Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Pop ups killing me

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Pop ups killing me

Unread postby lmtis » September 29th, 2013, 10:49 am

I am suddenly getting a ton of pop ups and the browser (Firefox) is locking up. Sorry I forgot the logs on my last post.

Thanks for any help

Jim



DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.19458
Run by Pete at 10:30:57 on 2013-09-29
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1915.468 [GMT -4:00]
.
AV: Norton 360 *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton 360 *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\MyPC Backup\BackupStack.exe
C:\Program Files\SearchProtect\bin\CltMngSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Users\Pete\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Windows\system32\dmwu.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\lucky leap\updateluckyleap.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\loggingserver.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Browser\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\jmdp\stij.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT3310511
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uURLSearchHooks: MixiDJ V8 Toolbar: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - c:\program files\mixidj_v8\prxtbMixi.dll
uURLSearchHooks: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - c:\program files\sweetpacks\prxtbSwee.dll
mURLSearchHooks: MixiDJ V8 Toolbar: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - c:\program files\mixidj_v8\prxtbMixi.dll
mURLSearchHooks: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - c:\program files\sweetpacks\prxtbSwee.dll
mWinlogon: Userinit = c:\windows\system32\userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: NCO 2.0 IE BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\common files\symantec shared\ids\IPSBHO.dll
BHO: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - c:\program files\sweetpacks\prxtbSwee.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\pete\appdata\roaming\defaulttab\defaulttab\DefaultTabBHO.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.0.0.9\AVG SafeGuard toolbar_toolbar.dll
BHO: TopArcadeHits Games: {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - c:\users\browser\appdata\local\toparcadehits\Toparcadehits.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: lucky leap: {d77aa852-def3-43cb-a3f5-bd679de72f32} - c:\program files\lucky leap\luckyleapbho.dll
BHO: MixiDJ V8 Toolbar: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - c:\program files\mixidj_v8\prxtbMixi.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Show Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
TB: Show Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
TB: MixiDJ V8 Toolbar: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - c:\program files\mixidj_v8\prxtbMixi.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.0.0.9\AVG SafeGuard toolbar_toolbar.dll
TB: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - c:\program files\sweetpacks\prxtbSwee.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SearchProtect] c:\users\pete\appdata\roaming\searchprotect\bin\cltmng.exe
uRun: [Browser Infrastructure Helper] c:\users\pete\appdata\local\smartbar\application\QuickShare.exe startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton 360\osCheck.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Skytel] Skytel.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [ApnTBMon] "c:\program files\askpartnernetwork\toolbar\updater\TBNotifier.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SearchProtectAll] c:\program files\searchprotect\bin\cltmng.exe
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
StartupFolder: c:\users\pete\appdata\roaming\micros~1\windows\startm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TCP: NameServer = 172.16.0.1 192.168.1.1
TCP: Interfaces\{0A2E6BA9-3B42-4B4C-BBFB-E7D86FD7E9DB} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{70241AD0-90E2-4701-BE08-5ABF1B02DC92} : DHCPNameServer = 172.16.0.1 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\17.0.1\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - MixiDJ V8 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT32878 ... hSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 57&UM=2&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\17.0.1\npsitesafety.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}\plugins\np-mswmp.dll
FF - plugin: c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\{e4c3a8b6-7724-45d1-a629-17b69118ebcd}\plugins\np-mswmp.dll
FF - plugin: c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\{e4c3a8b6-7724-45d1-a629-17b69118ebcd}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
FF - ExtSQL: 2013-08-16 04:20; toolbar_ARS3-V7@apn.ask.com; c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\toolbar_ARS3-V7@apn.ask.com.xpi
FF - ExtSQL: 2013-08-17 09:25; {e4c3a8b6-7724-45d1-a629-17b69118ebcd}; c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\{e4c3a8b6-7724-45d1-a629-17b69118ebcd}
FF - ExtSQL: 2013-09-05 07:37; addon@defaulttab.com; c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\addon@defaulttab.com.xpi
FF - ExtSQL: 2013-09-27 22:01; avg@toolbar; c:\programdata\avg safeguard toolbar\firefoxext\17.0.0.9
FF - ExtSQL: 2013-09-28 00:34; firefox@luckyleap.net; c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\firefox@luckyleap.net.xpi
FF - ExtSQL: 2013-09-28 11:22; {7e8a1050-cf67-4575-92df-dcc60e7d952d}; c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}
FF - ExtSQL: 2013-09-28 12:44; {906000a4-88d9-4d52-b209-7a772970d91f}; c:\users\pete\appdata\roaming\mozilla\firefox\profiles\b32qold8.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}
FF - ExtSQL: !HIDDEN! 2009-09-01 03:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2013-06-30 14:48; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-9-5 37664]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20130926.002\IDSvix86.sys [2013-9-27 286328]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2008-9-10 20384]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-8-27 108120]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-18 7168]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]
S3 SVRPEDRV;SVRPEDRV;c:\windows\system32\sysprep\PEDRV.SYS [2008-8-21 9216]
.
=============== Created Last 30 ================
.
2013-09-29 11:30:50 -------- d-----w- c:\users\pete\appdata\local\AVG SafeGuard toolbar
2013-09-28 16:47:11 -------- d-----w- c:\program files\LSoft Technologies
2013-09-28 16:44:57 -------- d-----w- c:\program files\DealPly
2013-09-28 15:25:15 -------- d-----w- c:\program files\MyPC Backup
2013-09-28 15:24:02 -------- d-----w- c:\program files\lucky leap
2013-09-28 15:23:00 -------- d-----w- c:\programdata\Conduit
2013-09-28 15:22:58 -------- d-----w- c:\program files\SweetPacks
2013-09-28 15:21:48 -------- d-----w- c:\windows\system32\jmdp
2013-09-28 15:21:36 27136 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-09-28 15:21:36 1344304 ----a-w- c:\windows\system32\dmwu.exe
2013-09-28 15:21:36 -------- d-----w- c:\windows\system32\ARFC
2013-09-28 15:21:34 -------- d-----w- c:\windows\system32\WNLT
2013-09-05 11:37:35 -------- d-----w- c:\program files\Secure Wipe
2013-09-05 11:37:04 -------- d-----w- c:\users\pete\appdata\roaming\DefaultTab
2013-09-05 11:27:34 -------- d-----w- c:\users\pete\appdata\local\Smartbar
2013-09-05 11:24:52 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-09-05 11:24:41 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2013-09-05 11:24:40 -------- d-----w- c:\program files\common files\AVG Secure Search
2013-09-05 11:24:36 -------- d-----w- c:\program files\AVG SafeGuard toolbar
.
==================== Find3M ====================
.
2013-09-19 23:15:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-19 23:15:15 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-08 01:45:09 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-08-02 04:09:35 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-01 10:21:05 916992 ----a-w- c:\windows\system32\wininet.dll
2013-08-01 10:15:46 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-08-01 10:15:21 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-08-01 10:15:09 71680 ----a-w- c:\windows\system32\iesetup.dll
2013-08-01 10:15:09 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-08-01 10:13:35 18944 ----a-w- c:\windows\system32\corpol.dll
2013-08-01 08:37:30 385024 ----a-w- c:\windows\system32\html.iec
2013-08-01 06:56:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2013-08-01 06:54:34 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-17 19:41:34 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-16 04:35:16 615936 ----a-w- c:\windows\system32\themeui.dll
2013-07-10 09:47:00 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:10:36 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:55:51 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:55:51 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:20:04 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16:55 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16:55 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16:54 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 04:53:33 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-04 07:12:00 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-07-04 07:12:00 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-07-04 07:12:00 479232 ----a-w- c:\windows\system32\msvcm80.dll
2013-07-04 07:11:58 773968 ----a-w- c:\windows\system32\msvcr100.dll
2013-07-04 07:11:58 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-07-03 22:02:38 33958 ----a-w- c:\programdata\uninstaller.exe
.
============= FINISH: 10:33:15.41 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/10/2008 12:09:11 AM
System Uptime: 9/29/2013 10:19:44 AM (0 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz | CPU | 2000/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 110 GiB total, 39.124 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
2007 Microsoft Office system
32 Bit HP CIO Components Installer
Active@ KillDisk 7.5
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Amazon Links
AppCore
Ask Toolbar
Atheros Driver Installation Program
Atheros Wi-Fi Protected Setup Library
AVG SafeGuard toolbar
Backup
BufferChm
C4600
ccCommon
CD/DVD Drive Acoustic Silencer
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Coupon Printer for Windows
CutePDF Writer 3.0
DealPly (remove only)
DefaultTab
Destinations
DeviceDiscovery
DVD MovieFactory for TOSHIBA
GearDrvs
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPProductAssistant
HPSSupply
IB Updater Service
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
LiveUpdate (Symantec Corporation)
lucky leap 1.0.0
Mahjongg Master Egyptian Edition
Mahjongg Tiles of Time
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft XML Parser
MixiDJ V8 Toolbar
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
MP3 Cutter Joiner Free 2.5.1
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyPC Backup
NetZero Internet Access Installer
Norton 360
Norton 360 (Symantec Corporation)
Norton 360 HTMLHelp
Norton Confidential Core
Picasa 2
progeCAD 2009 Smart! ENG
PS_AIO_05_C4600_Software_Min
QuickBooks Financial Center
QuickShare
QuickTransfer
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Scan
Search Protect by conduit
Secure Wipe version 1.0
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
SPBBC 32bit
Status
SweetPacks Toolbar for IE
Symantec Real Time Storage Protection Component
Symantec Technical Support Controls
SymNet
Synaptics Pointing Device Driver
Toolbox
TOSHIBA Application Disc Creator
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Desktop Links
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Hardware Setup
Toshiba Registration
TOSHIBA Service Station
TOSHIBA Software Modem
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TrayApp
Ultimate Mahjongg 20
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
WebReg
WildTangent Games
Windows Media Encoder 9 Series
.
==== End Of File ===========================
lmtis
Member+
 
Posts: 34
Joined: January 14th, 2010, 11:43 pm
Advertisement
Register to Remove

Re: Pop ups killing me

Unread postby Cypher » September 30th, 2013, 11:39 am

Hi and welcome to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



Click Start > Control Panel > Uninstall a program.
Uninstall the following if present.
Adobe Reader X (10.1.4)
Ask Toolbar
AVG SafeGuard toolbar
Coupon Printer for Windows
MixiDJ V8 Toolbar
Search Protect by conduit
SweetPacks Toolbar for IE

Next.

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished click on Clean.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Next.

Image Please download Junkware Removal Tool and save it to your desktop.
  • Shut down your protection software as shown in This topic now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Please post the contents of JRT.txt into your next reply.
Next.

Please download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe And select Run as administrator to run it.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Logs/Information to Post in your Next Reply
  • AdwCleaner log.
  • JRT.txt.
  • OTL.txt and Extra.txt contents.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Pop ups killing me

Unread postby lmtis » October 1st, 2013, 9:45 pm

I am having alot of trouble with JRT.
lmtis
Member+
 
Posts: 34
Joined: January 14th, 2010, 11:43 pm

Re: Pop ups killing me

Unread postby Cypher » October 2nd, 2013, 5:41 am

Hi lmtis,
lmtis wrote:I am having alot of trouble with JRT.

What trouble are you having exactly?
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Pop ups killing me

Unread postby Cypher » October 5th, 2013, 5:10 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 362 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware