Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Chrome problems with ad.xertive pop ups [Solved]


  • This topic is locked This topic is locked

#16
peter plus

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
I've created a new System Restore point but it won't let me undo the previous restore for some reason.

Should I restore to one of these points?
21:41:52 Removed HijackThis
21:41:58 Removed Java™ 6 Update 21
21:38:11 Removed COMODO Internet Security
21:35:46 Removed Adobe Reader X (10.1.2)
  • 0

Advertisements


#17
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

I've created a new System Restore point but it won't let me undo the previous restore for some reason.

OK, noted.

Should I restore to one of these points?

I think at this time we will merely leave as since the connectivity issuie is resolved. I haven't forgotten about the outlook express problem but we can address that in due course. That may just be some configuration settings are amiss for example.

Anyway for now run the below two scans for myself please and we will then go from there...

Scan with aswMBR:

Please download aswMBR.exe to your desktop.

  • Double-click on aswMBR.exe to run it.
  • When prompted with The application can use the Avast! Free Antivirus for scanning >> select No
  • Now click on the Scan button to start scan
  • On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply
Note: There will also be a file on your desktop named MBR.dat(or similar) do not delete this for now it is a actual backup of the MBR(master boot record).

Security Application Check:

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1
Link 2

  • Double-click on SecurityCheck.exe then follow the on-screen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt
  • Please post the contents of that document in your next reply.

  • 0

#18
peter plus

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-14 14:29:20
-----------------------------
14:29:20.484 OS Version: Windows 5.1.2600 Service Pack 3
14:29:20.484 Number of processors: 2 586 0x1C02
14:29:20.484 ComputerName: WORTON UserName: Nigel
14:29:24.328 Initialize success
14:29:41.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
14:29:41.796 Disk 0 Vendor: TOSHIBA_ FG01 Size: 152627MB BusType: 3
14:29:41.828 Disk 0 MBR read successfully
14:29:41.843 Disk 0 MBR scan
14:29:41.859 Disk 0 Windows XP default MBR code
14:29:41.890 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 16065
14:29:41.921 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 74998 MB offset 156296385
14:29:41.968 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 1309 MB offset 309893850
14:29:42.000 Disk 0 scanning sectors +312576705
14:29:42.125 Disk 0 scanning C:\WINDOWS\system32\drivers
14:29:51.062 Service scanning
14:30:03.359 Service MpKsldfdadd82 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3E1A208D-3CB9-4D37-8EB4-36356E8BFA4F}\MpKsldfdadd82.sys **LOCKED** 32
14:30:20.687 Modules scanning
14:30:33.109 Disk 0 trace - called modules:
14:30:33.187 ntkrnlpa.exe CLASSPNP.SYS disk.sys thpdrv.sys hal.dll ACPI.sys iaStor.sys
14:30:33.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f54ab8]
14:30:33.234 3 CLASSPNP.SYS[f763dfd7] -> nt!IofCallDriver -> \Device\THPDRV[0x86f55030]
14:30:33.250 5 thpdrv.sys[f789f8b9] -> nt!IofCallDriver -> \Device\00000067[0x86f4ccc8]
14:30:33.281 7 ACPI.sys[f74d4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86f4d028]
14:30:33.296 Scan finished successfully
14:31:07.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Nigel\Desktop\MBR.dat"
14:31:07.312 The log file has been saved successfully to "C:\Documents and Settings\Nigel\Desktop\aswMBR.txt"


Results of screen317's Security Check version 0.99.50
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
COMODO Internet Security
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware version 1.62.0.1300
HijackThis 2.0.2
Java™ 6 Update 29
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 10.1.102.64 Flash Player out of Date!
Adobe Reader X 10.1.2 Adobe Reader out of Date!
Mozilla Firefox (3.6.28) Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Comodo Firewall cmdagent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 17% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#19
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Double check again if the below are installed again as evidence they be and or partially:-

Adobe Flash Player 10
Adobe Flash Player 10.1.102.64

Adobe Reader X (10.1.2)
Advanced SystemCare 5 <-- The vendor has a unsavoury reputation to say the least. Plus this type of software can create more problems rather than remedy anything and has the potential to turn your machine into a useless "doorstop".
HiJackThis
HijackThis 2.0.2
<-- Both installed HJT versions are out of date now. If however you have used either to remove anything recently do not uninstall and inform myself of this in your next reply.
Java? 6 Update 29

If present run the uninstallers again, then let myself know when checked/done so etc.
  • 0

#20
peter plus

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Am getting "The patch program could not be opened. Verify that the patch package exists and that you can access it, or contact the application vendor to verify that this is a valid Windows Installer patch package"

And

"Message file "C:\ProgramFiles\IObit\AdvancedSystemCare 5\uninsooo.msg" is missing. please correct the problem or obtain a new copy of the program
  • 0

#21
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

OK, not a problem. We can tackle those installations via a different methodology in due course.

If OTL is no longer present, download a fresh copy and save to your desktop. Do not do anything with if though...

For now I want to have another look at the present state of your machine with a different set of logs so I am able to research more about the current situation before advising anything further proactive.

Scan with DDS:

Please download DDS and save it to your desktop(not your downloads folder) from here.

Alternate downloads are here or here.

  • Disable any script blocker, and then double click on DDS to run the tool.
  • When done, DDS will open two logs:
  • DDS.txt <-- Will be opened
  • Attach.txt <-- Will be minimized
  • Save both reports to your desktop.
  • Please post the contents of these two Notepad files in your next reply.
When completed the above, please post back the following in the order asked for:

  • How is you computer performing now, any further symptoms and or problems encountered?
  • Both DDS logs. <-- Post them individually please, IE: one Log per post/reply.

  • 0

#22
peter plus

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
PC still has popups
Cannot connect to Outlook Express


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Nigel at 20:28:01 on 2012-09-14
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1014.116 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\Microsoft Security Client\MsMpEng.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\ThpSrv.exe
C:\WINDOWS\system32\TODDSrv.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Nigel\Local Settings\Apps\F.lux\flux.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Nigel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nigel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nigel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nigel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nigel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nigel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Windows Internet Explorer provided by MSN and Bing
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/redirectdomain?brand=TSEF&bmod=TSEF
uInternet Settings,ProxyOverride = <local>;*.local
uInternet Settings,ProxyServer = http=127.0.0.1:6092
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [Google Update] "c:\documents and settings\nigel\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
uRun: [F.lux] "c:\documents and settings\nigel\local settings\apps\f.lux\flux.exe" /noshow
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe"
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"
mRun: [Persistence] "c:\windows\system32\igfxpers.exe"
mRun: [RTHDCPL] "RTHDCPL.EXE"
mRun: [ITSecMng] "%ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" /START
mRun: [CeEKEY] "c:\program files\toshiba\e-key\CeEKey.exe"
mRun: [TDispVol] "TDispVol.exe"
mRun: [HWSetup] "c:\program files\toshiba\toshiba applet\HWSetup.exe" hwSetUP
mRun: [SmoothView] "c:\program files\toshiba\toshiba zooming utility\SmoothView.exe"
mRun: [Zooming] "ZoomingHook.exe"
mRun: [SVPWUTIL] "c:\program files\toshiba\windows utilities\SVPWUTIL.exe" SVPwUTIL
mRun: [TAccessibility] "c:\program files\toshiba\accessibility\TAccessibility.exe" Instant
mRun: [TPNF] "c:\program files\toshiba\touchpad\TPTray.exe"
mRun: [ACU] "c:\program files\atheros\ACU.exe" -nogui
mRun: [Apoint] "c:\program files\apoint2k\Apoint.exe"
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [TUSBSleepChargeSrv] "%ProgramFiles%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe"
mRun: [EPSON Stylus D68 Series] "c:\windows\system32\spool\drivers\w32x86\3\E_FATIAAE.EXE" /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [EPSON Stylus DX3800 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiace.exe /f "c:\windows\temp\E_S1C5.tmp" /EF "HKLM"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
dRun: [TOSHIBA Online Product Information] c:\program files\toshiba\toshiba online product information\topi.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.co...-44557-9400-3/4
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{9BA3E3A7-F3DE-48B0-ABF9-313067D4D95B} : DhcpNameServer = 194.168.4.100 194.168.8.100
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\nigel\application data\mozilla\firefox\profiles\6kd4ozqu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\nigel\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll
FF - plugin: c:\program files\opera\program\plugins\nprpplugin.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\DivXHTML5
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: EPUBReader: {5384767E-00D9-40E9-B72F-9CC39D655D6F} - %profile%\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 171064]
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2008-8-21 28536]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2007-9-4 6528]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-3-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-3-11 31704]
R1 MpKsldfdadd82;MpKsldfdadd82;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3e1a208d-3cb9-4d37-8eb4-36356e8bfa4f}\MpKsldfdadd82.sys [2012-9-14 29904]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2012-9-13 1983232]
R3 cecnuvc;Chicony USB 2.0 Camera VD;c:\windows\system32\drivers\cec_uvc.sys [2009-9-4 48176]
S1 arffxvca;arffxvca;\??\c:\windows\system32\drivers\arffxvca.sys --> c:\windows\system32\drivers\arffxvca.sys [?]
S1 eakzrhnk;eakzrhnk;\??\c:\windows\system32\drivers\eakzrhnk.sys --> c:\windows\system32\drivers\eakzrhnk.sys [?]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-3-16 497496]
S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-9-4 234888]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-1 253088]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-4-8 1684736]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\rtsustor.sys --> c:\windows\system32\drivers\RtsUStor.sys [?]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 UCharger;Energizer Usb Charger Driver;c:\windows\system32\drivers\UCharger.sys [2007-5-15 13765]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2009-4-3 14336]
.
=============== Created Last 30 ================
.
2012-09-14 13:29:24 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3e1a208d-3cb9-4d37-8eb4-36356e8bfa4f}\MpKsldfdadd82.sys
2012-09-13 22:13:25 7022536 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3e1a208d-3cb9-4d37-8eb4-36356e8bfa4f}\mpengine.dll
2012-09-13 22:01:38 7022536 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-09-13 22:00:07 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-09-13 22:00:07 -------- d-----w- c:\windows\system32\wbem\Repository
2012-09-13 21:59:45 -------- d-----w- c:\program files\AskBarDis
2012-09-13 21:58:27 -------- d-----w- c:\program files\uTorrent
2012-09-13 21:58:27 -------- d-----w- c:\documents and settings\nigel\application data\uTorrent
2012-09-13 21:58:23 -------- d-----w- c:\documents and settings\all users\application data\COMODO
2012-09-13 20:38:25 301224 ----a-w- c:\windows\system32\guard32.dll
.
==================== Find3M ====================
.
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-03 12:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec
.
============= FINISH: 20:30:45.51 ===============
  • 0

#23
peter plus

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 04/09/2009 15:53:59
System Uptime: 14/09/2012 12:06:06 (8 hours ago)
.
Motherboard: TOSHIBA | | KAVAA
Processor: Intel® Atom™ CPU N270 @ 1.60GHz | U2E1 | 1595/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 75 GiB total, 21.895 GiB free.
D: is FIXED (NTFS) - 73 GiB total, 69.383 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP787: 10/07/2012 10:11:54 - Software Distribution Service 3.0
RP788: 10/07/2012 21:00:24 - Software Distribution Service 3.0
RP789: 11/07/2012 16:50:15 - Software Distribution Service 3.0
RP790: 13/07/2012 10:39:31 - Software Distribution Service 3.0
RP791: 14/07/2012 11:03:44 - Software Distribution Service 3.0
RP792: 15/07/2012 11:33:17 - System Checkpoint
RP793: 16/07/2012 10:00:41 - Software Distribution Service 3.0
RP794: 17/07/2012 11:14:38 - Software Distribution Service 3.0
RP795: 18/07/2012 11:18:48 - System Checkpoint
RP796: 19/07/2012 10:37:09 - Software Distribution Service 3.0
RP797: 20/07/2012 10:46:32 - System Checkpoint
RP798: 20/07/2012 10:55:48 - Software Distribution Service 3.0
RP799: 21/07/2012 21:30:42 - System Checkpoint
RP800: 22/07/2012 11:11:00 - Software Distribution Service 3.0
RP801: 23/07/2012 11:42:32 - System Checkpoint
RP802: 23/07/2012 23:40:14 - Software Distribution Service 3.0
RP803: 25/07/2012 17:55:20 - Software Distribution Service 3.0
RP804: 26/07/2012 22:41:45 - System Checkpoint
RP805: 26/07/2012 23:35:08 - Software Distribution Service 3.0
RP806: 28/07/2012 00:14:57 - System Checkpoint
RP807: 28/07/2012 18:43:47 - Software Distribution Service 3.0
RP808: 29/07/2012 02:32:22 - Software Distribution Service 3.0
RP809: 29/07/2012 23:21:27 - Software Distribution Service 3.0
RP810: 30/07/2012 23:44:17 - System Checkpoint
RP811: 31/07/2012 10:26:26 - Software Distribution Service 3.0
RP812: 01/08/2012 10:47:28 - Software Distribution Service 3.0
RP813: 02/08/2012 11:31:54 - Software Distribution Service 3.0
RP814: 03/08/2012 12:10:57 - Software Distribution Service 3.0
RP815: 04/08/2012 12:57:28 - System Checkpoint
RP816: 05/08/2012 10:44:59 - Software Distribution Service 3.0
RP817: 06/08/2012 11:03:26 - System Checkpoint
RP818: 07/08/2012 09:46:01 - Software Distribution Service 3.0
RP819: 08/08/2012 16:59:20 - Software Distribution Service 3.0
RP820: 09/08/2012 19:25:19 - System Checkpoint
RP821: 10/08/2012 08:57:15 - Software Distribution Service 3.0
RP822: 11/08/2012 13:38:43 - Software Distribution Service 3.0
RP823: 12/08/2012 02:07:55 - Software Distribution Service 3.0
RP824: 12/08/2012 13:37:41 - Software Distribution Service 3.0
RP825: 13/08/2012 14:10:05 - System Checkpoint
RP826: 14/08/2012 10:05:54 - Software Distribution Service 3.0
RP827: 15/08/2012 16:37:10 - Software Distribution Service 3.0
RP828: 15/08/2012 21:00:41 - Software Distribution Service 3.0
RP829: 16/08/2012 21:33:20 - System Checkpoint
RP830: 17/08/2012 10:07:48 - Software Distribution Service 3.0
RP831: 18/08/2012 11:19:01 - Software Distribution Service 3.0
RP832: 19/08/2012 01:45:37 - Software Distribution Service 3.0
RP833: 20/08/2012 08:31:39 - Software Distribution Service 3.0
RP834: 21/08/2012 09:19:58 - System Checkpoint
RP835: 21/08/2012 19:51:14 - Software Distribution Service 3.0
RP836: 22/08/2012 21:28:15 - Software Distribution Service 3.0
RP837: 24/08/2012 08:35:21 - Software Distribution Service 3.0
RP838: 25/08/2012 19:19:10 - Software Distribution Service 3.0
RP839: 26/08/2012 01:40:53 - Software Distribution Service 3.0
RP840: 27/08/2012 08:45:26 - Software Distribution Service 3.0
RP841: 28/08/2012 09:01:33 - Software Distribution Service 3.0
RP842: 29/08/2012 08:59:53 - Software Distribution Service 3.0
RP843: 30/08/2012 13:32:28 - Software Distribution Service 3.0
RP844: 31/08/2012 13:33:02 - System Checkpoint
RP845: 01/09/2012 03:51:47 - Software Distribution Service 3.0
RP846: 02/09/2012 09:50:28 - Software Distribution Service 3.0
RP847: 03/09/2012 11:06:45 - Software Distribution Service 3.0
RP848: 04/09/2012 11:25:26 - Software Distribution Service 3.0
RP849: 05/09/2012 11:43:32 - System Checkpoint
RP850: 06/09/2012 09:59:24 - Software Distribution Service 3.0
RP851: 07/09/2012 15:43:40 - Software Distribution Service 3.0
RP852: 08/09/2012 16:33:40 - System Checkpoint
RP853: 09/09/2012 02:03:33 - Software Distribution Service 3.0
RP854: 10/09/2012 15:32:16 - Software Distribution Service 3.0
RP855: 11/09/2012 16:03:39 - System Checkpoint
RP856: 11/09/2012 21:26:44 - Software Distribution Service 3.0
RP857: 12/09/2012 19:08:09 - Software Distribution Service 3.0
RP858: 13/09/2012 11:45:29 - Software Distribution Service 3.0
RP859: 13/09/2012 21:35:46 - Removed Adobe Reader X (10.1.2).
RP860: 13/09/2012 21:38:11 - Removed COMODO Internet Security
RP861: 13/09/2012 21:39:58 - Removed Java™ 6 Update 21
RP862: 13/09/2012 21:41:52 - Removed HiJackThis
RP863: 13/09/2012 22:52:17 - Restore Operation
RP864: 13/09/2012 22:56:08 - Restore Operation
RP865: 13/09/2012 22:58:03 - Restore Operation
RP866: 13/09/2012 23:13:17 - Software Distribution Service 3.0
RP867: 13/09/2012 23:25:44 - Software Distribution Service 3.0
RP868: 14/09/2012 12:05:43 - Fr1 14 Sep
RP869: 14/09/2012 12:08:45 - Restore Operation
RP870: 14/09/2012 19:29:44 - Removed HiJackThis
RP871: 14/09/2012 19:30:58 - Removed Java™ 6 Update 21
.
==== Installed Programs ======================
.
.
32 Bit HP CIO Components Installer
470_Help
470_Readme
AC3Filter (remove only)
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Advanced SystemCare 5
ALPS Touch Pad Driver
AoA Audio Extractor
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Atheros Client Utility
Atheros Driver Installation Program
µTorrent
Audacity 1.2.6
Bluetooth Stack for Windows by Toshiba
Bonjour
BPD_HPSU
BPDSoftware
BPDSoftware_Ini
Camera Assistant Software for Toshiba
COMODO Internet Security
Compatibility Pack for the 2007 Office system
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
EPSON Printer Software
EPSON Scan
ERUNT 1.1j
F.lux
Google Chrome
Google Toolbar for Internet Explorer
H470
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB953955)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Officejet H470 Series
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
LAME v3.98.2 for Audacity
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MobileMe Control Panel
Mozilla Firefox (3.6.28)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
myphotobook 3.65
Nokia Connectivity Cable Driver
Opera 11.01
Picasa 2
ProductContext
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SopCast 3.2.4
StreamTorrent 1.0
Toolbox
TOSHIBA Accessibility
TOSHIBA Hardware Setup
TOSHIBA HDD Protection
TOSHIBA Hotkey Utility
TOSHIBA Manuals
Toshiba Online Product Information
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA Recovery Disc Creator
TOSHIBA SD Memory Utilities
TOSHIBA Supervisor Password
TOSHIBA USB Sleep and Charge Utility
TOSHIBA Zooming Hook
TOSHIBA Zooming Utility
TouchPad On/Off Utility
TRORDCLauncher
TVAnts 1.0
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB898461)
Update for Windows XP (KB951618-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB2.0 Card Reader Software
Utility Common Driver
VC80CRTRedist - 8.0.50727.4053
Veetle TV 0.9.18
VLC media player 2.0.2
WebFldrs XP
WebReg
WildTangent Games
Winamp
Windows Driver Package - Chicony (cecnuvc) Image (03/09/2009 6.3.251.0309)
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 10
Windows Search 4.0
Winmail Opener 1.4
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
Yahoo! Install Manager
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
13/09/2012 23:02:09, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
13/09/2012 23:01:59, error: Service Control Manager [7024] - The Java Quick Starter service terminated with service-specific error 1 (0x1).
13/09/2012 23:01:59, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
13/09/2012 23:01:59, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Advanced SystemCare Service 5 service to connect.
13/09/2012 23:01:59, error: Service Control Manager [7000] - The Advanced SystemCare Service 5 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
13/09/2012 23:01:38, error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.135.873.0;1.135.873.0 Engine version: 1.1.8704.0
13/09/2012 21:52:47, error: Dhcp [1002] - The IP address lease 192.168.0.5 for the Network Card with network address 0024D25EBB25 has been denied by the DHCP server 10.111.138.169 (The DHCP Server sent a DHCPNACK message).
13/09/2012 21:42:04, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
13/09/2012 21:39:15, error: Service Control Manager [7034] - The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
  • 0

#24
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

OK, the current situation is not good...

To be honest the combination of the prior use of the dire Advanced SystemCare and a System Restore roll-back you invoked, plus other factors leaves us with two options as follows...Because only so much I can do via a online environment with no physical access to your machine.

1 - I can attempt to get the machine stable enough again so I can attempt/continue the malware removal process.

2 - Consider a reformat and reinstallation of the Windows Operating System.

Next:

So I advise you make a decision on how you wish to proceed and in turn inform myself. If say you opt for option one, fair play and I will try my best on your behalf but give no guarantee things may just not go to plan before I can even attempt/continue the malware removal process.

Or if you opt for option two I can in turn provide advice about online safety etc.
  • 0

#25
peter plus

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Sounds like best option is to reinstall Windows.

Will I lose all data?
Can I back up saved emails?
  • 0

Advertisements


#26
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Sounds like best option is to reinstall Windows.

Fair play.

Will I lose all data?

In theory aye and that is why I advised you create backups before starting. If you have not done so now would be prudent.

Can I back up saved emails?

If you mean with OE, aye that can be done. How to is explained in the following Microsoft article:-

How to back up and to restore Outlook Express data

Next:

Below is some generic advise on what to do after the reformat and reinstallation of the Windows Operating System...

--------------

Install all critical updates and relevant service packs via Windows Update. For XP the latest is SP3.

I would also ensure Internet Explorer is up-to date also. For XP based machines it is IE8. Reason being even if you opt not to use IE as your main browser having a out of date version installed can leave any one machine vulnerable to malware.

The aforementioned should be available via Windows Update, if not can be downloaded from here.

Once the machine is updated and fully patched, I do advise visiting Windows Update periodically as Microsoft releases patches for Windows and other products regularly.

Plus check Automatic Updates is enabled.

--------------

Then install a Anti-Virus software solution, only ever have one of such installed and active in system memory at any one time.

Either of the below will suffice:-

Which ever of the above you choose to install, automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this at least once per week.

--------------

Installing a specific Anti-Spyware application would be prudent, myself I recommend:-

Malwarebyte's Anti-Malware

During the installation process you will be offered the Malwarebytes' Anti-Malware Trial. Your choice to enable or not...

After installing, I advise check for updates and run a scan at least once per week.

--------------

Emergency Recovery Utility NT. I advice you consider installing this, as a means to keep a complete backup of your registry and restore it when needed. Instructions can be read here.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

--------------

A custom Host-File is a further layer of protection whilst browsing online.

Either of the below will suffice:-

Only use one of the above!

--------------

Consider installing WinPatrol. This application alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

--------------

Finally, periodically visit the Secunia Online Software Inspector to ensure all third party software is upto date. As many such as Adobe and Java related applications for example if out of date can be exploited by malware.
  • 0

#27
peter plus

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Hi

Might have second thoughts about re-installing Windows.

I've backed up all my data and removed from machine..

Now have nearly 50% disk space available.

Popups seem to have stopped.
PC seems quicker all round.
Still cannot connect to outlook Express.

Now that the data is backed up to another PC maybe best bet is to buy an external hard drive and copy data to that.

Is it worth re-establishing Outlook Express and seeing how it goes?
  • 0

#28
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Might have second thoughts about re-installing Windows.

Fair play, it is your machine afterall and whatever you decide to do is at your own discretion/something I will respect.

I've backed up all my data and removed from machine..

Now have nearly 50% disk space available.

OK.

Popups seem to have stopped.
PC seems quicker all round.
Still cannot connect to outlook Express.

OK.

Now that the data is backed up to another PC maybe best bet is to buy an external hard drive and copy data to that.

Aye that would be a wise move, plus have another form of backup media. Say a set of rewritable CD/DVD's(whatever your machines optical drive can support) and consider keeping them off-site as in not in your home.

Might sound over the top but a very prudent move I assure you.

Is it worth re-establishing Outlook Express and seeing how it goes?

You could aye but overall very probably your machine is still infected(unless you have ran some scans that is of your own bat so to speak).

Next:

I both understand and appreciate your hesitancy about the procedure/a actual reformat and reinstallation of the Windows Operating System. In the great scheme of things some-what tedious aye but at least you will be sure your machine is no longer compromised and or the actual Operating System damaged. If one of my own machines I would not hesitate in least to follow my actual own advice..

However what I mentioned prior:-

1 - I can attempt to get the machine stable enough again so I can attempt/continue the malware removal process.

Is still a option and perfectly willing to do so but my also prior statement still stands:-

If say you opt for option one, fair play and I will try my best on your behalf but give no guarantee things may just not go to plan before I can even attempt/continue the malware removal process.

As with anyone I provide my free/volunteer assistance for I am always honest about what I may be able to achieve or not...;)
  • 0

#29
peter plus

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
OK I've backed up all data and my Outlook Express and ready to re-install Windows.

How do you do that?
  • 0

#30
peter plus

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
BTW This is a NetBook so has no CD drive and I've no Windows disk or product key
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP