Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

I think I have something called a vundo [Solved]

Started by twonil , Feb 11 2010 02:49 PM

This topic is locked

#46
twonil

Posted 26 February 2010 - 07:09 AM

Member

Topic Starter
Member
92 posts

VirSCAN.org Scanned Report :
Scanned time : 2010/02/26 13:05:18 (GMT)
Scanner results: Scanners did not find malware!
File Name : CSVer.dll
File Size : 53248 byte
File Type : PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi
MD5 : 01b8b690c6f6afd4686b880c29f93060
SHA1 : 94e932d5e5aaaa4c3473ca3a489e450b200f6311
Online report : http://virscan.org/r...36bff6f388.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20100226164302 2010-02-26 35.82 -
AhnLab V3 2010.02.26.05 2010.02.26 2010-02-26 2.02 -
AntiVir 8.2.1.176 7.10.4.149 2010-02-26 0.27 -
Antiy 2.0.18 20100226.3925867 2010-02-26 0.19 -
Arcavir 2009 201002251644 2010-02-25 0.06 -
Authentium 5.1.1 201002251735 2010-02-25 1.61 -
AVAST! 4.7.4 100226-0 2010-02-26 0.01 -
AVG 8.5.720 271.1.1/2711 2010-02-26 0.26 -
BitDefender 7.81008.5323996 7.30549 2010-02-26 5.38 -
ClamAV 0.95.3 10458 2010-02-26 0.02 -
Comodo 3.13.579 4070 2010-02-26 3.58 -
CP Secure 1.3.0.5 2010.02.26 2010-02-26 0.05 -
Dr.Web 5.0.1.12222 2010.02.26 2010-02-26 5.71 -
F-Prot 4.4.4.56 20100225 2010-02-25 1.93 -
F-Secure 7.02.73807 2010.02.26.06 2010-02-26 12.75 -
Fortinet 11.529- 11.529 2010-02-25 0.47 -
GData 19.10696/19.781 20100226 2010-02-26 29.98 -
ViRobot 20100226 2010.02.26 2010-02-26 2.49 -
Ikarus T3.1.01.80 2010.02.26.75285 2010-02-26 4.58 -
JiangMin 13.0.900 2010.02.25 2010-02-25 30.24 -
Kaspersky 5.5.10 2010.02.26 2010-02-26 0.12 -
KingSoft 2009.2.5.15 2010.2.26.17 2010-02-26 8.30 -
McAfee 5.3.00 5903 2010-02-25 3.63 -
Microsoft 1.5502 2010.02.26 2010-02-26 12.50 -
Norman 6.01.09 6.01.00 2010-02-10 6.02 -
Panda 9.05.01 2010.02.25 2010-02-25 6.42 -
Trend Micro 9.120-1004 6.876.02 2010-02-25 0.03 -
Quick Heal 10.00 2010.02.26 2010-02-26 1.53 -
Rising 20.0 22.36.04.04 2010-02-26 1.07 -
Sophos 3.04.1 4.50 2010-02-26 3.51 -
Sunbelt 3.9.2406.2 5700 2010-02-25 4.56 -
Symantec 1.3.0.24 20100225.006 2010-02-25 0.05 -
nProtect 20100226.01 7564961 2010-02-26 4.87 -
The Hacker 6.5.1.6 v00211 2010-02-26 0.47 -
VBA32 3.12.12.2 20100225.2226 2010-02-25 2.91 -
VirusBuster 4.5.11.10 10.120.7/2018397 2010-02-26 2.37 -

#47
twonil

Posted 26 February 2010 - 07:10 AM

Member

Topic Starter
Member
92 posts

GooredFix by jpshortstuff (08.01.10.1)
Log created at 13:07 on 26/02/2010 (Owner)
Firefox version 3.5.8 (en-GB)

========== GooredScan ==========

(none)

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [20:23 11/02/2010]
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [12:28 20/02/2010]

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zufy3nyl.default\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [12:28 20/02/2010]

-=E.O.F=-

#48
twonil

Posted 26 February 2010 - 07:15 AM

Member

Topic Starter
Member
92 posts

OTL logfile created on: 26/02/2010 1:08:12 PM - Run 4
OTL by OldTimer - Version 3.1.30.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 85.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.60 Gb Total Space | 85.25 Gb Free Space | 60.20% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7.45 Gb Total Space | 5.91 Gb Free Space | 79.32% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: M-0228DAFE5AC54
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll (ALWIL Software)

========== Win32 Services (SafeList) ==========

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (sprtsvc_TalkTalk) SupportSoft Sprocket Service (TalkTalk) -- C:\Program Files\TalkTalk\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (tgsrvc_TalkTalk) SupportSoft Repair Service (TalkTalk) -- C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe (SupportSoft, Inc.)
SRV - (WMDM PMSP Service) -- C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation)
SRV - (Creative Service for CDROM Access) -- C:\WINDOWS\system32\CTSVCCDA.EXE (Creative Technology Ltd)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.1.8:52125

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.facebook.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/18 13:06:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/20 12:28:24 | 000,000,000 | ---D | M]

[2010/02/11 20:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/02/17 14:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zufy3nyl.default\extensions
[2010/02/25 13:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/22 03:30:24 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/12/22 03:30:24 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/12/22 03:30:24 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/12/22 03:30:24 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/02/20 20:52:53 | 000,001,470 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKLM\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 70 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.co...sreqlab_ind.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://skyonline.obe...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/02/26 13:07:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\GooredFix Backups
[2010/02/26 13:06:43 | 000,070,858 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Owner\Desktop\GooredFix.exe
[2010/02/26 12:54:38 | 000,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/02/25 15:32:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2010/02/25 14:24:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Funny [bleep] 3
[2010/02/25 09:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/02/23 19:03:50 | 000,000,000 | ---D | C] -- C:\Program Files\CustomPlay Games
[2010/02/22 14:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/02/22 14:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/02/22 14:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/02/22 14:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Temp
[2010/02/22 14:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google
[2010/02/22 14:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/02/22 14:03:58 | 000,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/02/22 14:03:58 | 000,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/02/22 14:03:58 | 000,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/02/22 14:03:57 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010/02/22 14:03:56 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/02/22 14:03:56 | 000,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/02/22 14:03:56 | 000,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/02/22 14:03:56 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/02/22 14:03:33 | 001,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/02/22 14:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/02/22 13:59:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Transfer_ro-22Feb-8426998753b75
[2010/02/20 20:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/02/20 20:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2010/02/20 20:56:24 | 000,319,280 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Owner\My Documents\utorrent.exe
[2010/02/20 20:16:05 | 000,289,584 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Owner\Desktop\utorrent.exe
[2010/02/20 15:42:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Testees
[2010/02/20 12:42:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Runscanner.net
[2010/02/20 12:34:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/02/20 12:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/02/19 11:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/02/18 12:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinMend
[2010/02/17 20:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2010/02/17 20:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/02/17 11:04:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/02/16 20:17:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/02/16 20:02:00 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/02/15 11:11:24 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/02/15 11:10:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/02/15 11:10:12 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/02/15 11:10:12 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/02/15 11:10:12 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/02/15 11:07:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/02/14 11:21:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/02/12 17:53:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Penstick
[2009/10/17 13:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/10/17 13:30:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/10/17 13:30:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/10/17 13:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/07/02 09:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/06/10 16:51:23 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2009/05/17 15:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TeamViewer
[2009/05/11 17:17:12 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Owner\Application Data\pcouffin.sys
[2009/04/13 21:25:59 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll

========== Files - Modified Within 14 Days ==========

[2010/02/26 13:06:44 | 000,070,858 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Owner\Desktop\GooredFix.exe
[2010/02/26 12:58:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/26 12:57:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/26 12:57:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2010/02/26 12:56:41 | 000,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000000-00001102-00000004-10031102}.rfx
[2010/02/26 12:56:41 | 000,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000000-00001102-00000004-10031102}.rfx
[2010/02/26 12:56:41 | 000,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000000-00001102-00000004-10031102}.rfx
[2010/02/26 12:56:41 | 000,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000000-00001102-00000004-10031102}.rfx
[2010/02/26 12:56:41 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/02/26 12:56:41 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/02/26 12:56:41 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000000-00001102-00000004-10031102}.dat
[2010/02/26 12:56:41 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000000-00001102-00000004-10031102}.dat
[2010/02/26 12:56:38 | 010,485,760 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/02/26 12:56:38 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/02/26 12:55:35 | 004,481,358 | ---- | M] () -- C:\WINDOWS\{00000003-00000000-00000000-00001102-00000004-10031102}.CDF
[2010/02/26 12:54:39 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/02/25 20:33:11 | 000,000,255 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\tunes I want off phil.rtf
[2010/02/25 14:21:53 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/02/25 14:05:23 | 000,098,304 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/24 14:34:25 | 000,001,998 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Bands Remixed 24th Feb 2010.nra
[2010/02/23 17:38:50 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/02/23 13:51:32 | 000,001,173 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\vso_ts_preview.xml
[2010/02/22 15:04:32 | 000,068,432 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/22 14:11:12 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/02/22 14:01:01 | 000,252,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/22 13:51:53 | 000,000,416 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Avast instructions.rtf
[2010/02/21 18:45:55 | 000,001,118 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Usernames.rtf
[2010/02/20 20:57:30 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/02/20 20:56:25 | 000,319,280 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Owner\My Documents\utorrent.exe
[2010/02/20 20:52:53 | 000,001,470 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/02/20 20:16:06 | 000,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Owner\Desktop\utorrent.exe
[2010/02/19 12:50:52 | 000,000,472 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Wants List.rtf
[2010/02/19 10:58:48 | 000,439,808 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/02/17 13:55:22 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Play.com beef.rtf
[2010/02/16 20:14:01 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/02/15 11:21:13 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100215-123156.backup
[2010/02/15 11:11:32 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/02/13 21:17:54 | 004,844,652 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db

========== Files Created - No Company Name ==========

[2010/02/26 12:57:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/02/24 14:30:20 | 000,001,998 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Bands Remixed 24th Feb 2010.nra
[2010/02/22 14:03:33 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2010/02/22 13:51:53 | 000,000,416 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Avast instructions.rtf
[2010/02/20 20:57:30 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/02/17 13:55:22 | 000,000,633 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Play.com beef.rtf
[2010/02/15 11:11:32 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/02/15 11:11:28 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/02/15 11:10:12 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/02/15 11:10:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/02/15 11:10:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/02/15 11:10:12 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/02/15 11:10:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/02/08 19:16:42 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2010/02/08 19:16:42 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2010/01/29 10:58:59 | 000,000,062 | ---- | C] () -- C:\WINDOWS\MyProg.ini
[2009/12/08 17:56:18 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/10/20 11:16:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2009/10/17 11:58:49 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll
[2009/08/13 17:24:02 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ezpinst.exe
[2009/08/09 15:15:45 | 000,347,472 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\MB.SAV
[2009/07/18 11:34:04 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/06/08 18:51:01 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2009/06/08 18:50:07 | 000,066,807 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Del.ini
[2009/06/08 18:50:06 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/06/08 18:46:50 | 000,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2009/05/27 12:59:03 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2009/05/15 19:55:15 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2009/05/14 19:14:34 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/05/13 11:56:02 | 000,000,750 | ---- | C] () -- C:\WINDOWS\{D084B1A9-153B-409D-AEBF-C40FCEF925EA}_WiseFW.ini
[2009/05/11 17:45:09 | 000,098,304 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/11 17:41:44 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/11 17:17:12 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.cat
[2009/05/11 17:17:12 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.inf
[2009/04/16 15:58:54 | 000,001,173 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\vso_ts_preview.xml
[2009/04/16 15:58:40 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.log
[2009/04/13 21:42:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/02/05 13:28:20 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\setup.txt
[2007/04/12 07:10:28 | 000,105,728 | ---- | C] () -- C:\WINDOWS\System32\APOMgrH.dll
[2007/04/09 11:55:14 | 000,097,785 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2007/04/09 11:33:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2005/06/16 09:17:16 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[1996/04/03 19:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010/01/24 17:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2010/02/23 17:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/05/15 09:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2009/08/13 17:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Doctor Web
[2009/11/05 10:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/12/08 17:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/01/21 19:06:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/05/13 07:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/10/27 09:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2009/05/12 17:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/06/22 19:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/06/16 07:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OO Software
[2009/06/22 20:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/06/01 13:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/09/22 14:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2009/05/13 11:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/02/25 15:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/05/11 10:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/12/08 18:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2009/07/09 13:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2009/06/16 17:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ableton
[2009/08/17 15:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Activision
[2009/07/28 17:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Artifex Mundi
[2009/07/25 15:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Astroburn
[2010/01/14 11:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Auslogics
[2009/10/28 14:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\avidemux
[2009/06/20 16:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BlackBean
[2009/10/23 08:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\blinkx
[2009/08/12 14:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Blitware
[2009/07/24 15:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
[2009/05/15 09:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Pro
[2009/05/14 12:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\deluge
[2009/12/12 18:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\EPSON
[2009/05/31 17:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GARMIN
[2009/09/08 16:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gtk-2.0
[2009/10/27 09:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ludia
[2009/10/27 08:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\nod32 updater
[2009/06/01 13:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nokia
[2009/09/06 10:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nordic Games
[2009/06/01 13:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2009/05/18 13:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Publish Providers
[2009/09/09 16:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Search Settings
[2009/05/18 13:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sony
[2009/05/16 08:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Steinberg
[2009/10/23 08:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SumatraPDF
[2010/01/05 14:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer
[2009/05/11 10:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2010/02/26 13:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2010/01/24 15:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent(2)
[2010/02/23 13:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vso
[2009/06/11 10:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Yamicsoft

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
< End of report >

#49
hammerman

Posted 26 February 2010 - 02:39 PM

Member 4k

Member
4,183 posts

Hi,

I'm not seeing any malware in your logs.

Can you try Firefox in Safe Mode and see if this makes a difference.

Click Start > Programs > Mozilla FireFox > select Mozilla Firefox ( Safe Mode )

Also, have you tried re-installing Firefox?

Download Security Check from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

#50
twonil

Posted 27 February 2010 - 07:20 AM

Member

Topic Starter
Member
92 posts

Results of screen317's Security Check version 0.99.1
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
avast! Antivirus
avast! updated!
``````````````````````````````
Anti-malware/Other Utilities Check:
SpywareBlaster 4.2
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
CCleaner
WinMend Registry Cleaner 1.5.4
Java™ 6 Update 18
Java Auto Updater
Out of date Java installed!
Adobe Flash Player 10
``````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast4 aswUpdSv.exe
Alwil Software Avast4 ashServ.exe
Alwil Software Avast4 ashDisp.exe
Alwil Software Avast4 ashMaiSv.exe
Alwil Software Avast4 ashWebSv.exe
``````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)

`````````End of Log```````````

#51
hammerman

Posted 27 February 2010 - 03:23 PM

Member 4k

Member
4,183 posts

Hi,

Can you please enable the Windows firewall.

We do not recommend the use of registry cleaners. The minimal benefit is not worth the problems they can cause.

Did you try Firefox in Safe Mode and have you tried re-installing Firefox?

Please download the Event Viewer Tool by Vino Rosso VEW and save it to your Desktop:
Double-click VEW.exe
Under 'Select log to query', select:
- Application
- System
Under 'Select type to list', select:
- Error

Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply

Then..

Please download SINO by Artellos.

Save SINO to a place you can remember and run SINO.exe. (If you downloaded the ZIP version you will need to extract it first)

Then please check the following checkboxes:

System Info
Services
Boot Check
Tasklist
Startup Items
Ipconfig
Ping
Netstat
Hosts file
Shares
Routing Table
BBCode

Once checked, hit the Run Scan! button and wait for the program to finish the scan.
A notepad window will pop up. Please copy all of the content into your next reply.

Note: If you try to interact with the program once it's started scanning it might appear to hang. The scan however will continue.

#52
twonil

Posted 28 February 2010 - 10:57 AM

Member

Topic Starter
Member
92 posts

Vino's Event Viewer v01c run on Windows XP in English
Report run at 28/02/2010 4:54:16 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/02/2010 2:09:45 PM
Type: error Category: 0
Event: 0 Source: Lavasoft Ad-Aware Service
The event description cannot be found.

Log: 'Application' Date/Time: 18/02/2010 12:04:27 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application SysProt.exe, version 1.0.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 18/02/2010 11:42:46 AM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application SysProt.exe, version 1.0.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 14/02/2010 1:18:19 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application wmplayer.exe, version 11.0.5721.5145, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 14/02/2010 1:18:13 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application wmplayer.exe, version 11.0.5721.5145, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 12/02/2010 7:59:28 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application moviemk.exe, version 2.1.4026.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 11/02/2010 8:58:50 PM
Type: error Category: 0
Event: 1001 Source: Application Hang
Fault bucket 734037209.

Log: 'Application' Date/Time: 11/02/2010 8:58:42 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 11/02/2010 8:23:34 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 08/02/2010 4:25:41 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application kxsetup.exe, version 5.10.0.3550, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 08/02/2010 4:25:38 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application kxsetup.exe, version 5.10.0.3550, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 07/02/2010 6:25:22 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application setup.exe, version 10.4.1.28, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 04/02/2010 9:25:33 AM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application nero.exe, version 6.6.0.15, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 04/02/2010 9:25:33 AM
Type: error Category: 0
Event: 1001 Source: Application Hang
Fault bucket 209500368.

Log: 'Application' Date/Time: 04/02/2010 9:25:27 AM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application nero.exe, version 6.6.0.15, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 03/02/2010 3:53:31 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application nero.exe, version 6.6.0.15, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 02/02/2010 3:37:46 PM
Type: error Category: 0
Event: 11500 Source: MsiInstaller
Product: Kaspersky Internet Security 2009 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

Log: 'Application' Date/Time: 27/01/2010 12:12:07 PM
Type: error Category: 0
Event: 1000 Source: Application Error
Faulting application mspaint.exe, version 5.1.2600.5512, faulting module imm32.dll, version 5.1.2600.5512, fault address 0x00014769.

Log: 'Application' Date/Time: 27/01/2010 12:01:17 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application mspaint.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 27/01/2010 12:00:58 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application mspaint.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/02/2010 2:54:58 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 28/02/2010 2:16:32 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 28/02/2010 8:41:58 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 28/02/2010 8:41:18 AM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 192.168.1.2 for the Network Card with network address 0011118518B9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 27/02/2010 4:45:50 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 27/02/2010 4:45:15 PM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 192.168.1.2 for the Network Card with network address 0011118518B9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 27/02/2010 11:25:05 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 27/02/2010 11:24:30 AM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 192.168.1.2 for the Network Card with network address 0011118518B9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 27/02/2010 10:11:24 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 27/02/2010 10:10:49 AM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 192.168.1.2 for the Network Card with network address 0011118518B9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 26/02/2010 12:58:45 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 26/02/2010 12:56:32 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 26/02/2010 12:56:32 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The WMDM PMSP Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 26/02/2010 10:42:57 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 26/02/2010 10:41:57 AM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 192.168.1.2 for the Network Card with network address 0011118518B9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 26/02/2010 9:16:49 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 26/02/2010 9:16:10 AM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 192.168.1.2 for the Network Card with network address 0011118518B9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 25/02/2010 4:27:32 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

Log: 'System' Date/Time: 25/02/2010 4:26:55 PM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 192.168.1.2 for the Network Card with network address 0011118518B9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 25/02/2010 8:34:32 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: eeCtrl

#53
twonil

Posted 28 February 2010 - 10:58 AM

Member

Topic Starter
Member
92 posts

#54
twonil

Posted 28 February 2010 - 11:11 AM

Member

Topic Starter
Member
92 posts

Heres the Sino log

Wouldnt let me copy & paste or attach so I had to upload

http://www.speedysha..._28-02-2010.log

#55
hammerman

Posted 01 March 2010 - 01:35 PM

Member 4k

Member
4,183 posts

Hi,

Have you tried Firefox in Safe Mode or reinstalling Firefox?

#56
twonil

Posted 01 March 2010 - 01:43 PM

Member

Topic Starter
Member
92 posts

Yes

Ive reinstalled a number of times

Constantly get 100% CPU usage

No-ones been able to sort it out and its really starting bug the [bleep] out of me

#57
hammerman

Posted 01 March 2010 - 01:57 PM

Member 4k

Member
4,183 posts

What version of Firefox are you using?

#58
twonil

Posted 02 March 2010 - 06:46 AM

Member

Topic Starter
Member
92 posts

3.5.8

Ive just unistalled this and installed 3.6

Edited by twonil, 02 March 2010 - 08:20 AM.

#59
hammerman

Posted 03 March 2010 - 12:46 PM

Member 4k

Member
4,183 posts

Hi,

Sorry for the delay. Busy at work.

Any difference with Firefox 3.6?

Goto Start -> Run and type in cmd and hit Enter

In the console window that opened type in chkdsk /r and hit Enter

Select Y to the question about scheduling a check to be carried out at the next system restart. Reboot your computer to allow the check to be carried out.