Server Not Found/System Restore Not Working
Started by
tuffstuff
, Apr 27 2013 04:14 PM
#91
Posted 03 June 2013 - 02:00 PM
tuffstuff
- Topic Starter
-
- Member
-
- 104 posts
Member
#92
Posted 03 June 2013 - 11:16 PM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
Sounds like AVG interfered with ComboFix running to completion. Especially if AVG quarantined one of it's files as malicious. Let's see if we can get AVG to uninstall, but first I want to see a new Extras.txt log to see exactly what AVG has installed on the system.
Please read the following instructions carefully. I recommend printing them out or saving them to a text file so you will have them to follow.
OTL Scan
Please re-open on the desktop. To do that:
Please read the following instructions carefully. I recommend printing them out or saving them to a text file so you will have them to follow.
OTL ScanPlease re-open
on the desktop. To do that:- XP users: Double click the OTL icon.
- You will see a console like the one below:
- At the top of the console click the greyed out None button<---Important
- Make sure the Output box at the top is set to Standard Output.
- In the Extra Registry section click the circle beside Use Safelist.<---Important
- Click the
button. Do not change any settings unless otherwise told to do so. - Let the scan run uninterrupted.
This scan will produce an abbreviated OTL.txt file which I don't need so close it and open the Extras.txt file that will be minimized on the taskbar. - Please copy the contents of the Extras.txt file and paste it into your reply. To do that:
- On the .txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
- Right-click inside the forum post window then click Paste.This will paste the contents of the .txt file in the in the post window.
#93
Posted 04 June 2013 - 04:42 AM
tuffstuff
- Topic Starter
-
- Member
-
- 104 posts
Member
Here is the Extras.txt
OTL Extras logfile created on: 6/4/2013 6:40:42 AM - Run 8
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.47 Mb Total Physical Memory | 521.63 Mb Available Physical Memory | 51.47% Memory free
2.38 Gb Paging File | 2.01 Gb Available in Paging File | 84.42% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.28 Gb Total Space | 195.60 Gb Free Space | 85.68% Space Free | Partition Type: NTFS
Drive D: | 4.59 Gb Total Space | 2.24 Gb Free Space | 48.65% Space Free | Partition Type: FAT32
Computer Name: DEBEVE | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CallWave\IAM.exe" = C:\Program Files\CallWave\IAM.exe:*:Disabled:CallWave
"C:\Program Files\QuickTime\QuickTimePlayer.exe" = C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Disabled:QuickTime Player -- (Apple Computer, Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}" = Intel Audio Studio
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{446DBFFA-4088-48E3-8932-74316BA4CAE4}" = iTunes
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{50D8FFDD-90CD-4859-841F-AA1961C7767A}" = QuickTime
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{6054F774-FEF0-46C6-9311-EC97FC576FC5}" = USB Wireless Keyboard Driver
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3EAB67E-9B37-4B74-AFE6-D418D5F6F3D4}" = Hoyle Puzzle Games 2005
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.4
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B3A1BF34-A336-450D-BC3E-3A854AD270A0}" = AVG 2013
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B9561886-9EDF-48C8-A613-9843F1EE512E}" = Intel Audio Studio
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEE76D44-8D7C-4A32-8FAE-A813817631FC}" = AVG 2013
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AVG" = AVG 2013
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"HCS10DL" = Hoyle Casino 2006 (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"Lexmark 2300 Series" = Lexmark 2300 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Optio E10 Digital Camera Driver" = Optio E10 Digital Camera Driver
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"Revo Uninstaller" = Revo Uninstaller 1.92
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/29/2013 10:24:01 PM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 5/29/2013 10:50:40 PM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 5/31/2013 8:48:18 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 5/31/2013 9:43:02 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 5/31/2013 11:07:45 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/1/2013 12:13:38 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/2/2013 2:23:36 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/2/2013 8:03:36 PM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/2/2013 11:32:54 PM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/3/2013 12:01:25 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
[ System Events ]
Error - 5/29/2013 8:03:35 PM | Computer Name = DEBEVE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 5/29/2013 8:03:35 PM | Computer Name = DEBEVE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 5/31/2013 9:47:25 AM | Computer Name = DEBEVE | Source = NtServicePack | ID = 921879
Description = Windows XP Service Pack 3 uninstall failed. The system cannot find
the file specified.
Error - 5/31/2013 2:20:16 PM | Computer Name = DEBEVE | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.
Error - 6/1/2013 5:23:40 PM | Computer Name = DEBEVE | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 6/1/2013 5:23:40 PM | Computer Name = DEBEVE | Source = Service Control Manager | ID = 7034
Description = The MSCamSvc service terminated unexpectedly. It has done this 1
time(s).
Error - 6/1/2013 5:23:41 PM | Computer Name = DEBEVE | Source = Service Control Manager | ID = 7034
Description = The lxcg_device service terminated unexpectedly. It has done this
1 time(s).
< End of report >
OTL Extras logfile created on: 6/4/2013 6:40:42 AM - Run 8
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.47 Mb Total Physical Memory | 521.63 Mb Available Physical Memory | 51.47% Memory free
2.38 Gb Paging File | 2.01 Gb Available in Paging File | 84.42% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.28 Gb Total Space | 195.60 Gb Free Space | 85.68% Space Free | Partition Type: NTFS
Drive D: | 4.59 Gb Total Space | 2.24 Gb Free Space | 48.65% Space Free | Partition Type: FAT32
Computer Name: DEBEVE | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CallWave\IAM.exe" = C:\Program Files\CallWave\IAM.exe:*:Disabled:CallWave
"C:\Program Files\QuickTime\QuickTimePlayer.exe" = C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Disabled:QuickTime Player -- (Apple Computer, Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}" = Intel Audio Studio
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{446DBFFA-4088-48E3-8932-74316BA4CAE4}" = iTunes
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{50D8FFDD-90CD-4859-841F-AA1961C7767A}" = QuickTime
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{6054F774-FEF0-46C6-9311-EC97FC576FC5}" = USB Wireless Keyboard Driver
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3EAB67E-9B37-4B74-AFE6-D418D5F6F3D4}" = Hoyle Puzzle Games 2005
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.4
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B3A1BF34-A336-450D-BC3E-3A854AD270A0}" = AVG 2013
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B9561886-9EDF-48C8-A613-9843F1EE512E}" = Intel Audio Studio
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEE76D44-8D7C-4A32-8FAE-A813817631FC}" = AVG 2013
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AVG" = AVG 2013
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"HCS10DL" = Hoyle Casino 2006 (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"Lexmark 2300 Series" = Lexmark 2300 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Optio E10 Digital Camera Driver" = Optio E10 Digital Camera Driver
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"Revo Uninstaller" = Revo Uninstaller 1.92
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/29/2013 10:24:01 PM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 5/29/2013 10:50:40 PM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 5/31/2013 8:48:18 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 5/31/2013 9:43:02 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 5/31/2013 11:07:45 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/1/2013 12:13:38 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/2/2013 2:23:36 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/2/2013 8:03:36 PM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/2/2013 11:32:54 PM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
Error - 6/3/2013 12:01:25 AM | Computer Name = DEBEVE | Source = MsiInstaller | ID = 11714
Description = Product: Microsoft Visual C++ 2005 Redistributable -- Error 1714.The
older version of Microsoft Visual C++ 2005 Redistributable cannot be removed.
Contact your technical support group. System Error 1612.
[ System Events ]
Error - 5/29/2013 8:03:35 PM | Computer Name = DEBEVE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 5/29/2013 8:03:35 PM | Computer Name = DEBEVE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 5/31/2013 9:47:25 AM | Computer Name = DEBEVE | Source = NtServicePack | ID = 921879
Description = Windows XP Service Pack 3 uninstall failed. The system cannot find
the file specified.
Error - 5/31/2013 2:20:16 PM | Computer Name = DEBEVE | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.
Error - 6/1/2013 5:23:40 PM | Computer Name = DEBEVE | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 6/1/2013 5:23:40 PM | Computer Name = DEBEVE | Source = Service Control Manager | ID = 7034
Description = The MSCamSvc service terminated unexpectedly. It has done this 1
time(s).
Error - 6/1/2013 5:23:41 PM | Computer Name = DEBEVE | Source = Service Control Manager | ID = 7034
Description = The lxcg_device service terminated unexpectedly. It has done this
1 time(s).
< End of report >
#94
Posted 04 June 2013 - 09:46 AM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
Thanks. The log shows AVG 2013 installed but not the AVG toolbar, so that's good. Let's uninstall it and then reset the Windows Firewall and then see if you can run Combofix. There are a lot of steps her so take your time. I would recommend that you print these instructions our or save them to a text file so you will have them to reference while you complete the steps.
Step-1.
Delete the AVG remover tool that you have now.
Step-2.
AVG and the AVG Remover Tool:
Download the AVG free antivirus program from here. Click the Download Latest Version button in the upper right corner of the page and save it to the desktop.
Download the AVG Remover tool and save it to the desktop.
Close the browser and all open windows.
Step-3.
Show Hidden Files and Folders
Step-4.
Uninstall AVG
1. Please click Start > Control Panel > Add/Remove Programs
2. In the list of programs installed, locate the following program(s):
AVG 2013
3. Click on each program to highlight it and click Change/Remove.
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.
Step-5.
AVG Remover Tool:
AVG Remover eliminates all the parts of your AVG installation from your computer, including registry items, installation files, user files, etc.
NOTE: All AVG user settings will be removed after the uninstall process is complete, as well as content from the Virus Vault and all other items related to AVG installation and use. You will be asked during the removal procedure to restart your computer. Therefore, please make sure to finish your work and save all important data prior to launching AVG Remover.
Step-6.
Reset Firewall:
Now try to run ComboFix.
Step-7.
Run ComboFix
***Read through this entire procedure and if you have any questions, please ask them before you begin. Then either print out, or copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.***
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" ComboFix. If you have a problem, reply back for further instructions.
3. If you recieve an error "Illegal operation attempted on a registry key that has been marked for deletion". Please restart the computer. That will cure it.
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use. ComboFix Should Not be used unless requested by a forum helper
Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
Don't forget to reenable your Anti-Virus
NOTE: After running Combofix you will need to reinstall an anti virus program. You can reinstall AVG by double clicking the AVG file that you downloaded previously.
OR...since AVG is completely removed you could try installing Microsoft Security Essentials. If it installs you will know that enough of SP3 remains on the system to install MSSE. If SP3 is mostly gone from the system then MSSE shouldn't install and you can then install AVG.
You can get MSSE here. Make sure XP is shown as the version and English is the language.
Step-8.
Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The C:\Combofix.txt log
Step-1.
Delete the AVG remover tool that you have now.
Step-2.
AVG and the AVG Remover Tool:
Download the AVG free antivirus program from here. Click the Download Latest Version button in the upper right corner of the page and save it to the desktop.
Download the AVG Remover tool and save it to the desktop.
Close the browser and all open windows.
Step-3.
Show Hidden Files and Folders
- Click Start then Computer.
- On the next window, at the top of the window, click Tools then click Folder Options.
- On the Folder Options window click the View tab.
- Under the Files and Folders section:
- Make sure that 'Show hidden files and folders' (or 'Show all files') is enabled.
- Also make sure that Hide protected system operating files(recommended) is un-checked.
- Also make sure the Hide extensions for known file types box is un-checked.
Step-4.
Uninstall AVG
1. Please click Start > Control Panel > Add/Remove Programs
2. In the list of programs installed, locate the following program(s):
AVG 2013
3. Click on each program to highlight it and click Change/Remove.
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.
Step-5.
AVG Remover Tool:
AVG Remover eliminates all the parts of your AVG installation from your computer, including registry items, installation files, user files, etc.
NOTE: All AVG user settings will be removed after the uninstall process is complete, as well as content from the Virus Vault and all other items related to AVG installation and use. You will be asked during the removal procedure to restart your computer. Therefore, please make sure to finish your work and save all important data prior to launching AVG Remover.
- Double click the avg_remover_stf_x86_2013_3341.exe file to run the AVG Remover tool and follow the instructions displayed on your screen.
- Your will be asked to restart your computer, please do so. After the restart, AVG Remover will finish the uninstallation.
Step-6.
Reset Firewall:
- Click on Start, click Run. The Run window will open.
- In the Open box, copy and paste in the following and click on OK
- firewall.cpl
- On the Windows Firewall Settings Window, click on the Advanced tab.
- Click the Restore Defaults button. At the prompt click on Yes.
Now try to run ComboFix.
Step-7.
Run ComboFix***Read through this entire procedure and if you have any questions, please ask them before you begin. Then either print out, or copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.***
- Double click on ComboFix.exe & follow the prompts.
- Accept the disclaimer and allow to update if it asks
- Also allow the installation of the recovery console (XP only)
- When finished, it shall produce a log for you.
- Please include the C:\ComboFix.txt in your next reply.
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" ComboFix. If you have a problem, reply back for further instructions.
3. If you recieve an error "Illegal operation attempted on a registry key that has been marked for deletion". Please restart the computer. That will cure it.
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use. ComboFix Should Not be used unless requested by a forum helper
Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
Don't forget to reenable your Anti-Virus
NOTE: After running Combofix you will need to reinstall an anti virus program. You can reinstall AVG by double clicking the AVG file that you downloaded previously.
OR...since AVG is completely removed you could try installing Microsoft Security Essentials. If it installs you will know that enough of SP3 remains on the system to install MSSE. If SP3 is mostly gone from the system then MSSE shouldn't install and you can then install AVG.
You can get MSSE here. Make sure XP is shown as the version and English is the language.
Step-8.
Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The C:\Combofix.txt log
#95
Posted 04 June 2013 - 10:20 AM
tuffstuff
- Topic Starter
-
- Member
-
- 104 posts
Member
How do I delete the AVG remover tool I have now. I deleted where it was in my downloads is that correct?
Edited by tuffstuff, 04 June 2013 - 10:31 AM.
#96
Posted 04 June 2013 - 10:33 AM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
When you were working with Ztruker over in the XP forums he asked you to download the AVG remover. If you still have that one on the computer delete it and then start with Step 2. If you never downloaded the AVG remover then start with Step 2.
#97
Posted 04 June 2013 - 10:52 AM
tuffstuff
- Topic Starter
-
- Member
-
- 104 posts
Member
When I clicked on remove AVG 2013 in my add/remove programs it came up with Error code OxcOO70643
The windows installer service could not be accessed.
General Internal error
MSI Engine failed to initialize the package
The windows installer service could not be accessed.
General Internal error
MSI Engine failed to initialize the package
#98
Posted 04 June 2013 - 10:54 AM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
OK. Let me rethunk and I will be back.
#100
Posted 04 June 2013 - 09:07 PM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
Please run the AVG Remover Tool. Make sure you first ran Step 3. in post #94 to show hidden files/folders.
Step-1.
AVG Remover Tool:
AVG Remover eliminates all the parts of your AVG installation from your computer, including registry items, installation files, user files, etc.
NOTE: All AVG user settings will be removed after the uninstall process is complete, as well as content from the Virus Vault and all other items related to AVG installation and use. You will be asked during the removal procedure to restart your computer. Therefore, please make sure to finish your work and save all important data prior to launching AVG Remover.
- After restart please remove these folders:
C:\Program Files\AVG
C:\Documents and settings\All users\Application data\AVG2013
C:\Documents and settings\All users\Application data\MFAData
Step-2.
Now try to run ComboFix using the instructions in post #94 and post the ComboFix.txt log
Step-1.
AVG Remover Tool:
AVG Remover eliminates all the parts of your AVG installation from your computer, including registry items, installation files, user files, etc.
NOTE: All AVG user settings will be removed after the uninstall process is complete, as well as content from the Virus Vault and all other items related to AVG installation and use. You will be asked during the removal procedure to restart your computer. Therefore, please make sure to finish your work and save all important data prior to launching AVG Remover.
- Double click the avg_remover_stf_x86_2013_3341.exe file to run the AVG Remover tool and follow the instructions displayed on your screen.
- Your will be asked to restart your computer, please do so. After the restart, AVG Remover will finish the uninstallation.
- After restart please remove these folders:
C:\Program Files\AVG
C:\Documents and settings\All users\Application data\AVG2013
C:\Documents and settings\All users\Application data\MFAData
Step-2.
Now try to run ComboFix using the instructions in post #94 and post the ComboFix.txt log
#101
Posted 05 June 2013 - 05:48 AM
tuffstuff
- Topic Starter
-
- Member
-
- 104 posts
Member
If I install MSE because remnants of SP3 remain, does that mean I can't get rid of SP3, because SP3 has always caused me internet connection problems. I think I'd rather have MSE because doesn't it use less on your computer?
Also what about my ability to search for files and folders, it won't let me do that now.
Here is combofix log
ComboFix 13-06-03.01 - Owner 06/05/2013 7:51.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1013.643 [GMT -4:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Administrator.DEBEVE\WINDOWS
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\Owner\Application Data\048BF8
c:\documents and settings\Owner\WINDOWS
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\ctfmon(2).exe
c:\windows\system32\download
c:\windows\system32\download\ispinfo.csv
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\system32\usp10(2).dll
c:\windows\system32\usp10(3).dll
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2013-05-05 to 2013-06-05 )))))))))))))))))))))))))))))))
.
.
2013-06-01 21:11 . 2013-06-01 21:11 -------- d-----w- c:\windows\ERUNT
2013-06-01 21:11 . 2013-06-01 21:11 -------- d-----w- C:\JRT
2013-05-15 17:15 . 2013-05-15 17:15 9195912 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-05-14 20:23 . 2008-04-14 09:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2013-05-14 20:22 . 2001-08-18 02:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2013-05-14 20:22 . 2008-04-14 09:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2013-05-14 20:22 . 2001-08-18 02:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2013-05-14 20:22 . 2001-08-18 02:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2013-05-14 20:22 . 2001-08-18 02:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2013-05-14 20:22 . 2001-08-17 16:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2013-05-14 20:22 . 2008-04-14 02:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2013-05-14 20:22 . 2008-04-14 02:04 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2013-05-14 20:22 . 2008-04-14 09:42 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2013-05-14 20:21 . 2008-04-14 04:06 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2013-05-14 20:21 . 2008-04-14 02:05 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2013-05-14 20:21 . 2001-08-17 16:12 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2013-05-14 20:21 . 2001-08-17 17:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2013-05-14 20:21 . 2001-08-18 02:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2013-05-14 20:20 . 2001-08-17 17:28 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys
2013-05-14 20:20 . 2008-04-14 04:15 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys
2013-05-14 20:20 . 2008-04-14 02:04 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2013-05-14 20:20 . 2001-08-17 16:10 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys
2013-05-14 20:20 . 2008-04-14 02:04 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 11775 -c--a-w- c:\windows\system32\dllcache\wadv05nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 12127 -c--a-w- c:\windows\system32\dllcache\wadv02nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 12415 -c--a-w- c:\windows\system32\dllcache\wadv01nt.sys
2013-05-14 20:20 . 2001-08-17 16:13 16925 -c--a-w- c:\windows\system32\dllcache\w940nd.sys
2013-05-14 20:20 . 2001-08-17 16:13 19016 -c--a-w- c:\windows\system32\dllcache\w926nd.sys
2013-05-14 20:19 . 2001-08-17 16:13 19528 -c--a-w- c:\windows\system32\dllcache\w840nd.sys
2013-05-14 20:19 . 2001-08-17 17:28 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2013-05-14 20:19 . 2001-08-17 17:28 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys
2013-05-14 20:19 . 2001-08-17 17:28 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys
2013-05-14 20:19 . 2001-08-17 16:14 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys
2013-05-14 20:19 . 2001-08-17 17:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2013-05-14 20:19 . 2001-08-17 17:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2013-05-14 20:18 . 2001-08-17 17:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2013-05-14 20:18 . 2001-08-17 17:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2013-05-14 20:18 . 2001-08-17 17:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2013-05-14 20:18 . 2001-08-17 17:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2013-05-14 20:18 . 2001-08-17 17:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2013-05-14 20:18 . 2001-08-17 17:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2013-05-14 20:18 . 2001-08-17 17:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2013-05-14 20:18 . 2008-04-14 04:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2013-05-14 20:18 . 2008-04-14 04:15 17152 -c--a-w- c:\windows\system32\dllcache\usbohci.sys
2013-05-14 20:17 . 2008-04-14 02:05 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2013-05-14 20:17 . 2001-08-18 02:36 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2013-05-14 20:17 . 2001-08-18 02:36 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2013-05-14 20:17 . 2001-08-18 02:36 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll
2013-05-14 20:17 . 2001-08-18 02:36 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2013-05-14 20:17 . 2001-08-18 02:36 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2013-05-14 20:17 . 2001-08-17 17:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2013-05-14 20:16 . 2001-08-18 02:36 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2013-05-14 20:16 . 2001-08-18 02:36 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2013-05-14 20:16 . 2001-08-18 02:36 211968 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2013-05-14 20:16 . 2001-08-18 02:36 216064 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2013-05-14 20:16 . 2001-08-17 17:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2013-05-14 20:16 . 2001-08-17 16:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2013-05-14 20:16 . 2001-08-18 02:36 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2013-05-14 20:15 . 2001-08-17 16:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2013-05-14 20:15 . 2001-08-17 18:56 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2013-05-14 20:15 . 2001-08-17 16:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2013-05-14 20:15 . 2001-08-17 18:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2013-05-14 20:15 . 2001-08-17 16:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2013-05-14 20:15 . 2001-08-18 02:35 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2013-05-14 20:15 . 2008-04-14 09:42 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2013-05-14 20:15 . 2001-08-18 02:36 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2013-05-14 20:14 . 2001-08-17 18:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2013-05-14 20:14 . 2001-08-17 18:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2013-05-14 20:14 . 2001-08-17 16:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2013-05-14 20:14 . 2001-08-17 16:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2013-05-14 20:14 . 2001-08-17 16:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2013-05-14 20:14 . 2001-08-17 18:56 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2013-05-14 20:14 . 2008-04-14 04:10 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2013-05-14 20:14 . 2001-08-17 16:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2013-05-14 20:13 . 2001-08-17 16:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2013-05-14 20:13 . 2001-08-17 17:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2013-05-14 20:13 . 2001-08-17 17:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2013-05-14 20:13 . 2001-08-17 16:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2013-05-14 20:13 . 2001-08-17 18:56 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2013-05-14 20:13 . 2001-08-18 02:36 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2013-05-14 20:12 . 2001-08-17 17:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2013-05-14 20:12 . 2001-08-17 18:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2013-05-14 20:12 . 2001-08-18 02:36 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2013-05-14 20:12 . 2001-08-18 02:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2013-05-14 20:12 . 2001-08-18 02:36 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2013-05-14 20:12 . 2001-08-18 02:36 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2013-05-14 20:12 . 2001-08-18 02:36 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2013-05-14 20:12 . 2001-08-18 02:36 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2013-05-14 20:11 . 2001-08-17 16:18 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2013-05-14 20:11 . 2001-08-17 17:51 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2013-05-14 20:11 . 2001-08-17 16:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2013-05-14 20:11 . 2001-08-18 02:36 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2013-05-14 20:11 . 2001-08-18 02:36 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2013-05-14 20:11 . 2001-08-17 17:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2013-05-14 20:10 . 2001-08-18 02:36 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2013-05-14 20:10 . 2001-08-17 17:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2013-05-14 20:10 . 2001-08-17 16:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2013-05-14 20:10 . 2001-08-18 02:36 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2013-05-14 20:10 . 2001-08-17 16:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2013-05-14 20:10 . 2001-08-17 17:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2013-05-14 20:10 . 2008-04-14 04:10 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2013-05-14 20:10 . 2004-08-04 19:00 143422 -c--a-w- c:\windows\system32\dllcache\softkey.dll
2013-05-14 20:10 . 2001-08-17 17:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2013-05-14 20:09 . 2001-08-17 16:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2013-05-14 20:09 . 2001-08-17 18:56 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2013-05-14 20:09 . 2001-08-17 16:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2013-05-14 20:09 . 2001-08-17 16:10 35913 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2013-05-14 20:09 . 2001-08-17 16:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2013-05-14 20:09 . 2001-08-17 17:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2013-05-14 20:09 . 2008-04-14 04:06 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2013-05-14 20:09 . 2008-04-14 04:06 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2013-05-14 20:09 . 2001-08-18 02:36 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2013-05-14 20:08 . 2001-08-18 02:36 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2013-05-14 20:08 . 2001-08-18 02:36 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2013-05-14 20:08 . 2001-08-18 02:36 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll
2013-05-14 20:08 . 2008-04-14 02:05 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys
2013-05-14 20:08 . 2001-08-17 16:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys
2013-05-14 20:08 . 2001-08-17 16:12 94698 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys
2013-05-14 20:08 . 2001-08-17 18:56 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll
2013-05-14 20:08 . 2001-08-17 16:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys
2013-05-14 20:07 . 2008-04-14 02:05 32768 -c--a-w- c:\windows\system32\dllcache\sisnic.sys
2013-05-14 20:07 . 2001-08-18 02:36 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2013-05-14 20:07 . 2001-08-17 16:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 17:15 . 2012-08-10 11:14 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 17:15 . 2011-05-13 12:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-19 02:42 . 2013-04-19 02:42 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-19 02:42 . 2013-04-19 02:43 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-04-19 02:42 . 2012-08-08 20:40 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-19 02:42 . 2010-11-18 02:48 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-16 22:17 . 2005-12-22 14:49 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2005-12-22 14:47 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2005-12-22 14:47 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2005-12-22 14:47 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31 . 2008-12-27 13:32 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 18:50 . 2009-02-28 16:20 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-08 08:36 . 2005-12-22 14:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2005-02-16 16:06 . 2006-03-31 09:01 218112 ----a-w- c:\program files\HijackThis.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"lxcgmon.exe"="c:\program files\Lexmark 2300 Series\lxcgmon.exe" [2005-07-21 200704]
"LXCGCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 73728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled
BigFix.lnk - c:\program files\BigFix\BigFix.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-12-19 14:39 41208 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2005-08-01 12:05 94208 -c--a-w- c:\program files\Lexmark 2300 Series\ezprint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2005-07-12 13:36 299008 -c--a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2005-05-11 00:02 7086080 -c--a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]
2004-03-03 04:24 5576704 ----a-w- c:\windows\CNYHKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2010-05-20 20:27 119152 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 03:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2005-04-25 18:32 114688 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-03 04:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 11:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
2004-11-15 23:04 135168 ----a-w- c:\program files\Digital Media Reader\shwiconEM.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R3 SMC2862W;SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter Driver;c:\windows\system32\drivers\2862WICB.sys [12/27/2005 10:55 AM 349856]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 1:28 PM 160944]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [11/15/2010 4:18 PM 30576]
S3 PentaxUsb;PENTAX Optio E10 on USB;c:\windows\system32\drivers\CoachUsb.sys [6/18/2006 6:50 PM 50976]
S3 PentaxVc;PENTAX Optio E10 Video Capture;c:\windows\system32\drivers\CoachVc.sys [6/18/2006 6:50 PM 44256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 08:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-10 17:15]
.
2013-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-09 00:16]
.
2013-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-09 00:16]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
mSearch Bar = hxxp://www.google.com/ie
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: everythinglv.com\www
Trusted Zone: harristeeter.com\www
Trusted Zone: imdb.com/help/show_leaf?enablecookies\www
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2u55g8c4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - ExtSQL: !HIDDEN! 2010-11-16 00:49; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-AVG Anti-Spyware Guard
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-05 07:59
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCGCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-06-05 08:01:57
ComboFix-quarantined-files.txt 2013-06-05 12:01
.
Pre-Run: 209,986,019,328 bytes free
Post-Run: 209,945,509,888 bytes free
.
- - End Of File - - 977786C88BDE2B73A5D4350BA90F8F3E
Also what about my ability to search for files and folders, it won't let me do that now.
Here is combofix log
ComboFix 13-06-03.01 - Owner 06/05/2013 7:51.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1013.643 [GMT -4:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Administrator.DEBEVE\WINDOWS
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\Owner\Application Data\048BF8
c:\documents and settings\Owner\WINDOWS
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\ctfmon(2).exe
c:\windows\system32\download
c:\windows\system32\download\ispinfo.csv
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\system32\usp10(2).dll
c:\windows\system32\usp10(3).dll
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2013-05-05 to 2013-06-05 )))))))))))))))))))))))))))))))
.
.
2013-06-01 21:11 . 2013-06-01 21:11 -------- d-----w- c:\windows\ERUNT
2013-06-01 21:11 . 2013-06-01 21:11 -------- d-----w- C:\JRT
2013-05-15 17:15 . 2013-05-15 17:15 9195912 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-05-14 20:23 . 2008-04-14 09:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2013-05-14 20:22 . 2001-08-18 02:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2013-05-14 20:22 . 2008-04-14 09:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2013-05-14 20:22 . 2001-08-18 02:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2013-05-14 20:22 . 2001-08-18 02:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2013-05-14 20:22 . 2001-08-18 02:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2013-05-14 20:22 . 2001-08-17 16:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2013-05-14 20:22 . 2008-04-14 02:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2013-05-14 20:22 . 2008-04-14 02:04 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2013-05-14 20:22 . 2008-04-14 09:42 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2013-05-14 20:21 . 2008-04-14 04:06 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2013-05-14 20:21 . 2008-04-14 02:05 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2013-05-14 20:21 . 2001-08-17 16:12 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2013-05-14 20:21 . 2001-08-17 17:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2013-05-14 20:21 . 2001-08-18 02:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2013-05-14 20:20 . 2001-08-17 17:28 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys
2013-05-14 20:20 . 2008-04-14 04:15 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys
2013-05-14 20:20 . 2008-04-14 02:04 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2013-05-14 20:20 . 2001-08-17 16:10 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys
2013-05-14 20:20 . 2008-04-14 02:04 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 11775 -c--a-w- c:\windows\system32\dllcache\wadv05nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 12127 -c--a-w- c:\windows\system32\dllcache\wadv02nt.sys
2013-05-14 20:20 . 2008-04-14 02:04 12415 -c--a-w- c:\windows\system32\dllcache\wadv01nt.sys
2013-05-14 20:20 . 2001-08-17 16:13 16925 -c--a-w- c:\windows\system32\dllcache\w940nd.sys
2013-05-14 20:20 . 2001-08-17 16:13 19016 -c--a-w- c:\windows\system32\dllcache\w926nd.sys
2013-05-14 20:19 . 2001-08-17 16:13 19528 -c--a-w- c:\windows\system32\dllcache\w840nd.sys
2013-05-14 20:19 . 2001-08-17 17:28 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2013-05-14 20:19 . 2001-08-17 17:28 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys
2013-05-14 20:19 . 2001-08-17 17:28 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys
2013-05-14 20:19 . 2001-08-17 16:14 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys
2013-05-14 20:19 . 2001-08-17 17:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2013-05-14 20:19 . 2001-08-17 17:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2013-05-14 20:18 . 2001-08-17 17:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2013-05-14 20:18 . 2001-08-17 17:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2013-05-14 20:18 . 2001-08-17 17:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2013-05-14 20:18 . 2001-08-17 17:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2013-05-14 20:18 . 2001-08-17 17:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2013-05-14 20:18 . 2001-08-17 17:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2013-05-14 20:18 . 2001-08-17 17:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2013-05-14 20:18 . 2008-04-14 04:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2013-05-14 20:18 . 2008-04-14 04:15 17152 -c--a-w- c:\windows\system32\dllcache\usbohci.sys
2013-05-14 20:17 . 2008-04-14 02:05 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2013-05-14 20:17 . 2001-08-18 02:36 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2013-05-14 20:17 . 2001-08-18 02:36 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2013-05-14 20:17 . 2001-08-18 02:36 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll
2013-05-14 20:17 . 2001-08-18 02:36 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2013-05-14 20:17 . 2001-08-18 02:36 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2013-05-14 20:17 . 2001-08-17 17:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2013-05-14 20:16 . 2001-08-18 02:36 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2013-05-14 20:16 . 2001-08-18 02:36 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2013-05-14 20:16 . 2001-08-18 02:36 211968 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2013-05-14 20:16 . 2001-08-18 02:36 216064 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2013-05-14 20:16 . 2001-08-17 17:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2013-05-14 20:16 . 2001-08-17 16:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2013-05-14 20:16 . 2001-08-18 02:36 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2013-05-14 20:15 . 2001-08-17 16:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2013-05-14 20:15 . 2001-08-17 18:56 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2013-05-14 20:15 . 2001-08-17 16:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2013-05-14 20:15 . 2001-08-17 18:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2013-05-14 20:15 . 2001-08-17 16:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2013-05-14 20:15 . 2001-08-18 02:35 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2013-05-14 20:15 . 2008-04-14 09:42 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2013-05-14 20:15 . 2001-08-18 02:36 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2013-05-14 20:14 . 2001-08-17 18:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2013-05-14 20:14 . 2001-08-17 18:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2013-05-14 20:14 . 2001-08-17 16:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2013-05-14 20:14 . 2001-08-17 16:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2013-05-14 20:14 . 2001-08-17 16:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2013-05-14 20:14 . 2001-08-17 18:56 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2013-05-14 20:14 . 2008-04-14 04:10 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2013-05-14 20:14 . 2001-08-17 16:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2013-05-14 20:13 . 2001-08-17 16:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2013-05-14 20:13 . 2001-08-17 17:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2013-05-14 20:13 . 2001-08-17 17:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2013-05-14 20:13 . 2001-08-17 16:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2013-05-14 20:13 . 2001-08-17 18:56 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2013-05-14 20:13 . 2001-08-18 02:36 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2013-05-14 20:12 . 2001-08-17 17:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2013-05-14 20:12 . 2001-08-17 18:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2013-05-14 20:12 . 2001-08-18 02:36 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2013-05-14 20:12 . 2001-08-18 02:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2013-05-14 20:12 . 2001-08-18 02:36 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2013-05-14 20:12 . 2001-08-18 02:36 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2013-05-14 20:12 . 2001-08-18 02:36 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2013-05-14 20:12 . 2001-08-18 02:36 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2013-05-14 20:11 . 2001-08-17 16:18 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2013-05-14 20:11 . 2001-08-17 17:51 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2013-05-14 20:11 . 2001-08-17 16:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2013-05-14 20:11 . 2001-08-18 02:36 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2013-05-14 20:11 . 2001-08-18 02:36 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2013-05-14 20:11 . 2001-08-17 17:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2013-05-14 20:10 . 2001-08-18 02:36 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2013-05-14 20:10 . 2001-08-17 17:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2013-05-14 20:10 . 2001-08-17 16:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2013-05-14 20:10 . 2001-08-18 02:36 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2013-05-14 20:10 . 2001-08-17 16:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2013-05-14 20:10 . 2001-08-17 17:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2013-05-14 20:10 . 2008-04-14 04:10 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2013-05-14 20:10 . 2004-08-04 19:00 143422 -c--a-w- c:\windows\system32\dllcache\softkey.dll
2013-05-14 20:10 . 2001-08-17 17:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2013-05-14 20:09 . 2001-08-17 16:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2013-05-14 20:09 . 2001-08-17 18:56 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2013-05-14 20:09 . 2001-08-17 16:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2013-05-14 20:09 . 2001-08-17 16:10 35913 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2013-05-14 20:09 . 2001-08-17 16:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2013-05-14 20:09 . 2001-08-17 17:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2013-05-14 20:09 . 2008-04-14 04:06 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2013-05-14 20:09 . 2008-04-14 04:06 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2013-05-14 20:09 . 2001-08-18 02:36 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2013-05-14 20:08 . 2001-08-18 02:36 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2013-05-14 20:08 . 2001-08-18 02:36 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2013-05-14 20:08 . 2001-08-18 02:36 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll
2013-05-14 20:08 . 2008-04-14 02:05 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys
2013-05-14 20:08 . 2001-08-17 16:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys
2013-05-14 20:08 . 2001-08-17 16:12 94698 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys
2013-05-14 20:08 . 2001-08-17 18:56 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll
2013-05-14 20:08 . 2001-08-17 16:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys
2013-05-14 20:07 . 2008-04-14 02:05 32768 -c--a-w- c:\windows\system32\dllcache\sisnic.sys
2013-05-14 20:07 . 2001-08-18 02:36 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2013-05-14 20:07 . 2001-08-17 16:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 17:15 . 2012-08-10 11:14 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 17:15 . 2011-05-13 12:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-19 02:42 . 2013-04-19 02:42 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-19 02:42 . 2013-04-19 02:43 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-04-19 02:42 . 2012-08-08 20:40 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-19 02:42 . 2010-11-18 02:48 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-16 22:17 . 2005-12-22 14:49 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2005-12-22 14:47 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2005-12-22 14:47 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2005-12-22 14:47 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31 . 2008-12-27 13:32 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 18:50 . 2009-02-28 16:20 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-08 08:36 . 2005-12-22 14:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2005-02-16 16:06 . 2006-03-31 09:01 218112 ----a-w- c:\program files\HijackThis.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"lxcgmon.exe"="c:\program files\Lexmark 2300 Series\lxcgmon.exe" [2005-07-21 200704]
"LXCGCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 73728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled
BigFix.lnk - c:\program files\BigFix\BigFix.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-12-19 14:39 41208 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2005-08-01 12:05 94208 -c--a-w- c:\program files\Lexmark 2300 Series\ezprint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2005-07-12 13:36 299008 -c--a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2005-05-11 00:02 7086080 -c--a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]
2004-03-03 04:24 5576704 ----a-w- c:\windows\CNYHKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2010-05-20 20:27 119152 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 03:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2005-04-25 18:32 114688 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-03 04:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 11:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
2004-11-15 23:04 135168 ----a-w- c:\program files\Digital Media Reader\shwiconEM.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R3 SMC2862W;SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter Driver;c:\windows\system32\drivers\2862WICB.sys [12/27/2005 10:55 AM 349856]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 1:28 PM 160944]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [11/15/2010 4:18 PM 30576]
S3 PentaxUsb;PENTAX Optio E10 on USB;c:\windows\system32\drivers\CoachUsb.sys [6/18/2006 6:50 PM 50976]
S3 PentaxVc;PENTAX Optio E10 Video Capture;c:\windows\system32\drivers\CoachVc.sys [6/18/2006 6:50 PM 44256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 08:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-10 17:15]
.
2013-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-09 00:16]
.
2013-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-09 00:16]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
mSearch Bar = hxxp://www.google.com/ie
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: everythinglv.com\www
Trusted Zone: harristeeter.com\www
Trusted Zone: imdb.com/help/show_leaf?enablecookies\www
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2u55g8c4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - ExtSQL: !HIDDEN! 2010-11-16 00:49; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-AVG Anti-Spyware Guard
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-05 07:59
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCGCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-06-05 08:01:57
ComboFix-quarantined-files.txt 2013-06-05 12:01
.
Pre-Run: 209,986,019,328 bytes free
Post-Run: 209,945,509,888 bytes free
.
- - End Of File - - 977786C88BDE2B73A5D4350BA90F8F3E
Edited by tuffstuff, 05 June 2013 - 06:04 AM.
#102
Posted 05 June 2013 - 07:00 AM
tuffstuff
- Topic Starter
-
- Member
-
- 104 posts
Member
I'll just download AVG again. Can anything from AVG block the internet? Any settings?
#103
Posted 05 June 2013 - 12:05 PM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
Installing MSSE would confirm that SP3 or parts of it are still on the system. At least enough of it to allow MSSE to be installed. And yes, MSSE does use less system resources. So what I was suggesting is to download MSSE and try to install it. If it installs then there are some things to be worked out with the SP3 installs and uninstalls. If it won't install then at least you will know that there wasn't enough SP3 left for MSSE to install and you can re-install AVG. But there are still problems with the SP3 installs/uninstalls that need to be worked outIf I install MSE because remnants of SP3 remain, does that mean I can't get rid of SP3, because SP3 has always caused me internet connection problems. I think I'd rather have MSE because doesn't it use less on your computer?
And if SP3 is causing the internet connections problems it is probably telling you that the driver for the ez-connect USB adapter is not compatible with SP3 and the driver should be updated....not that SP3 should be uninstalled. You should always have the latest service pack installed on the operating system. Not only does it contain the latest security features but once the service date for a service pack expires Windows won't offer updates anymore until the newest service pack is installed.
Have you been getting any notifications from Windows Updates when new updates are available? Or have new updates been automatically downloading and installing?
When was the last time you got a Windows update?
This is an entry from the Combofix log:
This is the driver for the ez-connect USB adapter. The driver date is 12/27/2005. What we are thinking is that SP3 probably wasn't compatible with the old ez-connect driver.R3 SMC2862W;SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter Driver;c:\windows\system32\drivers\2862WICB.sys [12/27/2005 10:55 AM 349856]
Please tell me exactly how you are running the search and exactly what happens. Also, when was the last time you successfully used the search feature?Also what about my ability to search for files and folders, it won't let me do that now.
Avg does not include a firewall so nothing in AVG could block the internet. But we can reset the Windows firewall and see if that helps.Can anything from AVG block the internet? Any settings?
Please run Step 6. in post #94 to reset the Firewall and let me know if that helps.
#104
Posted 05 June 2013 - 12:39 PM
tuffstuff
- Topic Starter
-
- Member
-
- 104 posts
Member
I will try to install MSE, if not able will do AVG again. When I click start and search and put look for a file or folder it comes up with that unexpected error message that only happened after I did the steps in post #86.
#105
Posted 05 June 2013 - 01:18 PM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
That was the first time we tried to run Combofix. I will research that.When I click start and search and put look for a file or folder it comes up with that unexpected error message that only happened after I did the steps in post #86.
You didn't answer my questions about Windows update. Please answer them.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
