1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Windows XP Pro - Virus/Malware - Unresponsive, to many programs running

Discussion in 'Virus & Other Malware Removal' started by Prttibrwneyez, Feb 20, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    Hello,

    PROBLEM: I have a Dell Desktop, with Windows XP Professional installed. Having problems loading IE, and slow to load any pages even though I have Cox High Speed internet. Computer states I am running 7 programs in background, and do not know exactly what Virus/Malware was previously installed, or if they are even active. Isn't there an issue running certain virus/malware programs with certain operating systems? Is it best to not use IE? better to use Google Chrome? If not, what version of IE should I be using, and what Virus software? Lastly, I have a wireless router, but a desktop computer now, vs. the laptop I had before. - Question-what should I do in order to not have a cord running all the way through my house to hook up to the modem? what is the cheapest-fastest resolution?

    I've been without a computer for about 5 months. Desperate to get back to work & online, my sister gave me her old Dell desktop computer with XP Professional installed on it. I wondered why she was not using it anymore and now I know. It's because it runs so slow that even though I have Cox highspeed internet, it loads pages as if I am logging on with dial-up. I went into her programs and seen that there was a bunch of poker games, and music crap, etc. on the computer. I deleted a few of them, but there is all these other things on here that I don't know if they are needed or not. My sister had seperate loggins for her, my niece, and my mother. I don't have the passwords to log into their names, and unfortunately, my mother said its been so long she cant remember the password either.

    Point being- the computer is saying that I am running 7 programs in the background, which is why I am assuming that she stopped using this computer and did not know how to fix it. I am a paralegal and have been out of work for a long time, part in fact because I have not had a computer to work with (as I am an Independent contract paralegal; that works from home), therefore, have had little to no income to purchase a new computer, or pay for anything for that matter. I am desperate to get back to work, but have to have a stable running computer to complete my pleadings and bankruptcy document preps that I was doing for clients. The sooner I can get this computer up and running, the sooner I can earn so money so I dont loose my home, etc.

    1) Having problems loading IE, and slow to load any pages as if I have dial-up even though I have Cox High Speed internet
    2) Computer states I am running 7 programs in background. Need to clean up & figure out what is necessary/not necessary.
    3) Do not know exactly what Virus/Malware was previously installed, or if they are even active.
    4) Isn't there an issue running certain virus/malware programs with certain operating systems?
    5) Is it best to not use IE? better to use Google Chrome?
    6) If not, what version of IE should I be using?
    7) Should I run the hijackthis and post my findings here to make a solution easier for your amazing techs?
    8) I have a wireless router, but a desktop computer now, vs. the laptop I had before. - Question-what should I do in order to not have a cord running all the way through my house to hook up to the modem? what is the cheapest-fastest resolution?


    SINCERELY & DESPERATELY SEEKING HELP,

    Prttibrwneyez
     
  2. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Considering the circumstances you are in why didn't you reinstall Windows so you could quickly get going with a clean machine?

    If you would rather try and clean it up then please run the following scans below and post the logs.

    To answer some of your questions I need to see some logs to show what is on your system which I have posted instructions for below. Here are answers to some of your questions.

    You can get a wireless card or a USB Dongle to fit into your desktop and then you won't need the cable connection.

    Anti Virus software will run with all versions of Windows.

    There is no reason to avoid using IE and you should be on IE9 for the best security.


    Please go Here and follow the instructions to run DDS, then Copy and Paste both the logs into your next reply. You need not run HJT or GMER.

    Please run these two scans and post the logs:

    NOTE: With all logs, please Copy & Paste them into your replies, do not send them as attachments.

    SCAN 1
    Click on this link to download : ADWCleaner and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Delete button (as indicated), accept any prompts that appear and allow it to reboot the PC. When the PC has rebooted you will be presented with the report, copy & paste it into your next post.

    [​IMG]



    SCAN 2
    Download RogueKiller (by tigzy) and save direct to your Desktop.
    On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.

    • Quit all running programs.
    • Start RogueKiller.exe by double clicking on the icon.
    • Wait until Prescan has finished.
    • Ensure all boxes are ticked under "Report" tab.
    • Click on Scan.
    • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
    • NOTE: DO NOT attempt to remove anything that the scan detects.

    [​IMG]
     
  3. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    Hello,

    I appreciate you helping me, but I am having a problem with the RogueKiller. My PC shows an error saying that RogueKiller.exe is not a valid Win32 application. What should I do?
     
  4. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Just accept the warning and let it run, rest assured it is perfectly safe.
     
  5. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    Hello,

    Below are the reports for DDS, Attach, and AdwCleaner but the RogueKiller will not run. It states that its not a valid .exe file for Win32 application. Please tell me what else I can do to make it run.

    While I wait for your reply, here are the other reports:

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702
    Run by Tricia at 17:38:55 on 2013-02-22
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.48 [GMT -7:00]
    .
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
    IE: {10F055B8-F443-4adf-948A-EC551E9DBCE4} - c:\documents and settings\joe\start menu\programs\ultimatebet\UltimateBet.lnk
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223409743828
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - hxxps://signin3.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
    DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://fortunelounge.gameassists.co.uk/generic/FlashAX2.cab
    TCP: NameServer = 68.105.28.12 68.105.29.12 68.105.28.11
    TCP: Interfaces\{1810E15A-7AB3-49D6-895D-2C1EE74F4ADE} : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
    Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
    Notify: igfxcui - igfxsrvc.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
    R3 QuickBooksDB19;QuickBooksDB19;c:\progra~1\intuit\quickb~1\qbdbmgrn.exe -hvquickbooksdb19 --> c:\progra~1\intuit\quickb~1\QBDBMgrN.exe -hvQuickBooksDB19 [?]
    S3 AL101;Airlink101 802.11g PCI Driver;c:\windows\system32\drivers\AL101.sys [2008-9-14 380928]
    S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2010-3-21 9472]
    S3 WlanUIG;2Wire 802.11g USB Driver;c:\windows\system32\drivers\WlanUIG.sys [2009-1-14 347648]
    .
    =============== Created Last 30 ================
    .
    2013-02-22 05:30:15 -------- d-----w- c:\program files\Full Tilt Poker
    2013-02-21 23:34:57 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
    2013-02-21 23:34:57 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
    2013-02-20 22:58:20 -------- d-----w- c:\documents and settings\tricia\application data\SUPERAntiSpyware.com
    2013-02-20 22:57:40 -------- d-----w- c:\program files\SUPERAntiSpyware
    2013-02-20 22:57:40 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
    2013-02-20 22:10:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2013-02-20 01:39:18 -------- d-----w- c:\windows\system32\appmgmt
    2013-02-19 23:58:21 -------- d-sh--w- c:\documents and settings\tricia\IECompatCache
    2013-02-19 23:31:20 -------- d-sh--w- c:\documents and settings\tricia\PrivacIE
    2013-02-18 21:05:49 -------- d-sh--w- c:\documents and settings\tricia\IETldCache
    2013-02-18 20:36:06 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
    2013-02-18 20:36:06 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
    .
    ==================== Find3M ====================
    .
    2013-02-20 22:09:56 73728 ----a-w- c:\windows\system32\javacpl.cpl
    .
    ============= FINISH: 17:40:47.14 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 9/14/2008 10:42:43 AM
    System Uptime: 2/22/2013 5:21:55 PM (0 hours ago)
    .
    Motherboard: Dell Computer Corporation | | 07W080
    Processor: Intel(R) Pentium(R) 4 CPU 1.80GHz | Socket 478 | 1794/400mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 28 GiB total, 9.733 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: Camera
    Device ID: USB\VID_046D&PID_08F0\5&15F18CD1&0&2
    Manufacturer:
    Name: Camera
    PNP Device ID: USB\VID_046D&PID_08F0\5&15F18CD1&0&2
    Service:
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Airlink101 802.11g PCI Adapter
    Device ID: PCI\VEN_1814&DEV_0302&SUBSYS_3C831948&REV_00\4&1A671D0C&0&20F0
    Manufacturer: Airlink101
    Name: Airlink101 802.11g PCI Adapter
    PNP Device ID: PCI\VEN_1814&DEV_0302&SUBSYS_3C831948&REV_00\4&1A671D0C&0&20F0
    Service: AL101
    .
    Class GUID:
    Description: Multimedia Audio Controller
    Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_01471028&REV_02\3&13C0B0C5&0&FD
    Manufacturer:
    Name: Multimedia Audio Controller
    PNP Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_01471028&REV_02\3&13C0B0C5&0&FD
    Service:
    .
    ==== System Restore Points ===================
    .
    RP445: 2/18/2013 2:00:26 PM - System Checkpoint
    RP446: 2/19/2013 6:05:56 PM - Removed AVG Free 8.5
    RP447: 2/19/2013 6:08:22 PM - Installed AVG Free 8.5
    RP448: 2/19/2013 6:38:53 PM - Removed Microsoft Silverlight
    RP449: 2/19/2013 6:39:37 PM - Removed Microsoft Games for Windows - LIVE Redistributable
    RP450: 2/20/2013 3:08:47 PM - Installed Java(TM) 6 Update 26
    RP451: 2/20/2013 3:36:45 PM - Removed Java(TM) 6 Update 7
    RP452: 2/21/2013 4:23:52 PM - System Checkpoint
    RP453: 2/22/2013 5:03:45 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 10 ActiveX
    Broadcom 440x 10/100 Integrated Controller
    Critical Update for Windows Media Player 11 (KB959772)
    Full Tilt Poker
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Intel(R) Extreme Graphics Driver
    Java Auto Updater
    Java(TM) 6 Update 26
    Microsoft .NET Framework 2.0
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2000 Standard
    Microsoft Office Live Meeting 2007
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft WinUsb 1.0
    MSN
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    QuickBooks Premier: Contractor Edition 2009
    Security Update for Windows Internet Explorer 7 (KB2544521)
    Security Update for Windows Internet Explorer 7 (KB2559049)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    SUPERAntiSpyware
    SupportSoft Assisted Service
    UltimateBet
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows XP Service Pack 3
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2/20/2013 6:40:36 PM, error: Print [19] - Sharing printer failed + 1722, Printer QuickBooks PDF Converter share name Printer2.
    2/20/2013 3:36:01 PM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
    2/20/2013 3:35:19 PM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom0.
    2/19/2013 5:44:31 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    2/19/2013 5:29:31 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    2/19/2013 11:10:45 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the QBCFMonitorService service to connect.
    .
    ==== End Of File ===========================

    # AdwCleaner v2.112 - Logfile created 02/22/2013 at 17:45:06
    # Updated 10/02/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Tricia - RESSIES
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Tricia\My Documents\Downloads\adwcleaner0.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\DOCUME~1\Tricia\LOCALS~1\Temp\Uninstall.exe

    ***** [Registry] *****

    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    Key Deleted : HKLM\Software\AskBarDis
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Google Chrome v25.0.1364.97

    File : C:\Documents and Settings\Tricia\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [1358 octets] - [22/02/2013 17:45:06]

    ########## EOF - C:\AdwCleaner[S1].txt - [1418 octets] ##########


    Thank you for your help. I hope there is another solution as far as RogueKiller. I don't know what I am doing wrong.

    Sincerely,

    Prttibrwneyez
     
  6. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    unfortunately, its just an error message. then it closes. there is no option to run it.
     
  7. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    now i just ended up with some Mipony download manager on my computer. Im totally freaked out. I tried to access the roguekiller through IE instead of Google chrome and ended up with this download manager that said I was accepting and verifying I agree to all games, videos, etc....

    What the heck did I do wrong? I went to the geekstogo website like it showed on the screen but for some reason I ended up accessing a whole new website. What shall I do now?
     
  8. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    Hello Mark,

    After I had the problems with the download manager MiPony, I re-ran the reports. They are as follows: (minus the RogueKiller):

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702
    Run by Tricia at 19:21:38 on 2013-02-22
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.267 [GMT -7:00]
    .
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.delta-search.com/?affID=119351&babsrc=HP_ss&mntrId=24255f91000000000000000874c38f6b
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRunOnce: [Del4687375] cmd.exe /Q /D /c del "c:\docume~1\tricia\locals~1\temp\0.del"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRunOnce: [Del4687375] cmd.exe /Q /D /c del "c:\docume~1\tricia\locals~1\temp\0.del"
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
    IE: {10F055B8-F443-4adf-948A-EC551E9DBCE4} - c:\documents and settings\joe\start menu\programs\ultimatebet\UltimateBet.lnk
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223409743828
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - hxxps://signin3.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
    DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://fortunelounge.gameassists.co.uk/generic/FlashAX2.cab
    TCP: NameServer = 68.105.28.12 68.105.29.12 68.105.28.11
    TCP: Interfaces\{1810E15A-7AB3-49D6-895D-2C1EE74F4ADE} : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
    Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
    Notify: igfxcui - igfxsrvc.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
    R3 QuickBooksDB19;QuickBooksDB19;c:\progra~1\intuit\quickb~1\qbdbmgrn.exe -hvquickbooksdb19 --> c:\progra~1\intuit\quickb~1\QBDBMgrN.exe -hvQuickBooksDB19 [?]
    S3 AL101;Airlink101 802.11g PCI Driver;c:\windows\system32\drivers\AL101.sys [2008-9-14 380928]
    S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2010-3-21 9472]
    S3 WlanUIG;2Wire 802.11g USB Driver;c:\windows\system32\drivers\WlanUIG.sys [2009-1-14 347648]
    .
    =============== Created Last 30 ================
    .
    2013-02-23 02:07:11 -------- d-----w- c:\windows\system32\Extensions
    2013-02-23 02:07:09 -------- d-----w- c:\windows\system32\searchplugins
    2013-02-23 02:06:49 -------- d-----w- c:\documents and settings\all users\application data\BrowserProtect
    2013-02-23 02:05:36 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer
    2013-02-23 02:05:35 -------- d-----w- c:\documents and settings\all users\application data\Babylon
    2013-02-23 02:05:32 -------- d-----w- c:\documents and settings\tricia\application data\DSite
    2013-02-23 02:05:32 -------- d-----w- c:\documents and settings\tricia\application data\Babylon
    2013-02-22 05:30:15 -------- d-----w- c:\program files\Full Tilt Poker
    2013-02-21 23:34:57 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
    2013-02-21 23:34:57 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
    2013-02-20 22:58:20 -------- d-----w- c:\documents and settings\tricia\application data\SUPERAntiSpyware.com
    2013-02-20 22:57:40 -------- d-----w- c:\program files\SUPERAntiSpyware
    2013-02-20 22:57:40 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
    2013-02-20 22:10:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2013-02-20 01:39:18 -------- d-----w- c:\windows\system32\appmgmt
    2013-02-19 23:58:21 -------- d-sh--w- c:\documents and settings\tricia\IECompatCache
    2013-02-19 23:31:20 -------- d-sh--w- c:\documents and settings\tricia\PrivacIE
    2013-02-18 21:05:49 -------- d-sh--w- c:\documents and settings\tricia\IETldCache
    2013-02-18 20:36:06 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
    2013-02-18 20:36:06 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
    .
    ==================== Find3M ====================
    .
    2013-02-20 22:09:56 73728 ----a-w- c:\windows\system32\javacpl.cpl
    .
    ============= FINISH: 19:22:37.28 ===============


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 9/14/2008 10:42:43 AM
    System Uptime: 2/22/2013 5:47:25 PM (2 hours ago)
    .
    Motherboard: Dell Computer Corporation | | 07W080
    Processor: Intel(R) Pentium(R) 4 CPU 1.80GHz | Socket 478 | 1794/400mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 28 GiB total, 9.642 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: Camera
    Device ID: USB\VID_046D&PID_08F0\5&15F18CD1&0&2
    Manufacturer:
    Name: Camera
    PNP Device ID: USB\VID_046D&PID_08F0\5&15F18CD1&0&2
    Service:
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Airlink101 802.11g PCI Adapter
    Device ID: PCI\VEN_1814&DEV_0302&SUBSYS_3C831948&REV_00\4&1A671D0C&0&20F0
    Manufacturer: Airlink101
    Name: Airlink101 802.11g PCI Adapter
    PNP Device ID: PCI\VEN_1814&DEV_0302&SUBSYS_3C831948&REV_00\4&1A671D0C&0&20F0
    Service: AL101
    .
    Class GUID:
    Description: Multimedia Audio Controller
    Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_01471028&REV_02\3&13C0B0C5&0&FD
    Manufacturer:
    Name: Multimedia Audio Controller
    PNP Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_01471028&REV_02\3&13C0B0C5&0&FD
    Service:
    .
    ==== System Restore Points ===================
    .
    RP445: 2/18/2013 2:00:26 PM - System Checkpoint
    RP446: 2/19/2013 6:05:56 PM - Removed AVG Free 8.5
    RP447: 2/19/2013 6:08:22 PM - Installed AVG Free 8.5
    RP448: 2/19/2013 6:38:53 PM - Removed Microsoft Silverlight
    RP449: 2/19/2013 6:39:37 PM - Removed Microsoft Games for Windows - LIVE Redistributable
    RP450: 2/20/2013 3:08:47 PM - Installed Java(TM) 6 Update 26
    RP451: 2/20/2013 3:36:45 PM - Removed Java(TM) 6 Update 7
    RP452: 2/21/2013 4:23:52 PM - System Checkpoint
    RP453: 2/22/2013 5:03:45 PM - System Checkpoint
    RP454: 2/22/2013 7:09:52 PM - Removed Delta Chrome Toolbar
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 10 ActiveX
    Broadcom 440x 10/100 Integrated Controller
    Critical Update for Windows Media Player 11 (KB959772)
    Full Tilt Poker
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Intel(R) Extreme Graphics Driver
    Java Auto Updater
    Java(TM) 6 Update 26
    Microsoft .NET Framework 2.0
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2000 Standard
    Microsoft Office Live Meeting 2007
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft WinUsb 1.0
    MSN
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    QuickBooks Premier: Contractor Edition 2009
    Security Update for Windows Internet Explorer 7 (KB2544521)
    Security Update for Windows Internet Explorer 7 (KB2559049)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    SUPERAntiSpyware
    SupportSoft Assisted Service
    UltimateBet
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows XP Service Pack 3
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2/20/2013 6:40:36 PM, error: Print [19] - Sharing printer failed + 1722, Printer QuickBooks PDF Converter share name Printer2.
    2/20/2013 3:36:01 PM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
    2/20/2013 3:35:19 PM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom0.
    2/19/2013 5:44:31 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    2/19/2013 5:29:31 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    2/19/2013 11:10:45 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the QBCFMonitorService service to connect.
    .
    ==== End Of File ===========================

    # AdwCleaner v2.112 - Logfile created 02/22/2013 at 17:45:06
    # Updated 10/02/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Tricia - RESSIES
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Tricia\My Documents\Downloads\adwcleaner0.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\DOCUME~1\Tricia\LOCALS~1\Temp\Uninstall.exe

    ***** [Registry] *****

    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    Key Deleted : HKLM\Software\AskBarDis
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Google Chrome v25.0.1364.97

    File : C:\Documents and Settings\Tricia\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [1358 octets] - [22/02/2013 17:45:06]

    ########## EOF - C:\AdwCleaner[S1].txt - [1418 octets] ##########


    I will wait now for your reply. Thank you for your help. I only re-ran them because of the MiPony and all the attachments it downloaded. I attempted to remove them, but am unsure if the are all deleted. I really suck at this. Im sorry for the problems.

    Thank you
     
  9. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    You've got several items of Adware that need to be dealt with, just follow the scans I ask you to run and we should be able to clean them up, don't run any scans that I have not requested as this can confuse the results.

    The second log you posted from ADWCleaner is the same as the first one, DDS log shows several items of Adware installed the day after the ADWCleaner scan so please run ADWCleaner again and post the new log. One strange thing is the date of the second DDS scan is 22nd, yet it shows several new files for 23rd, might be a problem with the systems clock.

    With RogueKiller, which version did you download, there is a 64bit and 32bit version, if you selected the 64bit version that would explain why it won't run. Please delete the icon from your desktop and go back to the link in my instructions, make sure you click on the 32bit version and it should then work.

    There is an indication that AVG Anti Virus was installed on 19th February but as it does not appear in the logs or the installed programs list I suspect the installation failed. With no Anti Virus the PC is wide open to infection. Please install this Microsoft Security Essentials run the program and let it update then do a Full system scan with it and remove anything it finds, let me know what it detects.
     
  10. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    Hello Mark,

    I just ran the first two reports but running the Microsoft Security Essentials its telling me to remove any antivirus/antispyware programs installed on my computer. So, I know I do have SuperAntiSpyware on my computer for sure, so should I delete that? and as far as any other virus protection, I don't know whats on this computer so I don't know what to delete/remove. Please advise.
     
  11. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Started in : Normal mode
    User : Tricia [Admin rights]
    Mode : Scan -- Date : 02/23/2013 19:27:59
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 1 ¤¤¤
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [LOADED] ¤¤¤
    SSDT[257] : NtTerminateProcess @ 0x805839B9 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xEFD2C640)

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: WDC WD300BB-75DEA0 +++++
    --- User ---
    [MBR] 37a372516308f0b48ca30d01f5627bd6
    [BSP] 0c779c3060dec5c7a92a6fbcfa998d71 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 28600 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[1]_S_02232013_02d1927.txt >>
    RKreport[1]_S_02232013_02d1927.txt

    ____________________________________________________________________
    AdwCleaner Report:

    # AdwCleaner v2.113 - Logfile created 02/23/2013 at 21:31:24
    # Updated 23/02/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Tricia - RESSIES
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Tricia\My Documents\Downloads\adwcleaner (1).exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****


    ***** [Registry] *****


    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Google Chrome v25.0.1364.97

    File : C:\Documents and Settings\Tricia\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Deleted [l.53] : keyword = "babylon.com",
    Deleted [l.56] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&affID=119351&babsrc=SP_ss&mntrId=2[...]

    *************************

    AdwCleaner[S1].txt - [1487 octets] - [22/02/2013 17:45:06]
    AdwCleaner[S2].txt - [2828 octets] - [22/02/2013 19:24:07]
    AdwCleaner[S3].txt - [971 octets] - [22/02/2013 19:52:49]
    AdwCleaner[S4].txt - [7210 octets] - [23/02/2013 19:18:51]
    AdwCleaner[S5].txt - [1105 octets] - [23/02/2013 21:31:24]

    ########## EOF - C:\AdwCleaner[S5].txt - [1165 octets] ##########

    ____________________________________________________________________________________

    As far as the Microsoft Virus - I was told to run it and delete all my other virus protections, and install that program. Although its showing that its not active. Confusing.

    Okay, Tell me what my next step is sir. & thank you for your assistance.

    Have a blessed night.
     
  12. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    You are seeing a normal warning from MSE, having SuperAntiSpyware on there will not cause a problem.

    Please install MSE and run a Full system scan with it and let me know if it finds anything. Select all/any detections for removal.

    There are a few items in your DDS log I want to remove so please also run this and post the results.

    Please download OTM by OldTimer. Save it to your desktop.

    Double click OTM.exe to start the tool.

    • Copy the text in the code box below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    Code:
    :Processes
    explorer.exe
    
    :Files
    c:\windows\system32\searchplugins
    c:\documents and settings\all users\application data\BrowserProtect
    c:\documents and settings\all users\application data\Tarma Installer
    c:\documents and settings\all users\application data\Babylon
    c:\documents and settings\tricia\application data\DSite
    c:\documents and settings\tricia\application data\Babylon
    
    :Commands
    [createrestorepoint]
    [clearallrestorepoints]
    [emptyflash]
    [emptytemp]
    [resethosts]
    [reboot]
    
    • Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
    • Click the red Moveit! button.
    • All your desktop icons will disappear as the scan begins. It should complete within a few minutes.
    • Once complete you may see a box appear asking you to Restart the system to complete the file removal, accept it and it will reboot.
    • Even if that box does not appear the system should reboot as the command is included in the script.
    • When the system has come back to the desktop a Notepad document will open, please copy and paste that into your next post.

    -- Note: The logs are saved here: C:\_OTM\MovedFiles

    ==========================================================================

    When complete please tell me how things are running, if anything has improved and any remaining issues.
     
  13. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    Ok, I am running the MSE scan now. question: it wont play any sound/music. Its saying I need to update my Multimedia audio controller driver. IDK how to even begin. I ran the help menu, and it tells me to check all these things, and update the drivers, so I did and it still wont work. Can you tell with my log what I need to do to make the sound work?
     
  14. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Ok, let me know if MSE finds anything and please post the log, as requested, from the above fix so I can check it. Please also tell me if the system is still having any issues apart from the sound.

    In order to advise on missing drivers I need to know the make and model number of your PC. You only entered Micorosft XP under your computer specifications.
     
  15. Prttibrwneyez

    Prttibrwneyez Thread Starter

    Joined:
    Aug 27, 2007
    Messages:
    36
    The MSE scan is still running. Its been running for over 3 hours.

    1) Should I proceed with the other scans while this is still running?
    2) How do I find out what system I have aside from MS XP professional?
    3) Is it ok to be on the internet while this scan is running? I just logged on to see if you had responded or were online, but was nervous to get on because I don't wanna ruin the scan.
    4) I did delete the SuperAntiSpyware before because you were off line when I was trying to run MSE lastnight, so should I reinstall it after all the scans are complete and I get your response as to what needs to be fixed?

    Thank you Mark, I know this is taking a long time, but every time I seem to get online, your already offline so I get nervous as to how to proceed when I keep getting all these other error messages and being told to download this or that. I just dont want to mess it up even more than it is.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1090369

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice