Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

facebook web connection interrupted no problem with any other web page


  • This topic is locked This topic is locked

#1
VMom

VMom

    New Member

  • Member
  • Pip
  • 3 posts
OTL logfile created on: 27/07/2013 11:23:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Laptop User\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

511.40 Mb Total Physical Memory | 189.45 Mb Available Physical Memory | 37.05% Memory free
865.72 Mb Paging File | 364.59 Mb Available in Paging File | 42.11% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9.36 Gb Total Space | 3.54 Gb Free Space | 37.80% Space Free | Partition Type: NTFS

Computer Name: DELL-CSX | User Name: Laptop User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/27 11:16:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop User\Desktop\OTL.exe
PRC - [2013/07/12 19:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2004/08/04 01:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/12 19:49:44 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 19:49:43 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013/07/12 19:49:42 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 19:48:49 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2004/08/04 01:56:44 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/04 01:56:44 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/05/09 09:59:09 | 000,204,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2013/05/09 09:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013/05/09 09:59:08 | 000,104,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2013/03/13 18:01:58 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2004/08/04 00:07:46 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2001/08/17 13:50:04 | 000,039,264 | ---- | M] (NeoMagic Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\neo20xx.sys -- (neo20xx)
DRV - [2001/08/17 13:28:02 | 000,701,386 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WDHAALBA.sys -- (WDHAALBA)
DRV - [2001/08/17 13:20:08 | 000,087,040 | ---- | M] (NeoMagic Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nm6wdm.sys -- (wdm_nm6)
DRV - [2001/08/17 13:13:14 | 000,046,108 | ---- | M] (Xircom, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cben5.sys -- (CBEN5)
DRV - [2001/08/17 12:48:40 | 000,281,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atimtai.sys -- (atimtai)
DRV - [2001/08/17 12:19:48 | 000,174,464 | ---- | M] (ESS Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es198x.sys -- (maestro)
DRV - [2001/08/17 12:13:20 | 000,049,182 | ---- | M] (Xircom, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cem56n5.sys -- (cem56)
DRV - [2001/08/17 12:10:56 | 000,055,999 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EL556ND5.sys -- (EL556ND5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://isearch.avg.c...fr&d=2012-12-02 08:26:45&v=14.0.2.14&pid=avg&sg=&sap=hp
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: WeatherBug = C:\Documents and Settings\Laptop User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak\2.0.5_0\
CHR - Extension: Google Maps = C:\Documents and Settings\Laptop User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\

O1 HOSTS File: ([2001/08/23 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...8125.1051851852 (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{302762FB-BC58-4B2A-9C9A-4107EF278BB6}: DhcpNameServer = 10.52.160.111 10.52.160.110
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A76C4AF7-746A-465A-A56D-FEE0A805468F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF474340-239C-4CE5-A5BC-D136BBE874DC}: DhcpNameServer = 10.52.160.111 10.52.160.110
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Laptop User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Laptop User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/05/18 10:07:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2ce925f0-6163-11e2-8707-00047647ba2e}\Shell - "" = AutoRun
O33 - MountPoints2\{2ce925f0-6163-11e2-8707-00047647ba2e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2ce925f0-6163-11e2-8707-00047647ba2e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{2ce925f3-6163-11e2-8707-00047647ba2e}\Shell - "" = AutoRun
O33 - MountPoints2\{2ce925f3-6163-11e2-8707-00047647ba2e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2ce925f3-6163-11e2-8707-00047647ba2e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{2f312b20-6230-11e2-8708-00047647ba2e}\Shell - "" = AutoRun
O33 - MountPoints2\{2f312b20-6230-11e2-8708-00047647ba2e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2f312b20-6230-11e2-8708-00047647ba2e}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{2f312b22-6230-11e2-8708-00047647ba2e}\Shell - "" = AutoRun
O33 - MountPoints2\{2f312b22-6230-11e2-8708-00047647ba2e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2f312b22-6230-11e2-8708-00047647ba2e}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/27 11:16:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Laptop User\Desktop\OTL.exe
[2013/07/21 21:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop User\Application Data\AVG2013
[2013/07/21 21:35:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/07/21 21:35:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop User\Application Data\TuneUp Software
[2013/07/21 21:32:57 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/07/21 21:32:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/07/21 21:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/07/21 21:17:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/07/21 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop User\Local Settings\Application Data\MFAData
[2013/07/21 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/07/21 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop User\Local Settings\Application Data\Avg2013
[2013/07/21 21:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2013/07/16 20:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\InterActual
[2013/07/05 03:34:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Laptop User\My Documents\My Music
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/27 11:29:06 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/27 11:29:05 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/27 11:16:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop User\Desktop\OTL.exe
[2013/07/26 15:00:46 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\JetCleanLoginCheckUpdate.job
[2013/07/26 15:00:01 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/26 14:59:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/26 14:59:49 | 536,313,856 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/21 21:15:37 | 000,001,919 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/07/19 12:32:39 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/07/05 04:00:44 | 000,021,504 | ---- | M] () -- C:\WINDOWS\jestertb.dll
[2013/06/29 09:26:32 | 000,132,969 | ---- | M] () -- C:\Documents and Settings\Laptop User\My Documents\Courtown Harbour Sea Angling Centre to Thomas St, Gorey, Co.pdf
[2013/06/27 22:02:49 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/06/27 22:02:49 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/06/27 22:02:49 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/21 21:15:37 | 000,001,919 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2013/07/05 04:00:43 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2013/06/29 09:26:31 | 000,132,969 | ---- | C] () -- C:\Documents and Settings\Laptop User\My Documents\Courtown Harbour Sea Angling Centre to Thomas St, Gorey, Co.pdf
[2013/06/27 22:02:52 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/06/27 22:02:51 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/06/27 22:02:49 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/06/16 16:02:37 | 000,136,310 | ---- | C] () -- C:\WINDOWS\hpwins10.dat
[2013/06/16 15:56:08 | 000,010,376 | ---- | C] () -- C:\WINDOWS\hpwscr10.dat
[2013/06/16 15:56:08 | 000,001,042 | ---- | C] () -- C:\WINDOWS\hpwmdl10.dat
[2005/10/08 20:42:59 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Laptop User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2004/05/18 14:40:58 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2004/08/04 01:56:46 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2004/08/04 01:56:44 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2004/08/04 01:56:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
  • 0

Advertisements


#2
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts
Hi VMom!

I'm 23red, and It'll be my pleasure to assist you with your problem. :D I am currently reviewing your log. In the meantime, I'd be grateful if you would note the following:

• As I am currently in training, I will be helping you under the supervision of our Expert Teachers. As such, there will likely be a delay between posts.

• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!

• Please do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.

• Please stick with me until all malware is gone from your system. This is not an instant process, just because you no longer see any symptoms it does not necessarily mean your system is clear of malware.

• Please make sure to carefully read every post completely before doing anything.

• Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.

• You need to reply within four days failure to reply will result in the topic being closed! If you need it reopened please PM myself or a moderator.

• Thank You for your understanding and patience. I'll be back with you as soon as possible!


While I am looking over your OTL log, could you please also post the contents of the Extras.txt file that should have been created with the first OTL Scan. It should be located at C:\Documents and Settings\LaptopUser\Desktop.

Thanks!
  • 0

#3
VMom

VMom

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
i managed to delete it... i could run the scan again??? and thanks for your interest :)
  • 0

#4
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts
Hi VMom :)
Not a problem with regard to the Extras.txt at this time. If we still find we need to, we can get another ;).

First and most important ~ there are two Antivirus programs running. This is not good! You need to uninstall one of them. Only one anti~virus per person, per computer :)
More than that and they fight amongst themselves and nothing gets done! It also leaves you less protected ~ if at all.
I would keep avast over avg, but the choice is yours:

Avg 2013 removal tool and instructions are located here
Avast removal tool and instructions are located here.

It's pretty straight forward: If you have any questions about the removal process before you start, just ask, ok?

Please let me know how you get on, and if there is improvement with the facebook issue. Thanks!
  • 0

#5
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts
Hi VMom :)
Have not heard back from you as yet. Everything ok? Is the issue resolved?
  • 0

#6
VMom

VMom

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
No :( uninstalled avg then re installed now laptop is too slow... ahhrrrggg!!
  • 0

#7
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts
Was Avast uninstalled?
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP