Rkill and Malwarebytes got rid of the immediate major problem, but several other minor problems remain.
Then a couple of hours ago while playing Spider Solitaire I got a page fault.
Computer:
- Dell Dimension 2400. Brand new 250 GB hard disk installed in January 2011. Old 75 GB hard disk now drive D.
- Installed Windows XP from original Dell CD's. Downloaded SP3 from Microsoft and installed.
- Browser: Firefox Version 3.6.15
- Security: Windows Firewall only.
- I turn off Automatic Updates whenever I run into them.
Current problems:
- Links returned by Google search get changed to something else.
- "Internet Exlorer Script Error" message box continues to popup. I find that just pushing it to the side lets me get on with my work. Closing it usually results in a whole series of them popping up.
- Many files appear shaded (hidden).
- Page Fault. Has only happened once: PAGE_FAULT_IN_NONPAGED_AREA
OTL logfile created on: 4/15/2011 2:22:26 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop\Trouble
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
766.00 Mb Total Physical Memory | 428.00 Mb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 223.65 Gb Free Space | 96.04% Space Free | Partition Type: NTFS
Drive E: | 74.50 Gb Total Space | 27.81 Gb Free Space | 37.34% Space Free | Partition Type: NTFS
Computer Name: CHARLES-PTQFY79 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/04/15 14:21:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\Trouble\OTL.exe
PRC - [2011/03/04 12:08:42 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/04/15 14:21:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\Trouble\OTL.exe
MOD - [2008/04/14 06:42:52 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Disabled | Stopped] -- -- (AppMgmt)
========== Driver Services (SafeList) ==========
DRV - [2010/01/17 19:43:00 | 000,196,064 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/12/26 00:20:36 | 000,043,136 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003/06/30 19:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 06:28:00 | 000,871,388 | ---- | M] (BCM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMDM.sys -- (BCMModem)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/19 08:45:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/04 12:08:46 | 000,000,000 | ---D | M]
[2011/01/19 18:41:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/01/21 05:19:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u22voe66.default\extensions
[2011/04/15 13:32:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/20 01:08:44 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2011/04/14 16:11:04 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/19 18:09:53 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/04/30 11:52:36 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/15 13:52:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/04/15 13:47:18 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/04/15 13:46:20 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/04/15 13:46:20 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/04/15 13:46:20 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/04/15 13:46:20 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/04/15 13:44:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/04/15 12:53:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/04/14 16:11:03 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/04/14 16:10:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/04/14 16:05:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Trouble
[2011/04/14 05:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/04/14 05:27:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/14 05:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/14 05:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/04/14 05:27:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/14 05:15:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2011/04/12 20:09:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Google_files
[2011/03/20 20:43:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\My Documents\Finance
========== Files - Modified Within 30 Days ==========
[2011/04/15 13:58:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/15 13:47:22 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/04/15 13:27:01 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MBRCheck.exe
[2011/04/14 16:11:04 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/04/14 11:08:53 | 002,508,856 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\broc.pdf
[2011/04/14 04:52:25 | 000,000,096 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~16375604
[2011/04/14 04:52:24 | 000,000,144 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~16375604r
[2011/04/14 04:52:15 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\16375604
[2011/04/12 20:09:47 | 000,053,273 | -H-- | M] () -- C:\Documents and Settings\Owner\Desktop\Google.htm
[2011/04/12 18:17:19 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/11 19:30:51 | 000,021,660 | -H-- | M] () -- C:\Documents and Settings\Owner\Desktop\Prolific 9600 N-8-1.ht
[2011/04/10 11:46:36 | 000,000,463 | -H-- | M] () -- C:\Documents and Settings\Owner\Desktop\ned.htm
[2011/04/03 14:24:32 | 000,016,144 | -H-- | M] () -- C:\Documents and Settings\Owner\Desktop\comcast.png
[2011/03/29 19:16:13 | 000,000,468 | -H-- | M] () -- C:\Documents and Settings\Owner\My Documents\spider.sav
[2011/03/25 21:23:02 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
========== Files Created - No Company Name ==========
[2011/04/15 13:47:22 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/04/15 13:47:19 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/04/15 13:46:20 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/04/15 13:46:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/04/15 13:46:20 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/04/15 13:46:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/04/15 13:46:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/15 13:27:01 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MBRCheck.exe
[2011/04/14 11:08:53 | 002,508,856 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\broc.pdf
[2011/04/14 04:52:24 | 000,000,144 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~16375604r
[2011/04/14 04:52:24 | 000,000,096 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~16375604
[2011/04/14 04:52:15 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\16375604
[2011/04/12 20:09:46 | 000,053,273 | -H-- | C] () -- C:\Documents and Settings\Owner\Desktop\Google.htm
[2011/04/10 11:44:07 | 000,000,463 | -H-- | C] () -- C:\Documents and Settings\Owner\Desktop\ned.htm
[2011/04/03 14:24:32 | 000,016,144 | -H-- | C] () -- C:\Documents and Settings\Owner\Desktop\comcast.png
[2011/03/29 19:16:13 | 000,000,468 | -H-- | C] () -- C:\Documents and Settings\Owner\My Documents\spider.sav
[2011/02/05 00:17:04 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/01 04:40:03 | 000,000,288 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/02/01 03:25:06 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2011/01/19 22:14:06 | 000,290,904 | ---- | C] () -- C:\WINDOWS\System32\vc6-re200l.dll
[2011/01/19 18:41:46 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/19 18:13:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/01/19 18:08:02 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/01/19 09:22:27 | 000,004,346 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/01/19 09:21:42 | 000,110,992 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/12/31 08:57:08 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/07/16 13:54:55 | 000,004,594 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/07/16 13:54:54 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/07/16 13:41:25 | 000,311,604 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/07/16 13:41:25 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/07/16 13:41:23 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/07/16 13:41:21 | 000,039,992 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/07/16 13:39:07 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/07/16 13:33:50 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/07/16 13:33:39 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/07/16 13:27:41 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/07/16 13:26:37 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[1998/12/06 17:56:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\verinst.exe
< End of report >
Sign In
Create Account
