Seth Posted June 3, 2008 Posted June 3, 2008 Continued from above. Try to download the latest version of AVG and try each of these when you run it: Repair installation - this option repairs or reinstalls missing or damaged components of AVG Uninstall - this option removes the AVG program from your PC If that doesn't work, you can disable AVG from running via the services tab and startup tab in "msconfig": How to use MSCONFIG: NetSquirrel.com Quote Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here
AdvancedSetup Posted June 4, 2008 Posted June 4, 2008 (edited) I can assist you in the manual removal if needed. If at all possible I don't think you should run your computer in a modified version using MSCONFIG except for diagnostic and repair - after that it should be returned to normal. We use Spybot Search & Destroy on occasion because it too actually does find many items and works quite well as a compliment to the other scanners. Though our current routine works quite well to remove everything for most users. Even though SAS & MB are excellent scanners - they too can not always catch everything every day. Since all are FREE I see no sense in not using it to help yourself get clean. Edited June 5, 2008 by AdvancedSetup Quote Need help with your computer problems? Then why not join Free PC Help. Register hereIf Free PC Help has helped you then please consider a donation. Click here Malwarebytes' Anti-Malware | Malwarebytes' Products | SUPERAntispyware | HijackThis | Spybot Search & Destroy | hpHosts | SpywareBlaster | WinPatrol | SiteHound | FireFox | NoScript | Adblock Plus | Sandboxie | Acronis True Image | ThreatFire | ESET Online Scanner | Kaspersky Online Scanner | Panda Online Scanner | Trend Online Scanner | Avira AntiVir Personal | Avast Free AV | CCleaner | ATF-Cleaner | Online Armor Firewall | Outpost Firewall Free | DirectX | Office Compatibility Pack | Office 2003 (SP3) | SubInACL | Windows Defender | Windows Installer 3.1 | IE7 XP | XP SP3 for IT | Sysinternals | Virtual PC 2007 | Returnil We are all members helping other members.Please return here where you may be able to help someone else.After all, no one knows everything and you may have the answer that someone needs.
Quacker Posted June 4, 2008 Author Posted June 4, 2008 Update: - reinstalled then uninstalled AVG. seems to have done the trick - though if I do a search for files and floders there using AVG there are still some remnants. However it is not trying to run and no conflict messages. Getting there (I think). Got to go to treatment room for my daily visit now at local health centre (not just the PC that's in trouble lol). Will try downloading and running recommended stuff when I get back. Quote
Quacker Posted June 4, 2008 Author Posted June 4, 2008 Ok - after what seems like forever ;) I have followed Ron's 5 steps and got everything through my system. It should be fairly clean, I removed AVG and replaced with Avast. I now assume everything is ok? - The only slight note is it seems to take longer to boot up than it used to. Can I remove stuff safely from Startup or Boot up? - I'm only asking this as I saw someone on another thread advised the same. Also, at the end of Ron's clean -up instruction it mentions Hijack This. I am however a little dubious about deleting all system restore points and creating a new one - after all I think that saved me initially. I'm seeing light at the end of the tunnel. I might even be happy soon:eek: Steve Quote
Seth Posted June 4, 2008 Posted June 4, 2008 That's good news. Keep Super and Malwarebytes. Every week, update each and run full scans alternating between the two. Let's have a look at what's in the startup: Please download the latest version of HijackThis from Trend Micro and click on Download Hijack This Installer and save it to your desktop. Doubleclick HJTInstall.exe to install HijackThis. By default it will install to C:\Program Files\Trend Micro\HijackThis . Click on Install. It will create a HijackThis icon on the desktop. Once installed, it will launch Hijackthis. Click on the Do a system scan and save a logfile button. It will scan and the log should open in Notepad. Include this log in your next reply. Quote Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here
Quacker Posted June 4, 2008 Author Posted June 4, 2008 There you go Seth - hopefully that helps. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:44:39, on 04/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Kodak\Picture Easy Software\Program\PezDownload.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R3 - URLSearchHook: HamInfoBar Toolbar - {380d8a93-650c-4c55-8c93-3a3dce49af12} - C:\Program Files\HamInfoBar\tbHam1.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: HamInfoBar Toolbar - {380d8a93-650c-4c55-8c93-3a3dce49af12} - C:\Program Files\HamInfoBar\tbHam1.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: HamInfoBar Toolbar - {380d8a93-650c-4c55-8c93-3a3dce49af12} - C:\Program Files\HamInfoBar\tbHam1.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Kodak Picture Easy 3.1 Batch Transfer.lnk = C:\Program Files\Kodak\Picture Easy Software\Program\PezDownload.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0A43D7AC-D6C1-4622-B309-BF975F427C0E} (first direct internet banking plus digital safe) - https://internetbankingplus1.firstdirect.com/ibplus/frontdoorFD.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212445440244 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe I think that's all of it. Without going into a line by line description ;) can you advise roughly what that lot means, what is good, bad, desirable, necessary, etc. to me it's a list of numbers, to you guys it's probably the PC equivalent of the Holy Grail. Thanks Steve Quote
Seth Posted June 4, 2008 Posted June 4, 2008 Hi Steve. Run HT again and choose "Scan Only". Put a check on the following: O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe When HT has removed such items, reboot the computer. Now go to Start>Run and type in chkdsk /r. (Note the space between the K and the /". Choose Y at the next screen and restart. Now go to the pub or whatever the UK people call it, cuz the chkdsk /r might take a few hours of drinking time:D Anyway, following that, the system should run sweet. Quote Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here
Quacker Posted June 4, 2008 Author Posted June 4, 2008 Ok will do - I'm not much of a drinker - will watch a movie instead:) Catch you later Steve Quote
Quacker Posted June 4, 2008 Author Posted June 4, 2008 Ok I finished it but not sure what happened with the chkdsk /r as it was already finished when I looked. Was I meant to do anything? - is it all complete not as it appears to be running slightly slow, or rather taking longer to boot up? Or would you guys say that's completed now? Steve Quote
Quacker Posted June 5, 2008 Author Posted June 5, 2008 Well I can safely say it's not dying now:) I feel as though it seems to take longer to shut down and longer to boot up though. Is this normal - don't get me wrong, it is not taking forever - I'll put a timer on it next chance I get. Steve Quote
AdvancedSetup Posted June 5, 2008 Posted June 5, 2008 You can DEFRAG the drive. Click on START - RUN and type in dfrg.msc and press the OK button. Then Analyze and defrag all your drives that need it. Quote Need help with your computer problems? Then why not join Free PC Help. Register hereIf Free PC Help has helped you then please consider a donation. Click here Malwarebytes' Anti-Malware | Malwarebytes' Products | SUPERAntispyware | HijackThis | Spybot Search & Destroy | hpHosts | SpywareBlaster | WinPatrol | SiteHound | FireFox | NoScript | Adblock Plus | Sandboxie | Acronis True Image | ThreatFire | ESET Online Scanner | Kaspersky Online Scanner | Panda Online Scanner | Trend Online Scanner | Avira AntiVir Personal | Avast Free AV | CCleaner | ATF-Cleaner | Online Armor Firewall | Outpost Firewall Free | DirectX | Office Compatibility Pack | Office 2003 (SP3) | SubInACL | Windows Defender | Windows Installer 3.1 | IE7 XP | XP SP3 for IT | Sysinternals | Virtual PC 2007 | Returnil We are all members helping other members.Please return here where you may be able to help someone else.After all, no one knows everything and you may have the answer that someone needs.
Quacker Posted June 5, 2008 Author Posted June 5, 2008 (edited) Already tried that Seth. Another thing I have noticed is I cannot log on to this site from the start run menu - I always used this to log on to websites as opposed to clicking onto explorer. Yes I did ensure the http:// was there ;) Well I have the other PC to clean now to try and sort out the youtube problem. Steve edit: 52 seconds to boot from off. That is rather slow I'd thought? Edited June 5, 2008 by Quacker Quote
Seth Posted June 5, 2008 Posted June 5, 2008 52 seconds is VERY good. BTW-That was Advanced Setup that suggested the defrag. I don't recommend defrags. :p to AS:) Quote Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here
Quacker Posted June 5, 2008 Author Posted June 5, 2008 Now now kids - play nice and don't be mean lol. It used to be a lot quicker than 52 seconds - or at least I seem to think it was. Quote
AdvancedSetup Posted June 5, 2008 Posted June 5, 2008 52 seconds is VERY good. BTW-That was Advanced Setup that suggested the defrag. I don't recommend defrags. :p to AS:) LOL - Well normally NOT needed at least as often as some think. But if it's been a long time and especially after a thrashing from Malware then a defrag will improve performance at least to some degree. Quote Need help with your computer problems? Then why not join Free PC Help. Register hereIf Free PC Help has helped you then please consider a donation. Click here Malwarebytes' Anti-Malware | Malwarebytes' Products | SUPERAntispyware | HijackThis | Spybot Search & Destroy | hpHosts | SpywareBlaster | WinPatrol | SiteHound | FireFox | NoScript | Adblock Plus | Sandboxie | Acronis True Image | ThreatFire | ESET Online Scanner | Kaspersky Online Scanner | Panda Online Scanner | Trend Online Scanner | Avira AntiVir Personal | Avast Free AV | CCleaner | ATF-Cleaner | Online Armor Firewall | Outpost Firewall Free | DirectX | Office Compatibility Pack | Office 2003 (SP3) | SubInACL | Windows Defender | Windows Installer 3.1 | IE7 XP | XP SP3 for IT | Sysinternals | Virtual PC 2007 | Returnil We are all members helping other members.Please return here where you may be able to help someone else.After all, no one knows everything and you may have the answer that someone needs.
Quacker Posted June 6, 2008 Author Posted June 6, 2008 Just as a postscript - the system seems to have difficulty closing down now! - ieexplore.exe not responding so I manually have to close it - sometimes several times. Just when I though we were in the clear. Any thoughts? Steve Quote
maynardvdm Posted June 6, 2008 Posted June 6, 2008 Hi Post another Hijack This log, lets see what is happening. Quote We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. RaidMax Smilodon Gaming Case | Gigabyte Z77X-UD5H M/B | Intel Core i5 3570K @ 3.4GHz | 8GB Corsair RAM | Nvidia GTX550 Ti 1GB GDDR5 | Corsair 800w PSU Register for FREE >>here<< | If we have helped you, please consider a donation >>here<< SAS | MBAM | WinPatrol | Avira | ERUNT | Nvidia Drivers http://i285.photobucket.com/albums/ll57/mjsmileys/userbarnew4sec.gif
RandyL Posted June 6, 2008 Posted June 6, 2008 In post number 29 you said you were; "dubious about deleting all system restore points". If malware was at the root of your original problems then it's highly likely that you are infected again. Trojans and viruses can be hidden in the Restore files. From there they can activate themselves again whether or not you Restore to an earlier date. If that is the case you might have to start over with the scans then delete your Restore via the method provided. It is a crucial step. Quote We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.Get help with computer problems. Join Free PC Help here Donations are welcome. Read Here
Quacker Posted June 6, 2008 Author Posted June 6, 2008 Ok guys - will check that out. It's just I feel it's a kind of safety net you know;) Steve Quote
Quacker Posted June 6, 2008 Author Posted June 6, 2008 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:52:22, on 06/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\logon.scr C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Alwil Software\Avast4\setup\avast.setup R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R3 - URLSearchHook: HamInfoBar Toolbar - {380d8a93-650c-4c55-8c93-3a3dce49af12} - C:\Program Files\HamInfoBar\tbHam1.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: HamInfoBar Toolbar - {380d8a93-650c-4c55-8c93-3a3dce49af12} - C:\Program Files\HamInfoBar\tbHam1.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: HamInfoBar Toolbar - {380d8a93-650c-4c55-8c93-3a3dce49af12} - C:\Program Files\HamInfoBar\tbHam1.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Kodak Picture Easy 3.1 Batch Transfer.lnk = C:\Program Files\Kodak\Picture Easy Software\Program\PezDownload.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0A43D7AC-D6C1-4622-B309-BF975F427C0E} (first direct internet banking plus digital safe) - https://internetbankingplus1.firstdirect.com/ibplus/frontdoorFD.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212445440244 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe Quote
maynardvdm Posted June 6, 2008 Posted June 6, 2008 Hi The malware experts will look at this log too. Again if you are not using Google toolbar, uninstall it. My experience with google toolbar is not pleasant and it actually sorted out some problems for me when i uninstalled it. Quote We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. RaidMax Smilodon Gaming Case | Gigabyte Z77X-UD5H M/B | Intel Core i5 3570K @ 3.4GHz | 8GB Corsair RAM | Nvidia GTX550 Ti 1GB GDDR5 | Corsair 800w PSU Register for FREE >>here<< | If we have helped you, please consider a donation >>here<< SAS | MBAM | WinPatrol | Avira | ERUNT | Nvidia Drivers http://i285.photobucket.com/albums/ll57/mjsmileys/userbarnew4sec.gif
Quacker Posted June 6, 2008 Author Posted June 6, 2008 Hi The malware experts will look at this log too. Again if you are not using Google toolbar, uninstall it. My experience with google toolbar is not pleasant and it actually sorted out some problems for me when i uninstalled it. I use it all the time, but it is not essential - I'll remove it Quote
maynardvdm Posted June 6, 2008 Posted June 6, 2008 Remember this is your decision. You dont have to uninstall it if you dont want to. If you want you can uninstall it and see how it is and if there is no difference then you can install it again. Let us know how it goes :) Quote We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. RaidMax Smilodon Gaming Case | Gigabyte Z77X-UD5H M/B | Intel Core i5 3570K @ 3.4GHz | 8GB Corsair RAM | Nvidia GTX550 Ti 1GB GDDR5 | Corsair 800w PSU Register for FREE >>here<< | If we have helped you, please consider a donation >>here<< SAS | MBAM | WinPatrol | Avira | ERUNT | Nvidia Drivers http://i285.photobucket.com/albums/ll57/mjsmileys/userbarnew4sec.gif
Quacker Posted June 6, 2008 Author Posted June 6, 2008 No it's ok Maynard ;) I had the Google Tool bar and also a Ham Radio Toolbar which I also removed. I never used the latter. It is no great hardship typing in google or even making it my home page if necessary. Another thing I noticed on the remove/add programs section was many older versions of for example Java 6 has updates 1,2,3 & 5 in programs and J2SE Runtime Environment has 6,9,10 & 11 on there. Should I remove the older ones, or are they part of the current one? - just trying to keep tidy. Quote
maynardvdm Posted June 6, 2008 Posted June 6, 2008 What you can do is uninstall all the Java versions and then install Java version 6 update 6 which is the latest version. You can get it here Quote We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. RaidMax Smilodon Gaming Case | Gigabyte Z77X-UD5H M/B | Intel Core i5 3570K @ 3.4GHz | 8GB Corsair RAM | Nvidia GTX550 Ti 1GB GDDR5 | Corsair 800w PSU Register for FREE >>here<< | If we have helped you, please consider a donation >>here<< SAS | MBAM | WinPatrol | Avira | ERUNT | Nvidia Drivers http://i285.photobucket.com/albums/ll57/mjsmileys/userbarnew4sec.gif
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.