1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Laptop running realy slow

Discussion in 'Windows XP' started by mace2001, Jan 16, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. mace2001

    mace2001 Thread Starter

    Joined:
    Jan 16, 2011
    Messages:
    25
    Hi I hope someone can help me my laptop is running really slowI have tried reg mechanic but not really helped at all. Please Please Please help... Thanks Guys:):)
     
  2. surferdude2

    surferdude2

    Joined:
    Jul 6, 2010
    Messages:
    619
    Hi mace!

    Post back your equipment make and model, how much RAM installed and your experience level.

    Along with that, post a HiJackThis log so that we can review it and see if you have a simple startup overload problem or need expert malware removal help, in which case your post can be move as needed.
     
  3. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,820
    First Name:
    Frank
    Before I say anything else, I'm going to strongly advise you to stay away from registry cleaner/optimizer/booster/tuneup programs, no matter what they claim they can do. They will do little-to-nothing to improve speed and performance. What they can do is break programs and damage the operating system.

    -----------------------------------------------------

    What's the brand name, model name, and model number of that laptop?

    How much RAM does it have?

    What's the hard drive capacity and the amount of free space?

    -----------------------------------------------------

    Go here and click the green icon to download and save HiJackThis 2.0.4.

    After it's been downloaded and saved, close all open windows first, then double-click the saved file to install it.

    Allow it to install in its default location - C:\Program Files.

    After it's been installed, start it and then click "Do a system scan and save a log file".

    When the scan is finished in less than 30 seconds, a log file will appear.

    Save that log file.

    Return here to your thread, then copy-and-paste the entire log file here.

    -----------------------------------------------------
     
  4. mace2001

    mace2001 Thread Starter

    Joined:
    Jan 16, 2011
    Messages:
    25
    Thanks Guys my pc knowledge is very limited. ram ect couldnt tell you. Laptop is a Compaq Pserio R3000 HJ this log Below... and thank you for any help..
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:35:22, on 16/01/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\RelevantKnowledge\rlvknlg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Application Updater\ApplicationUpdater.exe
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Program Files\AVG\AVG10\avgchsvx.exe
    C:\Program Files\AVG\AVG10\avgemcx.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\PROGRA~1\AVG\AVG10\avgrsx.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZJfox000&ptb=5kLe8I1JfwTUePOD5qa3Xg
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 5923 bytes
     
  5. mace2001

    mace2001 Thread Starter

    Joined:
    Jan 16, 2011
    Messages:
    25
    Thanks Guys my pc knowledge is very limited. ram ect couldnt tell you. Laptop is a Compaq Pserio R3000 HJ this log Below... and thank you for any help..
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:35:22, on 16/01/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\RelevantKnowledge\rlvknlg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Application Updater\ApplicationUpdater.exe
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Program Files\AVG\AVG10\avgchsvx.exe
    C:\Program Files\AVG\AVG10\avgemcx.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\PROGRA~1\AVG\AVG10\avgrsx.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jh...fwTUePOD5qa3Xg
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 5923 bytes
     
  6. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,820
    First Name:
    Frank
    If that laptop is a Compaq Presario R3000 series model, it'll have a product number on the sticker. Advise what it is so we can determine the exact model number.

    -------------------------------------------------

    Right-click MY COMPUTER and then click Properties. The amount of RAM will be listed at the bottom of the "General" tab.

    -------------------------------------------------

    Except for AVG 10, nothing else needs to auto-load and run in the background in the startup list.

    Go to Start - Run - MSCONFIG - OK - Startup(tab), remove the checkmark in all entries except for the AVG entry, then click Apply - OK/Close - Restart.

    When the small System Configuration Utility window appears during restart, ignore its message. Put a checkmark in it that window before you click OK to close it.

    -------------------------------------------------

    Download and save the free version of these 2 programs:

    Malwarebytes Anti-Malware 1.50.1.1100

    SUPERAntiSpyware 4.48.0.1000

    After you download and save them, close all open windows first, then install them, then restart your computer.

    Don't do anything else with them yet.

    -------------------------------------------------
     
  7. mace2001

    mace2001 Thread Starter

    Joined:
    Jan 16, 2011
    Messages:
    25
    512mb of ram just doing the rest now so please bear with me. I cant find any other model code ect for laptop sorry
     
  8. mace2001

    mace2001 Thread Starter

    Joined:
    Jan 16, 2011
    Messages:
    25
    ok down loaded and installed
     
  9. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,820
    First Name:
    Frank
    Here is a complete list of the R3000 models. Which one is yours?

    We really need the product number on the sticker so we can pin down the exact model number.

    ------------------------------------------------------------------

    The R3000 series laptop comes with 512 MB of RAM, but it supports up to 2048 MB(2 GB).

    ------------------------------------------------------------------
     
  10. mace2001

    mace2001 Thread Starter

    Joined:
    Jan 16, 2011
    Messages:
    25
    R3313 does that sound right??
     
  11. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,820
    First Name:
    Frank
    Here are complete instructions for using them:

    Start Malwarebytes Anti-Malware.

    Click "Updates(tab) - Check for Updates".

    When the definition files have updated, click "OK".

    Click "Scanner(tab) - Perform quick scan - Scan".

    If infections are found during the scan, the number of infections will be highlighted in red.

    When the scan is finished, click "Show Results".

    Make sure that everything is selected, then click "Remove Selected".

    If you're prompted to restart to finish the removal process, click "Yes".

    Start Malwarebytes Anti-Malware again.

    Click "Logs"(tab).

    Highlight the scan log entry, then click "Open".

    When the scan log appears in Notepad, copy-and-paste it here.

    Start SUPERAntiSpyware.

    Click "Check for Updates".

    When the definition files have updated, click "Close".

    Click "Scan your Computer - Perform Quick Scan - Next".

    If infections or problems are found during the scan, a list will appear.

    When the scan is finished and the scan summary window appears, click "OK".

    Make sure that everything in the list is selected, then click "Next".

    If you're prompted to restart to finish the removal process, click "Yes".

    Start SUPERAntiSpyware again.

    Click "Preferences - Statistics/Logs"(tab).

    Highlight the scan log entry, then click "View Log".

    When the scan log appears in Notepad, copy-and-paste it here.

    (Note: Don't use your computer while the scan is in progress)

    ------------------------------------------------------------
     
  12. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,820
    First Name:
    Frank
    That's the number for the laptop's power adapter.

    ----------------------------------------------------------------

    I'm going off-line for the rest of the day. Follow and complete the instructions for MBAM and SAS. I'll check back with your thread tomorrow.

    Don't forget to follow the rest of the instructions in post #6.

    -----------------------------------------------------------------
     
  13. mace2001

    mace2001 Thread Starter

    Joined:
    Jan 16, 2011
    Messages:
    25
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5533

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 6.0.2900.5512

    16/01/2011 22:13:22
    mbam-log-2011-01-16 (22-13-22).txt

    Scan type: Quick scan
    Objects scanned: 150230
    Time elapsed: 18 minute(s), 42 second(s)

    Memory Processes Infected: 2
    Memory Modules Infected: 6
    Registry Keys Infected: 27
    Registry Values Infected: 7
    Registry Data Items Infected: 1
    Folders Infected: 13
    Files Infected: 25

    Memory Processes Infected:
    c:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> 1552 -> Unloaded process successfully.
    c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 1808 -> Unloaded process successfully.

    Memory Modules Infected:
    c:\program files\relevantknowledge\rlls.dll (Adware.RelevantKnowledge) -> Delete on reboot.
    c:\program files\relevantknowledge\components\rlxg.dll (Adware.RelevantKnowledge) -> Delete on reboot.
    c:\program files\search settings\FF\components\searchsettingsff.dll (PUP.Dealio) -> Delete on reboot.
    c:\program files\search settings\searchsettingsres409.dll (PUP.Dealio) -> Delete on reboot.
    c:\program files\relevantknowledge\msvcp71.dll (Spyware.MarketScore) -> Delete on reboot.
    c:\program files\relevantknowledge\msvcr71.dll (Spyware.MarketScore) -> Delete on reboot.

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\SearchSettings.BHO.1 (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\SearchSettings.BHO (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\FF\COMPONENTS\SEARCHSETTINGSFF.DLL (PUP.Dealio) -> Value: SEARCHSETTINGSFF.DLL -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\SEARCHSETTINGSRES409.DLL (PUP.Dealio) -> Value: SEARCHSETTINGSRES409.DLL -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected] (PUP.Dealio) -> Value: [email protected] -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    c:\documents and settings\b sheppard\application data\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\documents and settings\b sheppard\application data\funwebproducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\documents and settings\b sheppard\application data\funwebproducts\Data\b sheppard (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge (Spyware.MarketScore) -> Delete on reboot.
    c:\program files\relevantknowledge\components (Spyware.MarketScore) -> Delete on reboot.
    c:\documents and settings\all users\start menu\Programs\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

    Files Infected:
    c:\program files\relevantknowledge\rlls.dll (Adware.RelevantKnowledge) -> Delete on reboot.
    c:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
    c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\components\rlxg.dll (Adware.RelevantKnowledge) -> Delete on reboot.
    c:\program files\search settings\FF\components\searchsettingsff.dll (PUP.Dealio) -> Delete on reboot.
    c:\program files\search settings\searchsettingsres409.dll (PUP.Dealio) -> Delete on reboot.
    c:\program files\search settings\searchsettings.dll (PUP.Dealio) -> Quarantined and deleted successfully.
    c:\documents and settings\b sheppard\my documents\downloads\myfuncards.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.
    c:\documents and settings\b sheppard\my documents\downloads\clickpotatoinstaller.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\program files\mozilla firefox\extensions\[email protected] (PUP.Dealio) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\chrome.manifest (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\install.rdf (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\msvcp71.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\msvcr71.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\rlls64.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\rloci.bin (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\rlph.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\rlservice.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\rlvknlg64.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\program files\relevantknowledge\rlxf.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\start menu\Programs\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\start menu\Programs\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\start menu\Programs\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\start menu\Programs\relevantknowledge\uninstall instructions.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
     
  14. mace2001

    mace2001 Thread Starter

    Joined:
    Jan 16, 2011
    Messages:
    25
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 01/16/2011 at 10:36 PM

    Application Version : 4.48.1000

    Core Rules Database Version : 6212
    Trace Rules Database Version: 4024

    Scan type : Quick Scan
    Total Scan Time : 00:15:12

    Memory items scanned : 391
    Memory threats detected : 0
    Registry items scanned : 1527
    Registry threats detected : 12
    File items scanned : 4919
    File threats detected : 71

    Adware.Tracking Cookie
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][1].txt
    C:\Documents and Settings\b sheppard\Cookies\b [email protected][2].txt
    asset2.countrylife.joyeurs.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    bingo.partyaccount.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    cdn5.specificclick.net [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    cdn5.tribalfusion.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    cloud.video.unrulymedia.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    ec.atdmt.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    gw.callingbanners.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    m1.2mdn.net [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    m1.emea.2mdn.net [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    macromedia.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    media.mtvnservices.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    media.scanscout.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    s0.2mdn.net [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    secure-uk.imrworldwide.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    secure-us.imrworldwide.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    spe.atdmt.com [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    stat.easydate.biz [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    static.2mdn.net [ C:\Documents and Settings\b sheppard\Application Data\Macromedia\Flash Player\#SharedObjects\X3T3SFX7 ]
    .statcounter.com [ C:\SHEAPHARD old files\Christopher Murrell\Application Data\Mozilla\Firefox\Profiles\e1kkq8kz.default\cookies.sqlite ]
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][2].txt
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][2].txt
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][2].txt
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][1].txt
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][1].txt
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][2].txt
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][3].txt
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][1].txt
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][1].txt
    C:\SHEAPHARD old files\Christopher Murrell\Cookies\[email protected][1].txt

    Adware.MyWebSearch/FunWebProducts
    HKU\S-1-5-21-776561741-861567501-527237240-1004\SOFTWARE\FunWebProducts
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version

    Browser Hijacker.Internet Explorer Settings Hijack
    HKU\S-1-5-21-776561741-861567501-527237240-1004\Software\Microsoft\Internet Explorer\Main#Start Page [ http://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZJfox000&ptb=5kLe8I1JfwTUePOD5qa3Xg ]

    Adware.Generic
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\15D3A7BB\3E688669\STBAPPHELPER.EXE
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\4F73E13A\3E688669\STBAPP.DLL
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\C3C6C2CD\3E688669\STBIE.DLL
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\CE8732D\3E688669\PRODUCTINFO.DLL
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\MFILEBAGIDE.DLL\BAG\PRODUCTINFO.DLL
    C:\SHEAPHARD OLD FILES\STEVE MURRELL\LOCAL SETTINGS\TEMPORARY INTERNET FILES\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\PRODUCTINFO.DLL

    Adware.DoubleD
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\B75FA91E\3E688669\STBSVC.EXE

    Application.Agent/Gen-TempZ
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\MFILEBAGIDE.DLL\BAG\STBREAIM.EXE
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\MFILEBAGIDE.DLL\BAG\STBREWLM.EXE
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\MFILEBAGIDE.DLL\BAG\STBRUNWLM.EXE
    C:\SHEAPHARD OLD FILES\ALL USERS.WINDOWS\APPLICATION DATA\{58F311C4-1C02-4CE2-9461-983B1A71BBB6}\OFFLINE\MFILEBAGIDE.DLL\BAG\STBTERM.EXE
     
  15. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,820
    First Name:
    Frank
    It looks like that computer was infested with malware and spyware and "nasties". Did you select and remove everything that was found during the SUPERAntiSpyware scan? It doesn't show in the scan log if you did like it does in the Malwarebytes scan log, so I need to ask.

    Start HijackThis and click "Do a system scan and save a log file", save the new log, then submit it here.

    ----------------------------------------------------------------
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/975058

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice