Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Right click on icons malfunction

Started by acajelen , Oct 23 2011 04:42 PM

Page 3 of 5
1
2
3
4
5

Please log in to reply

#31
SweetTech

Posted 02 November 2011 - 10:06 PM

Sir SpamAlot

Retired Staff
7,671 posts

Hi!

I haven't been a big fan of AVG lately. The last few versions of their program have been extremely bulky, and have contained a bunch of things that I fine to be completely unnecessary. Which is why I no longer personally recommend AVG, if you'd like to re-install AVG, then please by all means re-install it, I was just providing you with some alternatives in case you weren't aware of them.

Looking back over my previous post, I see that I didn't communicate that the best way possible, and for that I apologize for that. When it comes to choosing an anti-virus program, it mainly comes down to the user preference, granted there are some programs that are better at detecting threats then others, but at the end of the day, it tends to come to what anti-virus program works best for you.

I am going to clean-up the remaining AVG files on your computer with an OTL script, so that if/when you re-install it, you won't have any issues doing so.

Your OTL log is showing me quite a few image files that appear to be on your desktop. I'd just like to have you confirm that you recognize them, and that they were placed there by you.

[2011.10.26 02:51:12 | 000,051,635 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\gag_daysie.jpg
[2011.10.26 02:50:44 | 000,402,244 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\eliana dante tunde.jpg
[2011.10.26 02:48:34 | 000,037,141 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\149263590_Daysie_123_132lo.jpg
[2011.10.26 02:39:44 | 000,776,514 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\anna parlax.jpg
[2011.10.26 02:38:54 | 000,043,194 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Sylvie De Luxe.jpg
[2011.10.23 16:48:19 | 000,033,222 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\gapethatass___alicia_rhodes_481190.jpeg
[2011.10.23 12:22:22 | 000,052,939 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\aHR0cDovL3d3dy5rYXJ1cHNwcy5jb20vNDE3L2JpZ2ltYWdlcy9pbWFnZTAyLmpwZw==.jpg
[2011.10.23 12:22:06 | 000,054,782 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\aHR0cDovL3d3dy5rYXJ1cHNwcy5jb20vNDE3L2JpZ2ltYWdlcy9pbWFnZTAxLmpwZw==.jpg
[2011.10.23 12:21:53 | 000,047,328 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\aHR0cDovL3d3dy5rYXJ1cHNwcy5jb20vNDE3L2JpZ2ltYWdlcy9pbWFnZTA4LmpwZw==.jpg
[2011.10.23 12:21:28 | 000,048,776 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\aHR0cDovL3d3dy5rYXJ1cHNwcy5jb20vNDE3L2JpZ2ltYWdlcy9pbWFnZTE3LmpwZw==.jpg
[2011.10.23 12:09:27 | 000,049,774 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\aHR0cDovL3d3dy5rYXJ1cHNwcy5jb20vNDE3L2JpZ2ltYWdlcy9pbWFnZTA5LmpwZw==.jpg
[2011.10.23 12:09:16 | 000,046,860 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\aHR0cDovL3d3dy5rYXJ1cHNwcy5jb20vNDE3L2JpZ2ltYWdlcy9pbWFnZTA1LmpwZw==.jpg
[2011.10.23 12:07:34 | 000,043,722 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\aHR0cDovL3d3dy5rYXJ1cHNwcy5jb20vNDE3L2JpZ2ltYWdlcy9pbWFnZTA0LmpwZw==.jpg
[2011.10.21 13:16:07 | 000,034,037 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\ANDREA DELLACASA.jpg
[2011.10.21 13:15:33 | 000,038,454 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\CATHERINE DEEE.jpg
[2011.10.20 20:19:49 | 000,273,418 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\mary jane jonson.jpg
[2011.10.20 03:12:35 | 000,098,477 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Rachel in C0ll3g3 Rnl3s episode Wheel of Fun.jpg
[2011.10.19 16:40:33 | 000,106,800 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\shoot-myself-ex-girl-2-109.jpg
[2011.10.19 16:40:25 | 000,012,519 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\s-shoot-myself-ex-girl-2-109.jpg
[2011.10.19 12:56:48 | 000,172,581 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\paulina presley.jpg
[2011.10.19 12:55:57 | 000,117,665 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\julia parton.jpg
[2011.10.19 12:55:19 | 000,362,376 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\aidan layne.png
[2011.10.19 03:07:31 | 000,024,914 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\mffgboi48w.jpeg
[2011.10.19 02:57:50 | 000,076,307 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\tumblr_linnqlwTwz1qbz3i5.jpg
[2011.10.18 23:06:04 | 000,026,009 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\TB2hz99S.htm.part
[2011.10.18 20:35:48 | 000,223,397 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\1096883_shyra sheer.jpg
[2011.10.18 00:54:37 | 000,164,507 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\mazinha.jpg
[2011.10.18 00:48:34 | 000,198,310 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\angelica hart.jpg
[2011.10.16 02:37:46 | 000,009,991 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\th_687819325_BigTitsOnWebCam.avi_snapshot_06.16_2011.10.04_03.24.48_123_581lo.jpg
[2011.10.16 02:36:12 | 000,034,260 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\44.jpg
[2011.10.14 11:12:24 | 000,901,586 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\casie cruz.jpg
[2011.10.14 11:09:22 | 000,460,890 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\RubeGoldberg01.gif
[2011.10.13 21:24:28 | 000,024,845 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\arianna-sinn.jpg
[2011.10.13 01:51:13 | 000,157,296 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\rharucq97wtg.jpg
[2011.10.11 22:09:56 | 002,092,588 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\the blonde is Anastasia Braun, Babette, Bridget, Dolly, Laura, Nastja.gif
[2011.10.11 22:09:37 | 000,093,848 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\giovanni-aria-n-07.jpg
[2011.10.11 22:05:10 | 000,023,761 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\kali west.GIF
[2011.10.10 14:25:30 | 000,049,143 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Francesa Frigo.JPG
[2011.10.10 14:22:41 | 000,486,178 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\anigif preview.gif
[2011.10.10 14:18:51 | 000,038,015 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\elizabeth marxs.jpg
[2011.10.10 14:18:20 | 001,175,877 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\wys09e02kgzl.jpg
[2011.10.10 14:10:37 | 000,063,678 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\tumblr_lshov0Ty321qeg2vro1_500.jpg
[2011.10.10 13:57:40 | 000,028,436 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\identify1.jpg
[2011.10.10 04:31:15 | 000,025,258 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\5.jpg
[2011.10.10 04:30:47 | 000,036,036 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\user130861pic.jpg
[2011.10.10 00:17:52 | 000,073,283 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\120x120.gif

OTL Fix

We need to run an OTL Fix

Please reopen on your desktop.

Copy and Paste the following code into the Posted Image

textbox.

:Services
:Processes
KILLALLPROCESSES
:OTL
SRV - File not found [Auto | Stopped] -- -- (avast! Firewall)
O4 - Startup: C:\Documents and Settings\Master\Start Menu\Programs\Startup\Xfire.lnk = File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
[2011.10.23 17:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Application Data\AVG2012
[2011.10.23 17:40:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011.10.23 17:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011.10.29 17:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011.10.23 17:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\AVG2012
:Reg

:Files
echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]

Push
OTL may ask to reboot the machine. Please do so if asked.
Click the OK button.
A report will open. Copy and Paste that report in your next reply.
If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.

NEXT:

What outstanding issues (if any) are you currently experiencing with your computer?

Edited by SweetTech, 02 November 2011 - 10:08 PM.

#32
acajelen

Posted 03 November 2011 - 04:40 AM

Member

Topic Starter
Member
44 posts

Yes those pictures are set by me

I instaled avira trial 30 days.

#33
acajelen

Posted 03 November 2011 - 12:59 PM

Member

Topic Starter
Member
44 posts

I tried to run OTL but had to restart comp cause AVIRA interupted it. How can I temporary disble Avira?

#34
SweetTech

Posted 03 November 2011 - 10:42 PM

Sir SpamAlot

Retired Staff
7,671 posts

Good Evening!

Yes those pictures are set by me

Okay, thanks for clarifying. I know malware sometimes can set wacky names for filenames, so I wanted to be sure they were something you knew.

Please give these instructions a try for disabling Avira.
AVIRA ANTIVIR
Please navigate to the system tray on the bottom right hand corner and look for an open white umbrella on red background (looks to this: Posted Image

)

right click it-> untick the option AntiVir Guard enable.
You should now see a closed, white umbrella on a red background (looks to this: )

You succesfully disabled the AntiVir Guard.

#35
acajelen

Posted 04 November 2011 - 10:41 AM

Member

Topic Starter
Member
44 posts

THis is all I found (in the right cornoer about avira options). My is trial version.

Attached Thumbnails

#36
SweetTech

Posted 04 November 2011 - 09:37 PM

Sir SpamAlot

Retired Staff
7,671 posts

Hi!

Can you attempt to click on the REaltime Protection enable option and see if that unchecks it?

#37
acajelen

Posted 05 November 2011 - 10:41 PM

Member

Topic Starter
Member
44 posts

All processes killed
========== SERVICES/DRIVERS ==========
========== PROCESSES ==========
========== OTL ==========
Error: No service named avast! Firewall was found to stop!
Service\Driver key avast! Firewall not found.
File move failed. C:\Documents and Settings\Master\Start Menu\Programs\Startup\Xfire.lnk scheduled to be moved on reboot.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Folder C:\Documents and Settings\Master\Application Data\AVG2012\ not found.
Folder C:\Documents and Settings\All Users\Application Data\AVG2012\ not found.
Folder C:\Program Files\AVG\ not found.
Folder C:\Documents and Settings\All Users\Application Data\AVG2012\ not found.
Folder C:\Documents and Settings\Master\Application Data\AVG2012\ not found.
========== REGISTRY ==========
========== FILES ==========
< echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c >
Are you sure (Y/N)?processed file: C:\WINDOWS\system32\drivers\etc\Hosts
C:\Documents and Settings\Master\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Master\My Documents\Downloads\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Master\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Master\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point (0)

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Master
->Temp folder emptied: 1202107 bytes
->Temporary Internet Files folder emptied: 3030041 bytes
->FireFox cache emptied: 220097011 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 19618 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3072054 bytes

Total Files Cleaned = 217,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: Master
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 11062011_053026

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Master\Start Menu\Programs\Startup\Xfire.lnk not found!
C:\Documents and Settings\Master\Local Settings\Temporary Internet Files\Content.Word\~WRS{7EFE3CCE-8FD5-49B3-9A41-28FC9A346C10}.tmp moved successfully.
C:\Documents and Settings\Master\Local Settings\Temporary Internet Files\Content.Word\~WRS{8063A689-1E35-472D-B071-F385F06790FC}.tmp moved successfully.
C:\Documents and Settings\Master\Local Settings\Temporary Internet Files\Content.Word\~WRS{8339FFA6-32F9-4AE2-A798-C6FB28F991D4}.tmp moved successfully.

Registry entries deleted on Reboot...

#38
acajelen

Posted 05 November 2011 - 10:46 PM

Member

Topic Starter
Member
44 posts

Like I said I have some movie files (that are probably corrupted) and 1 folder that is 100% virus that cant be deleted. And I forgot to add, I used NOd 32 5 or 6 months ago. It take 5 gb of memory. After I decided to erase it from my computer I used control panel. And I deleted everything that had name Nod and my memory still got busy.?!? I liberated aprox 500 mb. I probably didnt erase all of it.

#39
SweetTech

Posted 06 November 2011 - 10:38 PM

Sir SpamAlot

Retired Staff
7,671 posts

Hi!

Would you be able to provide me with the exact file locations for those movie files as well as the malicious folder?

Did you happen to run the ESET Removal tool after uninstalling ESET via Add/Remove programs?

Link

#40
acajelen

Posted 08 November 2011 - 06:33 PM

Member

Topic Starter
Member
44 posts

C:\Documents and Settings\Master\My Documents\Downloads There r 7 files here named: sopr, sopr (1), sopr (2), Nives Celzijus, Nives Celzijus (1), Nives Celzijus (2) and k packs.
on C:\Documents and Settings\Master\My Documents\My Videos\The Sopranos-Lawn bussiness

Btw. The link U gave me for the Eset removal. I download it and the program itself told me that there is posibility that whole system will fail, and malvare bite or avira blocked that program also...

Edited by acajelen, 08 November 2011 - 07:34 PM.

#41
acajelen

Posted 08 November 2011 - 06:35 PM

Member

Topic Starter
Member
44 posts

The virus folder is on D:\virus NE DIRAJ!

#42
SweetTech

Posted 09 November 2011 - 12:28 PM

Sir SpamAlot

Retired Staff
7,671 posts

Hi!

Please run this OTL fix:

OTL Fix

We need to run an OTL Fix

Please reopen on your desktop.

Copy and Paste the following code into the Posted Image

textbox.

:Services
:Processes
KILLALLPROCESSES
:OTL

:Reg

:Files
D:\virus NE DIRAJ!
dir /s /a "C:\Documents and Settings\Master\My Documents\Downloads " /c
echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]

Push
OTL may ask to reboot the machine. Please do so if asked.
Click the OK button.
A report will open. Copy and Paste that report in your next reply.
If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.

#43
acajelen

Posted 11 November 2011 - 03:49 PM

Member

Topic Starter
Member
44 posts

I need to add a folder created 18. october on my desktop named TB2hz99S.htm tipe of file is PART file. I ddint put it there unless some of programs you gave me didnt put it, it is virus. I didnt tried to delete it. Now before I run OTL I need to ask u will it delete all I have in downloads ("dir /s /a "C:\Documents and Settings\Master\My Documents\Downloads " /c")?

#44
SweetTech

Posted 11 November 2011 - 11:28 PM

Sir SpamAlot

Retired Staff
7,671 posts

Good Evening!

I need to add a folder created 18. october on my desktop named TB2hz99S.htm tipe of file is PART file. I ddint put it there unless some of programs you gave me didnt put it, it is virus. I didnt tried to delete it. Now before I run OTL I need to ask u will it delete all I have in downloads ("dir /s /a "C:\Documents and Settings\Master\My Documents\Downloads " /c")?

Can you please attempt to delete that file? It doesn't look like anything any of my tools put there.

The OTL fix I gave you to run is actually just going to provide me with an output (list) of what files are in the Downloads folder. I want to be sure that I'm deleting the right files first.

I like to era on the side of caution.