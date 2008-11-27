Not sure where to start i guess sense this is a new thread I will need to say again. That I have a new HP computer that I have had for about 6 month. My husband bought it from walmart. before this computer he had bought home a new Toshiba that word may be missed spelled. we had to take it back because the DVD player and other things were wrong with it. they told him it was a new one but we found out we were the second user of that computer. it had been return to the store once before, now we have this HP. this serial no.that I am going to write down ends in the letter n and not m. witch I found out is sold here a lot in the USA but is a Spanish version. when I got got help from windows live before I found this out and the only language I speak is English. they had trouble help me with the problem till I got wrote back saying that I had made a mistake in writing and put the letter n and not a m. after I recheck and my husband check it and I wrote here again telling them I was sure on this computer it was the letter n. then some one said I should try a certain forum that was in Spanish. when I told then I was not Spanish. then they told me the difference between the letter n that mine end in and the letter m. this number is dv6809wn. this computer is a laptop HP notebook that runs in windows vista. when I 1st got it I made a big goof and paid for extra help that I should have know it was not the right help for me because it was called iyogi Microsoft. I thought was Microsoft, but it just supporting Microsoft and could help me with Microsoft problems. they took control of my laptop I don't know how many times. the said they had fixed it and that the avg virus scanner even thought tho at the bottom of the pg. said protection mode off and on a lot of pages said on. they said that avg was still working right and that it was a windows vista protection security setting. that if it was on all pages that I would be having more trouble. sense that time I don't know how many times my computer was going more then real slow and I was having to get rid of different virus to many times. some one from a forum said to download Malwarebytes' Anti-Malware and I did and that help a lot. last night a HP teg help me with this trouble and now on IE 7 it say protection mode on and Malwarebytes' Anti-Malware and avg was now working right. I think she new what she was doing. all tho my husband use,s IE 7 I am trying a browsers that some one from suggested I should use and at the bottom right hand Conner of the screen says nothing. with IE 7 say protection mode on all pages now. I am going to copy paste some of the logs that it has found trouble. I will have to copy by hand some of what avg has come up with because I don't know how to copy paste there log. here is a copy past of a couple of log from Malwarebytes' Anti-Malware this is some of the log that it has found some thing in.

Malwarebytes' Anti-Malware 1.30

Database version: 1371

Windows 6.0.6001 Service Pack 1



11/7/2008 6:29:43 AM

mbam-log-2008-11-07 (06-29-43).txt



Scan type: Quick Scan

Objects scanned: 44057

Time elapsed: 50 second(s)



Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 9

Registry Values Infected: 2

Registry Data Items Infected: 2

Folders Infected: 3

Files Infected: 4



Memory Processes Infected:

(No malicious items detected)



Memory Modules Infected:

(No malicious items detected)



Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{c24d7016-d00f-41ef-9781-984b6b5ff38f} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{ec88fcd0-2ed5-4d65-9b4c-71d146b43a2e} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e532cfb1-5edd-4663-8c22-bcd67b5e5bd4} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.



Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Windows\System32\ConTest.dll (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Windows\System32\SysRestore.dll (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.



Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.



Folders Infected:

C:\Program Files\Ascentive (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Ascentive\Performance Center (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.



Files Infected:

C:\Windows\System32\ConTest.dll (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

C:\Windows\System32\SysRestore.dll (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

C:\Program Files\Ascentive\Performance Centertemp.htm (Rogue.Multiple) -> Quarantined and deleted successfully.

C:\Program Files\Ascentive\Performance Center\GUID (Rogue.Multiple) -> Quarantined and deleted successfully.

I thought there was more but I do rememer seeing some thing come up on my screen that Malwarebytes' Anti-Malware had deleted some infected files but nothing was in the vault and nothing in the vault I well look again at the avg settings and see if I should write some thing about it. I have other trouble too but I think I well stick with doing what I have said before and here it is about avg

Last found 180 warming count. then on 10/29/2008 it found one infected file and 353 warming

10/29/2008 351 warming then on 10/29/08 says 356 there our a lot more with warming but this last one that found a virus said 2 infected and 231 warming. right now I recall others times it had founded other infection files but they must have been deleted. I know I have only a dial up connection, but some times I can't Even pull up one page.

now IE7 is working fine and all pgs are coming up much faster. I can now even connect to live eBay help. protection on the bottom right hand of the screen say it is on. it is working fine now but when I try to update either the avg or Malwarebytes' Anti-Malware they won't update. if I wait a little bit of time and try each one again they do why is that? and can you tell me if both of then work right?

I also said above that i can now connect to live eBay support with IE7 but still can't with opera I well try again to connect and write now what it says and ask you all about helping me out with that. I would pleased to get any help i can . i hope this is not 2 long and you have all the information you need to help with this thanks sham1313