Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

System Painfully Slow... iexplore.exe virus? [Solved]

Started by Mia57 , Oct 06 2012 09:49 AM

  • This topic is locked This topic is locked

#1
Mia57
Posted 06 October 2012 - 09:49 AM

Mia57

    Member

  • Member
  • PipPip
  • 12 posts
Internet Explorer 8 brings our Dell C521 desktop to a crawl for what seems to be no reason. I've watched its Mem Usage (via Task Manager) jump from 100,000K to 700,000K in increments of 100,000 in just minutes, without a lot of browsing! I've googled the symptom(s) and iexplore.exe virus seems to fit. We are using Google Chrome, which is OK for some websites, but not all of the ones we visit. I'd appreciate your help to fix our system as well as any advise to prevent it from happening again.

The OS is Windows XP SP3. We use the free version of Avast which runs all the time. The free version of Zemana Antilogger runs all the time too. We have Malwarebytes antimalware, but it does not run in the background all the time. Whatever antivirus or antimalware program we run comes up with a clean system, but I know something is wrong. I'm so tired of this.

Below is the OTL.txt log. Wasn't sure if you wanted the Extras.txt too, so if you need that please let me know. I look forward to hearing from you. Thank you!

OTL logfile created on: 10/6/2012 10:12:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Marte Family\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.42 Mb Total Physical Memory | 432.66 Mb Available Physical Memory | 45.14% Memory free
2.26 Gb Paging File | 1.37 Gb Available in Paging File | 60.82% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.82 Gb Total Space | 48.92 Gb Free Space | 70.06% Space Free | Partition Type: NTFS

Computer Name: MARTE-DELLC521 | User Name: Marte Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/06 10:11:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marte Family\My Documents\Downloads\OTL.exe
PRC - [2012/09/29 11:52:50 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Marte Family\Local Settings\Temp\clclean.0001
PRC - [2012/09/25 04:43:01 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/07 06:38:29 | 012,943,344 | ---- | M] (Zemana Ltd.) -- C:\Program Files\AntiLogger\AntiLogger.exe
PRC - [2012/08/21 04:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/08/09 23:12:18 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2011/10/26 20:01:34 | 000,788,000 | ---- | M] (Fitbit, Inc.) -- C:\Program Files\Fitbit\fitbit.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/05/21 07:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/05/01 10:19:16 | 000,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 18:07:04 | 000,537,480 | ---- | M] ( ) -- C:\WINDOWS\system32\dlcxcoms.exe
PRC - [2006/07/27 14:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/06/27 06:34:50 | 000,299,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
PRC - [2005/11/07 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/10/31 10:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/06 01:41:08 | 001,815,040 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12100600\algo.dll
MOD - [2012/09/29 11:52:51 | 000,697,884 | ---- | M] () -- C:\Documents and Settings\Marte Family\Local Settings\Temp\clclean.0001.dir.0000\~df394b.tmp
MOD - [2012/09/25 04:42:58 | 000,460,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012/09/25 04:42:57 | 012,278,808 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
MOD - [2012/09/25 04:42:55 | 004,005,912 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012/09/25 04:41:39 | 000,578,072 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012/09/25 04:41:38 | 000,123,416 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012/09/25 04:41:27 | 000,156,712 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012/09/25 04:41:26 | 000,275,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012/09/25 04:41:24 | 002,168,360 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012/02/18 11:13:10 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll
MOD - [2012/02/18 10:31:49 | 000,762,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\01e360ed3a3cb2b0a3c47c7f3eb09e58\System.Runtime.Remoting.ni.dll
MOD - [2012/02/18 10:31:40 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll
MOD - [2012/02/18 10:31:37 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll
MOD - [2012/02/18 10:28:42 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll
MOD - [2012/02/18 10:27:41 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll
MOD - [2012/02/18 10:27:35 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll
MOD - [2012/02/18 10:27:31 | 007,054,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll
MOD - [2012/02/18 10:27:19 | 013,137,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll
MOD - [2012/02/18 10:27:06 | 001,652,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll
MOD - [2012/02/18 10:27:03 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll
MOD - [2012/01/29 19:22:06 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll
MOD - [2011/11/03 10:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/05 01:02:44 | 000,355,432 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/10/20 02:33:28 | 000,117,760 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll
MOD - [2006/09/22 08:42:38 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\dlcxcaps.dll
MOD - [2006/09/06 07:13:14 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\dlcxcfg.dll
MOD - [2006/08/08 16:58:04 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\dlcxdrs.dll
MOD - [2006/06/27 06:34:50 | 000,299,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
MOD - [2006/06/15 05:28:24 | 000,012,288 | ---- | M] () -- C:\Program Files\Dell PC Fax\dlctrstr.dll
MOD - [2006/06/15 05:04:32 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\DLPRMON.DLL
MOD - [2006/06/15 05:01:58 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell PC Fax\ipcmt.dll
MOD - [2006/03/19 19:03:04 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\dlcxcnv4.dll
MOD - [2006/03/15 20:15:52 | 001,355,468 | ---- | M] () -- C:\WINDOWS\system32\CTMBHA.DLL


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/09/28 18:02:31 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/10/26 20:01:34 | 000,788,000 | ---- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files\Fitbit\fitbit.exe -- (Fitbit)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/05/21 07:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/05/01 10:19:16 | 000,069,632 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2006/11/03 18:07:04 | 000,537,480 | ---- | M] ( ) [On_Demand | Running] -- C:\WINDOWS\system32\dlcxcoms.exe -- (dlcx_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/09/21 19:27:43 | 000,080,696 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AntiLog32.sys -- (AntiLog32)
DRV - [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/21 04:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 04:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 04:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 04:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/08/21 04:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/08/21 04:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/08/21 04:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 18:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/10/26 19:51:28 | 000,019,744 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiUSBXp.sys -- (SIUSBXP)
DRV - [2010/05/26 21:21:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/05/26 21:20:34 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2006/07/27 14:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/06/18 23:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/05/17 11:03:24 | 000,044,544 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/01/04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2005/11/18 12:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/11/18 12:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/11/07 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/11/07 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/11/07 05:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/11/07 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/11/07 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/11/07 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/11/07 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/05/25 17:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005/01/10 18:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/01/10 18:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {2A546175-5CBB-467D-8F79-A92A823B3332}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2A546175-5CBB-467D-8F79-A92A823B3332}: "URL" = http://www.google.co...&rlz=1I7ADRA_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Marte Family\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - Extension: Entanglement = C:\Documents and Settings\Marte Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Marte Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Poppit = C:\Documents and Settings\Marte Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AntiLogger] C:\Program Files\AntiLogger\AntiLogger.exe (Zemana Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DLCXCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MBMon] C:\WINDOWS\System32\CTMBHA.DLL ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1341968921078 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F8FC1530-0608-11DF-2008-0800200C9A66} https://az18vphraus0...ies/instweb.cab (CSD ActiveX Installer)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9743DF96-5492-46A3-87B9-DBC5F3EF6D30}: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Marte Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marte Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/29 11:55:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/04 19:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/09/29 11:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2012/09/29 11:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/09/29 11:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/09/29 11:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/09/29 11:31:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2012/09/29 11:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/09/23 10:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marte Family\My Documents\My Received Files
[2012/09/21 19:27:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{246BFB77-EFE3-47F2-9730-5767A7EFDF8B}
[2012/09/21 19:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AntiLogger
[2012/09/21 06:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\Zemana AntiMalware
[2012/09/21 06:27:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zemana AntiMalware
[2012/09/17 20:16:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

========== Files - Modified Within 30 Days ==========

[2012/10/06 09:48:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/10/06 09:39:00 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/06 09:20:05 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/10/05 19:39:00 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/03 14:08:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/09/29 11:51:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/29 11:48:48 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/09/29 11:31:41 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/09/28 06:51:10 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/26 13:43:01 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/09/26 06:34:56 | 002,193,345 | ---- | M] () -- C:\Documents and Settings\Marte Family\Desktop\tdsskiller.zip
[2012/09/23 10:48:20 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2012/09/23 08:21:40 | 007,855,882 | ---- | M] () -- C:\Documents and Settings\Marte Family\Desktop\Climax Blues Band i_love_you.mp3
[2012/09/21 19:27:43 | 000,080,696 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\System32\drivers\AntiLog32.sys
[2012/09/21 19:27:36 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AntiLogger.lnk
[2012/09/21 17:20:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/09/21 17:18:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/21 06:27:45 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Zemana AntiMalware.lnk
[2012/09/16 09:20:41 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/07 11:28:26 | 000,025,700 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

========== Files Created - No Company Name ==========

[2012/09/29 11:48:48 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/09/29 11:31:41 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/09/26 06:34:56 | 002,193,345 | ---- | C] () -- C:\Documents and Settings\Marte Family\Desktop\tdsskiller.zip
[2012/09/21 19:27:36 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AntiLogger.lnk
[2012/09/21 06:27:45 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Zemana AntiMalware.lnk
[2012/09/07 11:28:26 | 000,025,700 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/07/08 21:34:21 | 000,102,400 | ---- | C] () -- C:\WINDOWS\RegBootClean.exe
[2012/02/18 10:22:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/29 16:59:19 | 001,263,684 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1409082233-1788223648-1801674531-1003-0.dat
[2012/01/29 16:59:11 | 000,163,450 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/01/27 19:46:26 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/17 19:02:26 | 000,000,318 | ---- | C] () -- C:\WINDOWS\Studio.INI
[2012/01/17 19:01:12 | 000,059,824 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2012/01/17 19:01:10 | 000,001,420 | ---- | C] () -- C:\WINDOWS\asprofil.ini
[2011/07/15 13:36:11 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Marte Family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/20 19:23:48 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\hdoa.dat
[2011/05/21 07:01:00 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011/05/09 21:25:11 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/05/09 21:25:11 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\FEA80A39EF.sys
[2011/05/01 10:39:50 | 000,010,820 | ---- | C] () -- C:\WINDOWS\System32\CTSBMB.INI
[2011/05/01 10:04:59 | 000,022,629 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
[2011/05/01 09:58:15 | 000,000,175 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/01 08:24:36 | 000,001,240 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2011/05/01 08:10:56 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcxvs.dll
[2011/05/01 08:10:53 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlcxcoin.dll
[2011/05/01 08:10:30 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dlcxdrs.dll
[2011/05/01 08:10:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcxcaps.dll
[2011/05/01 08:10:29 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlcxcnv4.dll
[2011/05/01 08:05:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\DLPRMON.DLL
[2011/05/01 08:05:44 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLPMONUI.DLL
[2011/05/01 08:04:53 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxinpa.dll
[2011/05/01 08:04:53 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxiesc.dll
[2011/05/01 08:04:53 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\dlcxinst.dll
[2011/05/01 08:04:52 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxserv.dll
[2011/05/01 08:04:52 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxusb1.dll
[2011/05/01 08:04:52 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\dlcxutil.dll
[2011/05/01 08:04:52 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxprox.dll
[2011/05/01 08:04:51 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpmui.dll
[2011/05/01 08:04:51 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxlmpm.dll
[2011/05/01 08:04:51 | 000,385,928 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxih.exe
[2011/05/01 08:04:51 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsb.dll
[2011/05/01 08:04:51 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxins.dll
[2011/05/01 08:04:51 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlcxjswr.dll
[2011/05/01 08:04:51 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsr.dll
[2011/05/01 08:04:51 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpplc.dll
[2011/05/01 08:04:50 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhbn3.dll
[2011/05/01 08:04:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\dlcxgrd.dll
[2011/05/01 08:04:50 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcxcub.dll
[2011/05/01 08:04:49 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomc.dll
[2011/05/01 08:04:49 | 000,537,480 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcoms.exe
[2011/05/01 08:04:49 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomm.dll
[2011/05/01 08:04:49 | 000,381,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcfg.exe
[2011/05/01 08:04:49 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcu.dll
[2011/05/01 08:04:49 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcfg.dll
[2011/05/01 08:04:49 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcxcur.dll
[2011/04/30 21:24:44 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/04/30 21:24:44 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/04/30 21:24:44 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/04/29 12:27:39 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2011/04/29 12:27:38 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2011/04/29 12:11:31 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Marte Family\Local Settings\Application Data\fusioncache.dat
[2011/04/29 11:58:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/04/29 11:52:11 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/04/29 06:39:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/04/29 06:38:42 | 000,146,016 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2011/04/29 11:52:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/02/17 08:51:57 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/29 11:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011/04/30 21:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/06/06 18:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fitbit
[2012/09/21 06:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zemana AntiMalware
[2012/09/21 19:27:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{246BFB77-EFE3-47F2-9730-5767A7EFDF8B}
[2012/07/08 15:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/05/01 08:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marte Family\Application Data\Cisco
[2011/11/28 20:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marte Family\Application Data\Leadertech
[2011/06/20 07:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marte Family\Application Data\Octoshape
[2011/05/16 12:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marte Family\Application Data\OpenOffice.org
[2012/07/02 17:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marte Family\Application Data\Oracle

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
emeraldnzl
Posted 18 October 2012 - 04:50 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Mia57,

Welcome to Geekstogo.

Sorry for the delay.

Download aswMBR.exe ( 4.5mb ) to your desktop.

Double click the aswMBR.exe to run it.

Posted ImageClick the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Next

Please download and run ListParts by Farbar (for 32-bit system)

Please download and run ListParts64 by Farbar (for 64-bit system)

Click on Scan button.

Scan result will open in Notepad.

Post post the log (Result.txt) in your next reply.

So when you return please post
  • aswMBR log
  • Result.txt
  • 0

#3
Mia57
Posted 20 October 2012 - 02:41 PM

Mia57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
No worries about delay...I've been under the weather myself. Below are the log files. Please let me know if you need anything else. I truly appreciate your assistance. Mia

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-20 15:21:05
-----------------------------
15:21:05.061 OS Version: Windows 5.1.2600 Service Pack 3
15:21:05.061 Number of processors: 1 586 0x4F02
15:21:05.077 ComputerName: MARTE-DELLC521 UserName: Marte Family
15:21:06.530 Initialize success
15:21:07.608 AVAST engine defs: 12102000
15:21:15.874 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:21:15.874 Disk 0 Vendor: SAMSUNG_HD080HJ/P ZH100-34 Size: 76293MB BusType: 3
15:21:15.921 Disk 0 MBR read successfully
15:21:15.921 Disk 0 MBR scan
15:21:15.921 Disk 0 Windows XP default MBR code
15:21:15.936 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
15:21:15.952 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71492 MB offset 80325


15:21:15.983 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 4753 MB offset 146496735
15:21:15.983 Disk 0 scanning sectors +156232125
15:21:16.077 Disk 0 scanning C:\WINDOWS\system32\drivers
15:21:28.686 Service scanning
15:21:41.405 Modules scanning
15:21:47.264 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
15:21:48.327 Disk 0 trace - called modules:
15:21:48.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
15:21:48.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85739ab8]
15:21:48.343 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\00000061[0x857c6f18]
15:21:48.343 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x85838d98]
15:21:48.733 AVAST engine scan C:\WINDOWS
15:21:54.171 AVAST engine scan C:\WINDOWS\system32
15:24:15.046 AVAST engine scan C:\WINDOWS\system32\drivers
15:24:29.452 AVAST engine scan C:\Documents and Settings\Marte Family
15:31:13.764 AVAST engine scan C:\Documents and Settings\All Users
15:31:59.514 Scan finished successfully
15:32:36.108 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Marte Family\Desktop\MBR.dat"
15:32:36.124 The log file has been saved successfully to "C:\Documents and Settings\Marte Family\Desktop\aswMBR.txt"


ListParts by Farbar Version: 16-10-2012
Ran by Marte Family (administrator) on 20-10-2012 at 15:33:27
Windows XP (X86)
Running From: C:\Documents and Settings\Marte Family\My Documents\Downloads
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 82%
Total physical RAM: 958.42 MB
Available physical RAM: 163.5 MB
Total Pagefile: 2314.51 MB
Available Pagefile: 1240.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 2001.3 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:69.82 GB) (Free:47.29 GB) NTFS ==>[Drive with boot components (Windows XP)]

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 74 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 32 KB
Partition 2 Primary 70 GB 39 MB
Partition 3 Unknown 4754 MB 70 GB
======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

There is no volume associated with this partition.
======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 70 GB Healthy System (partition with boot components)
======================================================================================================

Disk: 0
Partition 3
Type : DB
Hidden: Yes
Active: No

There is no volume associated with this partition.
======================================================================================================

****** End Of Log ******
  • 0

#4
emeraldnzl
Posted 20 October 2012 - 03:09 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Mia57,

Please download AdwCleaner from here to your desktop
  • Click on the green downward facing arrow on the right to commence download.
  • Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

Next

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
When you come back please post
  • AdwCleaner log
  • checkup.txt
  • 0

#5
Mia57
Posted 21 October 2012 - 08:10 AM

Mia57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hello Emeraldnlz, Below are the logs you requested. Again many thanks for the assistance! Look forward to hearing from you soon. Mia

# AdwCleaner v2.005 - Logfile created 10/21/2012 at 08:54:50
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Marte Family - MARTE-DELLC521
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Marte Family\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Marte Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [978 octets] - [21/10/2012 08:54:50]

########## EOF - C:\AdwCleaner[S1].txt - [1037 octets] ##########



Results of screen317's Security Check version 0.99.53
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Zemana AntiMalware
Malwarebytes Anti-Malware version 1.65.1.1000
CCleaner
JavaFX 2.1.1
Java™ 6 Update 22
Java™ 6 Update 31
Java™ 7 Update 5
Java version out of Date!
Adobe Reader X (10.1.4)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 10%
````````````````````End of Log``````````````````````
  • 0

#6
emeraldnzl
Posted 21 October 2012 - 12:47 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Question Mia57 - I take it you don't have this problem with FireFox and it didn't happen until you downloaded IE8? Tell me when you come back.

For now

Your Java is out of date. Older versions are vunerable to attack.

Please follow these steps:

  • Download from here Java Runtime Environment (JRE) Update
  • Scroll to where it says "Windows offline 32 bit" and download and follow the instructions.

    Reboot your computer.
    You also need to uininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
Next

Please run a free online scan with the ESET Online Scanner

Disable your anti-malware programs before you do this:

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

  • 0

#7
Mia57
Posted 21 October 2012 - 04:17 PM

Mia57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
In answer to your question, we aren't using Firefox so I don't know if we'd have the same problems. We don't have the same problems using Google Chrome, that I know for sure. If you want me to test it with Firefox, I can certainly do that. Just let me know.

And it's hard to say whether or not the symptoms began after IE8 install. I recall having system issues with this computer when it ran IE7, so I don't really know...sorry. Many things bad things happened around the same time, i.e., my mail account sending out spam emails, the excessive slowness, etc., it's really hard to say. I even disabled dumprep.exe because the system sounded like it was constantly spinning for no reason at all (a Google find). Performance improved for a little while but then it deteriorated, again.

Per your instructions, I downloaded the latest Java and removed the other versions. I also downloaded and ran ESET Online Scanner. In the end, it did not give me a log file to copy nor did it leave a .txt file in C:\Program Files\ESET\EsetOnlineScanner. I did a screen shot of the ESET Online Scanner window when the scan was complete but I'm unable to paste it in this window. The screen shot says No threats found. It scanned 58933 files. 0 Infected files. 0 Cleaned files. Total scan time: 00:53:12. Scan Status: Finished. I can attach the screen print in a file if you want to see it.

Awaiting further instruction...
  • 0

#8
emeraldnzl
Posted 21 October 2012 - 04:35 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

In answer to your question, we aren't using Firefox so I don't know if we'd have the same problems. We don't have the same problems using Google Chrome, that I know for sure. If you want me to test it with Firefox, I can certainly do that. Just let me know.


Just wanted to find out if it was confined to IE. Your experience with Chrome confirms that it is.

IE8 did cause problems on a number of machines. I don't know if the cause was ever pinned down exactly. It did have quite a bit more security added in than earlier versions of IE though. For a solution some people reverted to earlier versions or just used another browser.

Here are some things to try:

Try running IE without Add-ons to see if that might be the cause:

How to disable Internet Explorer Add-Ons

Open Internet Explorer on your computer. Make sure no other programs are running.

  • Click on the "Tools" button at the top of your Internet Explorer page
  • Click on "Manage Add Ons" from the drop-down menu that appears. A list detailing the add-ons connected to your Internet Explorer will load
  • Click on the add-on you wish to disable to highlight it. Click on "Disable". Do that to all the add-ons to and see if there is any change.
  • If there is repeat the process but this time do it one at a time until you find the culprit.
If that doesn't work do this:

Use Microsofts Mr Fixit to reset your Internet Explorer back to it's default settings.

Go to the link below:

http://windows.micro...orer-8-settings

Scroll down to an click on To Reset Internet Explorer Automatically

Click on Mr Fixit and follow the instructions.

Posted Image

If that doesn't work you could try a repair/reinstall:

Please go to support Microsoft for instructions on how to repair/reinstall your Internet Explorer.

Come back and tell me how you got on.
  • 0

#9
Mia57
Posted 23 October 2012 - 07:49 PM

Mia57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hi Emeraldnzl, Thank you very very much for your suggestions. I began with 'manage add ons' but honestly did not have the patience for finding the culprit (there were A LOT of add ons), so I used Mr. Fixit, and IE8 is working much better, meaning that it responds way better than it did when I first contacted you. The Mem Usage (in Task Manager) doesn't creep over 250,000K, where before it would be as high as 700,000K and render the computer useless. So, it wasn't a virus or malware (as suggested by Google search of the symptoms)? That's good. And I checked 'manage add ons' after Mr. Fixit and there's hardly anything there. I suppose it just needed a good cleaning.

Again, thank you very very much for your assistance. If you have additional feedback, please pass it along. Otherwise I'll catch you some other time. Take care. Mia
  • 0

#10
emeraldnzl
Posted 23 October 2012 - 08:15 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again Mia57,

I used Mr. Fixit, and IE8 is working much better, meaning that it responds way better than it did when I first contacted you.


Good news.

We have a couple of last steps to perform and then you're all set.Posted Image

Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    
:Commands
[emptytemp]
[resethosts]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot if it doesn't automatically do it when it is done
Step 2

  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.
Step 3

We need to clean your restore points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.

3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.
-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to turn back on any anti-malware programs you may have turned off during the cleaning process.

-------------------------------------------------------------------------------------------------------------------

Now that your machine is clean here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

Regularly check that your Java is up to date. Older versions are vunerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
---------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:

  • If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

    And to keep your system clean consider choosing from these free for home use malware scanners and updating and running weekly.
  • Malwarebytes
  • SuperAntiSpyWare
Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
  • 0

Advertisements

#11
Mia57
Posted 25 October 2012 - 06:56 PM

Mia57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hi Emeraldnlz, Thanks for the last steps and list of tips. IE8 is working amazingly well. The whole system is working like new! Thank you, thank you, thank you! Hope your travels are enjoyable and safe. Take care. And thanks so much again! Mia
  • 0

#12
emeraldnzl
Posted 25 October 2012 - 09:25 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hi Mia57,

Hope your travels are enjoyable and safe.


Thank you.

Answering this from an airport lounge. Off to see the grandchildren in Sydney Australia. Will be great.

I will leave this topic open for a day or two just in case any issues arise.

Thank you


You are very welcome :happy:
  • 0

#13
Mia57
Posted 27 October 2012 - 05:30 PM

Mia57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hello Emeraldnzl, Welcome back! Grandchildren are wonderful!
I'm afraid I spoke too soon about IE8 performance and how great the system was working. It's back to being agonizingly slow and unresponsive while IE8 is open. Everything was working fine since our last communication until an hour or so ago. We had left our email open since early this morning, ran some errands, processed email around 2pm and it was fine, ran more errands, went to check email before getting dinner ready, and now it's acting up again. When I finally got task manager to open, it showed iexplore.exe at over 700,000k mem usage. As I tried to end task or X out of IE8, the hard drive kept spinning and the computer seemed frozen. Finally I was able to close IE8, and now the system is fine. I am currently using Google Chrome to get to you. Ugh!

One of the last things you suggested for me to do was to go to Microsoft support for instructions on how to repair/reinstall IE8. Well, after pointing and clicking for what seemed forever, the website took me to Mr. Fixit, which I had already done days ago. I understand my situation is not as cut & dry as some of the problems you solve for folks, so I appreciate any other suggestions you can offer. Thank you! Mia
  • 0

#14
emeraldnzl
Posted 27 October 2012 - 09:35 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hi Mia,

One of the last things you suggested for me to do was to go to Microsoft support for instructions on how to repair/reinstall IE8. Well, after pointing and clicking for what seemed forever, the website took me to Mr. Fixit, which I had already done days ago.


Following one of the links in that page I found this page where you can download IE8 for XP. See the brown download button.

http://www.microsoft...ails.aspx?id=43

For instructions about how to uninstall Internet Explorer go to the link below.

http://support.microsoft.com/kb/957700

Scroll down to the XP guides.

Let me know how you get on. :)
  • 0

#15
Mia57
Posted 31 October 2012 - 04:35 PM

Mia57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hi Emeraldnzl, Thanks for the the links and instructions. I haven't had an opportunity to check them out, and probably won't until the weekend. If you can keep this open until I get back to you, I'd appreciate it. I know that after a few days of no response, the topic will be closed. Many thanks! Mia
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP