Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

cant run OTL


  • Please log in to reply

#31
snowysdad43

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Run by myaccount at 13:39:48 on 2011-11-07
.
============== Running Processes ===============
.
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\AOL\1230249116\EE\aolsoftware.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\AOL\1230249116\EE\aolsoftware.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ntvdm.exe
C:\DOCUME~1\MYACCO~1\MYDOCU~1\DDS.COM
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com/?ncid=customie8
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uDefault_Page_URL = hxxp://www.aol.com/?ncid=customie8
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
mStart Page = hxxp://www.yahoo.com/
mURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - c:\program files\aol toolbar\aoltb.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230133906203
DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - hxxp://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?39992.2864351852
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-delicious-winter-edition/zylomplayer.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
TCP: DhcpNameServer = 192.168.0.1 192.168.3.1
TCP: Interfaces\{80443072-5384-4D29-A197-604ECE8884D8} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
TCP: Interfaces\{8AB7525D-E207-499F-AC67-CBE186DE2CB5} : DhcpNameServer = 192.168.0.1 192.168.3.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R? Akamai;Akamai NetSession Interface
R? GamesAppService;GamesAppService
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
S? !SASCORE;SAS Core Service
S? AntiVirSchedulerService;Avira AntiVir Scheduler
S? AntiVirService;Avira AntiVir Guard
S? avgio;avgio
S? avgntflt;avgntflt
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
.
=============== Created Last 30 ================
.
2011-11-07 17:49:47 -------- d-----w- c:\progra~1\Viewpoint
2011-11-07 16:28:10 -------- d-----w- c:\windows\msdownld.tmp
2011-11-07 16:23:58 -------- d-----w- c:\progra~1\MSECACHE
2011-11-07 14:29:14 -------- d-----w- C:\ComboFix
2011-11-07 02:46:53 98816 ----a-w- c:\windows\sed.exe
2011-11-07 02:46:53 518144 ----a-w- c:\windows\SWREG.exe
2011-11-07 02:46:53 256000 ----a-w- c:\windows\PEV.exe
2011-11-07 02:46:53 208896 ----a-w- c:\windows\MBR.exe
2011-11-07 02:20:42 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-27 21:50:19 -------- d-----w- c:\docume~1\alluse~1\application data\IncrediMail
2011-10-27 21:50:19 -------- d-----w- c:\docume~1\alluse~1\application data\IM
.
==================== Find3M ====================
.
2011-10-25 18:06:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-07-04 01:23:19 20533281 -c--a-w- c:\progra~1\VLC.exe
.
============= FINISH: 13:40:58.21 ===============
  • 0

Advertisements


#32
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
Start, Run, sfc /scannow, OK

SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.

Start, Run, sigverif, OK

Press Start. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)
  • 0

#33
snowysdad43

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
ok the first command i ran i just get the cmd screen ( black screen ) for a millisecond then nothing !
the second one ( sigveryf) produced only 5 unsigned products and the newest one was in 07
  • 0

#34
snowysdad43

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
i should note ron i had a problem about a year ago and emerald cleaned my system
i am wondering if the search settings thing is just a remnant that cant be removed
as far as otl i ran as dds but not as normal ?
i guess the main thing i am wondering is if my computer seems to be working fine should i worry about these 2 things ??
  • 0

#35
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
Up to you.

Instead of running sfc from Run first try

Start, Run, cmd, OK then type

sfc /scannow

I expect it is giving an error. That may help us.

Ron
  • 0

#36
snowysdad43

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
ok got a little further that way but
after entering i get a response stating i nust be an administrator running a console session in order to use the windows file checker utility ? i am logged in on an acct with admin rights
  • 0

#37
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
Go to
http://www.winhelpon...-in-windows-xp/

Follow the instructions starting where it says:

Using SubInACL
  • 0

#38
snowysdad43

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
ron is the reset cmd file part of the subinacl or is that a separate feature
i do not want to do this wrong
  • 0

#39
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
The reset.cmd is part of the fix. It uses the program you downloaded in order to reset the permissions back to default.
  • 0

#40
snowysdad43

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
ron i downoaded subin and installed in win resource where it was supposed to go then followed derections for second part reset cmd
the instructions are not that complete ! now do i enter the reset cmd in the same way i did the others ? ir run cmd then enter the resetcmd in the command box or ?
  • 0

Advertisements


#41
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
I would think you just need to double click on it. You can run it from the Command window but you need to be in the same directory or use the full path.
  • 0

#42
snowysdad43

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
just double clicked it it ran fast :) and as the files were modified they were failed i thought i trashed my computer
ugggg as you can tell i am a novice so this is scary stuff for me :::huge exhale:

Edited by snowysdad43, 07 November 2011 - 04:33 PM.

  • 0

#43
snowysdad43

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
hi again ron
does my computer look like its functioning normaly as far as the files and or warnings /errors you have seen
or will these problems with access to certain reg keys or programs get worse?
  • 0

#44
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
I don't know what has been done to it to make it so odd. Try the sfc /scannow command again. See if it will run now.

Ron
  • 0

#45
snowysdad43

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
hi ron i was able to run sfc scannow it ran thru completion and then just finished and closed on its own
no logs :that i can find anyway
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP