|
-
August 25th, 2010, 05:24 AM
#16
OTL Extras logfile created on: 8/25/2010 11:32:28 AM - Run 1 OTL by OldTimer - Versio
OTL Extras logfile created on: 8/25/2010 11:32:28 AM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\mink\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
478.00 Mb Total Physical Memory | 196.00 Mb Available Physical Memory | 41.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 40.45 Gb Total Space | 36.29 Gb Free Space | 89.73% Space Free | Partition Type: NTFS
Drive D: | 71.34 Gb Total Space | 70.37 Gb Free Space | 98.63% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 44.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
Drive H: | 3.75 Gb Total Space | 3.64 Gb Free Space | 97.10% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Computer Name: MINK-04D466856B
Current User Name: mink
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\MoRUN.net\StickerLite\sticker.exe" = C:\Program Files\MoRUN.net\StickerLite\sticker.exe:*:Enabled:MoRUN.net Sticker Lite -- (MoRUN.net)
-
August 25th, 2010, 05:25 AM
#17
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1F403DD9-5A80-46DC-AAEC-9C743121E8B8}" = LifeBook Application Panel
"{20CCA435-1465-4567-885C-4A0AFCD0EB05}" = F2100_Help
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3703B471-08F1-40F6-9DBF-DACFE74DBFCC}" = Fujitsu Display Manager
"{3BB2AA79-6623-48F4-B288-0CE1C88D40D6}" = O2Micro Flash Memory Card Windows Driver
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = Bluetooth Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5FBAEFFA-F303-49AF-9A5D-750DA899F425}" = Atheros Install Program for Wireless Network Adapter Products
"{620797B0-A022-4B57-A95E-CD7DD0325014}" = MoRUN.net Sticker Lite
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D48CCDB0-5EAB-4ED9-8D3E-8653EFFBFB84}" = Fujitsu System Extension Utility
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E3030F57-9E6B-4E36-95B6-F7B4DBDEB8FB}" = HP Smart Web Printing 1.0
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EC502085-5F63-41A2-A290-41F9F9574270}" = Broadcom 44x 10/100 Integrated Controller
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6F90406-4726-4559-B6F7-3A96529CDD45}" = F2100
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Browser Defender_is1" = Browser Defender 3.0
"Cooking Dash: DinerTown Studios" = Cooking Dash: DinerTown Studios
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"InstallShield_{3703B471-08F1-40F6-9DBF-DACFE74DBFCC}" = Fujitsu Display Manager
"InstallShield_{3BB2AA79-6623-48F4-B288-0CE1C88D40D6}" = O2Micro Flash Memory Card Windows Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Spyware Doctor" = PC Tools AntiVirus Free
"WinRAR archiver" = WinRAR archiver
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/9/2010 5:39:30 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application excel.exe, version 12.0.4518.1014, stamp 45428263,
faulting module excel.exe, version 12.0.4518.1014, stamp 45428263, debug? 0, fault
address 0x0006bbff.
Error - 7/9/2010 5:39:37 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application excel.exe, version 12.0.4518.1014, stamp 45428263,
faulting module excel.exe, version 12.0.4518.1014, stamp 45428263, debug? 0, fault
address 0x0006bbff.
Error - 7/13/2010 2:09:38 AM | Computer Name = MINK-04D466856B | Source = Application Hang | ID = 1002
Description = Hanging application Mobile Connect.exe, version 6.2.0.3, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/15/2010 4:55:17 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028,
faulting module wwlib.dll, version 12.0.4518.1014, stamp 454285fb, debug? 0, fault
address 0x0013823f.
Error - 7/19/2010 4:56:31 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 excel.exe, P2 12.0.4518.1014, P3
ntdll.dll, P4 5.1.2600.2180, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
-
August 25th, 2010, 05:26 AM
#18
Error - 7/28/2010 5:34:31 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028,
faulting module hpz3r4v2.dll, version 61.63.247.0, stamp 45949947, debug? 0, fault
address 0x00045a98.
Error - 7/28/2010 5:34:54 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028,
faulting module hpz3r4v2.dll, version 61.63.247.0, stamp 45949947, debug? 0, fault
address 0x00045a98.
Error - 7/29/2010 5:03:31 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028,
faulting module hpz3r4v2.dll, version 61.63.247.0, stamp 45949947, debug? 0, fault
address 0x00045a98.
Error - 8/11/2010 5:40:57 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028,
faulting module hpz3r4v2.dll, version 61.63.247.0, stamp 45949947, debug? 0, fault
address 0x00045a98.
Error - 8/16/2010 11:11:19 AM | Computer Name = MINK-04D466856B | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3828, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ OSession Events ]
Error - 7/9/2010 5:38:24 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2167
seconds with 240 seconds of active time. This session ended with a crash.
Error - 7/9/2010 5:38:36 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/9/2010 5:38:51 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/9/2010 5:39:12 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/9/2010 5:39:30 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/9/2010 5:39:36 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/15/2010 4:55:12 AM | Computer Name = MINK-04D466856B | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5881
seconds with 1140 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 6/8/2010 10:48:59 PM | Computer Name = MINK-04D466856B | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\D.
Error - 6/22/2010 11:15:57 PM | Computer Name = MINK-04D466856B | Source = hwdatacard | ID = 262187
Description =
Error - 6/22/2010 11:36:42 PM | Computer Name = MINK-04D466856B | Source = hwdatacard | ID = 262187
Description =
Error - 6/22/2010 11:56:58 PM | Computer Name = MINK-04D466856B | Source = hwdatacard | ID = 262187
Description =
Error - 6/23/2010 12:17:14 AM | Computer Name = MINK-04D466856B | Source = hwdatacard | ID = 262187
Description =
Error - 6/23/2010 12:37:25 AM | Computer Name = MINK-04D466856B | Source = hwdatacard | ID = 262187
Description =
< End of report >
-
August 25th, 2010, 11:34 AM
#19
Your computer could definitely use another 512MB of RAM. It'd run much better.
Update your Java version here: http://www.java.com/en/download/installed.jsp
Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.
Now, we need to remove old Java version and its remnants...
Download JavaRa to your desktop and unzip it to its own folder
- Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
- Accept any prompts.
===============================================================
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
Code:
:OTL
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
:Services
:Reg
:Files
:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- You will get a log that shows the results of the fix. Please post it.
===============================================================
Last scans...
1. Download Security Check from HERE, and save it to your Desktop.
- Double-click SecurityCheck.exe
- Follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
2. Download Temp File Cleaner (TFC)
- Double click on TFC.exe to run the program.
- Click on Start button to begin cleaning process.
- TFC will close all running programs, and it may ask you to restart computer.
3. Go to Kaspersky website and perform an online antivirus scan.
- Disable your active antivirus program.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Archives
- Mail databases
- Click on My Computer under Scan.
- Once the scan is complete, it will display the results. Click on View Scan Report.
- You will see a list of infected items there. Click on Save Report As....
- Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
-
August 25th, 2010, 10:42 PM
#20
virus still come back :(
Hi Broni,
Here's the pctools logfile as of this morning's scan:
8/26/2010 6:57:02 AM:984
Service Started
PC Tools AntiVirus Free Service Application started
8/26/2010 6:57:02 AM:984
Anti-Malware Engine
Anti-Malware engine configuration loaded successfully.
8/26/2010 6:57:03 AM:62
IntelliGuards status
All IntelliGuards were Enabled
8/26/2010 6:57:04 AM:671
Immunizer Results
ActiveX section has been immunized, Processed 2 items.
8/26/2010 6:59:50 AM:156
Scan Started
Scan Type - Intelli-Scan
8/26/2010 7:00:28 AM:312
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - bh ad.yieldmanager.com
8/26/2010 7:00:28 AM:312
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - uid ad.yieldmanager.com
8/26/2010 7:00:28 AM:312
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - BX ad.yieldmanager.com
8/26/2010 7:00:28 AM:500
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - NETID01 revsci.net
8/26/2010 7:00:28 AM:500
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - ih ad.yieldmanager.com
8/26/2010 7:00:28 AM:500
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - vuday1 ad.yieldmanager.com
8/26/2010 7:00:28 AM:500
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - pv1 ad.yieldmanager.com
8/26/2010 7:00:28 AM:640
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - RMAK content.yieldmanager.com
8/26/2010 7:00:28 AM:640
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - liday1 ad.yieldmanager.com
8/26/2010 7:00:28 AM:656
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - CS1 questionmarket.com
8/26/2010 7:00:28 AM:656
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ES questionmarket.com
8/26/2010 7:00:28 AM:906
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - AEID adecn.com
8/26/2010 7:00:28 AM:968
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRID ads.pointroll.com
8/26/2010 7:00:28 AM:968
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRimp ads.pointroll.com
8/26/2010 7:00:28 AM:968
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRca ads.pointroll.com
8/26/2010 7:00:28 AM:984
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRcp ads.pointroll.com
8/26/2010 7:00:28 AM:984
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRpl ads.pointroll.com
8/26/2010 7:00:28 AM:984
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRcr ads.pointroll.com
8/26/2010 7:00:28 AM:984
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRpc ads.pointroll.com
8/26/2010 7:00:29 AM:390
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - s_vi microsoftwllivemkt.112.2o7.net
8/26/2010 7:00:29 AM:390
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - udm_0 revsci.net
8/26/2010 7:00:29 AM:390
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - rsi_segs_1000000 revsci.net
8/26/2010 7:00:29 AM:390
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - rtc_0 revsci.net
8/26/2010 7:00:56 AM:625
Scan Finished
Scan Type - Intelli-Scan
Items Processed - 2191
Threats Detected - 3
Infections Detected - 23
8/26/2010 9:19:05 AM:593
Smart Update
Smart Update has determined that PC Tools AntiVirus Free is up to date
8/26/2010 9:19:16 AM:390
Immunizer Results
ActiveX section has been immunized. No items were processed.
8/26/2010 9:26:55 AM:46
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - s_vi microsoftwllivemkt.112.2o7.net
8/26/2010 9:26:55 AM:296
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - liday1 ad.yieldmanager.com
8/26/2010 9:26:55 AM:343
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - RMAK content.yieldmanager.com
8/26/2010 9:26:55 AM:359
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - pv1 ad.yieldmanager.com
8/26/2010 9:26:55 AM:375
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - vuday1 ad.yieldmanager.com
8/26/2010 9:26:55 AM:390
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - ih ad.yieldmanager.com
8/26/2010 9:26:55 AM:406
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - BX ad.yieldmanager.com
8/26/2010 9:26:55 AM:406
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - uid ad.yieldmanager.com
8/26/2010 9:26:55 AM:437
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - bh ad.yieldmanager.com
8/26/2010 9:26:55 AM:812
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - rtc_0 revsci.net
8/26/2010 9:26:55 AM:843
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - rsi_segs_1000000 revsci.net
8/26/2010 9:26:55 AM:906
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - udm_0 revsci.net
8/26/2010 9:26:55 AM:906
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - AEID adecn.com
8/26/2010 9:26:55 AM:921
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ES questionmarket.com
8/26/2010 9:26:55 AM:953
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - CS1 questionmarket.com
8/26/2010 9:26:56 AM:0
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - NETID01 revsci.net
8/26/2010 9:26:56 AM:203
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRpc ads.pointroll.com
8/26/2010 9:26:56 AM:203
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRcr ads.pointroll.com
8/26/2010 9:26:56 AM:203
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRpl ads.pointroll.com
8/26/2010 9:26:56 AM:203
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRcp ads.pointroll.com
8/26/2010 9:26:56 AM:203
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRca ads.pointroll.com
8/26/2010 9:26:56 AM:218
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRimp ads.pointroll.com
8/26/2010 9:26:56 AM:218
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRID ads.pointroll.com
8/26/2010 9:27:01 AM:578
Infections Quarantined/Removed Summary
Quarantined - 0
Quarantine Failed - 0
Removed - 23
Remove Failed - 0
thanks 
cweidya
-
August 25th, 2010, 11:14 PM
#21
These are all tracking cookies - harmless text files. Most security programs don't even pay attention to them and don't list them as threats.
Proceed with my steps.
-
August 28th, 2010, 11:25 PM
#22
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP FC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Cait
->Temp folder emptied: 287796 bytes
->Temporary Internet Files folder emptied: 594497 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 24842820 bytes
->Flash cache emptied: 2023 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: mink
->Temp folder emptied: 11451213 bytes
->Temporary Internet Files folder emptied: 631793 bytes
->Java cache emptied: 126398 bytes
->FireFox cache emptied: 39998499 bytes
->Flash cache emptied: 4062 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 153381 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33313 bytes
RecycleBin emptied: 17331 bytes
Total Files Cleaned = 75.00 mb
[EMPTYFLASH]
User: All Users
User: Cait
->Flash cache emptied: 0 bytes
User: Default User
User: LocalService
User: mink
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.10.0 log created on 08292010_094837
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
August 28th, 2010, 11:26 PM
#23
-
August 28th, 2010, 11:32 PM
#24
Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 2
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
PC Tools AntiVirus Free
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 21
Adobe Flash Player 10.0.45.2
Adobe Reader 9.3.3
Mozilla Firefox (3.6.6) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
````````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)
``````````End of Log````````````
-
August 28th, 2010, 11:36 PM
#25
1. Update Firefox
2. Update Internet Explorer to at least ver. 7
3. When Kaspersky finishes clean, we have to remember to install SP3.
-
August 29th, 2010, 12:23 AM
#26
Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 2
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
PC Tools AntiVirus Free
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 21
Adobe Flash Player 10.0.45.2
Adobe Reader 9.3.3
Mozilla Firefox (3.6.6) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
````````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)
``````````End of Log````````````
-
August 29th, 2010, 12:27 AM
#27
I got this already and I replied
-
August 29th, 2010, 12:31 AM
#28
Hi Broni,
Sorry about the double posting. My internet is going very slow. That reply window seemed like it wasnt sent yet, so I re-tried that again. Anyway, am doing the kaspersky scan now. How do I get SP3?
Thanks a bunch,
cweidya
-
August 29th, 2010, 12:34 AM
#29
We'll get to it, when Kaspersky comes up clean.
-
August 29th, 2010, 01:28 AM
#30
I cant seem to update IE successfully. Tried to d/l both IE 7 and IE 8 at different times, but were directed to this each time:
The page cannot be displayed
There is a problem with the page you are trying to reach and it cannot be displayed.
--------------------------------------------------------------------------------
Please try the following:
Open the download.microsoft.com home page, and then look for links to the information you want.
Click the Refresh button, or try again later.
Click Search to look for information on the Internet.
You can also see a list of related sites.
HTTP 500 - Internal server error
Internet Explorer
What did i do wrong?
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
