Jump to content


Photo

Need help removing malware


  • Please log in to reply
31 replies to this topic

#1 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 01 April 2011 - 08:57 PM

Hi, I received a lot of help from this forum a while back in cleaning my system and it's time for a little maintenance.

I keep seeing where people are posting HiJack This logs but there doesn't seem to be any instructions for that in the pinned topics. So I guess my question is....how do I get started? Do I need to run HJ This and post a log of that or run OTL and post the contents of those files?

If I do need to go through HJ This, can someone provide some quick instructions on what to run and what to post?

Thanks!

Alex

#2 Blade81

Blade81

    Advanced Member

  • Volunteer Security Advisor
  • PipPipPip
  • 6582 posts

Posted 01 April 2011 - 10:03 PM

Hi,

Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds file to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop. Post them back to your topic.

Microsoft MVP Consumer Security 2008 2009 2010 2011 2012 2013

UNITE member since 2006

I don't help with logs thru PM so don't bother to post me one. If you have problems create a thread in the forum, please.
Don't post your log into other user's topic, create a new one.

Provided removal instructions are meant to be used in the correspondent user's case only.

Please use "Reply to this topic" -button while replying.

#3 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 02 April 2011 - 04:28 AM

Downloaded DDS but I think I messed up when trying to run it. I run COMODO Firewall and I thought I could get that program to allow DDS after running the DDS file, but I'm not sure I handled it right. I initially got a COMODO pop-up recognizing DDS and I'm not exactly sure how I set it, but now when trying to run DDS I get the message:

"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."

Then, a separate box pops up and says:

"This link needs to be opened with an application. Send to:"

It then gives me the option of "file" or "choose an application".


Help?

Edited by bumpyphish, 02 April 2011 - 04:30 AM.


#4 Blade81

Blade81

    Advanced Member

  • Volunteer Security Advisor
  • PipPipPip
  • 6582 posts

Posted 02 April 2011 - 11:46 AM

Hi,

Did you try DDS behind all those three links?

Download GMER here by clicking download exe -button and then saving it your desktop:
  • Double-click .exe that you downloaded
  • Click rootkit-tab, uncheck files option and then click scan.
  • Don't check
    Show All
    box while scanning in progress!
  • When scanning is ready, click Copy.
  • This copies log to clipboard
  • Post log (if the log is long, archive it into a zip file and attach instead of posting) in your reply.

Microsoft MVP Consumer Security 2008 2009 2010 2011 2012 2013

UNITE member since 2006

I don't help with logs thru PM so don't bother to post me one. If you have problems create a thread in the forum, please.
Don't post your log into other user's topic, create a new one.

Provided removal instructions are meant to be used in the correspondent user's case only.

Please use "Reply to this topic" -button while replying.

#5 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 02 April 2011 - 09:55 PM

I am able to run DDS now. What is a script blocker and how do I ensure they are disabled?

I will run the other program too unless instructed not to and post logs from both....

Again, not sure about any potential script blockers. I did not disable anything but perhaps I have no script blockers?

Edited by bumpyphish, 02 April 2011 - 10:02 PM.


#6 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 02 April 2011 - 09:59 PM

DDS.text:







.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Alex Meadors at 16:55:00.26 on Sat 04/02/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.128 [GMT -4:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ===============
.
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Alex Meadors\My Documents\Downloads\dds.com
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Viewpoint Toolbar BHO: {a7327c09-b521-4edb-8509-7d2660c9ec98} - c:\program files\viewpoint\viewpoint toolbar\ViewBarBHO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Dell AIO Printer A940] "c:\program files\dell aio printer a940\dlbabmgr.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
uPolicies-explorer: SpecifyDefaultButtons = 0 (0x0)
mPolicies-explorer: <NO NAME> =
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2B1AA38D-2D12-11D5-AAD0-00C04FA03D78} - hxxp://portal.uga.edu/nps/portal/gadgets/com.novell.nps.gadgets.shortcut.ShortcutGadget/LocalExec.CAB
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
DPF: {4E330863-6A11-11D0-BFD8-006097237877} - hxxp://support.rexplorer.net/iftw_install//iftwclix.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} - hxxp://www.livephish.com/nugster/dlControl.CAB
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\alexme~1\applic~1\mozilla\firefox\profiles\d13hhs6h.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\alex meadors\application data\move networks\plugins\npqmp071705000014.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\alex meadors\application data\Move Networks
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-12-25 64288]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-12-3 11608]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-4-9 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-4-9 27576]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-4-27 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-12-3 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-12-3 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-12-3 61960]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo livepcsupport\CLPSLS.exe [2010-2-19 148744]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-4-9 1803224]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-8-13 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-10 136176]
S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe --> c:\progra~1\mcafee.com\agent\mcupdmgr.exe [?]
S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2010-5-6 14424]
S3 USBNET_XP;Instant Wireless XP USB Network Adapter ver.2.6 Driver;c:\windows\system32\drivers\netusbxp.sys [2003-9-21 72576]
.
=============== Created Last 30 ================
.
2011-04-01 17:47:54 -------- d-----w- c:\program files\iTunes
2011-04-01 17:41:20 -------- d-----w- c:\program files\Bonjour
2011-03-12 16:28:40 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-03-12 16:28:40 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-02-03 02:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-03 00:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-26 02:22:39 285480 ----a-w- c:\windows\system32\guard32.dll
2003-11-11 00:36:53 16251072 ----a-w- c:\program files\AdbeRdr60_enu_full.exe
.
============= FINISH: 16:57:03.23 ===============

#7 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 02 April 2011 - 10:00 PM

Attach.text

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 9/21/2003 5:18:46 PM
System Uptime: 4/1/2011 3:29:16 PM (25 hours ago)
.
Motherboard: Dell Computer Corp. | | 02Y832
Processor: Intel® Pentium® 4 CPU 2.66GHz | Microprocessor | 2660/533mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 18.805 GiB free.
D: is CDROM ()
E: is CDROM ()
H: is FIXED (NTFS) - 466 GiB total, 211.016 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1503: 1/6/2011 4:59:33 AM - System Checkpoint
RP1504: 1/7/2011 5:55:08 AM - System Checkpoint
RP1505: 1/8/2011 7:26:43 AM - System Checkpoint
RP1506: 1/9/2011 7:36:04 AM - System Checkpoint
RP1507: 1/10/2011 8:36:01 AM - System Checkpoint
RP1508: 1/11/2011 9:26:05 AM - System Checkpoint
RP1509: 1/13/2011 5:05:06 AM - System Checkpoint
RP1510: 1/14/2011 5:22:09 AM - System Checkpoint
RP1511: 1/15/2011 5:26:04 AM - System Checkpoint
RP1512: 1/16/2011 9:03:53 AM - System Checkpoint
RP1513: 1/17/2011 10:15:20 AM - System Checkpoint
RP1514: 1/18/2011 12:44:52 PM - System Checkpoint
RP1515: 1/19/2011 2:20:26 PM - System Checkpoint
RP1516: 1/21/2011 4:55:58 AM - System Checkpoint
RP1517: 1/22/2011 5:38:45 AM - System Checkpoint
RP1518: 1/23/2011 5:54:34 AM - System Checkpoint
RP1519: 1/24/2011 9:44:15 AM - System Checkpoint
RP1520: 1/25/2011 9:54:22 AM - System Checkpoint
RP1521: 1/26/2011 10:33:44 AM - System Checkpoint
RP1522: 1/27/2011 11:33:44 AM - System Checkpoint
RP1523: 1/28/2011 12:33:45 PM - System Checkpoint
RP1524: 1/29/2011 1:33:43 PM - System Checkpoint
RP1525: 1/30/2011 5:09:13 PM - System Checkpoint
RP1526: 1/31/2011 5:33:53 PM - System Checkpoint
RP1527: 2/1/2011 6:51:09 PM - System Checkpoint
RP1528: 2/2/2011 7:31:54 PM - System Checkpoint
RP1529: 2/3/2011 8:31:56 PM - System Checkpoint
RP1530: 2/4/2011 9:31:57 PM - System Checkpoint
RP1531: 2/5/2011 9:58:26 PM - System Checkpoint
RP1532: 2/6/2011 10:52:54 PM - System Checkpoint
RP1533: 2/8/2011 2:42:29 AM - System Checkpoint
RP1534: 2/9/2011 3:32:10 AM - System Checkpoint
RP1535: 2/10/2011 5:08:43 AM - System Checkpoint
RP1536: 2/11/2011 5:32:09 AM - System Checkpoint
RP1537: 2/12/2011 7:46:14 AM - System Checkpoint
RP1538: 2/13/2011 8:32:23 AM - System Checkpoint
RP1539: 2/14/2011 9:22:34 AM - System Checkpoint
RP1540: 2/15/2011 10:22:37 AM - System Checkpoint
RP1541: 2/17/2011 2:28:28 AM - System Checkpoint
RP1542: 2/18/2011 4:30:50 AM - System Checkpoint
RP1543: 2/19/2011 4:46:17 AM - System Checkpoint
RP1544: 2/21/2011 2:29:43 AM - System Checkpoint
RP1545: 2/21/2011 6:52:19 PM - Installed Java™ 6 Update 24
RP1546: 2/22/2011 6:56:01 PM - System Checkpoint
RP1547: 2/23/2011 7:42:34 PM - System Checkpoint
RP1548: 2/24/2011 8:42:44 PM - System Checkpoint
RP1549: 2/25/2011 9:42:38 PM - System Checkpoint
RP1550: 2/26/2011 11:42:22 PM - System Checkpoint
RP1551: 2/27/2011 11:45:37 PM - System Checkpoint
RP1552: 3/1/2011 1:52:46 AM - System Checkpoint
RP1553: 3/2/2011 2:43:49 AM - System Checkpoint
RP1554: 3/3/2011 2:53:23 AM - System Checkpoint
RP1555: 3/4/2011 3:51:43 PM - System Checkpoint
RP1556: 3/5/2011 4:29:11 PM - System Checkpoint
RP1557: 3/6/2011 4:45:03 PM - System Checkpoint
RP1558: 3/7/2011 4:46:55 PM - System Checkpoint
RP1559: 3/8/2011 9:24:55 PM - System Checkpoint
RP1560: 3/10/2011 12:25:50 AM - System Checkpoint
RP1561: 3/11/2011 1:27:27 AM - System Checkpoint
RP1562: 3/12/2011 1:55:42 AM - System Checkpoint
RP1563: 3/13/2011 3:14:19 AM - System Checkpoint
RP1564: 3/14/2011 3:17:06 AM - System Checkpoint
RP1565: 3/15/2011 4:01:36 AM - System Checkpoint
RP1566: 3/16/2011 12:24:41 PM - System Checkpoint
RP1567: 3/17/2011 1:09:16 PM - System Checkpoint
RP1568: 3/19/2011 3:24:58 AM - System Checkpoint
RP1569: 3/20/2011 8:12:30 PM - System Checkpoint
RP1570: 3/21/2011 9:09:26 PM - System Checkpoint
RP1571: 3/22/2011 11:23:14 PM - System Checkpoint
RP1572: 3/24/2011 2:29:04 AM - System Checkpoint
RP1573: 3/25/2011 2:41:29 AM - System Checkpoint
RP1574: 3/26/2011 2:59:33 AM - System Checkpoint
RP1575: 3/27/2011 4:30:02 AM - System Checkpoint
RP1576: 3/29/2011 5:48:07 AM - System Checkpoint
RP1577: 3/30/2011 8:38:51 AM - System Checkpoint
RP1578: 3/31/2011 8:52:58 AM - System Checkpoint
RP1579: 4/1/2011 9:52:55 AM - System Checkpoint
RP1580: 4/2/2011 10:33:47 AM - System Checkpoint
.
==== Installed Programs ======================
.
.
µTorrent
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Download Manager 1.2 (Remove Only)
Adobe Flash Player 10 Plugin
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 9.4.3
America Online
AOL Coach Version 1.0(Build:20020823.1)
AOL Instant Messenger
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira AntiVir Personal - Free Antivirus
Banctec Service Agreement
Belkin Setup and Router Monitor
Bodog Poker Version 2.3.3.7
Bonjour
CCleaner
COMODO Internet Security
COMODO livePCsupport
Conexant SmartHSFi V92 56K DF PCI Modem
DAO
Dell AIO Printer A940
Dell Networking Guide
Dell Picture Studio - Dell Image Expert
Dell Solution Center
Dell Support
Digital Line Detect
ESPNMotion
EZlist-MLS Macon
FLAC Installer 1.1.0k (remove only)
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Help and Support Customization
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB970653-v3)
Instant Wireless USB Adapter
Intel® PRO Network Adapters and Drivers
Intel® PROSet
iPod Updater 2004-11-15
iTunes
Java Auto Updater
Java™ 6 Update 24
K-Lite Codec Pack 6.7.0 (Basic)
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Interactive Training
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2002
Microsoft Money 2002 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content
Microsoft Office XP Small Business
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
mkw Audio Compression Toolkit
MobileMe Control Panel
Modem Helper
Move Media Player
Mozilla Firefox (3.6.7)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MUSICMATCH® Jukebox
myTunes Redux 1.0
NetWaiting
NVIDIA Windows 2000/XP Display Drivers
Paint Shop Pro 7
PeerBlock 1.0.0 (r181)
PhotoMix 5.3
PowerDVD
QuickTime
RealOne Player
Revo Uninstaller 1.83
REXplorer Component Upgrade
Safari
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
SmartFTP
Sound Blaster Live!
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Statistics
SUPERAntiSpyware Free Edition
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB973815)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows XP Service Pack 3
WinRAR archiver
WM Converter 2.0
.
==== Event Viewer Messages From Past Week ========
.
4/1/2011 1:24:15 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
3/30/2011 11:12:07 AM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
.
==== End Of File ===========================

#8 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 02 April 2011 - 10:16 PM

GMER log is attached here (I hope) as a .ZIP file

Will wait for your instructions on what to do next....

Attached File  GMER.zip   24.62KB   306 downloads

#9 Blade81

Blade81

    Advanced Member

  • Volunteer Security Advisor
  • PipPipPip
  • 6582 posts

Posted 03 April 2011 - 02:49 PM

Hi again,

uTorrent

Above listed ones are P2P file sharing programs. P2P downloads are nowadays one of those things that most likely bring infection into the system. My recommendation is to uninstall these (and other if present) P2P file sharing programs.


Spybot 1.4 isn't supported anymore. Uninstall it and get latest version here.


Uninstall your current Macromedia Shockwave Player and get the fresh one here if needed.


* Go here to run an online scanner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is not checkmarked.
  • Click Scan
  • Wait for the scan to finish.
Post back its report & a fresh dds.txt log. Any symptoms left?
Microsoft MVP Consumer Security 2008 2009 2010 2011 2012 2013

UNITE member since 2006

I don't help with logs thru PM so don't bother to post me one. If you have problems create a thread in the forum, please.
Don't post your log into other user's topic, create a new one.

Provided removal instructions are meant to be used in the correspondent user's case only.

Please use "Reply to this topic" -button while replying.

#10 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 04 April 2011 - 12:09 AM

Uninstalled and re-installed Spybot and Macromedia Shockwave. I will not remove Utorrent; I only use it to download from one site and I'm confident it is secure and isn't causing me problems.


There was 1 threat found via ESET. Couldn't find a "report" per se but here I list the "target" and then the "threat":


C:\Program Files\Common Files\Real\Toolbar\realbar.dll probably a variant of Win32/Adware.Toolbar.Visicom.AB application


As far as whether or not I am still experiencing symptoms, I would say yes. The computer seems to be running slow and I still have issues with the internet freezing up and "not responding" so I have to close the program via ctr/alt/del. I also have a "symptom" where when I go to START, TURN OFF COMPUTER, I get the hour glass for several minutes before being given the option to restart, shutdown, or (whatever that third option is). That is definitely not normal operation though I'm unsure of the cause for that.

I will post new DDS and Attach logs from DDS in separate posts below and wait for instructions on how to proceed.

#11 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 04 April 2011 - 12:10 AM

DDS log:





.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Alex Meadors at 19:06:18.57 on Sun 04/03/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.172 [GMT -4:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ===============
.
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\Adobe\Director\SwDnld.exe
C:\Documents and Settings\Alex Meadors\My Documents\Downloads\dds.com
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Viewpoint Toolbar BHO: {a7327c09-b521-4edb-8509-7d2660c9ec98} - c:\program files\viewpoint\viewpoint toolbar\ViewBarBHO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Dell AIO Printer A940] "c:\program files\dell aio printer a940\dlbabmgr.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
uPolicies-explorer: SpecifyDefaultButtons = 0 (0x0)
mPolicies-explorer: <NO NAME> =
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2B1AA38D-2D12-11D5-AAD0-00C04FA03D78} - hxxp://portal.uga.edu/nps/portal/gadgets/com.novell.nps.gadgets.shortcut.ShortcutGadget/LocalExec.CAB
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
DPF: {4E330863-6A11-11D0-BFD8-006097237877} - hxxp://support.rexplorer.net/iftw_install//iftwclix.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} - hxxp://www.livephish.com/nugster/dlControl.CAB
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\alexme~1\applic~1\mozilla\firefox\profiles\d13hhs6h.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\alex meadors\application data\move networks\plugins\npqmp071705000014.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\alex meadors\application data\Move Networks
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-12-25 64288]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-12-3 11608]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-4-9 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-4-9 27576]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-4-27 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-12-3 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-12-3 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-12-3 61960]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo livepcsupport\CLPSLS.exe [2010-2-19 148744]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-4-9 1803224]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-8-13 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-10 136176]
S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe --> c:\progra~1\mcafee.com\agent\mcupdmgr.exe [?]
S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2010-5-6 14424]
S3 USBNET_XP;Instant Wireless XP USB Network Adapter ver.2.6 Driver;c:\windows\system32\drivers\netusbxp.sys [2003-9-21 72576]
.
=============== Created Last 30 ================
.
2011-04-03 20:47:56 -------- d-----w- c:\program files\ESET
2011-04-03 20:44:05 -------- d-----w- c:\windows\system32\Adobe
2011-04-03 20:41:16 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-01 17:47:54 -------- d-----w- c:\program files\iTunes
2011-04-01 17:41:20 -------- d-----w- c:\program files\Bonjour
2011-03-12 16:28:40 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-03-12 16:28:40 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-02-03 02:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-03 00:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-26 02:22:39 285480 ----a-w- c:\windows\system32\guard32.dll
2003-11-11 00:36:53 16251072 ----a-w- c:\program files\AdbeRdr60_enu_full.exe
.
============= FINISH: 19:07:16.48 ===============

#12 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 04 April 2011 - 12:11 AM

Attach log:




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 9/21/2003 5:18:46 PM
System Uptime: 4/3/2011 4:05:29 PM (3 hours ago)
.
Motherboard: Dell Computer Corp. | | 02Y832
Processor: Intel® Pentium® 4 CPU 2.66GHz | Microprocessor | 2660/533mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 18.839 GiB free.
D: is CDROM ()
E: is CDROM ()
H: is FIXED (NTFS) - 466 GiB total, 211.014 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1503: 1/6/2011 4:59:33 AM - System Checkpoint
RP1504: 1/7/2011 5:55:08 AM - System Checkpoint
RP1505: 1/8/2011 7:26:43 AM - System Checkpoint
RP1506: 1/9/2011 7:36:04 AM - System Checkpoint
RP1507: 1/10/2011 8:36:01 AM - System Checkpoint
RP1508: 1/11/2011 9:26:05 AM - System Checkpoint
RP1509: 1/13/2011 5:05:06 AM - System Checkpoint
RP1510: 1/14/2011 5:22:09 AM - System Checkpoint
RP1511: 1/15/2011 5:26:04 AM - System Checkpoint
RP1512: 1/16/2011 9:03:53 AM - System Checkpoint
RP1513: 1/17/2011 10:15:20 AM - System Checkpoint
RP1514: 1/18/2011 12:44:52 PM - System Checkpoint
RP1515: 1/19/2011 2:20:26 PM - System Checkpoint
RP1516: 1/21/2011 4:55:58 AM - System Checkpoint
RP1517: 1/22/2011 5:38:45 AM - System Checkpoint
RP1518: 1/23/2011 5:54:34 AM - System Checkpoint
RP1519: 1/24/2011 9:44:15 AM - System Checkpoint
RP1520: 1/25/2011 9:54:22 AM - System Checkpoint
RP1521: 1/26/2011 10:33:44 AM - System Checkpoint
RP1522: 1/27/2011 11:33:44 AM - System Checkpoint
RP1523: 1/28/2011 12:33:45 PM - System Checkpoint
RP1524: 1/29/2011 1:33:43 PM - System Checkpoint
RP1525: 1/30/2011 5:09:13 PM - System Checkpoint
RP1526: 1/31/2011 5:33:53 PM - System Checkpoint
RP1527: 2/1/2011 6:51:09 PM - System Checkpoint
RP1528: 2/2/2011 7:31:54 PM - System Checkpoint
RP1529: 2/3/2011 8:31:56 PM - System Checkpoint
RP1530: 2/4/2011 9:31:57 PM - System Checkpoint
RP1531: 2/5/2011 9:58:26 PM - System Checkpoint
RP1532: 2/6/2011 10:52:54 PM - System Checkpoint
RP1533: 2/8/2011 2:42:29 AM - System Checkpoint
RP1534: 2/9/2011 3:32:10 AM - System Checkpoint
RP1535: 2/10/2011 5:08:43 AM - System Checkpoint
RP1536: 2/11/2011 5:32:09 AM - System Checkpoint
RP1537: 2/12/2011 7:46:14 AM - System Checkpoint
RP1538: 2/13/2011 8:32:23 AM - System Checkpoint
RP1539: 2/14/2011 9:22:34 AM - System Checkpoint
RP1540: 2/15/2011 10:22:37 AM - System Checkpoint
RP1541: 2/17/2011 2:28:28 AM - System Checkpoint
RP1542: 2/18/2011 4:30:50 AM - System Checkpoint
RP1543: 2/19/2011 4:46:17 AM - System Checkpoint
RP1544: 2/21/2011 2:29:43 AM - System Checkpoint
RP1545: 2/21/2011 6:52:19 PM - Installed Java™ 6 Update 24
RP1546: 2/22/2011 6:56:01 PM - System Checkpoint
RP1547: 2/23/2011 7:42:34 PM - System Checkpoint
RP1548: 2/24/2011 8:42:44 PM - System Checkpoint
RP1549: 2/25/2011 9:42:38 PM - System Checkpoint
RP1550: 2/26/2011 11:42:22 PM - System Checkpoint
RP1551: 2/27/2011 11:45:37 PM - System Checkpoint
RP1552: 3/1/2011 1:52:46 AM - System Checkpoint
RP1553: 3/2/2011 2:43:49 AM - System Checkpoint
RP1554: 3/3/2011 2:53:23 AM - System Checkpoint
RP1555: 3/4/2011 3:51:43 PM - System Checkpoint
RP1556: 3/5/2011 4:29:11 PM - System Checkpoint
RP1557: 3/6/2011 4:45:03 PM - System Checkpoint
RP1558: 3/7/2011 4:46:55 PM - System Checkpoint
RP1559: 3/8/2011 9:24:55 PM - System Checkpoint
RP1560: 3/10/2011 12:25:50 AM - System Checkpoint
RP1561: 3/11/2011 1:27:27 AM - System Checkpoint
RP1562: 3/12/2011 1:55:42 AM - System Checkpoint
RP1563: 3/13/2011 3:14:19 AM - System Checkpoint
RP1564: 3/14/2011 3:17:06 AM - System Checkpoint
RP1565: 3/15/2011 4:01:36 AM - System Checkpoint
RP1566: 3/16/2011 12:24:41 PM - System Checkpoint
RP1567: 3/17/2011 1:09:16 PM - System Checkpoint
RP1568: 3/19/2011 3:24:58 AM - System Checkpoint
RP1569: 3/20/2011 8:12:30 PM - System Checkpoint
RP1570: 3/21/2011 9:09:26 PM - System Checkpoint
RP1571: 3/22/2011 11:23:14 PM - System Checkpoint
RP1572: 3/24/2011 2:29:04 AM - System Checkpoint
RP1573: 3/25/2011 2:41:29 AM - System Checkpoint
RP1574: 3/26/2011 2:59:33 AM - System Checkpoint
RP1575: 3/27/2011 4:30:02 AM - System Checkpoint
RP1576: 3/29/2011 5:48:07 AM - System Checkpoint
RP1577: 3/30/2011 8:38:51 AM - System Checkpoint
RP1578: 3/31/2011 8:52:58 AM - System Checkpoint
RP1579: 4/1/2011 9:52:55 AM - System Checkpoint
RP1580: 4/2/2011 10:33:47 AM - System Checkpoint
RP1581: 4/3/2011 10:38:10 AM - System Checkpoint
RP1582: 4/3/2011 3:58:02 PM - Revo Uninstaller's restore point - Spybot - Search & Destroy 1.4
RP1583: 4/3/2011 4:13:25 PM - Revo Uninstaller's restore point - Spybot - Search & Destroy
RP1584: 4/3/2011 4:23:46 PM - Revo Uninstaller's restore point - Spybot - Search & Destroy
RP1585: 4/3/2011 4:24:57 PM - Revo Uninstaller's restore point - Spybot - Search & Destroy
RP1586: 4/3/2011 4:37:31 PM - Revo Uninstaller's restore point - Macromedia Shockwave Player
.
==== Installed Programs ======================
.
.
µTorrent
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Download Manager 1.2 (Remove Only)
Adobe Flash Player 10 Plugin
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 9.4.3
Adobe Shockwave Player 11.5
America Online
AOL Coach Version 1.0(Build:20020823.1)
AOL Instant Messenger
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira AntiVir Personal - Free Antivirus
Banctec Service Agreement
Belkin Setup and Router Monitor
Bodog Poker Version 2.3.3.7
Bonjour
CCleaner
COMODO Internet Security
COMODO livePCsupport
Conexant SmartHSFi V92 56K DF PCI Modem
DAO
Dell AIO Printer A940
Dell Networking Guide
Dell Picture Studio - Dell Image Expert
Dell Solution Center
Dell Support
Digital Line Detect
ESPNMotion
EZlist-MLS Macon
FLAC Installer 1.1.0k (remove only)
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Help and Support Customization
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB970653-v3)
Instant Wireless USB Adapter
Intel® PRO Network Adapters and Drivers
Intel® PROSet
iPod Updater 2004-11-15
iTunes
Java Auto Updater
Java™ 6 Update 24
K-Lite Codec Pack 6.7.0 (Basic)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Interactive Training
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2002
Microsoft Money 2002 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content
Microsoft Office XP Small Business
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
mkw Audio Compression Toolkit
MobileMe Control Panel
Modem Helper
Move Media Player
Mozilla Firefox (3.6.7)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MUSICMATCH® Jukebox
myTunes Redux 1.0
NetWaiting
NVIDIA Windows 2000/XP Display Drivers
Paint Shop Pro 7
PeerBlock 1.0.0 (r181)
PhotoMix 5.3
PowerDVD
QuickTime
RealOne Player
Revo Uninstaller 1.91
REXplorer Component Upgrade
Safari
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
SmartFTP
Sound Blaster Live!
Spybot - Search & Destroy
Statistics
SUPERAntiSpyware Free Edition
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB973815)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows XP Service Pack 3
WinRAR archiver
WM Converter 2.0
.
==== Event Viewer Messages From Past Week ========
.
4/2/2011 5:05:56 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
4/1/2011 1:24:15 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
3/27/2011 2:38:50 AM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
.
==== End Of File ===========================

#13 Blade81

Blade81

    Advanced Member

  • Volunteer Security Advisor
  • PipPipPip
  • 6582 posts

Posted 04 April 2011 - 02:58 PM

Hi,

You have pretty small amount of RAM available there. Were things slow before running Comodo? Has the hard drive been defragged lately?
Microsoft MVP Consumer Security 2008 2009 2010 2011 2012 2013

UNITE member since 2006

I don't help with logs thru PM so don't bother to post me one. If you have problems create a thread in the forum, please.
Don't post your log into other user's topic, create a new one.

Provided removal instructions are meant to be used in the correspondent user's case only.

Please use "Reply to this topic" -button while replying.

#14 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 04 April 2011 - 06:58 PM

Haven't defragged lately. I can do that soon or now. I'd assume it would be best to do after we're done "tweaking' whatever needs to be tweaked so I'll hold off.

Does Comodo take a lot of RAM? Should I consider uninstalling it? Is there another (lesser RAM required) firewall you would recommend?

What about the infection found on that ESET scan? How do we remove that?

Last time I sought help here (and I believe it was you who helped me) the cleaning process was long and involved, including HiJack This, OTL, and manual registry deletions to name a few. I seem to remember a bunch of Adobe Readers that we deleted. Could any of these kind of things be helpful for me now?

I also saw on where I seem to have a lot of Java updates installed. Are all these necessary? Are there any other programs you see that are extraneous and not necessary?

Anything and everything you can think of that might improve performance would be much appreciated.

Thanks.

#15 Blade81

Blade81

    Advanced Member

  • Volunteer Security Advisor
  • PipPipPip
  • 6582 posts

Posted 05 April 2011 - 05:59 AM

Does Comodo take a lot of RAM? Should I consider uninstalling it? Is there another (lesser RAM required) firewall you would recommend?

I'm not sure how much RAM it consumes.

What about the infection found on that ESET scan? How do we remove that?

That ESET finding can be ignored.

Last time I sought help here (and I believe it was you who helped me) the cleaning process was long and involved, including HiJack This, OTL, and manual registry deletions to name a few. I seem to remember a bunch of Adobe Readers that we deleted. Could any of these kind of things be helpful for me now?

Cleaning process varies depending on infections aboard. I don't see any this time.

I also saw on where I seem to have a lot of Java updates installed. Are all these necessary? Are there any other programs you see that are extraneous and not necessary?

On installed programs list it shows just Java™ 6 Update 24 installed and it's latest one. If you have programs that you don't use then it might be good to uninstall such programs (e.g. if you don't use Firefox anymore then it would be recommended to uninstall it).


Before defragging it's recommended to run a disk check. For defragging I'd use 3rd party solution. Good commercial ones are PerfectDisk and Diskeeper. Of free options I recommend MyDefrag.
Microsoft MVP Consumer Security 2008 2009 2010 2011 2012 2013

UNITE member since 2006

I don't help with logs thru PM so don't bother to post me one. If you have problems create a thread in the forum, please.
Don't post your log into other user's topic, create a new one.

Provided removal instructions are meant to be used in the correspondent user's case only.

Please use "Reply to this topic" -button while replying.

#16 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 05 April 2011 - 09:19 PM

Revo uninstaller brings up Java 6 Update 3, Java 6 Update 5, and Java 6 Update 7 in addition to Java 6 Update 24. Can I assume it's safe to uninstall these earlier updates? FYI, they show up as icons that are different than Update 24.

I'm still getting some signs that the system is not operating at its best. For instance, I got a message when browsing the internet last night saying that "The following plug-in is unresponsive: Unknown. Do you want to stop it?" Also, I frequently get a message that "Virtual Memory Minimum is too low". Does that refer to RAM? How do I interpret/remedy these?

If you are not seeing signs of infection, are there other system issues that might cause such problems that you might help me address...or at least help me get a handle on what potential issues are and where I could turn to find a remedy?

I will follow your suggestions for a disk check and defrag just as soon as I know we are done troubleshooting other things.

Please advise me what else you might do if you were me.

Thanks.

Edited by bumpyphish, 06 April 2011 - 04:58 AM.


#17 Blade81

Blade81

    Advanced Member

  • Volunteer Security Advisor
  • PipPipPip
  • 6582 posts

Posted 06 April 2011 - 06:27 AM

Revo uninstaller brings up Java 6 Update 3, Java 6 Update 5, and Java 6 Update 7 in addition to Java 6 Update 24. Can I assume it's safe to uninstall these earlier updates?

It's safe to let it uninstall those.

I'm still getting some signs that the system is not operating at its best. For instance, I got a message when browsing the internet last night saying that "The following plug-in is unresponsive: Unknown. Do you want to stop it?" Also, I frequently get a message that "Virtual Memory Minimum is too low". Does that refer to RAM? How do I interpret/remedy these?

Yes, that's RAM related. To fix the problem more RAM should be added.

If you are not seeing signs of infection, are there other system issues that might cause such problems that you might help me address...or at least help me get a handle on what potential issues are and where I could turn to find a remedy?

In general computer questions I recommend to post at forum that has area for this kind of general issue, for example at Tech Support Guy.
Microsoft MVP Consumer Security 2008 2009 2010 2011 2012 2013

UNITE member since 2006

I don't help with logs thru PM so don't bother to post me one. If you have problems create a thread in the forum, please.
Don't post your log into other user's topic, create a new one.

Provided removal instructions are meant to be used in the correspondent user's case only.

Please use "Reply to this topic" -button while replying.

#18 CeciliaB

CeciliaB

    Volunteer

  • Moderator
  • 7557 posts

Posted 06 April 2011 - 08:06 AM

Hi,

I hope it is all right that I post here too. The message
4/2/2011 5:05:56 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
in the Event viewer can indicate that there is a problem with the hard disk.

#19 bumpyphish

bumpyphish

    Advanced Member

  • Members
  • PipPipPip
  • 43 posts

Posted 06 April 2011 - 07:46 PM

How do I add RAM to my computer? Also, how much RAM would you suggest I add? And, where does it show on my system the current amount of RAM?

Edited by bumpyphish, 06 April 2011 - 08:36 PM.


#20 Pierre67

Pierre67

    Valued Member and Beta Tester

  • Valued Member
  • PipPipPip
  • 1306 posts

Posted 07 April 2011 - 12:39 AM

Install a program named Belarc Advisor. It will tell everything you wish to know about your PC. Just keep the output file private as it also shows software activation keys.

http://www.belarc.co...e_download.html
regards, Peter.

I do NOT use Lavasoft Ad-Aware and do NOT work for Lavasoft. I just monitor the Forum from time to time.

IF IT AIN'T BROKE - DON'T FIX IT!!!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users