1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Browsers and antivirus programs crashing

Discussion in 'Virus & Other Malware Removal' started by Eagle5, Aug 18, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. Eagle5

    Eagle5 Thread Starter

    Joined:
    Aug 26, 2011
    Messages:
    6
    Many programs now fail to run or start up. Most crash while loading but some come up and then crash when I try to do something with them. I can't run any browser (IE, Chrome, Firefox). Antivirus and malware scan/removal tools crash (while beginning scan or loading). Quick time player crashes. Most applications just close. Some get the error window that a problem has occurred and asks if I want to send the error report to Microsoft ... but the debug button doesn't show me anything. It may be that most/all of these are trying to connect to the internet and that's why they fail. I can open Office programs (Excel, Word).

    When I boot up in safe mode I have pretty much the same problems. Antivirus scans all hit an error but I was able to do a boot scan that found a couple of things. Sometimes when I get the window that an error has occurred, the scan keeps going but usually it doesn't find anything.

    I performed the requested scans from safe mode since I have the same problem there.

    ---------------------
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
    Processor: Mobile AMD Sempron(tm) Processor 3500+, x86 Family 15 Model 76 Stepping 2
    Processor Count: 1
    RAM: 1789 Mb
    Graphics Card: ATI Radeon Xpress 1150, 1 Mb
    Hard Drives: C: Total - 72276 MB, Free - 2369 MB;
    Motherboard: Dell Inc., 0UW744
    Antivirus: avast! Antivirus, Updated: Yes, On-Demand Scanner: Disabled (((disabled during scans)))

    ----------
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:02:05 AM, on 8/18/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    E:\Virus\HijackThis.exe
    C:\Documents and Settings\Becky\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Becky\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Becky\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Becky\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\dwwin.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://movies.netflix.com/WiHome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe"
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [bncsaui.exe] %ProgramFiles%\Bradford Networks\Persistent Agent\bncsaui.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Becky\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Sticky-Notes] C:\Program Files\Sticky-Notes\stickynotes.exe
    O4 - HKCU\..\Run: [KGShareApp] C:\Program Files\Kodak\KODAK Share Button App\KGShare_App.exe
    O4 - Global Startup: Process Explorer.lnk = Process Explorer\procexp.exe
    O4 - Global Startup: Shortcut to taskmgr.lnk = C:\WINDOWS\system32\taskmgr.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\hensence.com\mediabox\networksniffer.dll
    O10 - Unknown file in Winsock LSP: c:\program files\hensence.com\mediabox\networksniffer.dll
    O10 - Unknown file in Winsock LSP: c:\program files\hensence.com\mediabox\networksniffer.dll
    O10 - Unknown file in Winsock LSP: c:\program files\hensence.com\mediabox\networksniffer.dll
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1287117972390
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
    O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bradford Persistent Agent Service (BNPagent) - Bradford Networks - C:\Program Files\Bradford Networks\Persistent Agent\bndaemon.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 9435 bytes

    ------------------------------------------
    .
    DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
    Run by Becky at 10:27:50 on 2012-08-18
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1790.1477 [GMT -4:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    E:\Virus\HijackThis.exe
    C:\WINDOWS\system32\ctfmon.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://movies.netflix.com/WiHome
    mStart Page = about:blank
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [Google Update] "c:\documents and settings\becky\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Sticky-Notes] c:\program files\sticky-notes\stickynotes.exe
    uRun: [KGShareApp] c:\program files\kodak\kodak share button app\KGShare_App.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0417.0\mswinext.exe"
    mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
    mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [bncsaui.exe] %ProgramFiles%\Bradford Networks\Persistent Agent\bncsaui.exe
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [KodakShareButtonApp] c:\program files\kodak\kodak share button app\Listener.exe
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\proces~1.lnk - c:\save\process explorer\procexp.exe
    StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\shortc~1.lnk - c:\windows\system32\taskmgr.exe
    StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    uPolicies-explorer: NoRealMode = 0 (0x0)
    IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
    LSP: c:\program files\hensence.com\mediabox\NetworkSniffer.dll
    LSP: mswsock.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1287117972390
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
    DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{A5E099A1-E799-454B-AADF-11FE5172CE38} : DhcpNameServer = 192.168.2.1
    Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\becky\application data\mozilla\firefox\profiles\wgzhaipu.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=BABTDF&PC=BBLN&q=
    FF - prefs.js: browser.startup.homepage - hxxp://utmost.org/
    FF - prefs.js: keyword.URL - hxxp://search.mywebstart.net/?sid=10101070100&s=
    FF - prefs.js: network.proxy.http - 127.0.0.1
    FF - prefs.js: network.proxy.http_port - 58323
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - component: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
    FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
    FF - plugin: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
    FF - plugin: c:\documents and settings\all users.windows\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\documents and settings\all users.windows\application data\realarcade\npraclient.dll
    FF - plugin: c:\documents and settings\becky\application data\move networks\plugins\npqmp071500000347.dll
    FF - plugin: c:\documents and settings\becky\application data\move networks\plugins\npqmp071502000008.dll
    FF - plugin: c:\documents and settings\becky\application data\mozilla\firefox\profiles\wgzhaipu.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    FF - plugin: c:\documents and settings\becky\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin10171.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.50917.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npraclient.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
    FF - plugin: c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: browser.search.order.1 - Search
    FF - user.js: keyword.URL - hxxp://search.mywebstart.net/?sid=10101070100&s=
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 06479156;06479156;c:\windows\system32\drivers\06479156.sys [2012-8-16 133208]
    S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys --> c:\windows\system32\drivers\dwprot.sys [?]
    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-8-17 721000]
    S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-8-17 353688]
    S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-8-17 21256]
    S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-8-17 44808]
    S2 BNPagent;Bradford Persistent Agent Service;c:\program files\bradford networks\persistent agent\bndaemon.exe [2010-2-23 3026656]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-31 136176]
    S2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]
    S3 efavdrv;efavdrv;\??\c:\windows\system32\drivers\efavdrv.sys --> c:\windows\system32\drivers\efavdrv.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-8-31 136176]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-8-17 40776]
    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-4 113120]
    S3 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\mpfilter.sys --> c:\windows\system32\drivers\MpFilter.sys [?]
    S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-9 253088]
    .
    =============== File Associations ===============
    .
    JSEFile=NOTEPAD.EXE %1
    VBEFile=NOTEPAD.EXE %1
    VBSFile=NOTEPAD.EXE %1
    .
    =============== Created Last 30 ================
    .
    2012-08-18 12:45:31 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
    2012-08-18 02:27:53 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2012-08-17 18:39:47 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-08-17 18:39:02 41224 ----a-w- c:\windows\avastSS.scr
    2012-08-17 18:38:36 -------- d-----w- c:\program files\AVAST Software
    2012-08-17 18:38:36 -------- d-----w- c:\documents and settings\all users.windows\application data\AVAST Software
    2012-08-17 14:52:28 -------- d-----w- c:\documents and settings\becky\DoctorWeb
    2012-08-17 03:21:26 -------- d-----w- c:\program files\stinger
    2012-08-17 03:08:08 133208 ----a-w- c:\windows\system32\drivers\06479156.sys
    2012-08-16 17:54:56 -------- d-----w- c:\documents and settings\becky\application data\Hensense.com
    2012-08-16 17:54:53 -------- d-----w- c:\program files\Hensence.com
    2012-08-16 17:43:04 49664 ----a-w- c:\windows\system32\CamCodec.dll
    2012-08-16 17:43:04 -------- d-----w- c:\program files\CamStudio 2.6b
    2012-08-01 22:32:44 -------- d-----w- c:\documents and settings\becky\application data\Sahmon Games
    2012-08-01 22:29:07 -------- d-----w- c:\program files\The Island - Castaway
    2012-07-24 22:13:07 -------- d-----w- c:\documents and settings\all users.windows\application data\CrioGames
    2012-07-24 22:10:37 -------- d-----w- c:\program files\Farm Tribe
    2012-07-24 02:01:43 -------- d-----w- c:\documents and settings\becky\local settings\application data\Astar Games
    2012-07-24 01:39:12 -------- d-----w- c:\program files\Interpol 2 - Most Wanted
    2012-07-23 21:57:24 -------- d-----w- c:\program files\Virtual Families
    2012-07-23 03:06:07 -------- d-----w- c:\documents and settings\becky\application data\WendigoStudios
    2012-07-23 02:00:43 -------- d-----w- c:\documents and settings\becky\local settings\application data\MLS2
    2012-07-23 01:49:19 -------- d-----w- c:\program files\My Life Story - Adventures
    .
    ==================== Find3M ====================
    .
    2012-07-03 17:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-09 19:18:49 711240 -c--a-w- c:\windows\is-35LS9.exe
    2008-03-20 02:06:27 774144 -c--a-w- c:\program files\RngInterstitial.dll
    2008-03-15 00:34:37 35325 -c--a-w- c:\program files\dm48.tmp.exe
    .
    ============= FINISH: 10:29:24.96 ===============

    --------------------------
    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-08-18 14:53:31
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 FUJITSU_MHY2080BH rev.0085000B
    Running: 46vehiq7.exe; Driver: C:\DOCUME~1\Becky\LOCALS~1\Temp\pwrdrpow.sys


    ---- Kernel code sections - GMER 1.0.15 ----

    ? C:\DOCUME~1\Becky\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp AswRdr.SYS (avast! TDI Redirect Driver/AVAST Software)

    ---- Files - GMER 1.0.15 ----

    File C:\WINDOWS\$NtUninstallKB22452$\2887187362 0 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\@ 2048 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\bckfg.tmp 846 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\cfg.ini 199 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\Desktop.ini 4608 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\keywords 338 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\kwrd.dll 223744 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\L 0 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\L\hmmtgmib 57600 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\lsflt7.ver 5176 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\U 0 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\U\00000001.@ 2048 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\U\00000002.@ 224768 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\U\00000004.@ 1024 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\U\80000000.@ 11264 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\U\80000004.@ 12800 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\2887187362\U\80000032.@ 77312 bytes
    File C:\WINDOWS\$NtUninstallKB22452$\3190687947 0 bytes

    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

  2. Eagle5

    Eagle5 Thread Starter

    Joined:
    Aug 26, 2011
    Messages:
    6
    Any takers?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1065598