Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Proxy Problems

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Proxy Problems

Unread postby clintonefree » January 26th, 2015, 3:50 pm

I can no longer post on my forum due to "inactivity".

What can I do to continue the process that I started. What do you need from me?
clintonefree
Regular Member
 
Posts: 29
Joined: January 19th, 2015, 1:03 pm
Advertisement
Register to Remove

Re: Proxy Problems

Unread postby clintonefree » January 26th, 2015, 3:57 pm

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17496
Run by Marybeth Giddings at 13:54:32 on 2015-01-26
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3326.1882 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\HPSIsvc.exe
C:\Program Files\Data Deposit Box\nts.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Data Deposit Box\startup.exe
C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
C:\Program Files\Data Deposit Box\starter.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Data Deposit Box\status.exe
C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\Data Deposit Box\backup.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} -
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [Adobe Creative Cloud] "c:\program files\adobe\adobe creative cloud\acc\Creative Cloud.exe" --showwindow=false --onOSstartup=true
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\audibl~1.lnk - c:\program files\audible\bin\AudibleDownloadHelper.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\intuit~1.lnk - c:\program files\common files\intuit\dataprotect\IntuitDataProtect.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kineticd.lnk - c:\program files\data deposit box\starter.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\intuit\quickbooks 2014\QBW32.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.2 97.64.183.164 97.64.209.37
TCP: Interfaces\{B6312458-0CCF-435B-BBB0-46B68DB04032} : NameServer = 97.64.183.164,97.64.209.67
TCP: Interfaces\{B6312458-0CCF-435B-BBB0-46B68DB04032} : DHCPNameServer = 192.168.1.2 97.64.183.164 97.64.209.37
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - c:\program files\intuit\quickbooks 2014\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Notify: GoToAssist - c:\program files\citrix\gotoassist\615\G2AWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\40.0.2214.91\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\drivers\aswNdisFlt.sys [2014-7-20 270752]
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-18 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-18 192352]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-12-20 26136]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2011-6-17 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2011-6-17 414520]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-6-9 172032]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-5-11 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-6-17 67824]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2014-1-9 71944]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-7-20 50344]
R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2014-7-20 106488]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2014-4-14 100256]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2013-6-7 375144]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2013-4-30 13624]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2013-9-18 47640]
R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2014-2-27 1248256]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2011-6-9 273448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-12-9 102912]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-10 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-6-11 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2015-01-24 11:01:18 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c4a00a93-31fe-4c54-ac5a-36be07d104b9}\offreg.dll
2015-01-24 02:49:28 9054624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c4a00a93-31fe-4c54-ac5a-36be07d104b9}\mpengine.dll
2015-01-22 16:33:26 -------- d-----w- c:\program files\ESET
2015-01-20 19:04:02 -------- d-----w- C:\FRST
2015-01-20 18:44:42 -------- d-----w- C:\AdwCleaner
2015-01-20 18:42:04 -------- d-----w- C:\RegBackup
2015-01-20 18:41:31 -------- d-----w- c:\program files\Tweaking.com
2015-01-13 22:11:00 3971512 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-01-13 22:10:58 3916728 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-13 22:10:54 46592 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-13 22:10:53 164864 ----a-w- c:\windows\system32\profsvc.dll
2015-01-13 22:10:48 242688 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-13 22:10:43 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-31 15:43:46 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2014-12-31 15:25:10 -------- d-----r- c:\users\marybeth giddings\Creative Cloud Files
2014-12-31 15:22:37 -------- d-----w- c:\programdata\Package Cache
2014-12-29 17:23:59 -------- d-----w- c:\users\marybeth giddings\appdata\local\ElevatedDiagnostics
2014-12-29 15:15:31 -------- d-sh--w- c:\users\marybeth giddings\appdata\local\EmieBrowserModeList
2014-12-29 15:15:30 -------- d-sh--w- c:\users\marybeth giddings\appdata\local\EmieUserList
2014-12-29 15:15:30 -------- d-sh--w- c:\users\marybeth giddings\appdata\local\EmieSiteList
.
==================== Find3M ====================
.
2015-01-25 07:21:06 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-25 07:21:06 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-23 18:38:21 86912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2015-01-23 18:38:21 53096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2015-01-23 18:38:20 85864 ----a-w- c:\windows\system32\LMIinit.dll
2015-01-23 18:38:20 31592 ----a-w- c:\windows\system32\LMIport.dll
2015-01-06 10:36:02 249488 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 03:33:44 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-22 02:20:44 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 02:20:30 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07:43 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 01:55:14 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 01:54:30 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 01:48:26 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40:04 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 01:22:49 2052096 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- c:\windows\system32\wininet.dll
2014-11-21 19:46:25 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-19 10:31:16 1217192 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 02:44:45 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 01:32:14 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 02:45:09 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-04 14:14:20 86912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2014-11-04 14:14:19 85864 ----a-w- c:\windows\system32\LMIinit.dll.000.bak
2014-10-30 01:45:43 155136 ----a-w- c:\windows\system32\charmap.exe
2011-08-02 21:13:07 161720 ----a-w- c:\program files\2pres.dll
.
============= FINISH: 13:55:12.29 ===============
clintonefree
Regular Member
 
Posts: 29
Joined: January 19th, 2015, 1:03 pm

Re: Proxy Problems

Unread postby clintonefree » January 26th, 2015, 3:58 pm

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 6/8/2011 3:25:36 PM
System Uptime: 1/22/2015 10:20:04 AM (99 hours ago)
.
Motherboard: Dell Inc. | | 0HN7XN
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz | CPU | 2933/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 107.75 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 1863 GiB total, 1763.095 GiB free.
Z: is NetworkDisk (NTFS) - 466 GiB total, 198.657 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP412: 1/13/2015 4:06:43 PM - Windows Update
RP413: 1/14/2015 3:00:11 AM - Windows Update
RP414: 1/20/2015 2:37:56 PM - Windows Update
RP415: 1/22/2015 9:43:40 AM - Removed Java 7 Update 55
RP416: 1/23/2015 8:48:52 PM - Windows Update
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
4Team ShareO
Adobe AIR
Adobe Creative Cloud
Adobe Flash Player 16 ActiveX
Adobe Photoshop CC 2014 (32 Bit)
Adobe Reader X (10.1.12)
Approved Workman Database
Approved Workman Database Update
ATI Catalyst Install Manager
Audacity 2.0.6
Audible Download Manager
avast! Internet Security
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chromex
ChurchPro 2014
Data Deposit Box
Definition Update for Microsoft Office 2010 (KB2910899) 32-Bit Edition
DONATION
ESET Online Scanner v3
FileZilla Client 3.9.0.6
Firebird/InterBase(r) ODBC driver 2.0.1.152
FreeRIP MP3 Converter 4.5.3
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
H.264 Support for R-Technics Products
HP LaserJet Professional P1100-P1560-P1600 Series
IrfanView (remove only)
LAME v3.99.3 (for Windows)
LogMeIn
Microsoft .NET Framework 4.5.1
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
novaPDF Pro v7 for DONATION (novaPDF 7.4 printer)
Paradox Runtime
ProModule: Christmas Shapes
ProModule: Timers
QuickBooks
QuickBooks Pro 2014
QuickTime
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Excel 2010 (KB2910902) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553154) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2899519) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SongShow Plus
Stamps.com
Tweaking.com - Registry Backup
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
.
==== Event Viewer Messages From Past Week ========
.
1/26/2015 1:52:41 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR5.
1/25/2015 6:40:52 PM, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 252.
1/24/2015 1:02:11 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
1/22/2015 9:56:58 AM, Error: Service Control Manager [7034] - The QBIDPService service terminated unexpectedly. It has done this 1 time(s).
1/22/2015 9:56:58 AM, Error: Service Control Manager [7034] - The QBCFMonitorService service terminated unexpectedly. It has done this 1 time(s).
1/22/2015 9:56:58 AM, Error: Service Control Manager [7034] - The Online Backup Service service terminated unexpectedly. It has done this 1 time(s).
1/22/2015 9:56:58 AM, Error: Service Control Manager [7034] - The LogMeIn Maintenance Service service terminated unexpectedly. It has done this 1 time(s).
1/22/2015 9:56:58 AM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
1/22/2015 9:56:58 AM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
1/22/2015 9:56:58 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
1/22/2015 9:56:58 AM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/22/2015 9:56:58 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
1/22/2015 9:56:58 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/22/2015 9:56:58 AM, Error: Service Control Manager [7031] - The HP SI Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
1/22/2015 9:56:57 AM, Error: Service Control Manager [7034] - The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s).
1/22/2015 9:41:15 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
1/21/2015 6:22:08 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer AV-MAIN that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B6312458-0CCF-435B-BBB0-46B68DB040. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
clintonefree
Regular Member
 
Posts: 29
Joined: January 19th, 2015, 1:03 pm

Re: Proxy Problems

Unread postby Gary R » January 27th, 2015, 2:28 am

Hi Marybeth,

Sorry I thought you'd "deserted" me, people often do when their computers are free of symptoms, which is why we always close topics after 3 days without response.

Did you run the script I gave you the last time we worked together ... viewtopic.php?p=640260#p640260 ... and if you did, do you have the fixlog.txt that FRST created ?

How is your computer behaving now ?
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Proxy Problems

Unread postby clintonefree » January 28th, 2015, 4:32 pm

the computer is doing better. Google chrome is very slow to open, but once it starts up it is very fast.

Desktop icons flash when chrome is first opened.

I will post the fix log now
clintonefree
Regular Member
 
Posts: 29
Joined: January 19th, 2015, 1:03 pm

Re: Proxy Problems

Unread postby clintonefree » January 28th, 2015, 4:33 pm

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-01-2015 01
Ran by Marybeth Giddings at 2015-01-28 14:22:30 Run:2
Running from C:\Users\Marybeth Giddings\Downloads
Loaded Profiles: Marybeth Giddings (Available profiles: Beth Lohse & Marybeth Giddings & Ministry Leaders & Support & Bookkeepers & Guest)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\Beth Lohse\AppData\LocalLow\CouponAlert_2pEI\Installr\Cache\1A86A915.exe
C:\Users\Bookkeepers\Downloads\IrfanView.exe
C:\Users\Bookkeepers\Downloads\SoftonicDownloader_for_irfanview.exe
C:\Users\Marybeth Giddings\Downloads\AudacitySetup.exe
C:\Users\Marybeth Giddings\Downloads\FileZilla_3.9.0.6_win32-setup (1).exe
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Application Data\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Application Data\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
C:\Windows.old\Documents and Settings\Guest\Local Settings\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Documents and Settings\Guest\Local Settings\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
C:\Windows.old\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
C:\Windows.old\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
C:\Windows.old\Users\Guest\AppData\Local\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Users\Guest\AppData\Local\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
C:\Windows.old\Users\Guest\Local Settings\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Users\Guest\Local Settings\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
C:\Windows.old\Users\Guest\Local Settings\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm
C:\Windows.old\Users\Guest\Local Settings\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm
E:\Users\Users\Beth Lohse\AppData\Local\Temp\ApnStub.exe
E:\Users\Users\Beth Lohse\AppData\Local\Temp\ASKC200.tmp
E:\Users\Users\Beth Lohse\AppData\Local\Temp\tbSwa0.dll
E:\Users\Users\Beth Lohse\AppData\LocalLow\CouponAlert_2pEI\Installr\Cache\1A86A915.exe
Hosts:
EmptyTemp:

*****************

C:\Users\Beth Lohse\AppData\LocalLow\CouponAlert_2pEI\Installr\Cache\1A86A915.exe => Moved successfully.
C:\Users\Bookkeepers\Downloads\IrfanView.exe => Moved successfully.
C:\Users\Bookkeepers\Downloads\SoftonicDownloader_for_irfanview.exe => Moved successfully.
C:\Users\Marybeth Giddings\Downloads\AudacitySetup.exe => Moved successfully.
C:\Users\Marybeth Giddings\Downloads\FileZilla_3.9.0.6_win32-setup (1).exe => Moved successfully.
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm => Moved successfully.
C:\Windows.old\Documents and Settings\Guest\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm => Moved successfully.
"C:\Windows.old\Documents and Settings\Guest\AppData\Local\Application Data\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm" => File/Directory not found.
"C:\Windows.old\Documents and Settings\Guest\AppData\Local\Application Data\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm" => File/Directory not found.
"C:\Windows.old\Documents and Settings\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm" => File/Directory not found.
"C:\Windows.old\Documents and Settings\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm" => File/Directory not found.
"C:\Windows.old\Documents and Settings\Guest\AppData\Local\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm" => File/Directory not found.
"C:\Windows.old\Documents and Settings\Guest\AppData\Local\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm" => File/Directory not found.
"C:\Windows.old\Documents and Settings\Guest\Local Settings\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm" => File/Directory not found.
"C:\Windows.old\Documents and Settings\Guest\Local Settings\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm" => File/Directory not found.
"C:\Windows.old\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm" => File/Directory not found.
"C:\Windows.old\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm" => File/Directory not found.
"C:\Windows.old\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm" => File/Directory not found.
"C:\Windows.old\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm" => File/Directory not found.
"C:\Windows.old\Users\Guest\AppData\Local\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm" => File/Directory not found.
"C:\Windows.old\Users\Guest\AppData\Local\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm" => File/Directory not found.
"C:\Windows.old\Users\Guest\Local Settings\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm" => File/Directory not found.
"C:\Windows.old\Users\Guest\Local Settings\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm" => File/Directory not found.
"C:\Windows.old\Users\Guest\Local Settings\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\filecure[1].htm" => File/Directory not found.
"C:\Windows.old\Users\Guest\Local Settings\Temporary Internet Files\Low\Content.IE5\ESL0BL8N\landing[1].htm" => File/Directory not found.
E:\Users\Users\Beth Lohse\AppData\Local\Temp\ApnStub.exe => Moved successfully.
E:\Users\Users\Beth Lohse\AppData\Local\Temp\ASKC200.tmp => Moved successfully.
E:\Users\Users\Beth Lohse\AppData\Local\Temp\tbSwa0.dll => Moved successfully.
E:\Users\Users\Beth Lohse\AppData\LocalLow\CouponAlert_2pEI\Installr\Cache\1A86A915.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 157 MB temporary data.
clintonefree
Regular Member
 
Posts: 29
Joined: January 19th, 2015, 1:03 pm

Re: Proxy Problems

Unread postby Gary R » January 28th, 2015, 7:01 pm

As far as I can see, your computer now appears to be clear of Malware, so it's time to remove the programs we've been using to clean your computer, and then to secure it against further infection.

First ....

  • Please download delfix and save it to your desktop.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Check all the boxes then click on Run.
  • Once it has finished, a notepad file named DelFix.txt will open. Post the contents of this notepad in your next reply.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.

Are you still noticing any problems ?
  • If you are let me know about them.
  • If not it's time to make your computer more secure.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Proxy Problems

Unread postby clintonefree » January 29th, 2015, 4:11 pm

# DelFix v10.8 - Logfile created 29/01/2015 at 14:08:44
# Updated 29/07/2014 by Xplode
# Username : Marybeth Giddings - OFFICE3
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Marybeth Giddings\Desktop\dds.scr
Deleted : C:\Users\Marybeth Giddings\Desktop\dds.txt
Deleted : C:\Users\Marybeth Giddings\Downloads\Addition.txt
Deleted : C:\Users\Marybeth Giddings\Downloads\adwcleaner_4.108.exe
Deleted : C:\Users\Marybeth Giddings\Downloads\Fixlog.txt
Deleted : C:\Users\Marybeth Giddings\Downloads\FRST.exe
Deleted : C:\Users\Marybeth Giddings\Downloads\FRST.txt
Deleted : C:\Users\Marybeth Giddings\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #414 [Windows Update | 01/20/2015 20:37:56]
Deleted : RP #415 [Removed Java 7 Update 55 | 01/22/2015 15:43:40]
Deleted : RP #416 [Windows Update | 01/24/2015 02:48:52]
Deleted : RP #417 [Windows Update | 01/27/2015 06:10:24]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
clintonefree
Regular Member
 
Posts: 29
Joined: January 19th, 2015, 1:03 pm

Re: Proxy Problems

Unread postby clintonefree » January 29th, 2015, 4:15 pm

Google chrome is still slow to get to the homepage upon opening the browser, but after that it is lightning fast.
Also, the desktop icons flash when chrome is first opened.

everything else seems good!
clintonefree
Regular Member
 
Posts: 29
Joined: January 19th, 2015, 1:03 pm

Re: Proxy Problems

Unread postby Gary R » January 29th, 2015, 6:59 pm

It might be worth uninstalling your current copy of Google Chrome, and re-installing a new clean copy to see if that improves its loading time.

Don't forget to reboot your computer after uninstalling the old copy, and before re-installing the new copy.

please let me know if that improves things.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Proxy Problems

Unread postby clintonefree » February 2nd, 2015, 12:11 pm

ok. i'll try that!
clintonefree
Regular Member
 
Posts: 29
Joined: January 19th, 2015, 1:03 pm

Re: Proxy Problems

Unread postby clintonefree » February 2nd, 2015, 12:29 pm

wow! that helped so much! everything seems to be back to normal! thank you for all your help!
clintonefree
Regular Member
 
Posts: 29
Joined: January 19th, 2015, 1:03 pm

Re: Proxy Problems

Unread postby Gary R » February 2nd, 2015, 1:43 pm

You're welcome, glad we were able to help you with your problems.

Keep safe.

Gary

As your problems appear to have all been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 92 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware