on the laptop. In fact, it won't conect to the internet at all now. I must have messed something up when clicking around. And I have no idea how to set up a wireless connection (or even a reglar connection) on any computer, not just the laptop. What is a 'Network name'???? Are the wall adapters considered 'wireless' connections or regular connections? What should I do now?
  9. I looked all over the laptop and there is no switch. I don't even see a wifi light. There is a light on it that I think is a power light because it is on and blinking when I plug the charger into it. And to the left of that light it looks like what might be two other lights but they are never lit up and I have no clue what they are for because the symbols next to them are too small to be able to tell what they are. It is an old Dell running Windows XP Professional. What do I do now? If the wall adapters were the problem, wouldn't the lights be off or blinking or 'not reen'? The lights are all a solid green, just lke they have always been.
  10. Hello, it's been a while since I've had to come for help, but now I need help again (my old username here was 'anoldlady'). I hope I can explain my situation so it isn't too confusing.... We have 4 computers in our home --- 3 desktops and a laptop. Suddenly 2 of the desktops won't connect but the other desktop and the laptop still connect just fine and work fine. My computer is a Dell desk top with Windows 7. My husband's computer is a Dell desktop with Windows XP. The spare computer is a desktop with Windows 7 (not sure of brand). Laptop has Windows 7 and connects through Wi-Fi (I think it is also a Dell but not sure). They all connected and worked just fine until 2 days ago. My husband's desktop and the spare desktop suddenly will no longer connect. My computer and the laptop still work just fine. My desktop is the main computer, the one with the modem/router and adaptor box. My husband's desktop and the spare desktop connect with wall adaptors (Trendnet 200Mbps Compact Powerline AV Adapters). I don't know much about fixing computers. I have run virus scans on the 2 computers that won't connect and deleted anything the scans found (I don't remember if anything was found or not, sorry.) The spare computer has a paid version of McAfee and I also downloaded and ran MBAM and Eset. I ran MBAM and Eset on my husband's desktop. I have tried unplugging the wall adapters, the modem, etc. , waiting and plugging them back in but that makes no difference. I've done it seveal times. All liights on the modem and wall adapters are green and seem fine. On the spare desktop, I suddenly started having some windows pop up saying that Media Player wanted access (I have it set so that I have to approve things that want access). They were a pain because they were popping up frequently so I Uninstalled Media Player. I'm at a loss. No idea what to do. Any help is greatly appreciated!!!
  11. Everthing seems fine now! THANK YOU, THANK YOU SO VERY VERY MUCH!!!!! Your time and knowledge are SINCERELY appreciated, by me, and I'm sure by all the others you help. Thank you.
  12. yes, i did reboot after doing the cf uninstall. cf didn't do it, but since you mentioned that cf would do it, i figured i should do it anyway, so i did.
  13. I did the combofix uninstall, the defogger, and the otc. What about removing the hjt folder? ...and the second IE that one of the things put on my computer (you had mentioned it would be gone after we were done). I assume it is ok to delete all the log text files that were saved to my desktop??
  14. oh dear, i'm already confused on the first step..... it says "Go to Start > Run > copy and paste the full text path in the run box Start > Run & typing in ComboFix /Uninstall" What is the "full text path"? What do I "copy/paste"? Are the above two separate steps or is the second one a repetition of the first, except it says 'typing in' instead of copy/paste?
  15. Terrific! I was hoping you would say that......I sure need some sleep :0 What do I do next?
  16. new otm log--- All processes killed ========== FILES ========== D:\WINDOWS\Temporary Internet Files\Content.IE5\CLIZO9QB\img[1] moved successfully. D:\WINDOWS\Temporary Internet Files\Content.IE5\WPAVC1IV\img[1] moved successfully. DllUnregisterServer procedure not found in D:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL D:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL moved successfully. File/Folder c:\documents and settings\XP\Local Settings\Application Data\cyqvpqoqtc:\documents and settings\XP\Local Settings\Application Data\hfipygujl not found. ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 180358 bytes ->Flash cache emptied: 1375 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 21074 bytes ->Flash cache emptied: 16856 bytes User: XP ->Temp folder emptied: 110814353 bytes ->Temporary Internet Files folder emptied: 16973976 bytes ->Java cache emptied: 13888678 bytes ->Flash cache emptied: 62451 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2162283 bytes %systemroot%\System32 .tmp files removed: 2832913 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 18865 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 520192 bytes Total Files Cleaned = 141.00 mb OTM by OldTimer - Version 3.1.14.0 log created on 07122010_093305 Files moved on Reboot... C:\Documents and Settings\XP\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully. File C:\Documents and Settings\XP\Local Settings\Temp\~DFF013.tmp not found! File C:\Documents and Settings\XP\Local Settings\Temp\~DFF01E.tmp not found! File C:\Documents and Settings\XP\Local Settings\Temp\~DFF08E.tmp not found! File C:\Documents and Settings\XP\Local Settings\Temp\~DFF099.tmp not found! File C:\Documents and Settings\XP\Local Settings\Temp\~DFF19A.tmp not found! File C:\Documents and Settings\XP\Local Settings\Temp\~DFF1A5.tmp not found! C:\Documents and Settings\XP\Local Settings\Temporary Internet Files\Content.IE5\32MGLZ7G\index[5].php moved successfully. Registry entries deleted on Reboot...
  17. The computer is definitely running faster and no blue screen came up when otm rebooted it.
  18. here is the new hjt log----- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:41:21 AM, on 7/12/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\XP\Application Data\mjusbsp\st00000\mjsetup.exe C:\Documents and Settings\XP\Application Data\mjusbsp\magicJack.exe C:\WINDOWS\system32\wuauclt.exe C:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\XP\Application Data\mjusbsp\cdloader2.exe" MAGICJACK O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238555054312 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238555048234 O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe -- End of file - 7103 bytes
  19. here is the otm log----- All processes killed Error: Unable to interpret <:FilesD:\WINDOWS\Temporary Internet Files\Content.IE5\CLIZO9QB\img[1]D:\WINDOWS\Temporary Internet Files\Content.IE5\WPAVC1IV\img[1]D:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLLc:\documents and settings\XP\Local Settings\Application Data\cyqvpqoqtc:\documents and settings\XP\Local Settings\Application Data\hfipygujl:Commands[purity][resethosts][emptytemp][EMPTYFLASH][Reboot]> in the current context! OTM by OldTimer - Version 3.1.14.0 log created on 07122010_083824
  20. Also, something new has started to happen. When this computer starts up now, it brings up a blue screen with a message that says something about checking the D: disk consistency......then scans the D: drive I think. Then the computer starts up like normal after that. What is happening now?
  21. And here is a new HJT log run after the other two scans were done---- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 6:53:24 AM, on 7/12/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\XP\Application Data\mjusbsp\magicJack.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Java\jre6\bin\java.exe C:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5577 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\XP\Application Data\mjusbsp\cdloader2.exe" MAGICJACK O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: ImageMixer 3 SE Camera Monitor Ver.4.lnk = C:\Program Files\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238555054312 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238555048234 O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe -- End of file - 8111 bytes Do I have a big mess....?
  22. Here is the Kaspersky report---- -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Monday, July 12, 2010 Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Monday, July 12, 2010 00:12:13 Records in database: 4231063 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ G:\ H:\ Scan statistics: Objects scanned: 116355 Threats found: 2 Infected objects found: 3 Suspicious objects found: 0 Scan duration: 07:00:30 File name / Threat / Threats count D:\WINDOWS\Temporary Internet Files\Content.IE5\CLIZO9QB\img[1] Infected: Trojan-Clicker.HTML.IFrame.aiw 1 D:\WINDOWS\Temporary Internet Files\Content.IE5\WPAVC1IV\img[1] Infected: Trojan-Clicker.HTML.IFrame.aiw 1 D:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL Infected: not-a-virus:Monitor.Win32.Agent.c 1 Selected area has been scanned.
  23. Sorry for the delay, busy weekend. And that Kaspersky scan took 7 (seven!!) hours to scan this computer, wow! Here is the combofix log - ComboFix 10-07-10.01 - XP 07/10/2010 21:05:46.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2559.2053 [GMT -4:00] Running from: c:\documents and settings\XP\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\XP\Desktop\CFScript.txt AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Alwil Software c:\documents and settings\All Users\Application Data\Alwil Software\Avast5\log\Chest.log c:\documents and settings\All Users\Application Data\Alwil Software\Avast5\log\usntr.log c:\program files\Alwil Software c:\program files\Alwil Software\Avast5\Setup\setup.ini . ((((((((((((((((((((((((( Files Created from 2010-06-11 to 2010-07-11 ))))))))))))))))))))))))))))))) . 2010-07-10 22:38 . 2010-02-26 23:51 6870864 ---ha-w- c:\documents and settings\XP\Application Data\mjusbsp\in00000\setup.exe 2010-07-10 22:38 . 2010-02-26 23:45 743872 ---ha-w- c:\documents and settings\XP\Application Data\mjusbsp\ar00000\install.exe 2010-07-10 21:50 . 2010-07-10 21:50 -------- d-----w- C:\_OTM 2010-07-10 19:11 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-07-10 19:11 . 2010-07-10 19:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-10 19:11 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-07-09 19:54 . 2010-07-09 19:55 -------- d-----w- C:\HJT 2010-07-09 13:58 . 2010-07-10 19:01 63488 ----a-w- c:\documents and settings\XP\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll 2010-07-09 13:58 . 2010-07-09 13:58 52224 ----a-w- c:\documents and settings\XP\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll 2010-07-09 13:58 . 2010-07-10 19:01 117760 ----a-w- c:\documents and settings\XP\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2010-07-09 13:58 . 2010-07-09 13:58 -------- d-----w- c:\documents and settings\XP\Application Data\SUPERAntiSpyware.com 2010-07-09 12:36 . 2010-07-09 13:48 -------- d-----w- c:\documents and settings\XP\Local Settings\Application Data\epdbglheg 2010-07-08 00:33 . 2009-06-30 13:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2010-07-08 00:28 . 2010-07-08 00:28 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2010-07-08 00:28 . 2010-07-08 00:28 -------- d-----w- c:\documents and settings\XP\log 2010-07-07 09:13 . 2010-07-07 19:25 -------- d-----w- c:\documents and settings\XP\Local Settings\Application Data\cyqvpqoqt 2010-07-05 04:48 . 2010-07-05 19:15 -------- d-----w- c:\documents and settings\XP\Local Settings\Application Data\hfipygujl 2010-06-23 12:45 . 2010-06-23 12:45 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb67.tmp.exe 2010-06-14 16:02 . 2010-06-14 16:02 -------- d-----w- c:\program files\MSECache 2010-06-11 18:24 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-10 22:39 . 2010-03-13 13:19 -------- d-----w- c:\documents and settings\XP\Application Data\mjusbsp 2010-07-09 13:58 . 2009-04-01 04:08 -------- d-----w- c:\program files\SUPERAntiSpyware 2010-07-07 22:20 . 2009-04-01 03:44 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-07-07 22:19 . 2009-04-01 03:44 -------- d-----w- c:\program files\SpywareBlaster 2010-06-14 20:34 . 2009-03-29 00:27 75976 ----a-w- c:\documents and settings\XP\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-06-03 12:28 . 2009-07-22 20:25 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-06-03 12:28 . 2009-07-22 20:25 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-06-02 13:04 . 2009-09-08 18:50 -------- d-----w- c:\program files\AutoCAD LT 97 2010-05-30 19:06 . 2009-07-22 20:25 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-05-30 19:06 . 2009-07-22 20:25 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-05-30 19:03 . 2010-05-30 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-05-30 19:03 . 2009-07-22 20:24 -------- d-----w- c:\program files\AVG 2010-05-25 03:12 . 2010-05-25 03:12 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-05-14 04:28 . 2010-05-14 04:28 0 ----a-w- c:\program files\extra2.dat 2010-05-06 10:41 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-02 05:22 . 2004-08-04 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys 2010-04-20 05:30 . 2004-08-04 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-30 39408] "cdloader"="c:\documents and settings\XP\Application Data\mjusbsp\cdloader2.exe" [2010-02-26 50520] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-06-29 2403568] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-05-01 65536] "RoxioDragToDisc"="c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-07-18 868352] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-03 2065248] c:\documents and settings\All Users\Start Menu\Programs\Startup\ ImageMixer 3 SE Camera Monitor Ver.4.lnk - c:\program files\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe [2010-3-30 253952] InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2009-2-28 81920] NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2008-7-1 2326528] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-05-30 19:06 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ZyXEL G-220v3 Wireless USB Adapter Utility.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\ZyXEL G-220v3 Wireless USB Adapter Utility.lnk backup=c:\windows\pss\ZyXEL G-220v3 Wireless USB Adapter Utility.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\XP\\Application Data\\mjusbsp\\magicJack.exe"= R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [7/7/2010 8:33 PM 28552] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [7/22/2009 4:25 PM 216200] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [7/22/2009 4:25 PM 242896] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 2:25 PM 12872] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 2:41 PM 67656] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [5/30/2010 3:04 PM 308064] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [10/9/2007 2:13 PM 38144] R3 ZG760_XP;ZyXEL 802.11g XG762 1211 Driver;c:\windows\system32\drivers\WlanGZXP.sys [12/11/2009 9:33 PM 735232] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/29/2010 3:52 PM 135664] S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [12/28/2007 4:02 PM 287232] . Contents of the 'Scheduled Tasks' folder 2010-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 19:52] 2010-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 19:52] 2010-07-10 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 20:07] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com uInternet Settings,ProxyServer = http=127.0.0.1:5577 uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-07-10 21:09 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] @DACL=(02 0000) "Installed"="1" @="" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] @DACL=(02 0000) "Installed"="1" "NoChange"="1" @="" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] @DACL=(02 0000) "Installed"="1" @="" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(856) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll . Completion time: 2010-07-10 21:11:00 ComboFix-quarantined-files.txt 2010-07-11 01:10 ComboFix2.txt 2010-07-10 22:42 Pre-Run: 13,843,918,848 bytes free Post-Run: 13,826,760,704 bytes free - - End Of File - - F97659395B0F7158E8B152A6ADA35E9E
×
×
  • Create New...