Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus - won't let me run any of the anti-virus scans recommended [


  • This topic is locked This topic is locked

#1
glug

glug

    Member

  • Member
  • PipPip
  • 27 posts
Hi,
I have a similar problem to a couple of other people whose posts I've been reading but I can't join it with their questions so I've had to start my own topic. I have the problem where the computer boots up fine and then grows progressively slower and things start to disappear from the screen so you don't know what you're doing and screens turn grey and then error messages start to pop up but I can't read them because the text is invisible etc. The difference is that Avast did pick up a virus and I put the files in the chest but the problem hasn't gone away. Also, I don't seem to be able to run OTL or anything else - it won't let me. It just freezes. One of the error messages I did manage to read said something about insufficient memory...? Can anyone help?

Gaby
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there are you able to access safe mode at all

Reboot the computer and repeatedly press F8, a menu should appear
Select safe mode with networking

Are you able to run OTL now ?
  • 0

#3
glug

glug

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
In safe mode OTL has vanished from the desktop. Should I download it again?
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes please

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#5
glug

glug

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
It's doing it so at least that's working. Writing this on the clunky old desktop in case anything goes wrong! Will post as soon as it's done.
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hopefully I will be able to see the problem and enable you to get back to normal mode
  • 0

#7
glug

glug

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
OTL logfile created on: 04/07/2012 21:27:16 - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1014.36 Mb Total Physical Memory | 719.00 Mb Available Physical Memory | 70.88% Memory free
3.88 Gb Paging File | 3.72 Gb Available in Paging File | 95.96% Paging File free
Paging file location(s): C:\pagefile.sys 3048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.04 Gb Total Space | 42.55 Gb Free Space | 59.90% Space Free | Partition Type: NTFS
Drive D: | 72.00 Gb Total Space | 66.42 Gb Free Space | 92.26% Space Free | Partition Type: NTFS

Computer Name: GABYSMINI | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/04 21:24:44 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2008/04/14 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\Gaby\LOCALS~1\Temp\000876~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -- (0008761242033362mcinstcleanup) McAfee Application Installer Cleanup (0008761242033362)
SRV - [2012/07/03 19:44:33 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/28 13:51:53 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Stopped] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2009/04/21 09:09:00 | 000,282,624 | ---- | M] (Marvell) [Auto | Stopped] -- C:\WINDOWS\system32\yk51x86.dll -- (yksvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/06/28 13:52:42 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/06/28 13:52:42 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/06/28 13:52:37 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/06/28 13:52:37 | 000,097,352 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/06/28 13:52:37 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/06/28 13:52:36 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/06/28 13:52:36 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/07 01:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/12/23 21:58:18 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011/11/12 12:18:20 | 000,018,560 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2010/06/04 20:29:04 | 001,606,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/04/21 09:09:00 | 000,297,344 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2009/04/06 15:41:26 | 000,089,192 | ---- | M] (Trusteer Ltd.) [Kernel | System | Stopped] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2009/04/06 15:41:26 | 000,056,808 | ---- | M] (Trusteer Ltd.) [Kernel | System | Stopped] -- C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys -- (RapportKELL)
DRV - [2009/02/18 14:41:10 | 000,186,128 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2008/09/23 21:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)
DRV - [2008/08/27 00:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/07/29 16:59:08 | 000,879,832 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/29 16:59:02 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/27 00:29:54 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/27 00:29:36 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/07/27 00:29:28 | 000,539,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/01/15 04:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)
DRV - [2005/10/27 05:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7SMSN


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-734062704-824566389-2624877000-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SMSN&bmod=SMSN
IE - HKU\S-1-5-21-734062704-824566389-2624877000-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-734062704-824566389-2624877000-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-734062704-824566389-2624877000-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=SMSN&bmod=SMSN
IE - HKU\S-1-5-21-734062704-824566389-2624877000-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-734062704-824566389-2624877000-500\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-734062704-824566389-2624877000-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-734062704-824566389-2624877000-500\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7SMSN
IE - HKU\S-1-5-21-734062704-824566389-2624877000-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2008/04/14 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MagicKeyboard] C:\Program Files\Samsung\MagicKBD\PreMKbd.exe ()
O4 - HKLM..\Run: [SUPBackGround] C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe ()
O4 - HKU\S-1-5-21-734062704-824566389-2624877000-500..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-734062704-824566389-2624877000-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote3\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote3\enbar.dll (Evernote Corporation)
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photob...?20101006061106 (PhotoboxPhotowaysUploader5 Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanne...yerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1238591713421 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34E98E9C-22D2-4770-B6B0-7E9407ECC192}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E226A430-B7D7-4075-A2A5-9BD31E19D719}: DhcpNameServer = 138.38.32.45 138.38.3.97 138.38.32.46
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/12 20:26:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10

========== Files/Folders - Created Within 30 Days ==========

[2012/07/04 21:24:33 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012/07/04 21:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2012/07/04 21:12:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2012/07/04 21:11:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2012/07/04 21:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2012/07/04 21:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2012/07/04 21:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2012/07/04 21:10:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2012/07/04 21:10:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2012/07/04 21:10:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012/07/04 21:10:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2012/07/04 21:10:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2012/07/04 21:10:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2012/07/04 21:10:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2012/07/04 21:10:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2012/07/04 21:10:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2012/07/04 21:10:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2012/07/04 21:10:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2012/07/04 21:10:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2012/07/04 21:10:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates
[2012/07/04 21:10:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2012/07/04 21:10:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2012/07/04 21:10:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2012/07/04 21:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Play Camera Media
[2012/07/04 21:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2012/07/04 21:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2012/07/04 21:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2012/07/04 21:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}
[2012/06/06 14:51:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
[2012/01/13 18:37:25 | 010,249,568 | ---- | C] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrogConnectSetup_Tag.exe

========== Files - Modified Within 30 Days ==========

[2012/07/04 21:24:44 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012/07/04 21:10:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/04 21:09:12 | 003,724,064 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2012/07/04 21:09:12 | 000,351,200 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2012/07/04 21:09:11 | 208,603,168 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2012/07/04 21:09:11 | 002,794,280 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2012/07/04 21:08:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/03 22:34:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{12D0CE38-76C1-48A8-B2F7-FE87AB6C933E}.job
[2012/07/03 22:19:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/03 21:02:36 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/03 20:56:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/02 19:45:38 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/02 18:22:10 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/01 21:05:08 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012/06/28 13:52:42 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/06/28 13:52:42 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/06/28 13:52:37 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/06/28 13:52:37 | 000,097,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/06/28 13:52:37 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/06/28 13:52:37 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/06/28 13:52:36 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/06/28 13:52:36 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/06/28 13:52:20 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/06/28 13:51:49 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/06/21 11:39:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/06/14 09:21:22 | 000,218,448 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/14 09:07:33 | 000,405,580 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/14 09:07:33 | 000,054,758 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/14 08:47:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2012/07/04 21:10:36 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2012/07/04 21:10:36 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/07/04 21:10:36 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2012/07/04 21:10:36 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2012/07/04 21:10:36 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/07/02 18:22:09 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/01 16:54:49 | 000,241,338 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-734062704-824566389-2624877000-1005-0.dat
[2012/06/06 14:54:17 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/02/16 15:03:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/24 23:27:46 | 000,241,338 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/01/23 23:46:21 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/23 21:58:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/12/23 21:58:24 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/12/23 21:58:24 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/12/23 21:58:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/12/23 21:58:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/06/02 11:20:02 | 016,876,872 | ---- | C] () -- C:\Program Files\winzip155.exe
[2010/12/18 18:46:55 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/12/18 18:46:54 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/12/18 18:46:46 | 002,942,464 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2010/12/18 18:46:46 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/12/18 18:46:46 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/12/18 18:46:45 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

========== LOP Check ==========

[2010/05/16 10:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/10/23 11:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2009/07/27 15:43:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/05/11 12:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012/01/13 17:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2012/01/23 22:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/01/31 15:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/02/12 20:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLAN
[2011/11/09 21:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\OpenOffice.org
[2012/07/02 19:45:38 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012/07/03 22:34:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{12D0CE38-76C1-48A8-B2F7-FE87AB6C933E}.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/14 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: SERVICES >
[2008/04/14 13:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES._ >
[2008/04/14 13:00:00 | 000,001,989 | ---- | M] () MD5=29BB3BBBE3D49156A42BFB3DD000F554 -- C:\WINDOWS\I386\SERVICES._

< MD5 for: SERVICES.CFG >
[2012/04/04 06:53:54 | 000,585,987 | ---- | M] () MD5=7BAB089A4F862C6BC86E0201D5BF1779 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 13:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.EX_ >
[2008/04/14 13:00:00 | 000,049,959 | ---- | M] () MD5=EE4885163C0C0729A3C5F1416A6E5F48 -- C:\WINDOWS\I386\SERVICES.EX_

< MD5 for: SERVICES.EXE >
[2009/02/06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe

< MD5 for: SERVICES.LNK >
[2009/02/12 20:26:10 | 000,001,602 | ---- | M] () MD5=D80C43C534A576985993EBCD64F5F967 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk

< MD5 for: SERVICES.MS_ >
[2008/04/14 13:00:00 | 000,003,649 | ---- | M] () MD5=64E9F61D2ED093C361862DE36433B5E1 -- C:\WINDOWS\I386\SERVICES.MS_

< MD5 for: SERVICES.MSC >
[2008/04/14 13:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc

< MD5 for: SERVICES.RDB >
[2011/01/17 19:14:32 | 000,237,568 | ---- | M] () MD5=507957679AE4579C15D57FA741EA6FFA -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
[2011/01/17 19:14:04 | 005,539,328 | ---- | M] () MD5=F2B666905F7FDAA80C86A101A7DE62F9 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb

< MD5 for: SVCHOST.EXE >
[2008/04/14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008/04/14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >

< End of report >
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you open Avast please and let me know what version it is

[attachment=58810:Capture.GIF]
  • 0

#9
glug

glug

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
There's only one file?!
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Oops cross posted there .. Could you look at the Avast version for me please
  • 0

Advertisements


#11
glug

glug

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
don't know how to do that. Sorry. Won't let me copy & paste.
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you just copy the number it should be 7.0.1456
  • 0

#13
glug

glug

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Oh yes that's right. I thought you wanted a copy of the virus log :blush: sorry!
  • 0

#14
glug

glug

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Sorry I've just checked again and it says 1451. I'm sure yesterday it said 1456.
  • 0

#15
glug

glug

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Should I update it?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP