[Resolved] do u still use hijack this, i think i have a virus...

[capricorn33]

i went to my email and my sister whom i havent spoken to in about a yr, emailed me and said that she has a virus and not to open her emails from her, i could see the heading without opening, then right under that was another email from her with no heading, so assuming that she fixed her virus problem, she had re written me and i opened it and it led me to a blue .com line and i stupidly clicked that, and opened it, nothing there, so i am quessing i now have what ever virus she has, my computer mouse jumps from place to place, the computer always freezes. and it redirects to other pages while i am on one or it will close and say windows has to close there is an error. sometimes my spot is saved, and other times i have to start all over. i have a dell dimension 2400 windows xp home edition.  can i send someone a hijack this please?  And if so were? and what do i do? its been a while thank you

[1972vet]

Please do what is recommends Here. Post back those requested logs and I'll take a look. Thanks!

[capricorn33]

I opened an email from my sister and she told me not to but i havent heard from her for a while so i thought that she wanted to just talk, but before i opened the email there was a subject line that said do not open anything with my name cuz she has a virus, well then a little later, i saw an email without a subject line and i opened it thinking she had removed the virus, well quess what not, now i think i have it what ever it is or was and i need help with my  pc dell dimension 2400 windows xp home edition i have malwarebytes on there and avg, but they keep closing before they finish so what can i do? i ran avg in save mode and after about 20 minutes into it i got the blue screen had to turn it off if i can system restore should i try that? and then try runninig hijack this? i am using my daughters lap top, please answer as soon as possible,    Thank you

[Hoov]

Your previous post has a response waiting for you. 1972Vet has given you the steps to proceed with. Please follow up with him. As soon as you have responded to him, I am going to merge the two threads together.

[In Progress] do u still use hijack this, i think i have a virus...

[capricorn33]

on close tab it says click here and when i do it says IE explorere App,Ver.8.0.6001.18702 Mod name, msmhtml.dll this happens constantley it is so annoying please help, thank you hope i did this all right..
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 12/20/2009 4:28:46 PM
System Uptime: 7/1/2012 11:11:29 AM (13 hours ago)
.
Motherboard: Dell Computer Corp. |  | 0F5949
Processor:                 Intel(R) Celeron(R) CPU 2.60GHz | Microprocessor | 2591/400mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 58.711 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP565: 5/19/2012 10:33:56 PM - System Checkpoint
RP566: 5/20/2012 11:28:47 PM - System Checkpoint
RP567: 5/22/2012 12:43:28 PM - System Checkpoint
RP568: 5/23/2012 1:25:39 PM - System Checkpoint
RP569: 5/24/2012 2:53:59 PM - System Checkpoint
RP570: 5/25/2012 3:29:05 PM - System Checkpoint
RP571: 5/26/2012 3:45:18 PM - System Checkpoint
RP572: 5/26/2012 11:38:37 PM - Removed Microsoft Silverlight
RP573: 5/28/2012 11:41:41 AM - System Checkpoint
RP574: 5/29/2012 1:25:43 PM - System Checkpoint
RP575: 5/30/2012 12:49:48 PM - Printer Driver PDFCreator Installed
RP576: 5/30/2012 1:30:20 PM - Revo Uninstaller's restore point - blekko search bar
RP577: 5/31/2012 2:59:00 PM - System Checkpoint
RP578: 6/1/2012 3:57:46 PM - System Checkpoint
RP579: 6/2/2012 3:58:32 PM - Installed Bing Bar
RP580: 6/2/2012 4:01:25 PM - Installed Bing Bar
RP581: 6/2/2012 4:49:04 PM - Installed MSN Search Toolbar
RP582: 6/3/2012 5:08:31 PM - System Checkpoint
RP583: 6/4/2012 5:27:05 PM - System Checkpoint
RP584: 6/5/2012 10:48:49 PM - System Checkpoint
RP585: 6/7/2012 12:22:35 PM - System Checkpoint
RP586: 6/8/2012 1:16:22 PM - System Checkpoint
RP587: 6/9/2012 1:43:50 PM - System Checkpoint
RP588: 6/10/2012 2:43:33 PM - System Checkpoint
RP589: 6/11/2012 3:15:37 PM - System Checkpoint
RP590: 6/12/2012 3:49:30 PM - System Checkpoint
RP591: 6/12/2012 11:29:28 PM - Software Distribution Service 3.0
RP592: 6/13/2012 11:52:00 AM - Software Distribution Service 3.0
RP593: 6/13/2012 11:35:55 PM - Software Distribution Service 3.0
RP594: 6/14/2012 1:33:57 PM - Software Distribution Service 3.0
RP595: 6/14/2012 3:55:12 PM - Software Distribution Service 3.0
RP596: 6/15/2012 11:13:39 AM - Software Distribution Service 3.0
RP597: 6/16/2012 11:32:40 AM - Software Distribution Service 3.0
RP598: 6/16/2012 10:20:44 PM - Software Distribution Service 3.0
RP599: 6/17/2012 10:47:13 PM - System Checkpoint
RP600: 6/18/2012 11:04:05 PM - System Checkpoint
RP601: 6/19/2012 11:29:08 PM - System Checkpoint
RP602: 6/21/2012 11:16:49 AM - System Checkpoint
RP603: 6/21/2012 11:58:27 PM - Revo Uninstaller's restore point - Google Chrome
RP604: 6/22/2012 12:04:02 AM - Revo Uninstaller's restore point - AVG PC Tuneup
RP605: 6/22/2012 12:59:53 AM - Removed MSN Search Toolbar
RP606: 6/23/2012 11:18:57 AM - Revo Uninstaller's restore point - 7-zip v9.20
RP607: 6/23/2012 11:21:53 AM - Revo Uninstaller's restore point - PC Optimizer Pro
RP608: 6/23/2012 11:23:56 AM - Revo Uninstaller's restore point - Fast Search
RP609: 6/23/2012 11:28:21 AM - Revo Uninstaller's restore point - RivalGaming
RP610: 6/23/2012 11:58:02 AM - Revo Uninstaller's restore point - Yahoo! Software Update
RP611: 6/23/2012 11:59:24 AM - Revo Uninstaller's restore point - Shopping4Causes Shopping Plugin
RP612: 6/23/2012 12:00:37 PM - Revo Uninstaller's restore point - Toolbar Cleaner 1.0
RP613: 6/23/2012 12:01:03 PM - Revo Uninstaller's restore point - Toolbar Cleaner 1.0
RP614: 6/23/2012 12:03:17 PM - Revo Uninstaller's restore point - Yahoo! Toolbar
RP615: 6/23/2012 12:10:14 PM - Software Distribution Service 3.0
RP616: 6/23/2012 12:45:47 PM - Restore Operation
RP617: 6/24/2012 2:55:37 PM - System Checkpoint
RP618: 6/25/2012 4:35:15 PM - System Checkpoint
RP619: 6/26/2012 5:18:00 PM - System Checkpoint
RP620: 6/27/2012 5:55:48 PM - System Checkpoint
RP621: 6/28/2012 9:04:12 PM - System Checkpoint
RP622: 6/28/2012 11:47:00 PM - Software Distribution Service 3.0
RP623: 6/29/2012 12:49:51 AM - Revo Uninstaller's restore point - SUPERAntiSpyware
RP624: 6/29/2012 12:51:33 AM - Revo Uninstaller's restore point - Google Toolbar for Internet Explorer
RP625: 6/29/2012 12:51:55 AM - Revo Uninstaller's restore point - AVG PC Tuneup
RP626: 6/29/2012 12:54:54 AM - Revo Uninstaller's restore point - AVG PC Tuneup
RP627: 6/29/2012 10:48:52 AM - Restore Operation
RP628: 6/29/2012 12:09:59 PM - Restore Operation
RP629: 6/29/2012 1:14:21 PM - Revo Uninstaller's restore point - AVG 2012
RP630: 6/29/2012 1:15:28 PM - Revo Uninstaller's restore point - AVG 2012
RP631: 6/29/2012 1:18:00 PM - Removed AVG 2012
RP632: 6/29/2012 1:20:03 PM - Removed AVG 2012
RP633: 6/29/2012 1:24:10 PM - Revo Uninstaller's restore point - AVG 2012
RP634: 6/29/2012 1:48:52 PM - Revo Uninstaller's restore point - AVG PC Tuneup
RP635: 6/29/2012 2:01:03 PM - Installed AVG 2012
RP636: 6/29/2012 2:06:42 PM - Installed AVG 2012
RP637: 6/29/2012 3:00:15 PM - Revo Uninstaller's restore point - AVG PC Tuneup
RP638: 6/29/2012 4:31:51 PM - Revo Uninstaller's restore point - Uniblue RegistryBooster
RP639: 6/29/2012 4:59:29 PM - Revo Uninstaller's restore point - AVG PC Tuneup
RP640: 6/30/2012 5:32:55 PM - System Checkpoint
RP641: 7/1/2012 6:16:10 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.1
Adobe Shockwave Player 11.5
AVG 2012
Broadcom 440x 10/100 Integrated Controller
Dell Photo Printer 720
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics Driver
Java Auto Updater
Java(TM) 6 Update 26
Logitech Vid HD
Logitech Webcam Software
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSN Search Toolbar
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Revo Uninstaller 1.93
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB982381)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2447568)
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
.
==== Event Viewer Messages From Past Week ========
.
6/30/2012 4:14:56 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Aavmker4 AFD aswSP aswTdi Avgldx86 Avgmfx86 Avgtdix Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
6/30/2012 4:14:56 PM, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
6/30/2012 4:14:56 PM, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
6/30/2012 4:14:56 PM, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
6/30/2012 4:14:16 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
6/30/2012 4:14:15 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/30/2012 12:21:34 PM, error: Service Control Manager [7023]  - The Process Monitor service terminated with the following error:  The system cannot open the device or file specified.
6/30/2012 12:21:34 PM, error: Service Control Manager [7000]  - The Logitech LVPr2Mon Driver service failed to start due to the following error:  The parameter is incorrect.
6/30/2012 12:20:47 PM, error: Service Control Manager [7000]  - The avast! Antivirus service failed to start due to the following error:  The system cannot find the file specified.
.
==== End Of File ===========================
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Owner at 0:01:54 on 2012-07-02
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.2046.1489 [GMT -7:00]
.
AV: PC Cleaners *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Internet Security 2012 *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\WINDOWS\system32\dlbccoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
svchost.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\AVG\AVG2012\avgidsagent.exe
C:\Program Files\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ADFA_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: MSN Search Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn toolbar suite\tb\02.01.0000.2214\en-us\msntb.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
TB: MSN Search Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn toolbar suite\tb\02.01.0000.2214\en-us\msntb.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
IE: &MSN Search - c:\program files\msn toolbar suite\tb\02.01.0000.2214\en-us\msntb.dll/search.htm
IE: Open in new background tab - c:\program files\msn toolbar suite\tab\02.02.0000.1007\en-us\msntabres.dll/229?2d1809ea8fb447ddb8bb829dd8c5856d
IE: Open in new foreground tab - c:\program files\msn toolbar suite\tab\02.02.0000.1007\en-us\msntabres.dll/230?2d1809ea8fb447ddb8bb829dd8c5856d
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
Trusted Zone: microsoft.com\support
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab
DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} - hxxp://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab
DPF: {A4110378-789B-455F-AE86-3A1BFC402853} - hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{EDF3F7DF-030C-40E6-B555-434CF469AAD5} : DhcpNameServer = 192.168.0.1 205.171.3.25
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.1.0\ViProtocol.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1   www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-2-19 164048]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-2-19 19024]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2012-3-23 2321520]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 dlbc_device;dlbc_device;c:\windows\system32\dlbccoms.exe -service --> c:\windows\system32\dlbccoms.exe -service [?]
R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\common files\avg secure search\vtoolbarupdater\11.0.2\ToolbarUpdater.exe [2012-6-29 932736]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S0 cerc6;cerc6;

S2 avast! Antivirus;avast! Antivirus;"c:\program files\alwil software\avast5\avastsvc.exe" --> c:\program files\alwil software\avast5\AvastSvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-6-23 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-11 250056]
S3 avast! Mail Scanner;avast! Mail Scanner;"c:\program files\alwil software\avast5\avastsvc.exe" --> c:\program files\alwil software\avast5\AvastSvc.exe [?]
S3 avast! Web Scanner;avast! Web Scanner;"c:\program files\alwil software\avast5\avastsvc.exe" --> c:\program files\alwil software\avast5\AvastSvc.exe [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
S3 cpuz132;cpuz132;

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-6-23 116648]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-13 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-06-30 21:21:27   --------   d-----w-   c:\windows\system32\cache
2012-06-30 01:39:02   --------   d-----w-   c:\documents and settings\all users.windows\application data\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
2012-06-29 21:15:17   --------   d-----w-   c:\documents and settings\owner.silvia-31c0e7c7\local settings\application data\AVG Secure Search
2012-06-29 21:14:36   --------   d-----w-   c:\documents and settings\owner.silvia-31c0e7c7\application data\AVG Secure Search
2012-06-29 21:14:30   --------   d-----w-   c:\documents and settings\all users.windows\application data\AVG Secure Search
2012-06-29 21:14:20   --------   d-----w-   c:\program files\common files\AVG Secure Search
2012-06-29 21:14:11   --------   d-----w-   c:\program files\AVG Secure Search
2012-06-29 21:07:57   --------   d-----w-   c:\windows\system32\drivers\AVG
2012-06-29 19:10:36   --------   d-----w-   c:\windows\system32\wbem\repository\FS
2012-06-29 19:10:36   --------   d-----w-   c:\windows\system32\wbem\Repository
2012-06-29 18:00:42   32072   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2012-06-29 07:47:16   --------   d-----w-   c:\documents and settings\owner.silvia-31c0e7c7\application data\SUPERAntiSpyware.com
2012-06-29 07:46:21   --------   d-----w-   c:\documents and settings\all users.windows\application data\SUPERAntiSpyware.com
2012-06-29 06:11:13   --------   d-----w-   c:\documents and settings\owner.silvia-31c0e7c7\application data\ElevatedDiagnostics
2012-06-23 20:29:47   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-06-23 20:29:47   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2012-06-23 19:59:40   --------   d-----w-   c:\program files\MSN Toolbar Installer
2012-06-23 06:33:13   --------   d-----w-   c:\documents and settings\all users.windows\application data\PC Optimizer Pro
2012-06-23 06:24:07   --------   d-----w-   c:\documents and settings\owner.silvia-31c0e7c7\local settings\application data\visi_coupon
2012-06-23 06:22:39   --------   d-----w-   c:\program files\Yahoo!
2012-06-23 06:21:59   --------   d-----w-   c:\program files\Free Offers from Freeze.com
2012-06-13 06:44:41   --------   d-----w-   C:\e08c0a66acca03c0a1
2012-06-12 19:49:48   521728   -c----w-   c:\windows\system32\dllcache\jsdbgui.dll
2012-06-02 22:31:03   --------   d-----w-   c:\windows\system32\CatRoot
.
==================== Find3M  ====================
.
2012-06-23 19:55:16   70344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-23 19:55:16   426184   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-06-05 00:35:26   222448   ----a-w-   c:\windows\system32\muweb.dll
2012-06-02 22:19:44   22040   ----a-w-   c:\windows\system32\wucltui.dll.mui
2012-06-02 22:19:38   219160   ----a-w-   c:\windows\system32\wuaucpl.cpl
2012-06-02 22:19:38   15384   ----a-w-   c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 22:19:34   15384   ----a-w-   c:\windows\system32\wuapi.dll.mui
2012-06-02 22:19:30   17944   ----a-w-   c:\windows\system32\wuaueng.dll.mui
2012-06-02 22:18:58   275696   ----a-w-   c:\windows\system32\mucltui.dll
2012-06-02 22:18:58   17136   ----a-w-   c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09   599040   ----a-w-   c:\windows\system32\crypt32.dll
2012-05-16 15:08:26   916992   ----a-w-   c:\windows\system32\wininet.dll
2012-05-15 13:20:33   1863168   ----a-w-   c:\windows\system32\win32k.sys
2012-05-11 14:42:33   43520   ------w-   c:\windows\system32\licmgr10.dll
2012-05-11 14:42:33   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2012-05-11 11:38:02   385024   ------w-   c:\windows\system32\html.iec
2012-05-04 13:12:30   2192640   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19   2069120   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36   139656   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-04-19 11:50:26   24896   ----a-w-   c:\windows\system32\drivers\avgidshx.sys
.
============= FINISH:  0:03:08.54 ===============
i

[1972vet]

Are you still with us Capricorn33?

[Hoov]

1972vet, I have merged another thread with this one so you can continue with this problem.

capricorn33, please post only to this thread, do not start another one. Having multiple threads about the same computer causes problems for you and us.

[1972vet]

Capricorn33,
Before I render any other instruction for you, I'd like you to post in this thread just so I know that YOU know where I expect you to respond during our help session. Thanks!

[capricorn33]

ok sorry so i work with vet? is it, and i did the DDP thing did anyone get that thanks

[capricorn33]

yes vet i am with you  did you see my two DDS files? hope so thank you capricorn

[1972vet]

Got it. Thanks. Please uninstall the following:
AVG 2012
PC Cleaners
avast
Java(TM) 6 Update 26
...when you finish, please INSTALL the following:
Microsoft Security Essentials. Post back when you finish. Thanks!

[capricorn33]

question, how can i unintal pc cleaners when it does not show that i have it? also the same with avast i never had that, well maybe about 3 yrs ago and i thought it was deleted. it isnt in my add remove file so how do I do this? thank you capricorn i am sorta afraid to remove ave because that is my saftey net i think? i also have malwarebytes, do i just leave that? thank you again

[capricorn33]

ok 1972 Vet, I did all you asked of me, I am now on my daugthers lap top because now its really bad since i deleted all that stuff, it keeps saying internet needs to close, so iam not sure what to do now, i am really in a mess, i got rid of avast the best i could, it said, wont let me delete all   cannot delete boot dll. access denied.    that was avast. then on avg  it said Alwll access denied but every thing else is off. pc cleaner cuz i went to windows and deleted it that way because i couldnt find it at all. untill i went there. i down loaded that Security Essentials if it will let me should i run it? its to late now its midnight so i will have to do it tomorrow, if that is fine with you, also on AVG it said cannot delete all vprot.exe access is denied  so now what? do i go into safe mode or go to clicking on when computer worked best? it wont let me type at all, it keeps saying windows must close and it'll save spyware for a few moments, then it comes back, and i try and type as fast as i can and then it goes off again, so i had to use her laptop help!!!!!!!!!!!!!!!!!!!!!!      thanks talk tomorrow. capricorn

[1972vet]

Yeah, that's fine. Just do that and post the log. Thanks!

[capricorn33]

vet i had to do a sytem restore, i am going to try an download the log and re dowload it i went back a day or two it still dosetn have AVG on it tho which is good and i can now type on my computer so i need to down load it again and then run it cuz it wouldnt let me run it last nite, that is what i was telling you, i had to tell you on my daughters laptop, cuz it turned off every seconed. i will try now