PDA

View Full Version : Multiple Iexplore.exe


jonas3981
2011-10-13, 05:36
Recently found multiple iexplore.exe running on my laptop whenever I open internet explore. I was hoping I could get some help to clean up this mess. Thank you.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
Run by thisguy at 23:23:38 on 2011-10-12
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3070.1796 [GMT -3:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\BOINC\boinctray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Codebox\BitMeter\BitMeter2.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\NT Registry Optimizer\NTREGOPT.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ca.yahoo.com/?p=us
uDefault_Page_URL = hxxp://www.asus.com
mDefault_Page_URL = hxxp://www.asus.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: PhotoJoy Bar Toolbar: {cf45c54f-801c-41b5-ac77-57f2bf418edc} - c:\program files\photojoy_bar\prxtbPhot.dll
mURLSearchHooks: PhotoJoy Bar Toolbar: {cf45c54f-801c-41b5-ac77-57f2bf418edc} - c:\program files\photojoy_bar\prxtbPhot.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\bearsh~1\mediabar\toolbar\bsdtxmltbpi.dll
BHO: PhotoJoy Bar Toolbar: {cf45c54f-801c-41b5-ac77-57f2bf418edc} - c:\program files\photojoy_bar\prxtbPhot.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\bearsh~1\mediabar\toolbar\bsdtxmltbpi.dll
TB: !{30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: !{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
TB: !{cf45c54f-801c-41b5-ac77-57f2bf418edc} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [PhotoJoy] c:\program files\photojoy\bin\PhotoJoy.exe /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10m_ActiveX.exe -update activex
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Zshutdown1] c:\preload\patch\sysprep1.cmd
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [boincmgr] "c:\program files\boinc\boincmgr.exe" /a /s
mRun: [boinctray] "c:\program files\boinc\boinctray.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\thisguy\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\thisguy\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\common files\microsoft shared\virtualization handler\CVH.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bitmet~1.lnk - c:\program files\codebox\bitmeter\BitMeter2.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://aic.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.walmartphotocentre.ca/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{E26C4B84-41B0-40CE-AEBB-C8404DF73111} : DhcpNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
AppInit_DLLs:
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\thisguy\appdata\roaming\mozilla\firefox\profiles\3oujgx2w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2966884&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - PhotoJoy Bar Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2966884&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - component: c:\users\thisguy\appdata\roaming\mozilla\firefox\profiles\3oujgx2w.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\thisguy\appdata\roaming\mozilla\firefox\profiles\3oujgx2w.default\extensions\{cf45c54f-801c-41b5-ac77-57f2bf418edc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\thisguy\appdata\roaming\mozilla\firefox\profiles\3oujgx2w.default\extensions\{cf45c54f-801c-41b5-ac77-57f2bf418edc}\components\RadioWMPCoreGecko5.dll
FF - component: c:\users\thisguy\appdata\roaming\mozilla\firefox\profiles\3oujgx2w.default\extensions\{cf45c54f-801c-41b5-ac77-57f2bf418edc}\components\RadioWMPCoreGecko6.dll
FF - component: c:\users\thisguy\appdata\roaming\mozilla\firefox\profiles\3oujgx2w.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll
FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Click to call with Skype: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: PhotoJoy Bar Community Toolbar: {cf45c54f-801c-41b5-ac77-57f2bf418edc} - %profile%\extensions\{cf45c54f-801c-41b5-ac77-57f2bf418edc}
.
============= SERVICES / DRIVERS ===============
.
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2011-8-11 158000]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2011-8-11 93488]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-10-20 821664]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-2-11 366640]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-7-22 690472]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2010-9-14 508264]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-2-11 22712]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2010-9-14 577384]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2010-9-14 194408]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2010-9-14 21864]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2010-9-14 19304]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2010-9-14 219496]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2011-2-11 48128]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2011-7-19 116016]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-11 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-11 136176]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2011-7-19 104752]
.
=============== Created Last 30 ================
.
2011-10-13 02:21:43 -------- d-----w- c:\program files\NT Registry Optimizer
2011-10-13 01:59:45 -------- d-----w- c:\users\thisguy\appdata\roaming\Uniblue
2011-10-13 01:59:40 -------- dc-h--w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-10-13 01:59:40 -------- d-----w- c:\program files\Uniblue
2011-10-13 01:31:56 -------- d-----w- c:\users\thisguy\appdata\roaming\.minecraft
2011-10-12 23:40:56 -------- d-----w- c:\program files\Amnesia - The Dark Descent Demo
2011-10-12 02:41:46 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{fb6b431e-d00e-40ef-b030-4d7f83ec8f8f}\offreg.dll
2011-10-12 02:41:27 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{fb6b431e-d00e-40ef-b030-4d7f83ec8f8f}\mpengine.dll
2011-10-04 04:13:21 -------- d-----w- C:\5450EF8FF77B48bfAABC50CBC159964C
2011-10-04 03:18:01 -------- d-----w- c:\users\thisguy\appdata\local\Nero_AG
2011-10-04 03:17:24 -------- d-----w- c:\users\thisguy\appdata\local\Nero
2011-10-04 03:12:36 -------- d-----w- c:\program files\Nero
2011-10-04 03:09:49 -------- d-----w- c:\programdata\Nero
2011-10-04 02:57:09 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-10-04 02:49:16 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-10-04 02:41:03 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-10-04 02:32:52 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2011-10-04 02:32:06 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2011-10-04 00:13:16 -------- d-----w- c:\users\thisguy\appdata\local\Apple Computer
2011-10-04 00:12:45 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-10-04 00:12:45 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-10-04 00:11:29 -------- d-----w- c:\program files\iPod
2011-10-04 00:11:27 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-10-04 00:11:27 -------- d-----w- c:\program files\iTunes
2011-10-04 00:08:18 -------- d-----w- c:\users\thisguy\appdata\local\Apple
2011-10-04 00:03:05 -------- d-----w- c:\program files\Bonjour
2011-10-03 01:34:13 -------- d-----w- c:\users\thisguy\.thumbnails
2011-10-03 01:32:21 -------- d-----w- c:\users\thisguy\.gimp-2.6
2011-10-03 01:31:52 -------- d-----w- c:\program files\GIMP-2.0
2011-09-30 20:14:18 -------- d-----w- c:\windows\system32\appmgmt
2011-09-15 03:23:02 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-09-15 00:09:26 -------- d-----w- c:\program files\vGrabber
2011-09-15 00:08:33 -------- d-----w- c:\users\thisguy\appdata\local\PhotoJoy
2011-09-15 00:05:49 -------- d-----w- c:\users\thisguy\appdata\local\Conduit
2011-09-15 00:05:48 -------- d-----w- c:\program files\PhotoJoy_Bar
.
==================== Find3M ====================
.
2011-07-22 02:54:43 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-07-22 02:48:26 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-07-22 02:44:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-19 16:18:42 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-07-19 16:18:40 93488 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-07-19 16:18:40 158000 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-07-19 16:18:40 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-07-19 16:18:38 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-07-18 03:46:58 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-07-18 03:46:58 11776 ----a-w- c:\windows\system32\mshta.exe
2011-07-18 03:46:58 101888 ----a-w- c:\windows\system32\admparse.dll
2011-07-18 03:46:57 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-07-18 03:46:56 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
.
============= FINISH: 23:24:23.35 ===============
ken545
2011-10-15, 20:31
:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.


Let me tell you how you possibly infected your computer, your using File Sharing programs, BearShare, uTorrent and PhotoJoy. Your downloading that file from unknown sources bypassing your Anti Virus and Firewall. Not all but most of those files are infected, this is how malware writers infect you. While where on the subject, I see Windows Defender installed for Spyware but do not see any Anti Virus program. If you need a free one let me know and I can link you to one unless you are planning to purchase your own



Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
http://public.avast.com/~gmerek/aswMBR1.png

On completion of the scan click save log, save it to your desktop and post in your next reply
http://public.avast.com/~gmerek/aswMBR2.png
ken545
2011-10-21, 11:57
Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.