Could someone give me a hand and let me know which of these needs to be fixed? I'm trying everything, but my computer freezes everytime I try to run antivirus software. The problem originally occurred when it froze during an AVG update. AVG needed to be uninstalled to prevent the computer from freezing in regular windows or in safe mode about ten seconds after it booted up. Now it usually only freezes when I try to run or download antivirus programs. Cheers.

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:24:36 PM, on 27/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\Atiptaxx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\ESTsoft\ALYac\AYServiceNt.aye
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\atievxx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESTsoft\ALYac\AYAgent.aye
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.longbayrestaurant.co.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [windows auto update] msblast.exe
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [cnfgCav] "C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe"
O4 - HKLM\..\Run: [ALYac] "C:\Program Files\ESTsoft\ALYac\AYUpdate.exe" /run
O4 - HKCU\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /A "C:\WINDOWS\system32\E_S196.tmp"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/229?f8d660a952c64efe9f94c00a34c4a4b7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/230?f8d660a952c64efe9f94c00a34c4a4b7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/WebfettiInitialSetup1.0.0.15-3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137337689449
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1185043873622
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspotter/spsp29953.01noopt/spyspottercabinstall.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - Winlogon Notify: monln - C:\WINDOWS\SYSTEM32\monln.dll
O23 - Service: ALYac_PZSrv - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Comodo Anti-Virus and Anti-Spyware Service - Unknown owner - C:\Program Files\Comodo\common\CAVASpy\cavasm.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O24 - Desktop Component 0: (no name) - http://gfx2.mail.live.com/mail/w1/ltr/theme0/HeaderCenterImage-nofade.gif
O24 - Desktop Component 1: (no name) - http://gfx1.hotmail.com/i.p.attach.gif

--
End of file - 8715 bytes

Recommended Answers

All 21 Replies

AVG needed to be uninstalled to prevent the computer from freezing in regular windows or in safe mode about ten seconds after it booted up. Now it usually only freezes when I try to run or download antivirus programs.

You've got a few baddies showing there.

-- Looks like you installed Comodo AV. Is it functioning properly?
-- What is this? --> C:\Program Files\ESTsoft\ALYac I've not seen it before.

FIRST:
Look in Add / Remove Programs and Remove/Uninstall the following crapware:
C:\Program Files\RXToolBar
C:\Program Files\SpySpotter3
C:\Program Files\MyWebSearch

THEN:
Please run the steps listed in the linky below and submit the requested scanlogs:

Read me before posting a request for assistance

  • Please post the DSS extra.txt as an attachment to your post using the “Manage Attachments” button (scroll down when composing your post).
  • Hold off on posting the Uninstall List. The DSS extra.txt ought to suffice.

Let us know if you run into any problems with the above steps.
I or one of the other volunteers will be happy to help as time permits. I'm a bit over-extended at the moment, but will try to reply in a timely manner if nobody else jumps in.

Best Luck :)
PP

thanks for your reply...
the ALYac is a Korean antivirus program which i thought might trick the virus but didn't. I'm not exactly proficient with this kind of stuff and don't really understand what this DSS extra.txt is all about. Here is the current logfile from Hijackthis... any help is really appreciated... thanks!


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\atievxx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\Atiptaxx.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.longbayrestaurant.co.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [windows auto update] msblast.exe
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /A "C:\WINDOWS\system32\E_S196.tmp"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKxdm021YYCA
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/229?f8d660a952c64efe9f94c00a34c4a4b7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui/230?f8d660a952c64efe9f94c00a34c4a4b7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/WebfettiInitialSetup1.0.0.15-3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137337689449
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1185043873622
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspotter/spsp29953.01noopt/spyspottercabinstall.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O24 - Desktop Component 0: (no name) - http://gfx2.mail.live.com/mail/w1/ltr/theme0/HeaderCenterImage-nofade.gif
O24 - Desktop Component 1: (no name) - http://gfx1.hotmail.com/i.p.attach.gif

The DSS is not available at this time so just continue to follow PP's other instructions

FIRST:
Look in Add / Remove Programs and Remove/Uninstall the following crapware:
C:\Program Files\RXToolBar
C:\Program Files\SpySpotter3
C:\Program Files\MyWebSearch

and do as you have done and use HJT.
Your log shows also the Blaster worm. Can you run any Online AV scanners like ESET Online Scanner? If you can try that one and DO allow it to fix what it finds.
He has steps to run HERE and ESET Scanner is one of those steps. Try to follow as many of the steps he gives there as possible, especially the ESET, but go ahead and clean with it and also try the Malwarebytes-Anti-Malware program also. Allow it to clean too.

I've tried doing all the steps but the computer still freezes when i try to run the Anti-Malware program and ESET. The Anti-Malware always begins detecting infected objects when scanning files that begin with HKEY_CLASSES_ROOT... and always freezes whiole scanning these files. Like I said I'm not very skilled with this stuff and have no idea what this means. Malware detects up to 16 infected objects before it freezes. Does this help at all?

Are you absolutely certain it is freezing? This scan can take awhile. The files which begin
HKEY_CLASSES_ROOT are registry files, these would take awhile to scan, it may not actually be frozen you may not be giving it enough time to scan. A full scan take take more than an hour at times.

Have you run other anti-spy programs like Spybot? If not you might try that first and then Malwarebytes.

Also, I would suggest that you Uninstall ALL of the Anti-virus programs you have installed via Add/Remove Programs and then try to run MBA-M.
If it still hangs, try to run it in Safe Mode.

Let us know how you fare.

--- Re-install only ONE anti-virus program after the MBA-M scan. Looks like you have settled on AVG. That should be a solid choice.

Best Luck :)
PP

I'm pretty sure that it's freezing, cuz I'm no longer able to move the arrow around with the mouse. It freezes everytime i run an antivirus scan online or not. I'll try spybot etc and get back to you. A few more details:
- If I'm online and using microsoft word or wordperfect it freezes after I've typed a sentence or two but if i turn off the modem i'm able to use these programs without problems.
- the computer freezes if I try to stream audio or video
thanks a lot for your help so far

- If I'm online and using microsoft word or wordperfect it freezes after I've typed a sentence or two but if i turn off the modem i'm able to use these programs without problems.
- the computer freezes if I try to stream audio or video
thanks a lot for your help so far

Sounds like some additional problems likely unrelated to the malware on your machine. We'll try to get you cleaned up and then see if those issues remain.

-- See my previous post (#7) in case you missed it.

PP :)

Also, I would suggest that you Uninstall ALL of the Anti-virus programs you have installed via Add/Remove Programs and then try to run MBA-M.
If it still hangs, try to run it in Safe Mode.

Let us know how you fare.

--- Re-install only ONE anti-virus program after the MBA-M scan. Looks like you have settled on AVG. That should be a solid choice.

Best Luck :)
PP

Also uninstall that SpySpotter System Defender. It is a VERY questionable program, not recommended.

How full is your hard drive? How much RAM is installed?

i've followed all your instructions, unfortunately it still freezes when running the mba-m scan. Not sure if I should ahve been doing this but began aborting the scan when infected objects came up. removing them and then running the scan again... but now it's freezing before infected objects are identified... argghh! Thanks for all your help so far. any additional advice would be very appreciated...

Are you running this in SAFE MODE?
How about my questions concerning hard drive and ram?

i've been doing it both in safe mode and regular windows and it freezes in both. the good news is that i just successfully ran mba-m and removed just over 80 infected objects. the bad news is that the computer is still freezing when i tried to stream video and froze a moment ago as i was logging on to this site! i'll try that online scan you recommended and let you know how that works and will answer your previous questions at that time... thanks a lot for your time

We need to see that malwarebytes log.

Again....What size hard drive do you have...How much space remains on it and how much RAM do you have installed????

512 MB of RAM
Total size of Hd = 57.2 GB w/ 37.8 GB of free space

Malwarebytes' Anti-Malware 1.25
Database version: 1092
Windows 5.1.2600 Service Pack 2

3:57:28 PM 28/08/2008
mbam-log-08-28-2008 (15-57-28).txt

Scan type: Quick Scan
Objects scanned: 4790
Time elapsed: 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxresult.rxresultfilter (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxresult.rxresultfilter.1 (Trojan.Agent) -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.25
Database version: 1092
Windows 5.1.2600 Service Pack 2

3:59:30 PM 28/08/2008
mbam-log-08-28-2008 (15-59-30).txt

Scan type: Quick Scan
Objects scanned: 9501
Time elapsed: 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Malwarebytes' Anti-Malware 1.25
Database version: 1092
Windows 5.1.2600 Service Pack 2

4:18:34 PM 28/08/2008
mbam-log-08-28-2008 (16-18-34).txt

Scan type: Full Scan (C:\|)
Objects scanned: 9805
Time elapsed: 5 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)
Malwarebytes' Anti-Malware 1.25
Database version: 1092
Windows 5.1.2600 Service Pack 2

5:33:06 PM 28/08/2008
mbam-log-08-28-2008 (17-33-06).txt

Scan type: Full Scan (C:\|)
Objects scanned: 10564
Time elapsed: 16 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Strangest log I have seen...why did you only fix one time?

I dunno, I thought I did each time. At first it was freezing so I'd wait until there were a few objects detected and then abort the scan and then start again. But the fourth timethe scan completed successfully and 69 infected objects were detected and quarantined etc... now when i try to run a scan, once again, it just freezes... so frustrating especially cuz i'm not a tech guy at all...

I was able to run the antimalware prog again... there were no malicious items detected... here's the log.... i'm baffled

Malwarebytes' Anti-Malware 1.25
Database version: 1092
Windows 5.1.2600 Service Pack 2

9:17:22 PM 28/08/2008
mbam-log-08-28-2008 (21-17-22).txt

Scan type: Quick Scan
Objects scanned: 45770
Time elapsed: 12 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Go into the Malwarebytes program. Click on the logs tab. Go through each log and find the one which removed 69 items. Copy/paste that one here.
The last run of the program didn't find anything because there was nothing to find. Everything was removed.

Malwarebytes' Anti-Malware 1.25
Database version: 1092
Windows 5.1.2600 Service Pack 2

5:56:22 PM 28/08/2008
mbam-log-08-28-2008 (17-56-22).txt

Scan type: Quick Scan
Objects scanned: 46019
Time elapsed: 17 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 69

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110439.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110440.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110441.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110442.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110443.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110444.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110445.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110446.EXE (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110447.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110448.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110449.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110450.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110451.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110452.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110453.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110454.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110455.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110456.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110458.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110459.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110460.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110461.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110463.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110464.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110465.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110466.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0110467.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0111434.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0111435.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0111436.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0111437.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0111438.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1199\A0114434.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120615.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120616.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120617.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120618.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120626.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120627.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120628.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120629.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120630.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120631.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120633.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120634.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120635.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120636.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120638.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120639.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120640.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120641.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120642.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120643.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120644.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120645.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120646.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120647.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120648.EXE (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120649.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120650.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120651.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120652.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120653.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1204\A0120654.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1205\A0121611.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1205\A0121612.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1205\A0121613.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1205\A0121614.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\System Volume Information\_restore{EDFD539C-8B79-41A3-81DB-7C64F285700C}\RP1205\A0122611.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Since everything has been removed, what could be causing the computer to freeze?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.