Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Freeze, crashes, slow comp [Closed]

Started by AQUA258 , Apr 18 2012 07:20 PM

  • This topic is locked This topic is locked

#61
AQUA258
Posted 16 June 2012 - 04:57 AM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Hey Crowbar,

Reply
Q 1, Thats the thing i dont have 2 copies of Chrome. When i did that manual uninstall i followed your instructions and deleted the chrome file. The only 2 things that got left behind were the desktop icon and what you see in the pic. When i click on the old one nothing happens, Its not there, thats a left over. How do i get rid of that?

Q 2; The checkbox; I don't follow what your saying here. When i click on "Disable" that stops the plug-in, the checkbox next to disable is for what? More plug-ins that belong to that plug-in?
E.g Where you see Java, at the bottom of that you have that same thing..."Disable" and checkbox "Always Allow". I click/use "Disable" to stop or start plug-in(Java) What is the checkbox for? I never click on that because i dont know what it's for and should it be checked if the plug-in is "Enabled"?

Q 3; I'm not looking for the Chrome plug-ins. (They are whats in the pic). Plug-ins that may belong to E.g...Malwarebytes, Ccleaner etc...

Q 4; Ok will update Java, not sure why it didn't update itself when thats 1 thing that "IS" set to update automatically.

UPDATE;
Ok deleted all Java from CPanel, cleaned cache, ran Javara just to be sure. D/loaded new version but i didnt have an option in Java Control Panel to set auto update.(Forgot i did a clean install) (This is for those that don't know like me)
java.jpg
I typed Java in Start>search found Java.exe, right clicked> run as administrator> go back to Cpanel,Programs,Java> click or double click and Java CPanel will open...and there it is you now have the "Update Option"... ;)..At times i amaze myself... :lol:

Geez Crowbar does Chrome have its own inbuilt version of Java too? JavaFX. :confused:

Edited by AQUA258, 16 June 2012 - 05:51 AM.

  • 0

Advertisements

#62
Crowbar
Posted 19 June 2012 - 05:30 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi Aqua258,
I am looking into it now, but I don't think you should have the second Chrome icon in your control panel, I will get back to you on that. I don't think it's hurting anything.

In the plug ins page, the checkbox is used to disable the plug in. Each one that you want disabled, you have to check the box.

Good job updating Java, and no I don't believe that chrome has it's own version of Java. JavaFX is installed with the newer versions of Java, it's Java's answer to Adobe's Flash.
  • 0

#63
AQUA258
Posted 20 June 2012 - 05:36 AM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts

In the plug ins page, the checkbox is used to disable the plug in. Each one that you want disabled, you have to check the box.



Crowbar, i'm sorry but i'm not understanding this.

Ok, let me put it this way. When i turn "OFF" a plug-in i just click "Disable". That turns it off.
The check box says "Always allow". Why do i need to check/tick that box if i want to disable the plug-in?

My query is; If i am "running" the plug-in, do i then need to tick the check box "Always allow"?

It looks to me like the check box belongs to other stuff in the actual plug-in?

Sorry about confusion on this. :confused:

UPDATE; Since the update of Java, things went stupid(crash, freeze) again. I deleted the JavaFX to see what would happen.
Didn't change anything so i reloaded it.

I'm back to being stumped as to what is going on. I'm going to run a few smaller malware cleaners(spybot etc) just to be sure things are still clean. Oh and I said to you before that Avast seem to have a mind of it's own...YEP, it's playing with me again. I had't seen it for a few days which is how i have it set up(update 2000hrs< test). Today it's popping up left right and center? :huh: :headscratch:
  • 0

#64
Crowbar
Posted 20 June 2012 - 11:54 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
HI Aqua258,
Sorry to confuse you, I was wrong about the checkbox. You are correct to click on Disable and leave the checkbox UNCHECKED.
are you saying that you have Avast download it's updates every 2000 hours? If so, I would much rather you have it set up to use Streaming Updates, as shown below:






I would like to see exactly what is crashing, so I would like to have you run a tool that will gather up some event log information for me.

  • Please download the Event Viewer Tool by Vino Rosso VEW and save it to your Desktop:
  • Double-click VEW.exe
  • Under 'Select log to query', select:
  • Application
  • System
Under 'Select type to list', select:
  • Error
  • Warning
Click the radio button for 'Date of events'
  • In the From: boxes type today's date 15 06 2012
    In the To: boxes type today's date 20 06 2012
    Then click the Run button.
    Notepad will open with the output log.
Please post the Output log in your next reply

It's ok to run Spybot, but that one is not something we use much around here, I would prefer that you install and run MalwareBytes:
Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

#65
AQUA258
Posted 22 June 2012 - 05:41 AM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Crowbar sorry haven't been in here....Major dramas with my website,godaddy security, trojan.
Huge trojan drop a month ago, we (friend and i) cant clean it. I have basically lost my whole site.
Over $1000 worthy of labor plus my time and effort learning coding etc...

I want to cry.... :upset: :upset: :upset: :upset: :upset: :upset:

I will get on to doing what you asked in the morning.

PS; I swear this laptop is possessed. :smashcomp: :killcomp: :smashcomp:

Since the clean install, all microsoft updates downloaded, no sign of it saying "not genuine".
Just now it throws a popup at me with exactly that "This copy is not genuine".
I went on the hunt to see if it had downloaded any new updates without my knowledge...no, nothing.
Why now...?
Avast is still rearing it's ugly head when it's not suppose to.

Ran Malwarebytes today (full scan) showed nothing/clean...but i will do another if you need the log.

OMG...I had to come back and post this;
avast.jpg
I so did not turn this on, I remember seeing this and i wasnt sure what it was so i left it disabled.
After reading your post i thought i'd do a quick check and it's Enabled...I didn't do it. :o

Edited by AQUA258, 22 June 2012 - 05:52 AM.

  • 0

#66
AQUA258
Posted 22 June 2012 - 05:08 PM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.22.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Donna :: DONNA-PC [administrator]

6/23/2012 6:57:06 AM
mbam-log-2012-06-23 (06-57-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 183955
Time elapsed: 5 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
*******************************




Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 23/06/2012 6:55:11 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/06/2012 5:38:33 PM
Type: Error Category: 3
Event: 7010 Source: Microsoft-Windows-Search
The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 19/06/2012 5:38:33 PM
Type: Error Category: 3
Event: 3058 Source: Microsoft-Windows-Search
The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 19/06/2012 5:38:33 PM
Type: Error Category: 3
Event: 3028 Source: Microsoft-Windows-Search
The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 19/06/2012 5:38:33 PM
Type: Error Category: 3
Event: 3029 Source: Microsoft-Windows-Search
The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)


Log: 'Application' Date/Time: 19/06/2012 5:38:31 PM
Type: Error Category: 3
Event: 3029 Source: Microsoft-Windows-Search
The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 19/06/2012 5:38:31 PM
Type: Error Category: 1
Event: 9002 Source: Microsoft-Windows-Search
The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


Log: 'Application' Date/Time: 19/06/2012 5:38:31 PM
Type: Error Category: 3
Event: 7042 Source: Microsoft-Windows-Search
The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 19/06/2012 5:38:31 PM
Type: Error Category: 3
Event: 7040 Source: Microsoft-Windows-Search
The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 19/06/2012 5:38:31 PM
Type: Error Category: 3
Event: 9000 Source: Microsoft-Windows-Search
The event description cannot be found.

Log: 'Application' Date/Time: 19/06/2012 5:38:31 PM
Type: Error Category: 3
Event: 455 Source: ESENT
Windows (2704) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00009.log.

Log: 'Application' Date/Time: 17/06/2012 4:28:43 PM
Type: Error Category: 3
Event: 7010 Source: Microsoft-Windows-Search
The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 17/06/2012 4:28:43 PM
Type: Error Category: 3
Event: 3058 Source: Microsoft-Windows-Search
The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 17/06/2012 4:28:43 PM
Type: Error Category: 3
Event: 3028 Source: Microsoft-Windows-Search
The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 17/06/2012 4:28:43 PM
Type: Error Category: 3
Event: 3029 Source: Microsoft-Windows-Search
The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)


Log: 'Application' Date/Time: 17/06/2012 4:28:42 PM
Type: Error Category: 3
Event: 3029 Source: Microsoft-Windows-Search
The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 17/06/2012 4:28:42 PM
Type: Error Category: 1
Event: 9002 Source: Microsoft-Windows-Search
The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


Log: 'Application' Date/Time: 17/06/2012 4:28:42 PM
Type: Error Category: 3
Event: 7042 Source: Microsoft-Windows-Search
The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 17/06/2012 4:28:42 PM
Type: Error Category: 3
Event: 7040 Source: Microsoft-Windows-Search
The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 17/06/2012 4:28:42 PM
Type: Error Category: 3
Event: 9000 Source: Microsoft-Windows-Search
The event description cannot be found.

Log: 'Application' Date/Time: 17/06/2012 4:28:42 PM
Type: Error Category: 3
Event: 455 Source: ESENT
Windows (3076) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00007.log.

Log: 'Application' Date/Time: 17/06/2012 2:01:10 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program chrome.exe version 19.0.1084.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 106c Start Time: 01cd4c239e0194fd Termination Time: 1982 Application Path: C:\Users\Donna\AppData\Local\Google\Chrome\Application\chrome.exe Report Id: 34d4e921-b820-11e1-91e8-001e336c1120

Log: 'Application' Date/Time: 16/06/2012 6:13:01 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program chrome.exe version 19.0.1084.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: ab4 Start Time: 01cd4bdd32095384 Termination Time: 1330 Application Path: C:\Users\Donna\AppData\Local\Google\Chrome\Application\chrome.exe Report Id: d01aa142-b7de-11e1-91e8-001e336c1120

Log: 'Application' Date/Time: 15/06/2012 1:39:28 AM
Type: Error Category: 3
Event: 7010 Source: Microsoft-Windows-Search
The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 15/06/2012 1:39:28 AM
Type: Error Category: 3
Event: 3058 Source: Microsoft-Windows-Search
The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 15/06/2012 1:39:28 AM
Type: Error Category: 3
Event: 3028 Source: Microsoft-Windows-Search
The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 15/06/2012 1:39:28 AM
Type: Error Category: 3
Event: 3029 Source: Microsoft-Windows-Search
The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)


Log: 'Application' Date/Time: 15/06/2012 1:39:26 AM
Type: Error Category: 3
Event: 3029 Source: Microsoft-Windows-Search
The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 15/06/2012 1:39:26 AM
Type: Error Category: 1
Event: 9002 Source: Microsoft-Windows-Search
The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


Log: 'Application' Date/Time: 15/06/2012 1:39:26 AM
Type: Error Category: 3
Event: 7042 Source: Microsoft-Windows-Search
The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 15/06/2012 1:39:26 AM
Type: Error Category: 3
Event: 7040 Source: Microsoft-Windows-Search
The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 15/06/2012 1:39:26 AM
Type: Error Category: 3
Event: 9000 Source: Microsoft-Windows-Search
The event description cannot be found.

Log: 'Application' Date/Time: 15/06/2012 1:39:26 AM
Type: Error Category: 3
Event: 455 Source: ESENT
Windows (3064) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0000B.log.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/06/2012 5:39:03 PM
Type: Warning Category: 1
Event: 1008 Source: Microsoft-Windows-Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: Index Corruption}.


Log: 'Application' Date/Time: 18/06/2012 2:38:40 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
The content source <iehistory://{S-1-5-21-3288283932-3454092779-3501360566-1000}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
The filtering was stopped because of a user action, such as stopping the crawl. (HRESULT : 0x80040d54) (0x80040d54)


Log: 'Application' Date/Time: 17/06/2012 4:29:27 PM
Type: Warning Category: 1
Event: 1008 Source: Microsoft-Windows-Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: Index Corruption}.


Log: 'Application' Date/Time: 15/06/2012 6:34:39 AM
Type: Warning Category: 18
Event: 4627 Source: Microsoft-Windows-EventSystem
The COM+ Event System timed out attempting to fire the DisplayLock method on event class {D5978630-5B9F-11D1-8DD2-00AA004ABD5E} for publisher and subscriber . The subscriber failed to respond within 180 seconds. The display name of the subscription is "Explorer". The HRESULT was 800705b4.

Log: 'Application' Date/Time: 15/06/2012 1:39:59 AM
Type: Warning Category: 1
Event: 1008 Source: Microsoft-Windows-Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: Index Corruption}.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/06/2012 1:45:35 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 18/06/2012 2:37:27 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 17/06/2012 11:36:11 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 17/06/2012 4:27:40 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 16/06/2012 10:29:49 AM
Type: Critical Category: 64
Event: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device WPD FileSystem Volume Driver (location (unknown)) is offline due to a user-mode driver crash. Windows will attempt to restart the device 5 more times. Please contact the device manufacturer for more information about this problem.

Log: 'System' Date/Time: 16/06/2012 10:29:49 AM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated. This may temporarily interrupt your ability to access the devices.

Log: 'System' Date/Time: 15/06/2012 1:38:16 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/06/2012 5:38:33 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Log: 'System' Date/Time: 19/06/2012 5:38:33 PM
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The Windows Search service terminated with service-specific error %%-1073473535.

Log: 'System' Date/Time: 19/06/2012 1:46:33 AM
Type: Error Category: 0
Event: 205 Source: Microsoft-Windows-Application-Experience
The Program Compatibility Assistant service failed to perform the phase two initialization.

Log: 'System' Date/Time: 19/06/2012 1:45:47 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 9:44:04 AM on ?6/?19/?2012 was unexpected.

Log: 'System' Date/Time: 18/06/2012 7:49:33 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Log: 'System' Date/Time: 18/06/2012 2:37:40 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 10:36:11 AM on ?6/?18/?2012 was unexpected.

Log: 'System' Date/Time: 17/06/2012 11:36:23 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 2:49:40 AM on ?6/?18/?2012 was unexpected.

Log: 'System' Date/Time: 17/06/2012 4:29:28 PM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 17/06/2012 4:28:43 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Log: 'System' Date/Time: 17/06/2012 4:28:43 PM
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The Windows Search service terminated with service-specific error %%-1073473535.

Log: 'System' Date/Time: 17/06/2012 4:28:03 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 8:27:16 PM on ?6/?17/?2012 was unexpected.

Log: 'System' Date/Time: 17/06/2012 4:23:15 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Log: 'System' Date/Time: 16/06/2012 7:42:24 PM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 16/06/2012 7:42:24 PM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 16/06/2012 7:42:24 PM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 16/06/2012 7:42:23 PM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 16/06/2012 7:42:23 PM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 16/06/2012 5:30:18 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 16/06/2012 5:30:18 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 16/06/2012 5:30:18 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 16/06/2012 5:30:17 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 16/06/2012 5:30:17 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 9:36:48 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 9:36:48 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 9:36:47 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 9:36:47 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 9:36:47 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 6:34:33 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Log: 'System' Date/Time: 15/06/2012 6:34:33 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.

Log: 'System' Date/Time: 15/06/2012 1:39:28 AM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Log: 'System' Date/Time: 15/06/2012 1:39:28 AM
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The Windows Search service terminated with service-specific error %%-1073473535.

Log: 'System' Date/Time: 15/06/2012 1:38:28 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 9:34:21 AM on ?6/?15/?2012 was unexpected.

Log: 'System' Date/Time: 15/06/2012 1:25:46 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

Log: 'System' Date/Time: 15/06/2012 1:22:56 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 1:22:56 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 1:22:56 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 1:22:56 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 1:22:55 AM
Type: Error Category: 0
Event: 11 Source: cdrom
The driver detected a controller error on \Device\CdRom0.

Log: 'System' Date/Time: 15/06/2012 1:20:45 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/06/2012 5:42:48 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name id.google.com.au timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 19/06/2012 5:48:46 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 19/06/2012 2:57:50 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name photos-g.ak.fbcdn.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/06/2012 10:35:59 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name assets.tp-cdn.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/06/2012 3:49:43 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 18/06/2012 7:51:13 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name maps.google.com.au timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/06/2012 3:04:55 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name a.triggit.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 17/06/2012 11:37:15 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 17/06/2012 4:31:16 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name zzomfooqxx.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 17/06/2012 9:56:51 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name secure-us.imrworldwide.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 17/06/2012 4:27:32 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name b.scorecardresearch.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 16/06/2012 11:22:15 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name a.triggit.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 16/06/2012 11:10:34 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 16/06/2012 10:00:27 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 16/06/2012 10:00:16 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/06/2012 7:46:40 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name view.atdmt.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/06/2012 7:38:14 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/06/2012 6:34:51 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/06/2012 6:34:46 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/06/2012 6:34:37 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/06/2012 1:39:16 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/06/2012 1:25:53 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
  • 0

#67
Crowbar
Posted 24 June 2012 - 08:14 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi Aqua258,
For your website issues, have you tried asking for help on the Avast forum? They are very good at finding and dealing with infections on web servers. Post with a title saying that your web server is infected and you can't find it.

Is is possible that you never activated Windows when you did your fresh install?>

Step 1

Try this to activate, you will need your product key.

Activate using the Internet

When you begin the activation process, Windows tries to detect an Internet connection. If one is found, you can activate online. If you use a modem to connect to the Internet but aren't currently online, you'll have the option to activate using a modem.
To activate by using a direct connection
  • Open Windows Activation by clicking the Start button Picture of the Start button, right-clicking Computer, clicking Properties, and then clicking Activate Windows now.?
  • If Windows detects an Internet connection, click Activate Windows online now. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Type your Windows 7 product key when prompted, click Next, and then follow the instructions.

Activate using the telephone

If Windows isn't able to activate online, you'll have the option to activate Windows 7 using an automated phone system.

  • Open Windows Activation by clicking the Start button Picture of the Start button, right-clicking Computer, clicking Properties, and then clicking Activate Windows now.?
  • Click Show me other ways to activate.
  • Type your Windows 7 product key, and then click Next.
  • Click Use the automated phone system. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Click the location nearest you from the drop-down list, and then click Next.
  • Call one of the available phone numbers listed. An automated system will guide you through the activation process.
  • When prompted, enter the installation ID that's listed on your screen into your phone's keypad.
  • Write down the confirmation ID that the phone system gives you.
  • Type the confirmation ID into the space provided under Step 3 in the activation dialog, click Next, and then follow the instructions.
  • If activation isn't successful, stay on the line to be transferred to a customer service representative who can assist you.

Step 2
For the Windows Search Errors in your error log, I would like you to run this Microsoft FixIt here
Click on the link, choose Run when prompted, and follow the instructions to reset the default settings for the Windows Search Service that seems to be having problems.

Step 3
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

In your next reply I would like to see:
  • OTL log

  • 0

#68
AQUA258
Posted 24 June 2012 - 03:47 PM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Website; Spoke to a few peeps and they say that once the database gets infected its very hard to clean. Thats OK, im moving all to a diff host and domain place. Starting fresh is the best i think.

Activation; I definitely added my key/product number when i was prompted. I've been using this for ages and never a problem. Sorry i did have drama once, ages ago, after i had some nasty's but i reactivated without a prob.
This time it just doesn't want to accept it so i did the next best thing(rather that have fifty pop-ups thrown at me.
I killed it with RemoveWat. Problem solvered...:)
Sorry, calling overseas is not an option for me.

Fixit;
fixit.jpg

OTL;
When it first started it was trying to do something but had (non responsive)in the top of box. Then it kicked in and only gave me this.
Crowbar after posting this here i noticed this has Firefox stuff on it???...I dont have Firefox. Only Chrome and IE.

OTL logfile created on: 6/25/2012 4:58:04 AM - Run 2
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Donna\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

956.00 Mb Total Physical Memory | 245.87 Mb Available Physical Memory | 25.72% Memory free
1.93 Gb Paging File | 1.12 Gb Available in Paging File | 57.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.02 Gb Total Space | 102.00 Gb Free Space | 73.37% Space Free | Partition Type: NTFS

Computer Name: DONNA-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/25 04:57:21 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Downloads\OTL.exe
PRC - [2012/04/23 14:07:52 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2012/03/07 08:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 08:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 20:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/09/03 15:06:32 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/08/21 09:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/08/21 09:29:20 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/08/10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
PRC - [2009/08/05 14:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/08/03 14:03:08 | 000,832,856 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2009/07/29 16:42:06 | 000,705,880 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
PRC - [2009/07/28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/28 14:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/23 09:42:11 | 009,459,912 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_262.dll
MOD - [2012/06/07 16:14:43 | 000,441,880 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012/06/07 16:14:42 | 003,922,456 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012/06/07 16:13:27 | 000,553,496 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012/06/07 16:13:26 | 000,117,784 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012/06/07 16:13:16 | 000,134,696 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012/06/07 16:13:15 | 000,250,408 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012/06/07 16:13:14 | 002,375,720 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2009/07/25 11:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2009/07/16 15:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/16 15:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2009/03/12 19:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/06/23 18:02:45 | 001,343,400 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/06/23 09:42:24 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/07 08:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/08/21 09:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/08/10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2009/07/28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/29 03:21:04 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - [2012/06/22 21:52:55 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012/06/06 20:01:47 | 002,877,952 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2012/05/22 23:01:29 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2012/03/07 08:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 08:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 08:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/03/07 08:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 08:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/07 08:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/05/18 08:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2010/11/20 20:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 20:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 20:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 18:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 18:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 17:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 17:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 17:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/14 15:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/07 08:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2009/04/29 03:20:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://iat.ninemsn.c...er/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 40 47 F4 FB 37 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {A8FCF2DF-84B9-41F0-A2D6-05E2D69FCCAD}
IE - HKCU\..\SearchScopes\{A8FCF2DF-84B9-41F0-A2D6-05E2D69FCCAD}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Donna\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Donna\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Donna\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: YouTube = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Open All Selected Links = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnhbealllgfdljhmmidodfeibbcmcbid\1.0.3_0\
CHR - Extension: Gmail = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 05:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92A4BB25-6F6E-41C7-BA3D-9BEBA701F8DC}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/24 10:10:54 | 000,000,000 | ---D | C] -- C:\Users\Donna\Desktop\286
[2012/06/24 09:59:11 | 000,000,000 | ---D | C] -- C:\Users\Donna\Desktop\319
[2012/06/23 18:02:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2012/06/23 17:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\v-Grabber
[2012/06/20 19:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/06/20 19:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/06/20 19:11:31 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/06/11 07:10:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012/06/08 06:55:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012/06/06 20:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012/06/06 20:03:17 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012/06/06 20:03:17 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012/06/06 20:03:16 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012/06/06 20:03:16 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012/06/06 20:03:16 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012/06/06 20:03:15 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012/06/06 20:03:14 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012/06/06 20:03:13 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012/06/06 20:03:13 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012/06/06 20:03:05 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012/06/06 20:03:05 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012/06/06 20:03:05 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012/06/06 20:03:05 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012/06/06 20:03:05 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012/06/06 20:03:05 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012/06/06 20:03:04 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012/06/06 20:03:04 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012/06/06 20:03:04 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012/06/06 20:03:04 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012/06/06 20:03:04 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012/06/06 20:03:03 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012/06/06 20:03:03 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012/06/06 20:03:03 | 000,587,096 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2012/06/06 20:03:03 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012/06/06 20:03:03 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012/06/06 20:03:02 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012/06/06 20:03:02 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012/06/06 20:02:59 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012/06/06 20:02:58 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012/06/06 20:02:58 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012/06/06 20:02:58 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012/06/06 20:02:57 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012/06/06 20:02:57 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012/06/06 20:02:57 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012/06/06 20:02:57 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012/06/06 20:02:57 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012/06/06 20:02:56 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012/06/06 20:02:56 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012/06/06 20:02:56 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012/06/06 20:02:56 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012/06/06 20:02:56 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012/06/06 20:02:56 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012/06/06 20:02:56 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012/06/06 20:02:55 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012/06/06 20:01:47 | 002,877,952 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2012/06/06 19:43:07 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Uniblue
[2012/06/06 19:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2012/06/04 04:59:23 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/04 04:55:34 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Deployment
[2012/06/04 04:55:34 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Apps
[2012/06/02 06:35:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/06/01 05:42:14 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\toshiba
[2012/06/01 05:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Toshiba Shared
[2012/06/01 05:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Toshiba
[2012/06/01 05:17:53 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Toshiba
[2012/06/01 05:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
[2012/06/01 05:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\TOSHIBA
[2012/06/01 05:04:14 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012/06/01 05:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/06/01 04:51:06 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2012/06/01 04:50:51 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\WinBatch
[2012/06/01 04:41:45 | 000,050,752 | ---- | C] (Agere Systems) -- C:\Windows\agrsmdel.exe
[2012/06/01 04:41:31 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2012/05/27 01:04:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\nn-NO
[2012/05/27 01:04:21 | 000,393,216 | ---- | C] (Atheros) -- C:\Windows\System32\athihvs.dll
[2012/05/27 01:04:21 | 000,376,832 | ---- | C] (Atheros) -- C:\Windows\System32\S64CPA.exe
[2012/05/27 01:04:21 | 000,053,248 | ---- | C] (Atheros) -- C:\Windows\System32\athihvui.dll
[2012/05/27 01:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2012/05/27 01:02:33 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/05/27 01:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012/05/27 01:01:22 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\InstallShield
[2012/05/26 11:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/05/26 11:52:52 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/25 05:01:28 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/25 05:01:15 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3288283932-3454092779-3501360566-1000UA.job
[2012/06/25 05:01:13 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3288283932-3454092779-3501360566-1000Core.job
[2012/06/25 04:54:40 | 000,072,961 | ---- | M] () -- C:\Users\Donna\Desktop\fixit.jpg
[2012/06/25 04:38:59 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/25 04:38:59 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012/06/25 04:38:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/25 04:38:25 | 751,828,992 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/24 19:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/24 18:06:23 | 000,002,413 | ---- | M] () -- C:\Users\Donna\Desktop\Google Chrome.lnk
[2012/06/23 18:03:39 | 000,013,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 18:03:37 | 000,013,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 21:52:55 | 000,011,232 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2012/06/20 21:37:00 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/20 21:37:00 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/13 07:29:11 | 000,268,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/11 07:04:25 | 000,002,290 | ---- | M] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/06/08 22:46:24 | 000,014,766 | ---- | M] () -- C:\Windows\System32\results.xml
[2012/06/06 20:03:18 | 001,783,056 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012/06/06 20:03:17 | 001,725,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012/06/06 20:03:17 | 000,140,528 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012/06/06 20:03:16 | 000,345,328 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012/06/06 20:03:16 | 000,185,584 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012/06/06 20:03:16 | 000,173,296 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012/06/06 20:03:15 | 000,214,368 | ---- | M] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012/06/06 20:03:13 | 000,074,080 | ---- | M] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012/06/06 20:03:13 | 000,068,960 | ---- | M] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012/06/06 20:03:06 | 000,359,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012/06/06 20:03:05 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012/06/06 20:03:05 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012/06/06 20:03:05 | 000,200,468 | ---- | M] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012/06/06 20:03:05 | 000,170,840 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012/06/06 20:03:05 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012/06/06 20:03:05 | 000,064,856 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012/06/06 20:03:04 | 003,296,600 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012/06/06 20:03:04 | 000,345,944 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012/06/06 20:03:04 | 000,103,256 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012/06/06 20:03:04 | 000,088,408 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012/06/06 20:03:04 | 000,061,272 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012/06/06 20:03:03 | 003,327,320 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012/06/06 20:03:03 | 001,836,376 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012/06/06 20:03:03 | 000,587,096 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2012/06/06 20:03:03 | 000,259,928 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012/06/06 20:03:03 | 000,252,760 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012/06/06 20:03:03 | 000,232,792 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012/06/06 20:03:02 | 000,132,368 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012/06/06 20:03:00 | 000,357,712 | ---- | M] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012/06/06 20:02:58 | 001,740,352 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012/06/06 20:02:58 | 000,601,704 | ---- | M] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012/06/06 20:02:58 | 000,413,696 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012/06/06 20:02:58 | 000,327,168 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012/06/06 20:02:57 | 001,509,480 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012/06/06 20:02:57 | 001,292,904 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012/06/06 20:02:57 | 000,631,400 | ---- | M] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012/06/06 20:02:57 | 000,458,344 | ---- | M] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012/06/06 20:02:57 | 000,390,656 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012/06/06 20:02:56 | 001,220,200 | ---- | M] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012/06/06 20:02:56 | 000,654,952 | ---- | M] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012/06/06 20:02:56 | 000,389,736 | ---- | M] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012/06/06 20:02:56 | 000,375,400 | ---- | M] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012/06/06 20:02:56 | 000,218,728 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012/06/06 20:02:56 | 000,218,728 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012/06/06 20:02:56 | 000,218,216 | ---- | M] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012/06/06 20:01:47 | 002,877,952 | ---- | M] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2012/06/02 06:35:24 | 000,000,980 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/06/01 05:38:27 | 000,000,000 | ---- | M] () -- C:\Windows\NDSTray.INI
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/25 04:54:40 | 000,072,961 | ---- | C] () -- C:\Users\Donna\Desktop\fixit.jpg
[2012/06/11 07:35:20 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/08 22:46:24 | 000,014,766 | ---- | C] () -- C:\Windows\System32\results.xml
[2012/06/08 22:36:31 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012/06/08 22:36:25 | 000,189,552 | ---- | C] () -- C:\Windows\System32\Gfxres.th-TH.resources
[2012/06/08 22:36:25 | 000,178,407 | ---- | C] () -- C:\Windows\System32\Gfxres.el-GR.resources
[2012/06/08 22:36:25 | 000,165,395 | ---- | C] () -- C:\Windows\System32\Gfxres.ru-RU.resources
[2012/06/08 22:36:25 | 000,139,909 | ---- | C] () -- C:\Windows\System32\Gfxres.ar-SA.resources
[2012/06/08 22:36:25 | 000,136,401 | ---- | C] () -- C:\Windows\System32\Gfxres.ja-JP.resources
[2012/06/08 22:36:25 | 000,133,746 | ---- | C] () -- C:\Windows\System32\Gfxres.he-IL.resources
[2012/06/08 22:36:25 | 000,125,558 | ---- | C] () -- C:\Windows\System32\Gfxres.it-IT.resources
[2012/06/08 22:36:25 | 000,123,230 | ---- | C] () -- C:\Windows\System32\Gfxres.ko-KR.resources
[2012/06/08 22:36:25 | 000,122,927 | ---- | C] () -- C:\Windows\System32\Gfxres.es-ES.resources
[2012/06/08 22:36:25 | 000,122,709 | ---- | C] () -- C:\Windows\System32\Gfxres.de-DE.resources
[2012/06/08 22:36:25 | 000,121,173 | ---- | C] () -- C:\Windows\System32\Gfxres.tr-TR.resources
[2012/06/08 22:36:25 | 000,120,800 | ---- | C] () -- C:\Windows\System32\Gfxres.fr-FR.resources
[2012/06/08 22:36:25 | 000,120,366 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-BR.resources
[2012/06/08 22:36:25 | 000,119,616 | ---- | C] () -- C:\Windows\System32\Gfxres.hu-HU.resources
[2012/06/08 22:36:25 | 000,119,586 | ---- | C] () -- C:\Windows\System32\Gfxres.nl-NL.resources
[2012/06/08 22:36:25 | 000,119,360 | ---- | C] () -- C:\Windows\System32\Gfxres.sv-SE.resources
[2012/06/08 22:36:25 | 000,119,067 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-PT.resources
[2012/06/08 22:36:25 | 000,118,745 | ---- | C] () -- C:\Windows\System32\Gfxres.cs-CZ.resources
[2012/06/08 22:36:25 | 000,118,697 | ---- | C] () -- C:\Windows\System32\Gfxres.fi-FI.resources
[2012/06/08 22:36:25 | 000,118,409 | ---- | C] () -- C:\Windows\System32\Gfxres.pl-PL.resources
[2012/06/08 22:36:25 | 000,118,058 | ---- | C] () -- C:\Windows\System32\Gfxres.sk-SK.resources
[2012/06/08 22:36:25 | 000,114,852 | ---- | C] () -- C:\Windows\System32\Gfxres.nb-NO.resources
[2012/06/08 22:36:25 | 000,114,372 | ---- | C] () -- C:\Windows\System32\Gfxres.sl-SI.resources
[2012/06/08 22:36:25 | 000,114,261 | ---- | C] () -- C:\Windows\System32\Gfxres.da-DK.resources
[2012/06/08 22:36:25 | 000,110,214 | ---- | C] () -- C:\Windows\System32\Gfxres.en-US.resources
[2012/06/08 22:36:25 | 000,104,044 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-TW.resources
[2012/06/08 22:36:25 | 000,102,883 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-CN.resources
[2012/06/08 22:36:25 | 000,051,628 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2012/06/08 22:36:23 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/06/08 06:55:50 | 000,011,232 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2012/06/06 20:13:15 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\DriverScanner.job
[2012/06/06 20:03:05 | 000,200,468 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012/06/04 05:32:52 | 000,002,413 | ---- | C] () -- C:\Users\Donna\Desktop\Google Chrome.lnk
[2012/06/04 04:56:47 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3288283932-3454092779-3501360566-1000UA.job
[2012/06/04 04:56:45 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3288283932-3454092779-3501360566-1000Core.job
[2012/06/01 05:38:27 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2012/05/23 17:16:51 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/05/23 17:13:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/02/11 19:10:52 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011/02/11 19:10:50 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011/02/11 19:10:50 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin

========== LOP Check ==========

[2012/06/01 05:42:14 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\toshiba
[2012/06/06 19:43:07 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Uniblue
[2012/06/01 04:50:51 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\WinBatch
[2012/06/25 04:38:59 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2009/07/14 12:53:46 | 000,014,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#69
Crowbar
Posted 25 June 2012 - 10:24 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hello Aqua258,

About that Microsoft Activation issue, you would not have had to make an overseas call, Microsoft has a toll free number for just about every country.

Don't worry about the Firefox section in the OTL log, some programs add registry entries for Firefox regardless of it being installed.

Your OTL log looks to be clear of any malware, what are the current problems with your system?
  • 0

#70
AQUA258
Posted 25 June 2012 - 11:33 AM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Still the crashes and freezes, cant seem to find the plug in that is doing it.

I'm going to kill Avast and upload another anti virus, see if i still have the same prob.

As i see it we have deleted and tried everything else.

Avast is the only thing that is still the same, before and after the clean install.

Crowbar how and where do i turn off all software (not whats needed to run comp).
I want to try stopping everything until i click on it. I dont want any program running in the background.
I know where to do that in chrome, i mean for the task manager. I cant stop them individually because i dont know whats for what.

Is there a simple way to just stop them from running?
  • 0

Advertisements

#71
Crowbar
Posted 26 June 2012 - 10:11 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Aqua258,

If you are going to uninstall Avast, first you need to uninstall it thru the control panel, as you would do normally, but after you do that, you are going to need to use the removal tool, you can find it here
Download aswClear, run it, and select Avast 4 and click uninsatll, then Avast 5, then Avast 6, then Avast 7, to make sure it's completely removed.

I would recommend Microsoft Security Essentials or Avira as a replacement, as they are pretty easy on your computers resources.

For your startup programs, I recommend Autoruns, it's made by Microsoft, so you know it's safe to use.

You can deselect and reselect all of your startup programs as needed, and be sure to use the Hide Signed Microsoft Entries option, so you can concentrate on the third party software.
  • 0

#72
Essexboy
Posted 01 July 2012 - 10:59 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP