Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot Open Programs in Safe Mode ('Open With' virus).....


  • This topic is locked This topic is locked

#151
ogam5

ogam5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
.....and SecurityCheck: a few notes, though.....I want to keep CCleaner; at less than 5 MBs it doesn't place much of a burden on my capacity issues and has been an invaluable tool ever since I got it. Also, not sure how to remove that stubborn ZoneAlert toolbar - CompCav or Ron may have given me instructions but they're so far back in the thread, if you could please remind me again it would be appreciated. And, do I need to uninstall or remove the ESET scan application? Finally, performance has unquestionably improved a lot (but have yet to reinstall Firefox, admittedly) but if I have multiple IE windows open, starts to bog down - want to change the display format to multiple tabs in a single window and believe I've followed the Help instructions properly but I still can't get it to assume that format - please advise if you can? As for the OTL scans and uninstalling of both Flash drives - still not clear on whether I have Java but OTL should determine that, correct? - I won't be able to do anything about those matters until tonight.....and at what point do your ecommend I attempt to defragment again? Thanks! Jim


Results of screen317's Security Check version 0.99.42
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
ZoneAlarm LTD Toolbar
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Adobe Flash Player 11.3.300.262
Adobe Reader X (10.1.3)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 30% Defragment your hard drive soon!
````````````````````End of Log``````````````````````
  • 0

Advertisements


#152
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

appreciate your taking over and, to the best of my ability I will follow your instructions; did so with both CompCav and Ron but there were some instances where theirs weren't completely clear - no fault of theirs necessarily but as I wasn't familiar enough with the operation in question, needed clarification.....

You're welcome! All instructions posted prior by my colleagues are absolutely fine and please desist from blaming them be it somewhat veiled as I take a very dim view of that being honest. If you continue to do so I will withdraw my free assistance and in turn close this topic. I should have no need to broach this particular subject matter again and there is no need for your good self to comment on it either OK. ;)

However if at any time you do not understand anything I advise, stop and ask me! Don't keep going on...

re-ran Avast! in Boot mode and came up clean:

Good.

I want to keep CCleaner; at less than 5 MBs it doesn't place much of a burden on my capacity issues and has been an invaluable tool ever since I got it.

Fair play, my friendly advice is do not use the registry cleaning feature at all. It will ultimately prove to make no difference and the distinct chance it could render the actual Operating System inoperable and or your machine non bootible. As the purported backups it creates are rarely successfully re-merged again.

TFC - Temp File Cleaner is both a better and safer option, however do not download and run that for the moment.

do I need to uninstall or remove the ESET scan application?

Leave that installed for the time being, as I may advise a scan with that myself if deem it necessary.

Also, not sure how to remove that stubborn ZoneAlert toolbar

We can address this in due course.

I have multiple IE windows open, starts to bog down - want to change the display format to multiple tabs in a single window and believe I've followed the Help instructions properly but I still can't get it to assume that format - please advise if you can?

We can also address that in due course.

As for the OTL scans and uninstalling of both Flash drives - still not clear on whether I have Java but OTL should determine that, correct? - I won't be able to do anything about those matters until tonight.....and at what point do your ecommend I attempt to defragment again? Thanks! Jim

Java does not appear to be installed at present, just post the requested OTL logs when ready please. As for specific hard-drive maintenance we can also address that in due course.

Overall once I have the aforementioned new set of OTL logs to review I will devise a suitable course of action to be implemented probably over a series of posts using a specific methodology tailored for both you and your machine. So please be patient and I will try my up-most on your behalf to resolve your machines issues and in the process check malware is no longer present either.
  • 0

#153
ogam5

ogam5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
OK - downloaded Firefox 13, both Flash vraiations and Java, all successfully; Firefox hung up even when I went in to try and configure the display for multi-tab windows (although I got the same save prompt when going to close it) and is effectively useless (can't help but suspect the problem lies at least in part with 13; have seen many complaints showing up on Mozilla's forum that I receive in email notice form, particularly with respect to Flash) - and so again, I would really appreciate your assistance in configuring IE8 for a multi-tab window presentation, Dakeyras.

Here is the OTL log report; as you requested, the Extras log report will follow in a separate reply:



OTL logfile created on: 6/27/2012 12:48:41 AM - Run 7
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.30 Mb Total Physical Memory | 261.86 Mb Available Physical Memory | 51.31% Memory free
863.54 Mb Paging File | 666.47 Mb Available in Paging File | 77.18% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.64 Gb Total Space | 2.32 Gb Free Space | 12.45% Space Free | Partition Type: NTFS
Drive E: | 74.52 Gb Total Space | 2.09 Gb Free Space | 2.80% Space Free | Partition Type: NTFS

Computer Name: USER-2LHZ6LTLSL | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/26 22:57:35 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/03/06 19:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/06 02:01:21 | 001,721,856 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12030600\algo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %ProgramFiles%\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/14 18:20:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/09/03 11:53:00 | 000,048,368 | ---- | M] (NOS Microsystems Ltd.) [Disabled | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/06/24 09:16:47 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012/03/06 19:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 19:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 19:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/03/06 19:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 19:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 19:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 18:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2004/08/04 01:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,025,471 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv10nt.sys -- (iAimTV5)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:44 | 000,022,271 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv06nt.sys -- (iAimTV6)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:40 | 000,011,871 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv09nt.sys -- (iAimFP7)
DRV - [2004/08/04 01:29:39 | 000,011,295 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv08nt.sys -- (iAimFP6)
DRV - [2004/08/04 01:29:38 | 000,011,807 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv07nt.sys -- (iAimFP5)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2002/06/03 11:18:32 | 000,040,832 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [2001/08/17 09:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 9E 5C DB A0 4E CD 01 [binary data]
IE - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\..\SearchScopes,DefaultScope = {C2EFBE96-ECEE-4A92-87C6-BA2F7F501B23}
IE - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\..\SearchScopes\{C2EFBE96-ECEE-4A92-87C6-BA2F7F501B23}: "URL" = http://www.google.co...q={searchTerms}
IE - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/27 00:14:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/06/27 00:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2012/06/27 00:14:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/14 18:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/14 18:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/14 18:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012/06/23 02:24:44 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 1
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004\..Trusted Domains: streamwrhu.net ([live] https in Trusted sites)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.189.0.100 24.159.64.23 24.247.24.53
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0988B9E-1F28-41A8-A972-714885C819B3}: DhcpNameServer = 66.189.0.100 24.159.64.23 24.247.24.53
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/05 14:02:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-1547161642-1060284298-1708537768-1004..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/27 00:40:41 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/27 00:40:40 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/27 00:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/06/27 00:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/06/27 00:29:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Oracle
[2012/06/27 00:29:32 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/06/27 00:29:32 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/06/27 00:29:31 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/06/27 00:29:09 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/06/27 00:29:08 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/06/27 00:15:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Mozilla
[2012/06/27 00:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/06/27 00:14:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/06/27 00:12:19 | 016,577,248 | ---- | C] (Mozilla) -- C:\Documents and Settings\User\Desktop\Firefox Setup 13.0.1.exe
[2012/06/26 22:57:41 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2012/06/24 19:49:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/06/24 19:49:36 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/06/24 19:49:35 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/06/24 19:49:22 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/06/24 19:49:21 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/06/24 19:49:20 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/06/24 19:49:19 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/06/24 19:49:19 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/06/24 19:49:18 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/06/24 19:43:26 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/06/24 19:43:20 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/06/24 19:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/06/24 19:40:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/06/24 09:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies
[2012/06/24 09:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\[email protected] ISO Burner
[2012/06/24 09:15:58 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/06/24 04:31:33 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/06/23 12:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\QuickScan
[2012/06/23 08:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/06/22 15:11:34 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\User\Desktop\JavaSetup7u5.exe
[2012/06/21 17:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Google
[2012/06/21 17:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/06/20 01:00:57 | 017,246,464 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\User\Desktop\SUPERAntiSpyware.exe
[2012/06/20 00:21:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\User\PrivacIE
[2012/06/19 03:17:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\User\IETldCache
[2012/06/18 23:36:29 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/06/18 23:30:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/06/18 23:28:28 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012/06/18 23:23:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/06/18 20:05:03 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012/06/18 19:32:13 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012/06/18 19:29:25 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012/06/18 19:22:23 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012/06/18 19:22:15 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012/06/18 19:08:17 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012/06/18 19:01:04 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012/06/18 08:06:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2012/06/17 21:12:26 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2012/06/17 21:11:33 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012/06/17 21:11:23 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2012/06/17 21:09:59 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2012/06/17 21:09:59 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2012/06/17 21:09:47 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2012/06/17 21:09:40 | 002,148,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012/06/17 21:09:34 | 002,192,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012/06/17 21:09:23 | 002,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012/06/17 21:00:28 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2012/06/17 20:49:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/06/17 19:22:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/06/17 19:22:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012/06/17 19:21:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/06/17 17:12:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/06/17 16:45:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/06/14 20:04:50 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/06/13 20:27:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/02 01:28:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/06/02 01:26:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Skype
[2012/06/02 01:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012/05/31 09:22:09 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2012/05/29 07:26:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2012/05/29 05:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\IObit
[2012/05/29 05:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/27 00:47:59 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/27 00:47:59 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/27 00:28:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/06/27 00:28:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/06/27 00:14:43 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/06/27 00:14:43 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/06/27 00:12:18 | 016,577,248 | ---- | M] (Mozilla) -- C:\Documents and Settings\User\Desktop\Firefox Setup 13.0.1.exe
[2012/06/26 22:57:35 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2012/06/26 18:15:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/26 05:43:34 | 000,881,475 | ---- | M] () -- C:\Documents and Settings\User\Desktop\SecurityCheck.exe
[2012/06/24 19:49:38 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/06/24 19:49:20 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/06/24 09:09:23 | 087,146,496 | ---- | M] () -- C:\Documents and Settings\User\Desktop\avg_arl_cdi_all_120_120525a5064.iso
[2012/06/23 02:24:44 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/06/22 17:02:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/22 15:11:34 | 000,893,936 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\User\Desktop\JavaSetup7u5.exe
[2012/06/21 16:57:24 | 010,857,155 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Lucky Man - [LIVE] - Marillion.mp3
[2012/06/20 08:27:24 | 010,131,155 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Power [LIVE] - Marillion.mp3
[2012/06/20 03:09:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/20 01:00:57 | 017,246,464 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\User\Desktop\SUPERAntiSpyware.exe
[2012/06/19 12:23:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/19 11:50:32 | 000,148,531 | ---- | M] () -- C:\Documents and Settings\User\Desktop\PageCapture TU 6-19-12.JPG
[2012/06/19 03:17:18 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/19 02:48:44 | 000,122,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/18 23:01:07 | 000,432,778 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/18 23:01:07 | 000,067,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/18 08:09:40 | 000,040,020 | ---- | M] () -- C:\Documents and Settings\User\My Documents\CCleaner Registry Backup file 6-18-12.reg
[2012/06/17 18:59:06 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/06/15 15:25:31 | 000,053,570 | ---- | M] () -- C:\WINDOWS\System32\Defrag Report filepath name details F 6-15-12
[2012/06/14 20:05:00 | 000,000,420 | RHS- | M] () -- C:\boot.ini
[2012/06/12 15:26:35 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\User\Desktop\MBR.dat
[2012/06/11 20:40:47 | 001,557,759 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Islanders '98 alternative logo design.jpg
[2012/06/08 19:08:20 | 000,228,864 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/06 08:34:14 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\User\Desktop\linkfile_fix.zip
[2012/06/06 08:32:48 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\User\Desktop\xp_exe_fix.zip
[2012/06/05 14:00:10 | 001,801,855 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Hot Pants - Salvage.mp3
[2012/06/05 10:43:40 | 003,471,184 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Out Of Mind Out Of Sight - Models, The.mp3
[2012/06/05 08:14:52 | 002,554,547 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Can't Sleep - Rockets, The.mp3
[2012/06/05 07:51:34 | 004,300,415 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Mama Let Him Play - Doucette.mp3
[2012/06/05 01:21:46 | 005,043,590 | ---- | M] () -- C:\Documents and Settings\User\Desktop\The Joker - Snail.mp3
[2012/06/05 01:04:54 | 003,875,068 | ---- | M] () -- C:\Documents and Settings\User\Desktop\City Slicker - James 'JY' Young with Jan Hammer.mp3
[2012/06/04 21:28:55 | 003,456,182 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut To Somewhere [from 'Quicksilver'] - Fish with Tony Banks.mp3
[2012/06/04 21:19:02 | 002,705,109 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Two Buffaloes - Rolf Harris.mp3
[2012/06/04 21:16:07 | 003,735,378 | ---- | M] () -- C:\Documents and Settings\User\Desktop\It's Really You - Tarney Spencer Band.mp3
[2012/06/04 20:58:57 | 003,948,955 | ---- | M] () -- C:\Documents and Settings\User\Desktop\On the Run - Lake.mp3
[2012/06/04 20:54:31 | 005,892,883 | ---- | M] () -- C:\Documents and Settings\User\Desktop\A Smile Is Diamond - A Band Called O (10-11!).mp3
[2012/06/04 20:47:24 | 003,763,695 | ---- | M] () -- C:\Documents and Settings\User\Desktop\I Want You To Be Mine [ USA Version ] - Kayak.mp3
[2012/06/04 18:29:23 | 002,392,118 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Hold On To The Night - Starz.mp3
[2012/06/04 18:21:48 | 004,059,670 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Coming Home - Ian Thomas.mp3
[2012/06/04 18:08:50 | 002,907,357 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Northern Lights - Renaissance.mp3
[2012/06/04 17:50:25 | 004,253,185 | ---- | M] () -- C:\Documents and Settings\User\Desktop\She Loves To Be In Love - Charlie.mp3
[2012/06/04 17:38:27 | 006,439,530 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Superstar - Bob McGilpin.mp3
[2012/06/04 17:31:31 | 004,484,317 | ---- | M] () -- C:\Documents and Settings\User\Desktop\I'm Mandy, Fly Me - 10cc.mp3
[2012/06/02 15:19:44 | 000,022,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2012/06/02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2012/06/02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2012/06/02 15:19:38 | 000,219,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2012/06/02 15:19:38 | 000,210,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2012/06/02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2012/06/02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2012/06/02 15:19:34 | 000,053,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2012/06/02 15:19:34 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2012/06/02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2012/06/02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2012/06/02 15:19:34 | 000,015,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2012/06/02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2012/06/02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2012/06/02 15:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2012/06/02 15:18:58 | 000,275,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012/06/02 15:18:58 | 000,017,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012/05/31 09:22:09 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2012/05/29 04:59:56 | 015,040,520 | ---- | M] () -- C:\Documents and Settings\User\Desktop\vGrabber_setup.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/27 00:14:43 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/06/27 00:14:43 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/06/27 00:14:42 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/26 05:43:28 | 000,881,475 | ---- | C] () -- C:\Documents and Settings\User\Desktop\SecurityCheck.exe
[2012/06/24 19:49:38 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/06/24 09:09:23 | 087,146,496 | ---- | C] () -- C:\Documents and Settings\User\Desktop\avg_arl_cdi_all_120_120525a5064.iso
[2012/06/21 16:18:14 | 010,857,155 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Lucky Man - [LIVE] - Marillion.mp3
[2012/06/20 11:39:29 | 015,040,520 | ---- | C] () -- C:\Documents and Settings\User\Desktop\vGrabber_setup.exe
[2012/06/20 08:16:24 | 010,131,155 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Power [LIVE] - Marillion.mp3
[2012/06/19 11:50:31 | 000,148,531 | ---- | C] () -- C:\Documents and Settings\User\Desktop\PageCapture TU 6-19-12.JPG
[2012/06/18 21:38:10 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/06/18 19:07:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/06/18 19:07:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/06/18 08:09:33 | 000,040,020 | ---- | C] () -- C:\Documents and Settings\User\My Documents\CCleaner Registry Backup file 6-18-12.reg
[2012/06/15 15:25:22 | 000,053,570 | ---- | C] () -- C:\WINDOWS\System32\Defrag Report filepath name details F 6-15-12
[2012/06/14 20:05:00 | 000,000,304 | ---- | C] () -- C:\Boot.bak
[2012/06/14 20:04:55 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/06/12 15:26:35 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\User\Desktop\MBR.dat
[2012/06/11 20:40:57 | 001,557,759 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Islanders '98 alternative logo design.jpg
[2012/06/06 08:34:18 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\User\Desktop\linkfile_fix.zip
[2012/06/06 08:33:09 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\User\Desktop\xp_exe_fix.zip
[2012/06/05 13:59:16 | 001,801,855 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Hot Pants - Salvage.mp3
[2012/06/05 10:40:56 | 003,471,184 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Out Of Mind Out Of Sight - Models, The.mp3
[2012/06/05 08:11:49 | 002,554,547 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Can't Sleep - Rockets, The.mp3
[2012/06/05 07:45:43 | 004,300,415 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Mama Let Him Play - Doucette.mp3
[2012/06/05 00:56:30 | 003,875,068 | ---- | C] () -- C:\Documents and Settings\User\Desktop\City Slicker - James 'JY' Young with Jan Hammer.mp3
[2012/06/04 18:28:18 | 002,392,118 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Hold On To The Night - Starz.mp3
[2012/06/04 18:23:48 | 005,043,590 | ---- | C] () -- C:\Documents and Settings\User\Desktop\The Joker - Snail.mp3
[2012/06/04 18:19:53 | 004,059,670 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Coming Home - Ian Thomas.mp3
[2012/06/04 18:16:29 | 003,763,695 | ---- | C] () -- C:\Documents and Settings\User\Desktop\I Want You To Be Mine [ USA Version ] - Kayak.mp3
[2012/06/04 18:07:47 | 002,907,357 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Northern Lights - Renaissance.mp3
[2012/06/04 18:02:13 | 003,735,378 | ---- | C] () -- C:\Documents and Settings\User\Desktop\It's Really You - Tarney Spencer Band.mp3
[2012/06/04 17:48:21 | 004,253,185 | ---- | C] () -- C:\Documents and Settings\User\Desktop\She Loves To Be In Love - Charlie.mp3
[2012/06/04 17:35:37 | 006,439,530 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Superstar - Bob McGilpin.mp3
[2012/06/04 17:29:24 | 004,484,317 | ---- | C] () -- C:\Documents and Settings\User\Desktop\I'm Mandy, Fly Me - 10cc.mp3
[2012/06/04 17:22:07 | 003,948,955 | ---- | C] () -- C:\Documents and Settings\User\Desktop\On the Run - Lake.mp3
[2012/06/04 17:16:55 | 005,892,883 | ---- | C] () -- C:\Documents and Settings\User\Desktop\A Smile Is Diamond - A Band Called O (10-11!).mp3
[2012/06/01 21:15:16 | 003,456,182 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut To Somewhere [from 'Quicksilver'] - Fish with Tony Banks.mp3
[2012/05/31 00:16:26 | 002,705,109 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Two Buffaloes - Rolf Harris.mp3
[2012/03/17 12:42:40 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\User\Application Data\mcs.rma
[2011/06/04 09:18:39 | 000,000,022 | --S- | C] () -- C:\Documents and Settings\User\Application Data\Sys2662.Config.Repository.bin
[2010/12/12 15:10:09 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/12 15:10:09 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/12 15:10:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/12 15:10:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/12 15:10:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/06/29 23:37:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/08 02:02:27 | 005,275,648 | ---- | C] () -- C:\Documents and Settings\User\NTUSER.rhk
[2008/01/18 16:58:02 | 000,228,864 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

< End of report >
  • 0

#154
ogam5

ogam5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
.....and the Extras Log Report.....if you have any words of encouragement, they'd be greatly appreciated as well right about now, Dakeyras!



OTL Extras logfile created on: 6/27/2012 12:48:41 AM - Run 7
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.30 Mb Total Physical Memory | 261.86 Mb Available Physical Memory | 51.31% Memory free
863.54 Mb Paging File | 666.47 Mb Available in Paging File | 77.18% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.64 Gb Total Space | 2.32 Gb Free Space | 12.45% Space Free | Partition Type: NTFS
Drive E: | 74.52 Gb Total Space | 2.09 Gb Free Space | 2.80% Space Free | Partition Type: NTFS

Computer Name: USER-2LHZ6LTLSL | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1547161642-1060284298-1708537768-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"50000:UDP" = 50000:UDP:*:Enabled:IHA_MessageCenter

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Rhapsody\rhapsody.exe" = C:\Program Files\Rhapsody\rhapsody.exe:*:Enabled:RealNetworks Rhapsody -- (Rhapsody International Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{659314FA-F336-482D-B094-C3FCA68BB60B}" = GEAR driver installer for x86 and x64
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = [email protected] ISO Burner
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"7-Zip" = 7-Zip 9.22beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.15
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"ESET Online Scanner" = ESET Online Scanner v3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Rhapsody" = Rhapsody
"Star Trek: The Game Show" = Star Trek: The Game Show
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"YInstHelper" = Yahoo! Install Manager
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/24/2012 8:25:49 AM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 13.0.1.4548, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/24/2012 8:59:13 AM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 13.0.1.4548, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/24/2012 9:04:11 AM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/24/2012 1:29:07 PM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 13.0.1.4548, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/24/2012 3:27:57 PM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/24/2012 3:27:57 PM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/25/2012 5:38:42 AM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/25/2012 5:45:37 AM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/27/2012 12:20:25 AM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 13.0.1.4548, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/27/2012 12:23:36 AM | Computer Name = USER-2LHZ6LTLSL | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 13.0.1.4548, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 6/27/2012 12:03:10 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/27/2012 12:03:10 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/27/2012 12:03:10 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/27/2012 12:03:10 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/27/2012 12:03:10 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/27/2012 12:03:10 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/27/2012 12:03:10 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/27/2012 12:03:11 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/27/2012 12:03:11 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 6/27/2012 12:03:11 AM | Computer Name = USER-2LHZ6LTLSL | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126


< End of report >
  • 0

#155
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

Ok I have read and acknowledge your update, as I have mentioned prior most of that can be addressed in due course. Now the below is something that does require addressing first before we do anything further proactive wise etc...

Hard-Drive Free Space Advice:

Drive C: | 18.64 Gb Total Space | 2.32 Gb Free Space | 12.45% Space Free | Partition Type: NTFS
Drive E: | 74.52 Gb Total Space | 2.09 Gb Free Space | 2.80% Space Free | Partition Type: NTFS

The above is considered dangerously low. A Hard-Drive requires a bare minimum of 15% available free space to be able to function correctly, but at least 25% is better in my humble opinion.

I advise choose to uninstall some software you do not need and or delete/move any documents/files/pictures etc to a form of removable storage media.

Overall the lack of current Hard-Drive space will be impacting on system performance. Plus eventually any type of system maintenance will prove to be problematic and or your machine may cease to boot-up at all.

Though to be honest the current set up of your machine's Hard-Drive is far from ideal if it is indeed one drive with two partitions on it for example. If this is the case it would have been better for the C:\ partition to be the largest. Now this may not be the case and it is indeed two separate Hard-Drives, the one allocated for the Operating System is quite small. Anyway food for thought as they say.

Note: Do not uninstall anything security related, be it software and or critical updates, service packs etc. Or delete any of the specific malware applications that have been used thus far.

So what we are looking for is to get both drives with at least 15% free space available but more would be a distinct advantage.

Next:

When completed the above, post a new OTL log(will be run 8 this time round) and we will go from there.
  • 0

#156
ogam5

ogam5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
I think 15% and likely 18% can be attained - 25% is out of the question and, as for offloading files, I put in hundreds upon hundreds of hours ripping thousands of songs for a project I'm working on and I won't do it all over again - do have a little wiggle room on the E drive but that's going to be devoted to other songs needing to be added - so I'm not gonna worry about it; should be fine where I am at around 2 GBs as it doesn't get used a lot otherwise.....hoping to boost my capacity though when I've got some money in hand before the end of August - if not a bit sooner. Do still need to install some sort of MP3 converting program and still have the vGrabber setup icon.....also, would suspect that further compression which would take place after I defrag might free up still more disk space (?)

Reviewing my C drive, there are certain things which are off the table, including iTunes, Yahoo! resources and OpenOffice (not sure its home is even ON that drive - in which case I could reduce the E load to some extent just by getting rid of the unnecessary OO features - but I suspect that it can customized to get rid of all but the spreadsheet and word processing features I need - in the process, reducing the program size considerably.....can you confirm? Acquiring MS Office is absolutely out of the question and I have to believe it would be even BIGGER anyhow.....)

Here are the other things which I've identified as possibly being expendable:

3.35 MB ISO Burner (although it doesn't take up all that much space - do you think it might be useful in the future somehow?)

92.40 MB ESET Scanner - leaving this up for now as you'd said you might want me to do another scan with it but a respectable chunk of space being taken up by it

100.00 MB (approx.) - dekstop MP3 files for which the dates released need to be determined and transferred to the E drive


36.53 MB Firefox 13 - given how much of a headache it's become, much as I'd rather NOT be using IE8, might just forego it entirely for now.....

31.85 MB Nero Burning ROM - not sure how legitimate this is; have tried to remove it through deleting Ahead files and maybe registry keys (?) and reloading the original starter disk, but triggers error message when I do.....

47.28 MB Rhapsody - would rather not remove it but, of the 3 MP3 donwload services, it's the most expendable

38.53 MB Safari - would like to have some sort of backup browser to IE8


.....if there is/are any programs apps amongst the Microsoft updates or others that could be deleted, please let me know.....thanks, Dakeyras!
  • 0

#157
ogam5

ogam5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Think I have a clue - if not a strong suspicion - that the issues with Firefox may be due to a rogue redirect protocol; tried again to access my Tools/Options (for the purpose of changing my home page to Yahoo!) and it hung/froze up once more.....know there's a way/place that it can be removed/fixed on the Desktop; please guide me in doing so if possible?
  • 0

#158
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Good day. :)

A few points I will first raise as follows...

1 - Please desist from using all caps to highlight certain words, as that is considered bad forum etiquette/shouting.

2 - I do not require constant monologue updates about the same subject matter over and over, it serves no purpose what so ever.

Next:

I cannot advise what you choose to uninstall/move and or delete etc that is at your own discretion. Apart from what not to remove as I mentioned prior.

So to reiterate when created enough free-space as possible, which would be at the least amount I advised. Then in turn post the requested new OTL log.
  • 0

#159
ogam5

ogam5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Please make it clear to me, Dakeyras: do you want to help me or not? Point No. 2 was as obnoxious as any I've ever encountered online and I deserve to be treated with respect, just as you claim about CompCav and Ron - do I not? I asked you a simple, specific question and for assistance which almost certainly has a direct bearing on resolving in part my problems with Firefox - please do NOT reply with an insult as you did.....or am I inevitably going to be in the wrong with this site every time just because I sought your assistance in the first place? You're now being abusive, whether you accept the validity of it or not. If you can explain to me precisely how my having limited space would affect your ability to fix a re-direct, that would be especially appreciated -I've done it myself in the past but, at the age of almost 50, don't remember the steps or where to go. Furthermore, I provide any such updates because there may be things occurring of which you might not be made aware of otherwise by scans. And BTW, it's a well-known fact that caps are used for emphasis by most people online rather than mere shouting.

I need help - I don't need to be insulted or my concerns, blithely dismissed. The three of you, whatever your intentions, have advised me to take actions which now need to be seen through in a manner satsifying to me - or else it's not helping and, indeed, I'm effectively crippled more so than when I first approached GeekstoGo - again, NOT finding fault by saying so but stating the obvious. I trust you do want to take pride in the efforts you make to assist people on here? I know as a counselor of ten years myself it's important to me that I never leave the person I'm assisting, feeling disempowered - nothing leaves a worse taste in my mouth and, right now, that's exactly how I feel.
  • 0

#160
wannabe1

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Hello ogam5...

You've been helped by three very capable specialists and have managed to drive all three from the topic. You came here for free help in cleaning your infected machine and were offered just that. Unfortunately, no one else is willing to step forward to continue helping with this. Our malware removal specialists have helped literally thousands of people without complaint...placing the blame on any or all of them for your lack of success here is not just out of line, it's ridiculous.

I'm closing this topic now. I hope you can find the help you require elsewhere...it's pretty obvious you won't be receiving it here.

Should you wish to discuss this further, please feel free to contact me, or any other admin, by PM.

We wish you the best of luck.

wannabe1
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP