|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
06-13-2009, 04:04 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jun 2009
Posts: 6
OS: Windows xp
|
Automatic Rebooting
attached are the requested logs for:
My computer automatically reboots it self every time I go on to the internet. I have ran all sort of malware,spyware and virus scans, I have tested the memory and settings for overheating and every thing seems ok. I can work on any thing else for hours but as soon as I go to the internet it reboots and comes right back up. My virus software expired and I was trying to download a new program and every time it gets to the install part the computer reboots. Any suggestion? Is there some sort on internet virus or worm that I can't seem to find? It is so annoying...... DDS (Ver_09-05-14.01) - NTFSx86 Run by Janice at 17:30:51.00 on Sat 06/13/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.126 [GMT -4:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\Program Files\Lexmark X74-X75\lxbbbmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Webshots\webshots.scr C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Yahoo!\browser\ybrowser.exe C:\Documents and Settings\Janice\Local Settings\Temporary Internet Files\Content.IE5\001T06PL\dds[1].scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uWindow Title = Windows Internet Explorer provided by Yahoo! uDefault_Page_URL = hxxp://att.net mDefault_Page_URL = hxxp://www.yahoo.com mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com mSearchAssistant = uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn5\yt.dll uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn5\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll BHO: 1 (0x1) - No File BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn5\YTSingleInstance.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn5\yt.dll TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\program files\yahoo!\messenger\yhexbmes.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [YSearchProtection] c:\program files\yahoo!\search protection\SearchProtection.exe uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe mRun: [AdaptecDirectCD] "c:\program files\adaptec\easy cd creator 5\directcd\DirectCD.exe" mRun: [YBrowser] c:\progra~1\yahoo!\browser\ybrwicon.exe mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Lexmark X74-X75] "c:\program files\lexmark x74-x75\lxbbbmgr.exe" mRun: [YMailAdvisor] "c:\program files\yahoo!\common\YMailAdvisor.exe" StartupFolder: c:\docume~1\janice\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\Launcher.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE IE: &Search IE: &Webshots Photo Search - c:\program files\webshots\WSToolbar4IE.dll/MENUSEARCH.HTM IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll Trusted Zone: turbotax.com DPF: Microsoft XML Parser for Java DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.2.23/cfweb_activex.camfrogweb.com-advanced-2.0.2.23_instmodule.exe DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www2.snapfish.com/SnapfishActivia.cab DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://static.slide.com/uploader/SlideImageUploader.cab DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://fubar.com/imgs/ImageUploader5.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://sdlc-esd.sun.com/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?AuthParam=1234908951_4f22a45901a96561dfe562d57bc5a558&GroupName=JSC&FilePath=/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab&File=jinstall-6u12-windows-i586-jc.cab&BHost=javadl.sun.com DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} - hxxp://tsvweb.infocision.com/msrdp.cab DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - hxxp://download.yahoo.com/dl/installs/ymail/ymmapi.dll DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - hxxp://download.yahoo.com/dl/installs/yab_af.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - hxxp://photos.yahoo.com/ocx/us/yexplorer1_9us.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\janice\applic~1\mozilla\firefox\profiles\gssyzxm9.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc7&p= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc7&p= FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll ============= SERVICES / DRIVERS =============== R0 crpf;crpf;c:\windows\system32\drivers\crpf.sys [2009-5-30 36512] R0 csdf;cdsf;c:\windows\system32\drivers\csdf.sys [2009-5-30 39456] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-11 327688] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-6-11 27784] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-11 108552] R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-1-4 587096] R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-11 298776] R2 YahooAUService;Yahoo! Updater;c:\program files\yahoo!\softwareupdate\YahooAUService.exe [2008-11-9 602392] R3 DLKRTS;D-Link DFE-530TX+ PCI Adapter;c:\windows\system32\drivers\DLKRTS.SYS [2008-2-3 45568] =============== Created Last 30 ================ 2009-06-11 17:19 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-06-11 17:19 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-06-11 17:19 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-06-11 17:19 <DIR> --d----- c:\windows\system32\drivers\Avg 2009-06-11 17:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar 2009-06-11 17:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8 2009-06-11 01:01 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-06-11 01:01 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-05-30 20:47 <DIR> --d----- c:\program files\Lavalys 2009-05-30 13:32 39,456 a------- c:\windows\system32\drivers\csdf.sys 2009-05-30 13:32 36,512 a------- c:\windows\system32\drivers\crpf.sys 2009-05-30 13:32 8,456 a------- c:\windows\system32\cnat.exe 2009-05-30 13:32 <DIR> --d----- c:\program files\COMODO 2009-05-30 10:47 <DIR> --d----- c:\docume~1\janice\applic~1\Auslogics 2009-05-30 10:47 <DIR> --d----- c:\program files\Auslogics 2009-05-28 19:28 <DIR> --d----- c:\program files\Spybot - Search & Destroy 2009-05-28 19:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2009-05-25 19:37 <DIR> --d----- c:\program files\Lexmark X74-X75 2009-05-25 16:06 3,255 a------- c:\windows\system32\wbem\Outlook_01c9dd744231e6e2.mof 2009-05-25 10:32 <DIR> --d----- c:\program files\MSECache 2009-05-23 21:25 <DIR> --d----- c:\program files\CrossLoop 2009-05-19 17:43 <DIR> --d----- C:\Lxkx75 2009-05-17 13:12 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat 2009-05-17 12:50 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-05-17 12:50 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll 2009-05-17 12:50 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-05-17 12:50 575,488 -------- c:\windows\system32\xpsshhdr.dll 2009-05-17 12:50 117,760 -------- c:\windows\system32\prntvpt.dll 2009-05-17 12:50 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll 2009-05-17 12:50 1,676,288 -------- c:\windows\system32\xpssvcs.dll 2009-05-17 12:50 <DIR> --d----- C:\f6583a1cfaaa052cb94ed9e0c12705 2009-05-16 20:03 <DIR> --d-h--- C:\$AVG8.VAULT$ 2009-05-16 09:20 15,504 a------- c:\windows\system32\drivers\mbam.sys 2009-05-16 09:20 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-15 07:15 <DIR> --d----- c:\docume~1\janice\applic~1\Blitware 2009-05-15 07:15 <DIR> --d----- c:\program files\Driver Robot 2009-05-14 19:50 <DIR> --d----- C:\spoolerlogs 2009-05-14 19:47 508 a------- c:\windows\system32\LexFiles.ulf ==================== Find3M ==================== 2009-06-13 14:02 2,180 a------- c:\windows\system32\d3d8caps.dat 2009-05-30 20:49 1,744 a------- c:\windows\system32\d3d9caps.dat 2009-05-13 01:15 915,456 a------- c:\windows\system32\wininet.dll 2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll 2009-04-17 08:26 1,847,168 a------- c:\windows\system32\win32k.sys 2009-04-15 10:51 585,216 a------- c:\windows\system32\rpcrt4.dll 2008-10-31 13:02 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008103120081101\index.dat ============= FINISH: 17:32:03.20 =============== Last edited by amateur; 06-13-2009 at 08:50 PM. Reason: to copy/paste the DDS.txt |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
