PDA

View Full Version : Possible problem



surveymom44
2011-07-31, 11:55
Not sure what has happened. On Friday everything seemed fine. I was able to access the webpages I wanted and no error or can't find the server. On Saturday I when turned on the monitor things still looked fine. I opened FIrefox and had my first inkling of a possible problem. Firefox couldn't find the server for Verizon. So I swiched to Google Chrome. I was able to get to my verizon account, but I was still having problems with pages not loading due to not finding the server or whatever. Ran spybot and found nothing but the normal tracking cookies. Avast! found nothing, but there were quite a few files that couldn't be scanned as they were password protected. Malware bytes only found one infected file. I got that one removed and also removed some programs that I no longer used. Rebooted the computer and things seemed Ok. But I'm still having some problems other than the webpages not being found. I have been unable to update my Adobe Reader. I keep getting something about needing authorization or something. Here are the DDS files Requested.
.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Owner at 1:21:01 on 2011-07-31
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.495.46 [GMT -8:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINNT\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINNT\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
svchost.exe
C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINNT\system32\slserv.exe
C:\WINNT\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\AOL\1127920375\ee\AOLSoftware.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINNT\System32\svchost.exe -k HTTPFilter
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Webshots\3.1.5.7619\webshots.scr
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com
uURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll
mURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\compan~1\installs\cpn\ycomp5_5_7_0.dll
BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - No File
BHO: PaltalkWebLogin: {502c3ba4-2c3e-4317-bc29-c0445e82b1f9} - c:\program files\common files\paltalk\PaltalkWebLogin.dll
BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll
BHO: PPCScamBHO Class: {7e3659a6-4bc5-4d93-b3fd-8b5acc2feded} - c:\program files\peoplepc\toolbar\ScamGrd.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: {ACB3E0B7-7D0C-40B7-99B3-3EEACDF86BFB} - No File
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\en-us\msntb.dll
BHO: {D38C2142-9CC3-4A3B-A85C-EE07D51E6F45} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\compan~1\installs\cpn\ycomp5_5_7_0.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll
TB: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\en-us\msntb.dll
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\program files\yahoo!\messenger\yhexbmes0521.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\winnt\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [spc_w] "c:\program files\nzsearch\hcm.exe" -w
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [HostManager] c:\program files\common files\aol\1127920375\ee\AOLSoftware.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [Verizon_McciTrayApp] c:\program files\verizon\McciTrayApp.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\3.1.5.7619\Launcher.exe
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Icatch(VI) SnapDetect.lnk.disabled
IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\progra~1\aim\aim.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\PartyPoker.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0521.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\winnt\system32\Shdocvw.dll
Trusted Zone: gamehouse.com
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxps://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab
DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fashion-dash/fashiondashweb.1.0.0.21.cab
DPF: {055B4212-4C81-448E-AFA9-C3CA4AAE8F95} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dairy-dash/DairyDashWeb.1.0.0.16.cab
DPF: {068BFA33-99F4-4BA9-887D-182386FA2931} - hxxp://download.playfirst.com/play/game/spongebobdash/SpongeBobDinerDashWeb.1.0.0.17.cab
DPF: {18F616CD-4B28-4C47-815A-560AC6A33C8D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-emerald-city-confidential/EmeraldCityConfidential_Web.1.0.0.9.cab
DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} - hxxps://www.peoplepc.com/ppcos/ISP60/Download/ppcwebi.cab
DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} - hxxp://aolsvc.aol.com/onlinegames/free-trial-cooking-dash/CookingDashWeb.1.0.0.9.cab
DPF: {1CDFA4E8-3396-439D-8C9D-AD0E32DE94B6} - hxxp://cdn.ll.neoedge.com/webgames/TastyPlanet/tastyplanet.1.0.0.4.cab
DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-chocolatier/ChocolatierWeb.1.0.0.13.cab
DPF: {226ACC34-3194-40E2-9AE8-834FCFE9E80D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-of-shark-island/MysteryOfSharkIslandWeb.1.0.0.8.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fitness-dash/FitnessDashWeb.1.0.0.11.cab
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://download.playfirst.com/play/game/trijinx/TriJinx.1.0.0.86.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - hxxp://download.yahoo.com/dl/yinst/yinst_current.cab
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://aol.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {38A5F6F0-0B64-421B-A553-3D49A76ECDCD} - hxxp://download.playfirst.com/play/game/mythicmarbles/MythicMarbles.1.0.0.3.cab
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://aolsvc.aol.com/onlinegames/trypiratepoppers/PiratePoppers.1.0.0.32.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
DPF: {4C226336-4032-489F-9674-67E74225979B}
DPF: {4DCA1E08-4147-4A3D-8CA6-E095DF189FAB} - hxxp://games.bigfishgames.com/en_nightshift-legacy-the-jaguars-eye/online/Nightshift2Web.1.0.0.9.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} - hxxp://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1278040344656
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {6C7CAD20-85AA-475A-AC0D-303C4A9A69CE} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-great-chocolate-chase/greatchocolatechaseweb.1.0.0.12.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182383902421
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab
DPF: {74EF5274-F439-2168-B543-14745B625C72} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash-2/WeddingDash2Web.1.0.0.11.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {775879E2-7309-4619-BB02-AADE41F4B690} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles/dreamweb.1.0.0.6.cab
DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-solitaire-secret-island/SpinTopGamesLauncher.cab
DPF: {7D492D61-303A-45C3-8A55-63449339943D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-nightshift-code/NightShiftCodeWeb.1.0.0.5.cab
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://verizon.oberon-media.com/online/online2/luxor_2/mjolauncher.cab
DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} - hxxp://www.shockwave.com/content/ghostfrenzy/sis/axhost.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8ADC4409-4FBF-4224-B73F-2392C721BCB4} - hxxp://games.bigfishgames.com/en_butterflyescape/online/GenimoWebGamesControl.cab
DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-pi-the-lottery-ticket/SpinTopGamesLauncher.cab
DPF: {AB1AB4F8-C30F-4FB4-A030-1C9F5513831F} - hxxp://media.grab.com/media/6364d3/games/files/669/lregameloader6.cab
DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} - hxxp://www.shockwave.com/content/davincicode/sis/DVC%20Download%20Control.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} - hxxp://www.worldwinner.com/games/v67/swapit/swapit.cab
DPF: {B12213CD-4189-415D-A054-7999528459F7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-word-travels/pixelstormlauncher.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} - hxxp://209.67.146.69/ePlayer/2_0/ACNePlayer.cab
DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} - hxxp://aolsvc.aol.com/onlinegames/free-trial-diner-dash-flo-on-the-go/ddfotg.1.0.0.33.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-delicious-winter-edition/zylomplayer.cab
DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://aolsvc.aol.com/onlinegames/free-trial-pet-shop-hop/petshophopweb.1.0.0.16.cab
DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - hxxp://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CEBE157C-C91E-4A45-BB3C-45F8C77C012F} - hxxp://games.bigfishgames.com/en_wandering-willows/online/WanderingWillowsWeb.1.0.0.18.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://gamerival.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D40F5876-A494-4124-8161-82625BB28C06} - hxxp://download.playfirst.com/play/game/chocolatier2/Chocolatier2Web.1.0.0.10.cab
DPF: {D410AFBD-4E26-4D5F-840F-0412D6F6BB8D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-sandscript/SandScript.1.0.0.21.cab
DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} - hxxp://www.shockwave.com/content/cinematycoon/sis/cinematycoon.cab
DPF: {DBA8E419-0D5F-439B-A3CC-D01C768D9B51} - hxxp://aolsvc.aol.com/onlinegames/sonydavincicode/DVCDownloaderControl.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://aolsvc.aol.com/onlinegames/dinerdash/DinerDash.1.0.0.93.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles-2/dream2web.1.0.0.13.cab
DPF: {E9B80D94-D8BB-43CC-9138-75605A8D9666} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.50.cab
DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.47.cab
DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} - hxxp://aolsvc.aol.com/onlinegames/oberonmajongescape/PTGameLauncher.cab
DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-parking-dash/parkingdash.1.0.0.10.cab
DPF: {F46BD8B1-DE4C-4A4F-B6F6-8FB68D25342D} - hxxp://download.playfirst.com/play/game/mahjongroadshow/MahjongRoadshowWeb.1.0.0.16.cab
DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} - hxxp://aolsvc.aol.com/onlinegames/free-trial-sweetopia/Sweetopia.1.0.0.22.cab
DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} - hxxp://aolsvc.aol.com/onlinegames/free-trial-decadence-by-design/Chocolatier3Web.1.0.0.6.cab
TCP: DhcpNameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{BCFBBBC7-A6E2-407B-8E93-58690DE6EE7D} : DhcpNameServer = 192.168.1.1 68.238.64.12
Notify: igfxcui - igfxsrvc.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\krs9njpc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.verizon.net/central/appmanager/portal/vzcentral
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=
FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\owner\application data\kalydo\kalydoplayer\npkalydo.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\plugins\NPAbacheck.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2009-3-16 64288]
R1 aswSnx;aswSnx;c:\winnt\system32\drivers\aswSnx.sys [2011-3-10 441176]
R1 aswSP;aswSP;c:\winnt\system32\drivers\aswSP.sys [2008-11-6 309848]
R1 vsdatant;vsdatant;c:\winnt\system32\vsdatant.sys [2010-6-19 394192]
R2 AGCoreService;AG Core Services;c:\program files\agi\core\4.2.0.10754\AGCoreService.exe [2011-3-22 20480]
R2 aswFsBlk;aswFsBlk;c:\winnt\system32\drivers\aswFsBlk.sys [2008-11-6 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-13 42184]
R2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2011-4-8 176848]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-3-11 24652]
R2 vsmon;TrueVector Internet Monitor;c:\winnt\system32\zonelabs\vsmon.exe -service --> c:\winnt\system32\zonelabs\vsmon.exe -service [?]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S2 gupdate1c9b3e768b5fac6;Google Update Service (gupdate1c9b3e768b5fac6);c:\program files\google\update\GoogleUpdate.exe [2009-4-2 133104]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-7-12 1375992]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-8-16 15264]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\winnt\system32\drivers\mbamswissarmy.sys [2010-6-11 41272]
S3 MR97310_VGA_DUAL_CAMERA;MR97310 VGA Dual Mode Camera;c:\winnt\system32\drivers\mr97310v.sys [2005-1-8 116078]
.
=============== Created Last 30 ================
.
2011-07-30 22:56:38 6881616 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e35f8054-dce5-4459-868e-8fca0c69c80f}\mpengine.dll
2011-07-30 01:26:28 -------- d-----w- c:\documents and settings\owner\application data\EcoRescue
2011-07-17 04:48:08 -------- d-----w- c:\documents and settings\all users\application data\Blue Footed Games
2011-07-16 06:52:36 -------- d-----w- c:\documents and settings\owner\application data\DeepVoyage
.
==================== Find3M ====================
.
2011-07-07 03:52:42 41272 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2011-07-07 03:52:42 22712 ----a-w- c:\winnt\system32\drivers\mbam.sys
2011-07-04 11:43:53 40112 ----a-w- c:\winnt\avastSS.scr
2011-07-04 11:36:43 441176 ----a-w- c:\winnt\system32\drivers\aswSnx.sys
2011-06-28 17:11:07 404640 ----a-w- c:\winnt\system32\FlashPlayerCPLApp.cpl
2011-06-02 14:02:05 1858944 ----a-w- c:\winnt\system32\win32k.sys
2011-05-25 03:14:10 222080 ------w- c:\winnt\system32\MpSigStub.exe
2011-05-18 14:38:18 143360 ----a-w- c:\winnt\system32\Call of Atlantis Screensaver.scr
2011-05-04 12:52:22 472808 ----a-w- c:\winnt\system32\deployJava1.dll
2011-05-04 10:25:49 73728 ----a-w- c:\winnt\system32\javacpl.cpl
2011-05-02 15:31:52 692736 ----a-w- c:\winnt\system32\inetcomm.dll
2006-07-16 15:49:51 2855080 -c--a-w- c:\program files\aawsepersonal.exe
2005-01-30 19:12:29 4354084 -c--a-w- c:\program files\spybotsd13.exe
2004-07-26 03:07:25 3718222 ----a-w- c:\program files\supersleuth.exe
2004-07-25 19:28:34 4547319 -c--a-w- c:\program files\AOLSlingo_Setup.exe
2004-07-04 06:53:05 2543056 -c--a-w- c:\program files\RumbleCubeInstall.exe
2003-12-25 05:13:19 24122368 -c--a-w- c:\program files\CJXP75LE.exe
2003-12-17 16:49:13 1897672 -c--a-w- c:\program files\winzip81.exe
.
============= FINISH: 1:27:27.46 ===============

shelf life
2011-08-06, 21:38
hi surveymom44,

If you still need help simply reply back.

surveymom44
2011-08-13, 18:53
Yes. Still need help. This morning I turned on my monitor and the taskbar had moved from the bottom of the screen to the right side of the screen. I leave my computer on most of the time as the power button doesn't always work. If you need any logs just let me know.

shelf life
2011-08-14, 03:46
Ok. Is a updated Malwarebytes coming up clean after a scan? Since its been awhile please rescan and post a new DDS log also.

surveymom44
2011-08-17, 22:30
a quick scan with malwarebytes shows no problem. Here is an updated DDS log.


.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Owner at 8:56:48 on 2011-08-13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.495.119 [GMT -8:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINNT\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINNT\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
svchost.exe
C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINNT\system32\slserv.exe
C:\WINNT\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINNT\system32\wuauclt.exe
C:\WINNT\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\AOL\1127920375\ee\AOLSoftware.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\Webshots\3.1.5.7619\webshots.scr
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\AOL 9.1\shellmon.exe
C:\Program Files\Common Files\AOL\1127920375\EE\anotify.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com
uURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll
mURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\compan~1\installs\cpn\ycomp5_5_7_0.dll
BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - No File
BHO: PaltalkWebLogin: {502c3ba4-2c3e-4317-bc29-c0445e82b1f9} - c:\program files\common files\paltalk\PaltalkWebLogin.dll
BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll
BHO: PPCScamBHO Class: {7e3659a6-4bc5-4d93-b3fd-8b5acc2feded} - c:\program files\peoplepc\toolbar\ScamGrd.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: {ACB3E0B7-7D0C-40B7-99B3-3EEACDF86BFB} - No File
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\en-us\msntb.dll
BHO: {D38C2142-9CC3-4A3B-A85C-EE07D51E6F45} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\compan~1\installs\cpn\ycomp5_5_7_0.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll
TB: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\en-us\msntb.dll
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\program files\yahoo!\messenger\yhexbmes0521.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\winnt\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [spc_w] "c:\program files\nzsearch\hcm.exe" -w
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [AOL Fast Start] "c:\program files\aol 9.1\AOL.EXE" -b
mRun: [HostManager] c:\program files\common files\aol\1127920375\ee\AOLSoftware.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [Verizon_McciTrayApp] c:\program files\verizon\McciTrayApp.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\3.1.5.7619\Launcher.exe
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Icatch(VI) SnapDetect.lnk.disabled
IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\progra~1\aim\aim.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\PartyPoker.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0521.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\winnt\system32\Shdocvw.dll
Trusted Zone: gamehouse.com
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxps://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab
DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fashion-dash/fashiondashweb.1.0.0.21.cab
DPF: {055B4212-4C81-448E-AFA9-C3CA4AAE8F95} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dairy-dash/DairyDashWeb.1.0.0.16.cab
DPF: {068BFA33-99F4-4BA9-887D-182386FA2931} - hxxp://download.playfirst.com/play/game/spongebobdash/SpongeBobDinerDashWeb.1.0.0.17.cab
DPF: {18F616CD-4B28-4C47-815A-560AC6A33C8D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-emerald-city-confidential/EmeraldCityConfidential_Web.1.0.0.9.cab
DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} - hxxps://www.peoplepc.com/ppcos/ISP60/Download/ppcwebi.cab
DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} - hxxp://aolsvc.aol.com/onlinegames/free-trial-cooking-dash/CookingDashWeb.1.0.0.9.cab
DPF: {1CDFA4E8-3396-439D-8C9D-AD0E32DE94B6} - hxxp://cdn.ll.neoedge.com/webgames/TastyPlanet/tastyplanet.1.0.0.4.cab
DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-chocolatier/ChocolatierWeb.1.0.0.13.cab
DPF: {226ACC34-3194-40E2-9AE8-834FCFE9E80D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-of-shark-island/MysteryOfSharkIslandWeb.1.0.0.8.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fitness-dash/FitnessDashWeb.1.0.0.11.cab
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://download.playfirst.com/play/game/trijinx/TriJinx.1.0.0.86.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - hxxp://download.yahoo.com/dl/yinst/yinst_current.cab
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://aol.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {38A5F6F0-0B64-421B-A553-3D49A76ECDCD} - hxxp://download.playfirst.com/play/game/mythicmarbles/MythicMarbles.1.0.0.3.cab
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://aolsvc.aol.com/onlinegames/trypiratepoppers/PiratePoppers.1.0.0.32.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
DPF: {4C226336-4032-489F-9674-67E74225979B}
DPF: {4DCA1E08-4147-4A3D-8CA6-E095DF189FAB} - hxxp://games.bigfishgames.com/en_nightshift-legacy-the-jaguars-eye/online/Nightshift2Web.1.0.0.9.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} - hxxp://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1278040344656
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {6C7CAD20-85AA-475A-AC0D-303C4A9A69CE} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-great-chocolate-chase/greatchocolatechaseweb.1.0.0.12.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182383902421
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab
DPF: {74EF5274-F439-2168-B543-14745B625C72} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash-2/WeddingDash2Web.1.0.0.11.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {775879E2-7309-4619-BB02-AADE41F4B690} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles/dreamweb.1.0.0.6.cab
DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-solitaire-secret-island/SpinTopGamesLauncher.cab
DPF: {7D492D61-303A-45C3-8A55-63449339943D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-nightshift-code/NightShiftCodeWeb.1.0.0.5.cab
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://verizon.oberon-media.com/online/online2/luxor_2/mjolauncher.cab
DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} - hxxp://www.shockwave.com/content/ghostfrenzy/sis/axhost.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8ADC4409-4FBF-4224-B73F-2392C721BCB4} - hxxp://games.bigfishgames.com/en_butterflyescape/online/GenimoWebGamesControl.cab
DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-pi-the-lottery-ticket/SpinTopGamesLauncher.cab
DPF: {AB1AB4F8-C30F-4FB4-A030-1C9F5513831F} - hxxp://media.grab.com/media/6364d3/games/files/669/lregameloader6.cab
DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} - hxxp://www.shockwave.com/content/davincicode/sis/DVC%20Download%20Control.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} - hxxp://www.worldwinner.com/games/v67/swapit/swapit.cab
DPF: {B12213CD-4189-415D-A054-7999528459F7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-word-travels/pixelstormlauncher.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} - hxxp://209.67.146.69/ePlayer/2_0/ACNePlayer.cab
DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} - hxxp://aolsvc.aol.com/onlinegames/free-trial-diner-dash-flo-on-the-go/ddfotg.1.0.0.33.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-delicious-winter-edition/zylomplayer.cab
DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://aolsvc.aol.com/onlinegames/free-trial-pet-shop-hop/petshophopweb.1.0.0.16.cab
DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - hxxp://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CEBE157C-C91E-4A45-BB3C-45F8C77C012F} - hxxp://games.bigfishgames.com/en_wandering-willows/online/WanderingWillowsWeb.1.0.0.18.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://gamerival.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D40F5876-A494-4124-8161-82625BB28C06} - hxxp://download.playfirst.com/play/game/chocolatier2/Chocolatier2Web.1.0.0.10.cab
DPF: {D410AFBD-4E26-4D5F-840F-0412D6F6BB8D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-sandscript/SandScript.1.0.0.21.cab
DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} - hxxp://www.shockwave.com/content/cinematycoon/sis/cinematycoon.cab
DPF: {DBA8E419-0D5F-439B-A3CC-D01C768D9B51} - hxxp://aolsvc.aol.com/onlinegames/sonydavincicode/DVCDownloaderControl.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://aolsvc.aol.com/onlinegames/dinerdash/DinerDash.1.0.0.93.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles-2/dream2web.1.0.0.13.cab
DPF: {E9B80D94-D8BB-43CC-9138-75605A8D9666} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.50.cab
DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.47.cab
DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} - hxxp://aolsvc.aol.com/onlinegames/oberonmajongescape/PTGameLauncher.cab
DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-parking-dash/parkingdash.1.0.0.10.cab
DPF: {F46BD8B1-DE4C-4A4F-B6F6-8FB68D25342D} - hxxp://download.playfirst.com/play/game/mahjongroadshow/MahjongRoadshowWeb.1.0.0.16.cab
DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} - hxxp://aolsvc.aol.com/onlinegames/free-trial-sweetopia/Sweetopia.1.0.0.22.cab
DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} - hxxp://aolsvc.aol.com/onlinegames/free-trial-decadence-by-design/Chocolatier3Web.1.0.0.6.cab
TCP: DhcpNameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{BCFBBBC7-A6E2-407B-8E93-58690DE6EE7D} : DhcpNameServer = 192.168.1.1 68.238.64.12
Notify: igfxcui - igfxsrvc.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\krs9njpc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.verizon.net/central/appmanager/portal/vzcentral
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=
FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\owner\application data\kalydo\kalydoplayer\npkalydo.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\plugins\NPAbacheck.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2009-3-16 64288]
R1 aswSnx;aswSnx;c:\winnt\system32\drivers\aswSnx.sys [2011-3-10 441176]
R1 aswSP;aswSP;c:\winnt\system32\drivers\aswSP.sys [2008-11-6 309848]
R1 vsdatant;vsdatant;c:\winnt\system32\vsdatant.sys [2010-6-19 394192]
R2 AGCoreService;AG Core Services;c:\program files\agi\core\4.2.0.10754\AGCoreService.exe [2011-3-22 20480]
R2 aswFsBlk;aswFsBlk;c:\winnt\system32\drivers\aswFsBlk.sys [2008-11-6 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-13 42184]
R2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2011-4-8 176848]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-3-11 24652]
R2 vsmon;TrueVector Internet Monitor;c:\winnt\system32\zonelabs\vsmon.exe -service --> c:\winnt\system32\zonelabs\vsmon.exe -service [?]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S2 gupdate1c9b3e768b5fac6;Google Update Service (gupdate1c9b3e768b5fac6);c:\program files\google\update\GoogleUpdate.exe [2009-4-2 133104]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-7-12 1375992]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-8-16 15264]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\winnt\system32\drivers\mbamswissarmy.sys [2010-6-11 41272]
S3 MR97310_VGA_DUAL_CAMERA;MR97310 VGA Dual Mode Camera;c:\winnt\system32\drivers\mr97310v.sys [2005-1-8 116078]
.
=============== Created Last 30 ================
.
2011-08-13 15:36:10 6881616 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e690bb56-d2cb-4e7b-a65a-358b8eac3a99}\mpengine.dll
2011-08-12 00:52:12 -------- d-----w- c:\documents and settings\owner\application data\Artifex Mundi
2011-08-11 06:49:10 10496 ------w- c:\winnt\system32\dllcache\ndistapi.sys
2011-08-11 01:25:30 139656 ------w- c:\winnt\system32\dllcache\rdpwd.sys
2011-08-10 22:10:33 -------- d-----w- c:\documents and settings\owner\application data\AzuazGames
2011-08-05 20:21:47 -------- d-----w- c:\documents and settings\owner\application data\TripleHippo
2011-08-05 04:04:39 -------- d-----w- c:\documents and settings\all users\application data\Kingdom
2011-07-30 01:26:28 -------- d-----w- c:\documents and settings\owner\application data\EcoRescue
2011-07-17 04:48:08 -------- d-----w- c:\documents and settings\all users\application data\Blue Footed Games
2011-07-16 06:52:36 -------- d-----w- c:\documents and settings\owner\application data\DeepVoyage
.
==================== Find3M ====================
.
2011-07-15 13:29:31 456320 ----a-w- c:\winnt\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\winnt\system32\drivers\ndistapi.sys
2011-07-07 03:52:42 41272 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2011-07-07 03:52:42 22712 ----a-w- c:\winnt\system32\drivers\mbam.sys
2011-07-04 11:43:53 40112 ----a-w- c:\winnt\avastSS.scr
2011-07-04 11:36:43 441176 ----a-w- c:\winnt\system32\drivers\aswSnx.sys
2011-06-28 17:11:07 404640 ----a-w- c:\winnt\system32\FlashPlayerCPLApp.cpl
2011-06-24 14:10:36 139656 ----a-w- c:\winnt\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\winnt\system32\wininet.dll
2011-06-23 18:36:30 43520 ----a-w- c:\winnt\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ----a-w- c:\winnt\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ----a-w- c:\winnt\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\winnt\system32\winsrv.dll
2011-06-02 14:02:05 1858944 ----a-w- c:\winnt\system32\win32k.sys
2011-05-25 03:14:10 222080 ------w- c:\winnt\system32\MpSigStub.exe
2011-05-18 14:38:18 143360 ----a-w- c:\winnt\system32\Call of Atlantis Screensaver.scr
2006-07-16 15:49:51 2855080 -c--a-w- c:\program files\aawsepersonal.exe
2005-01-30 19:12:29 4354084 -c--a-w- c:\program files\spybotsd13.exe
2004-07-26 03:07:25 3718222 ----a-w- c:\program files\supersleuth.exe
2004-07-25 19:28:34 4547319 -c--a-w- c:\program files\AOLSlingo_Setup.exe
2004-07-04 06:53:05 2543056 -c--a-w- c:\program files\RumbleCubeInstall.exe
2003-12-25 05:13:19 24122368 -c--a-w- c:\program files\CJXP75LE.exe
2003-12-17 16:49:13 1897672 -c--a-w- c:\program files\winzip81.exe
.
============= FINISH: 9:04:03.81 ===============

shelf life
2011-08-18, 00:22
ok thanks for the info. Please go here (http://www.bleepingcomputer.com/submit-malware.php?channel=67) and using the browse button on the website locate this file in bold on your computer:

c:\program files\winzip81.exe

then upload it to the website using the send file button.

For now I would block that .exe in your software firewall, zone alarm if it prompts a communication request. Or just deny it for good if its been accessing your connection all along.

surveymom44
2011-08-18, 16:45
File uploaded. I did not find it on the programs list for zone alarm. It probably hasn't asked to access the internet or Trusted zone yet. I do know that I have Winzip on my computer, but hardly ever use it. and I believe the trial period ended quite sometime ago.

shelf life
2011-08-19, 00:07
The file is fine, false alarm on my part. Well I dont see any malware anywhere in the logs. Hows it looking on your end now?

surveymom44
2011-08-20, 17:49
Looks Ok here. It could have been a problem on my ISP's part. Though I seem to be getting a few Internet explorer errors lately.

shelf life
2011-08-21, 00:11
Just as another check you can do a on line scan if you want to:

ESET online scanner:

http://www.eset.com/onlinescan/

Use Internet Explorer
check "YES" to accept terms
click start button
allow the ActiveX component to install
click the start button. the Scanner will update.
check both "Remove found threats" and "Scan archives" Leave the defaults checked under Advanced settings

click scan. When it completes click "List found threats"
click "Export to text file.." and save it to your desktop. Post the saved log.
Click "back" and "finish"

surveymom44
2011-08-22, 00:08
Will do. Not sure just what is going on. I have something flashing on my screen now. A blue and white box with this message inside "Processing Auto configuration." Only problem is I did nothing to start this flashing. I was away from the computer for a few moments and when i cam back this box was flashing. Also the whole desktop is moving with each flash.

surveymom44
2011-08-22, 02:37
OK. NOt sure what happened. Blinking box seems to be gone for now. Started running the scan it got 68 percent done and had found 3 threats. I had to step away from the computer for a bit and when I returned the running scan was no where to be found. Now the scan can't be run. Every time I try I get the message Cannot get update. is proxy configured? It Started and ran finethe first time. Now It won't even update.

shelf life
2011-08-23, 03:46
Processing Auto configuration.

Thats your monitor self adjusting. see screenshot.

Go ahead and do a scan with Avast instead.

surveymom44
2011-08-23, 17:43
Ok. I'm going to try to run the scan again. I'll let you know if I encounter any problems.

surveymom44
2011-08-24, 22:37
Here is the requested log.

C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files\ZoneAlarmSB\bar\1.bin\NPZONESB.DLL Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files\ZoneAlarmSB\bar\1.bin\Z4PLUGIN.DLL a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP391\A0119327.exe probably a variant of Win32/Agent.MWCCTSP trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP391\A0119328.exe probably a variant of Win32/Agent.MWCCTSP trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP393\A0119734.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP393\A0119736.DLL Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP393\A0119737.DLL a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\WINNT\system32\vybeg.tmp Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined


Also I now have a thing at the top of my monitor that wasn't there last night. It almost looks like a task bar but it just lists the things that are in the file My Computer.

shelf life
2011-08-27, 02:48
Ok that log dosnt look bad.


I now have a thing at the top of my monitor
you mean when you have Internet Explorer opened, you see it at the top like where a tool bar would be?

surveymom44
2011-08-27, 07:08
The bar at the top of the monitor had nothing to do with IE. I use IE very rarely. Somehow after I went to bed something happened to cause an extra toolbar appear at the top. I got that taken care of. I am beginning to suspect a couple of my cats is causing some of the things that I have found in the morning.

shelf life
2011-08-27, 14:52
Ok so you meant the actual monitor itself. Could be paws on the keyboard hitting the hotkeys I guess. If all is good on your end we can finish up.

surveymom44
2011-08-31, 17:36
Sorry for the delay in answering.

Things seem ok. Though I did have a returned Email notice this morning. Not that unusual I get those from time to time. But I didn't send any email from that account since last year.

shelf life
2011-09-01, 03:53
No problem. sounds like someone (spammer) is using your e-mail address. I dont think theres a whole lot you can do about it.

If all is good you can make a new restore point, the how and the why:

One of the features of Windows XP, Vista and Windows 7 is the System Restore option, however if malware infects a computer it is possible that the malware could be backed up in the System Restore archive. Therefore, clearing the restore points is a good idea after malware is removed and your computer appears to be functioning ok.

To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

(winXP)

1. Turn off System Restore. (deletes old possibly infected restore point)

On the Desktop, right-click My Computer.

Click Properties.

Click the System Restore tab.

Check Turn off System Restore.

Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.(creates a new restore points on a clean system)

On the Desktop, right-click My Computer.

Click Properties.

Click the System Restore tab.

UN-Check *Turn off System Restore*.

Click Apply, and then click OK, then reboot

Note the free version of malwarebytes must be updated manually and a scan started manually. Its good practice to check for updates a few times a week even if you dont do a scan at that time.

Some tips to help you remain malware free:

10 Tips for Prevention and Avoidance of Malware:
There is no reason why your computer can not stay malware free.

No software can think for you. Help yourself. In no special order:

1) It is essential to keep your operating system (Windows) browser (IE, FireFox, Chrome, Opera) and other software up to date to "patch" vulnerabilities that could be exploited. Visit Windows Update (http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us) frequently or use the Windows auto-update feature. (http://www.microsoft.com/windows/downloads/windowsupdate/automaticupdate.mspx) Staying updated is also essential for web based applications, browser plugins and addons like Java, Adobe Flash/Reader, iTunes etc. More and more third party applications are being targeted. Use the auto-update features available in most software. Not sure if you are using the latest version of software? Check their version status and get the updates here. (http://secunia.com/vulnerability_scanning/online/)

2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. More and more legitimate software is installing useless toolbars if not unchecked first. Do not install any files from ads, popups or random links. Do not fall for fake warnings about virus and trojans being found on your computer and you are then prompted to install software to remedy this. See also the signs (http://www.malwarevault.com/signs.html)that you may have malware on your computer.

3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. If either of these frequently find malware then its time to *review your computer habits*.

4) Refrain from clicking on links or attachments via E-Mail, IM, IRC, Chat Rooms, Blogs or Social Networking Sites, no matter how tempting or legitimate the message may seem. Do you trust the source? See also E-mail phishing Tricks (http://www.fraud.org/tips/internet/phishing.htm).

5) Do not click on ads/pop ups or offers from websites requesting that you need to install software to your computer--*for any reason*. Use the Alt+F4 keys to close the window.

6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website to install components?

7) Consider the use of limited (non-privileged) accounts for everyday use, rather than administrator accounts. Limited accounts (http://www.microsoft.com/protect/computer/advanced/useraccount.mspx) can help prevent *malware from installing and lessen its potential impact.* This is exactly what user account control (UAC) in Windows Vista and Windows 7 attempts to address.

8) Install and understand the *limitations* of a software firewall.

9) The why and how for securing (http://www.cert.org/tech_tips/securing_browser/) your browser for safer surfing.

10) Warez, cracks etc are very popular for carrying malware payloads.If you download/install files via p2p networks you will encounter malware. A file can be named anything be nothing but malware or have malware bundled in it. Can you really trust the source of the file?


More info/tips with pictures, links below

Happy Safe Surfing.

surveymom44
2011-09-06, 19:44
OK. got everything done. Thank you

shelf life
2011-09-08, 00:32
ok Your Welcome, Happy safe surfing out there.