Jump to content


Ie 8 Not Responding On Facebook, Etc.

Started by Susanherna, Jan 30 2012 10:01 AM

  • Please log in to reply
48 replies to this topic

#1
Susanherna
Posted 30 Jan 2012 - 10:01 AM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home
I am having constant problems with IE8 with websites not responding, especially Facebook. I even got the message on here a couple of minutes ago.

I have Windows XP Home.
Puter is a MSI Wind PC.

This has been happening for a couple of months. Nothing I have done has seemed to help. I even used Microsoft FixIT. :boohoo: .

#2
BeeCeeBee
Posted 30 Jan 2012 - 10:05 AM

BeeCeeBee

    ADMINISTRATOR

  • Administrators
  • 6028 posts
  • LocationNew Jersey and Ireland
  • Computer Experience:Very Experienced
  • OS:Windows 7
First, welcome to Computer Help Forums! :)
Are you using a firewall? What is the message that you refer to?

Posted Image

We are all here to help each other! If you are a guest reading these forums why not register HERE

Posted Image

Posted Image
No animals were harmed in the production of this forum.

#3
allheart55
Posted 30 Jan 2012 - 10:44 AM

allheart55

    SENIOR TECHNICAL SPECIALIST - SUPER MODERATOR

  • Super Moderators
  • 2058 posts
  • LocationPennsylvania
  • Computer Experience:Very Experienced
  • OS:Windows 7
Contributor
Have you tried running IE8 without any add ons?

Add-ons or plug-ins are either added manually or are added with the installation of different applications. Some are by default.
A corrupt add-in can cause Internet Explorer to stop responding. To check this, click on start > all programs > accessories >
system tools > internet explorer no add ons. If Internet Explorer begins working properly, one or more of the add-ons are corrupt.
To locate the plug-in creating problem, start Internet Explorer normally again and disable all plug-ins. Enable each plug-in—one by
one—after browsing for some time with each plug-in. You can isolate the plug-in causing the problem if Internet Explorer 8 hangs as
soon as you enable the corrupt plug-in. Click on the Disable or Remove button after selecting the plug-in in the Manage Add-ons
window to fix the problem.

Posted Image


Posted Image
We are all here to help each other! If you are a guest reading these forums why not register Here

#4
Susanherna
Posted 30 Jan 2012 - 12:06 PM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home
I use the Windows Firewall. I have Microsoft Security Essentials also.

I have tried running with no add-ons. Didn't help!

#5
allheart55
Posted 30 Jan 2012 - 02:29 PM

allheart55

    SENIOR TECHNICAL SPECIALIST - SUPER MODERATOR

  • Super Moderators
  • 2058 posts
  • LocationPennsylvania
  • Computer Experience:Very Experienced
  • OS:Windows 7
Contributor
If you are sure you have not been invaded by malware which can also cause IE to
stop responding, I would try uninstalling IE8. Reboot and install a fresh copy of
IE8.

Posted Image


Posted Image
We are all here to help each other! If you are a guest reading these forums why not register Here

#6
starbuck
Posted 30 Jan 2012 - 04:31 PM

starbuck

    MALWARE REMOVAL SPECIALIST - MODERATOR

  • Moderators
  • 1169 posts
  • LocationMidlands, UK
  • Computer Experience:Very Experienced
  • OS:Windows 7
As this is a Win XP m/c, maybe a good clean out would help.

Clean out your temporary internet files, temp files and Browser caches.

Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


Posted Image

Posted Image

Posted Image Posted Image

#7
Susanherna
Posted 31 Jan 2012 - 09:41 AM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home

 starbuck, on 30 Jan 2012 - 04:31 PM, said:

As this is a Win XP m/c, maybe a good clean out would help.

Clean out your temporary internet files, temp files and Browser caches.

Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

I ran it. Too early to tell about other websites, but Facebook is still having problems.

#8
starbuck
Posted 31 Jan 2012 - 02:06 PM

starbuck

    MALWARE REMOVAL SPECIALIST - MODERATOR

  • Moderators
  • 1169 posts
  • LocationMidlands, UK
  • Computer Experience:Very Experienced
  • OS:Windows 7
We can certainly take a look at your system and see if there's any obvious signs of malware.... just to rule that out.
Could the problem be down to your internet connection?
How is the system connected to the internet.... Wireless or ethernet cable?
Any other computers using the same connection?
Have you tried a different browser to see if the problems still occur?

Step 1
Please download Malwarebytes Anti-Malware and save it to your desktop.
You may get redirected to a Mirror site for the download, this is quite normal.
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Step 2
  • Download OTL to your desktop.
    right click on the link and select 'Save Link/Target As'.

    if you have problems, try this download link:
    OTL
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check
.

.
Posted Image

Now copy the lines in bold below.

netsvcs
msconfig
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\*
%USERPROFILE%\..|smtmp;true;true;true /FP
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

    Posted Image
    .
  • Click the Run Scan button.

    Posted Image

  • Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply.


In your next reply, please submit:
MBAM scan report
Both reports from OTL
and please let me know the answers to the questions at the beginning of this post.
The more info we have the easier it is to help.


Thanks.



Posted Image

Posted Image

Posted Image Posted Image

#9
Susanherna
Posted 01 Feb 2012 - 12:05 PM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.02.01.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Susan :: SUSANSPUTER [administrator]
2/1/2012 10:00:01 AM
mbam-log-2012-02-01 (10-00-01).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 338566
Time elapsed: 1 hour(s), 31 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
OTL Extras logfile created on: 2/1/2012 11:44:22 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Susan\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.98% Memory free
3.83 Gb Paging File | 3.37 Gb Available in Paging File | 87.89% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 120.32 Gb Free Space | 80.73% Space Free | Partition Type: NTFS

Computer Name: SUSANSPUTER | User Name: Susan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:UDP" = 5353:UDP:*:Enabled:Bonjour Port 5353
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" = C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe" = C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe" = C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe" = C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe:*:Enabled:Auslogics BoostSpeed -- (Auslogics)
"C:\Program Files\Microsoft Silverlight\5.0.61118.0\Silverlight.Configuration.exe" = C:\Program Files\Microsoft Silverlight\5.0.61118.0\Silverlight.Configuration.exe:*:Enabled:Microsoft Silverlight -- (Microsoft Corporation)
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" = C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE:*:Enabled:SUPERAntiSpyware Professional
"C:\Program Files\FileHippo.com\UpdateChecker.exe" = C:\Program Files\FileHippo.com\UpdateChecker.exe:*:Enabled:Update Checker -- (FileHippo.com)
"C:\Program Files\CCleaner\CCleaner.exe" = C:\Program Files\CCleaner\CCleaner.exe:*:Enabled:CCleaner -- (Piriform Ltd)
"C:\Program Files\Defraggler\Defraggler.exe" = C:\Program Files\Defraggler\Defraggler.exe:*:Enabled:Defraggler -- (Piriform Ltd)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\123 Free Solitaire\123FreeSolitaire.exe" = C:\Program Files\123 Free Solitaire\123FreeSolitaire.exe:*:Enabled:123 Free Solitaire -- ()
"C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe" = C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe:*:Enabled:RingCentral Call Controller


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{528145C0-462A-11E1-B8B4-B8AC6F97B88E}" = Google Earth
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}" = Works Synchronization
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"123 Free Solitaire_is1" = 123 Free Solitaire 2011 v8.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIM_7" = AIM 7
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"FileHippo.com" = FileHippo.com Update Checker
"HDMI" = Intel® Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Rapport_msi" = Rapport
"RealPlayer 15.0" = RealPlayer
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Speccy" = Speccy
"Squelchies Screen Saver #1" = Squelchies Screen Saver #1
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2002Setup" = Microsoft Works 2002 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Messaging Toolbar" = AOL Messaging Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/30/2012 2:09:41 PM | Computer Name = SUSANSPUTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/30/2012 2:09:46 PM | Computer Name = SUSANSPUTER | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.

Error - 1/30/2012 5:10:27 PM | Computer Name = SUSANSPUTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/1/2012 9:58:45 AM | Computer Name = SUSANSPUTER | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\SUSAN\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 2/1/2012 9:58:45 AM | Computer Name = SUSANSPUTER | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\SUSAN\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

[ Application Events ]
Error - 1/30/2012 2:09:41 PM | Computer Name = SUSANSPUTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/30/2012 2:09:46 PM | Computer Name = SUSANSPUTER | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.

Error - 1/30/2012 5:10:27 PM | Computer Name = SUSANSPUTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/1/2012 9:58:45 AM | Computer Name = SUSANSPUTER | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\SUSAN\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

Error - 2/1/2012 9:58:45 AM | Computer Name = SUSANSPUTER | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\SUSAN\RECENT\DESKTOP.INI> in
the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)

[ System Events ]
Error - 1/26/2012 11:42:51 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7000
Description = The NMIndexingService service failed to start due to the following
error: %%3

Error - 1/26/2012 11:42:53 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
2147749155 (0x80040D23).

Error - 1/26/2012 11:44:19 AM | Computer Name = SUSANSPUTER | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service WSearch with
arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 1/26/2012 11:44:19 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

Error - 1/26/2012 11:44:21 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL

Error - 1/26/2012 11:44:21 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Windows Search service
to connect.

Error - 1/26/2012 11:44:22 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
%%1053

Error - 1/26/2012 1:12:25 PM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7000
Description = The NMIndexingService service failed to start due to the following
error: %%3

Error - 1/26/2012 1:14:35 PM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

Error - 1/26/2012 1:14:36 PM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL

[ System Events ]
Error - 1/26/2012 11:42:51 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7000
Description = The NMIndexingService service failed to start due to the following
error: %%3

Error - 1/26/2012 11:42:53 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
2147749155 (0x80040D23).

Error - 1/26/2012 11:44:19 AM | Computer Name = SUSANSPUTER | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service WSearch with
arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 1/26/2012 11:44:19 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

Error - 1/26/2012 11:44:21 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL

Error - 1/26/2012 11:44:21 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Windows Search service
to connect.

Error - 1/26/2012 11:44:22 AM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
%%1053

Error - 1/26/2012 1:12:25 PM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7000
Description = The NMIndexingService service failed to start due to the following
error: %%3

Error - 1/26/2012 1:14:35 PM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

Error - 1/26/2012 1:14:36 PM | Computer Name = SUSANSPUTER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL


< End of report >

Attached Files

  • Attached File  OTL.Txt   79.29K   1 downloads

#10
Susanherna
Posted 01 Feb 2012 - 12:12 PM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home
This is the only computer.
It is connected with a usb to ethernet cable. I had problems a couple of weeks ago with not being able to get on the internet. My internet service is through my telephone co. Techs came out and found that the port that the cable was attached to was bad. Because my computer is a micro tower the port is built into the motherboard. They installed a Usb to ethernet adapter.


I have not tried another browser yet. But, I think I might try Google Chrome.

#11
Susanherna
Posted 01 Feb 2012 - 12:34 PM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home
I think the problem is confined to IE8. I am using Google Chrome right now and I am not having any problems. I really would like the problems with IE8 cleared up because I like it.

Edit:
I'll add the OTL report to this thread as it's easier to read that way

Starbuck

-----------------

OTL logfile created on: 2/1/2012 11:44:22 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Susan\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.98% Memory free
3.83 Gb Paging File | 3.37 Gb Available in Paging File | 87.89% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 120.32 Gb Free Space | 80.73% Space Free | Partition Type: NTFS

Computer Name: SUSANSPUTER | User Name: Susan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Susan\desktop\OTL.scr (OldTimer Tools)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll ()
MOD - C:\Program Files\Trusteer\Rapport\bin\js32.dll ()


========== Win32 Services (SafeList) ==========

SRV - (NMIndexingService) -- File not found
SRV - (Nero BackItUp Scheduler 4.0) -- File not found
SRV - (ioloSystemService) -- File not found
SRV - (ioloFileInfoList) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (ACDaemon) -- File not found
SRV - (0131641296172501mcinstcleanup) McAfee Application Installer Cleanup (0131641296172501) -- File not found
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (Kodak AiO Network Discovery Service) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company)
SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)


========== Driver Services (SafeList) ==========

DRV - (RapportIaso) -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys (Trusteer Ltd.)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\WINDOWS\System32\Drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (RapportCerberus_34302) -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (MSI_DVD_010507) -- C:\Program Files\MSI\MSIWDev\DVDSYS32_100507.sys (Your Corporation)
DRV - (MSI_VGASYS_010507) -- C:\Program Files\MSI\MSIWDev\VGASYS32_100507.sys ()
DRV - (SMC2209) -- C:\WINDOWS\system32\drivers\SMC2209.sys (SMC Networks)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/01/02 09:39:19 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: com ([www.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1254950168828 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.124.193.100 209.124.193.101
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63732C85-853A-4138-B39C-FD38C537399A}: DhcpNameServer = 209.124.193.100 209.124.193.101
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/05 12:35:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\Shell - "" = AutoRun
O33 - MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (autocheck AUTONTFS C: PAGE=MIN DIRS=MFTZ MFT=MIN)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: EKIJ5000StatusMonitor - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/01 11:38:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Susan\Desktop\OTL.scr
[2012/02/01 09:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/01 09:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/02/01 09:56:52 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/02/01 09:56:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/02/01 09:55:16 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Susan\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/01 08:06:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Start Menu\Programs\CyberLink PowerDVD
[2012/01/31 22:09:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Susan\Recent
[2012/01/31 11:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\My Documents\OnDemandDump
[2012/01/31 11:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\My Documents\CrashLog
[2012/01/31 10:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Desktop\Unused Desktop Shortcuts
[2012/01/30 22:52:41 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Susan\My Documents\TFC.exe
[2012/01/28 21:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2012/01/26 09:39:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Application Data\Auslogics
[2012/01/26 09:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
[2012/01/26 09:39:23 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2012/01/25 10:16:44 | 000,056,208 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2012/01/24 13:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RingCentral
[2012/01/22 10:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Local Settings\Application Data\FixItCenter
[2012/01/22 10:02:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/01/22 10:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012/01/20 10:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/01/20 10:20:20 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/01/20 10:20:20 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/01/20 10:20:20 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/01/20 10:20:20 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/01/20 09:27:35 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2012/01/20 09:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/01/16 23:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/01/16 23:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012/01/11 00:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2012/01/10 18:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Temp
[2012/01/10 11:28:00 | 000,018,048 | R--- | C] (SMC Networks) -- C:\WINDOWS\System32\drivers\SMC2209.sys
[2012/01/09 07:51:16 | 001,832,544 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\Susan\Desktop\MCPR.exe
[2012/01/03 17:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Application Data\RealNetworks
[2012/01/03 14:20:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/01/03 14:18:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2012/01/03 14:15:10 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

========== Files - Modified Within 30 Days ==========

[2012/02/01 11:38:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Susan\Desktop\OTL.scr
[2012/02/01 11:12:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/01 10:06:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
[2012/02/01 09:57:06 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/01 09:55:32 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Susan\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/01 09:28:55 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{508D7A56-9EDD-46CE-B68C-C1DFF09E0BE0}.job
[2012/02/01 08:09:39 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/02/01 08:04:50 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1078081533-602609370-682003330-1005.job
[2012/02/01 08:04:49 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
[2012/02/01 08:04:48 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/01 08:04:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/01 08:04:32 | 2138,427,392 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/01 08:02:40 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Susan\My Documents\TFC.exe
[2012/01/31 13:39:04 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1078081533-602609370-682003330-1005.job
[2012/01/31 12:56:28 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/31 09:07:34 | 000,192,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/31 08:37:10 | 000,000,970 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\AOL.com.url
[2012/01/31 06:44:05 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2012/01/30 15:00:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/30 12:00:03 | 001,330,205 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\PapaMurphysMenu.pdf
[2012/01/30 09:45:15 | 000,000,980 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Facebook.url
[2012/01/28 21:35:30 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2012/01/27 07:17:34 | 000,000,914 | ---- | M] () -- C:\Documents and Settings\Susan\Application Data\Microsoft\Internet Explorer\Quick Launch\Auslogics BoostSpeed.lnk
[2012/01/27 07:17:34 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Auslogics BoostSpeed.lnk
[2012/01/27 07:10:13 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/01/27 06:31:06 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/01/27 06:19:07 | 000,001,988 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\cc_20120127_061900.reg
[2012/01/25 20:41:21 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Calculator.lnk
[2012/01/25 10:16:44 | 000,056,208 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2012/01/24 21:46:42 | 000,001,543 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Solitaire.lnk
[2012/01/24 12:18:35 | 000,308,453 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\Free Fax • Free Internet Faxing.mht
[2012/01/24 11:50:55 | 000,000,658 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2012/01/24 11:35:30 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\123 Free Solitaire.lnk
[2012/01/23 19:58:36 | 000,001,584 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
[2012/01/22 11:41:24 | 000,002,989 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\UICC Claims.htm
[2012/01/22 10:02:59 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/01/20 14:23:46 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Microsoft Security Essentials.lnk
[2012/01/20 10:31:34 | 000,000,960 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\AOL MAIL.url
[2012/01/20 10:19:58 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/01/20 10:19:58 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/01/20 10:19:58 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/01/20 10:19:58 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/01/20 10:19:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012/01/20 09:16:44 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/01/19 13:17:19 | 000,644,186 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\2011 state tax return.pdf
[2012/01/19 12:44:44 | 000,042,437 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\2011 1040.pdf
[2012/01/19 12:43:15 | 000,097,452 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\2011 federal tax.pdf
[2012/01/19 11:54:35 | 000,248,147 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\2011 sally W2.pdf
[2012/01/18 21:52:11 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\BLANK TAB.url
[2012/01/16 23:56:57 | 000,035,544 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/01/12 17:52:10 | 000,421,888 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2012/01/11 08:51:38 | 000,071,625 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\application renewal.pdf
[2012/01/10 19:22:37 | 005,978,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2012/01/09 07:51:30 | 001,832,544 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\Susan\Desktop\MCPR.exe

========== Files Created - No Company Name ==========

[2012/02/01 09:57:06 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/31 09:07:34 | 000,192,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/30 12:00:03 | 001,330,205 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\PapaMurphysMenu.pdf
[2012/01/30 09:45:15 | 000,000,980 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Facebook.url
[2012/01/28 21:35:30 | 000,001,919 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2012/01/27 07:17:34 | 000,000,914 | ---- | C] () -- C:\Documents and Settings\Susan\Application Data\Microsoft\Internet Explorer\Quick Launch\Auslogics BoostSpeed.lnk
[2012/01/27 07:17:34 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Auslogics BoostSpeed.lnk
[2012/01/27 06:19:05 | 000,001,988 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\cc_20120127_061900.reg
[2012/01/24 12:18:33 | 000,308,453 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\Free Fax • Free Internet Faxing.mht
[2012/01/24 11:35:30 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\123 Free Solitaire.lnk
[2012/01/22 11:41:24 | 000,002,989 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\UICC Claims.htm
[2012/01/22 10:06:02 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job
[2012/01/22 10:06:02 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job
[2012/01/22 10:02:59 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/01/22 10:02:59 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/01/20 14:23:46 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Microsoft Security Essentials.lnk
[2012/01/20 10:31:34 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\AOL MAIL.url
[2012/01/20 09:21:27 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/01/20 09:16:44 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/01/20 09:16:11 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/01/19 13:17:14 | 000,644,186 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\2011 state tax return.pdf
[2012/01/19 12:44:43 | 000,042,437 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\2011 1040.pdf
[2012/01/19 12:43:15 | 000,097,452 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\2011 federal tax.pdf
[2012/01/19 11:54:34 | 000,248,147 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\2011 sally W2.pdf
[2012/01/18 21:52:11 | 000,000,154 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\BLANK TAB.url
[2012/01/16 23:56:57 | 000,035,544 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/01/16 23:51:39 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/16 23:51:28 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2012/01/11 08:51:38 | 000,071,625 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\application renewal.pdf
[2012/01/11 00:12:50 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
[2012/01/10 10:03:41 | 2138,427,392 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/04 20:51:25 | 000,000,970 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\AOL.com.url
[2011/05/05 21:36:47 | 000,000,475 | ---- | C] () -- C:\Program Files\0505201122364734.bat
[2010/01/11 13:55:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/12/27 09:29:36 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2009/12/10 11:04:09 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Susan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/14 07:57:26 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2009/10/10 06:49:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IntIgn0xF28456.dat
[2009/10/09 06:41:42 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Susan\Local Settings\Application Data\fusioncache.dat
[2009/10/07 14:46:35 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/07 12:23:22 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\unzdll.dll
[2009/10/05 12:58:55 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/10/05 12:52:24 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/10/05 12:49:18 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/10/05 12:37:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/10/05 12:32:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/10/05 07:02:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2004/08/04 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 06:00:00 | 000,578,014 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 06:00:00 | 000,110,560 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2009/10/11 13:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2012/01/27 07:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2010/06/27 15:13:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/11/05 23:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Eastman Kodak Company
[2010/04/25 14:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2009/11/05 21:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2011/12/15 19:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2012/01/26 11:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RingCentral
[2012/01/31 17:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/10/07 00:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TreeCardGames
[2011/11/19 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2012/01/03 14:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/13 05:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\acccore
[2012/01/27 08:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\Auslogics
[2009/10/16 11:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\CallingID
[2009/12/02 12:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/01/09 10:24:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\ElevatedDiagnostics
[2010/08/08 11:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\GlarySoft
[2010/04/29 22:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\GrassGames
[2010/03/24 09:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\IObit
[2011/05/05 21:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\Oberon Media
[2011/03/19 18:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\OpenOffice.org
[2011/05/05 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\Pogo Games
[2009/10/11 07:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\Skinux
[2011/11/19 22:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\TechCheck
[2011/09/09 01:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\Temp
[2009/10/07 00:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\TreeCardGames
[2011/11/19 01:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\Trusteer
[2009/10/06 22:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\Windows Desktop Search
[2009/10/06 23:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\Windows Search
[2012/02/01 08:04:49 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\Tasks\ConfigExec.job
[2012/02/01 10:06:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\Tasks\DataUpload.job
[2012/01/27 07:10:13 | 000,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/02/01 08:09:39 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/02/01 09:28:55 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{508D7A56-9EDD-46CE-B68C-C1DFF09E0BE0}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/10/05 12:35:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/12/12 22:21:39 | 000,000,212 | -HS- | M] () -- C:\boot.ini
[2010/03/11 09:15:39 | 000,001,319 | ---- | M] () -- C:\CD3rdPartyWrapper.log
[2009/10/07 19:22:33 | 000,008,218 | R--- | M] () -- C:\CLDMA.LOG
[2009/10/05 12:35:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/10/10 15:38:09 | 000,000,000 | ---- | M] () -- C:\defragme.dat
[2009/09/04 17:01:08 | 000,094,024 | ---- | M] (Microsoft Corporation) -- C:\DSETUP.dll
[2012/02/01 08:04:32 | 2138,427,392 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/10 21:48:35 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2009/10/05 12:35:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/05/06 20:03:18 | 000,001,404 | -H-- | M] () -- C:\IPH.PH
[2010/05/06 20:11:26 | 000,000,097 | ---- | M] () -- C:\LUO.bat
[2009/10/05 12:35:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/10/05 13:06:45 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/02/01 08:04:31 | 2138,353,664 | -HS- | M] () -- C:\pagefile.sys
[2011/12/20 09:29:41 | 000,000,000 | ---- | M] () -- C:\ref~tmp~.txt

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2011/06/16 16:53:22 | 000,196,608 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\EKIJ5000PPR.dll
[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011/04/24 09:42:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011/04/24 09:42:52 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011/04/24 09:42:52 | 000,892,928 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\* >
[2011/05/05 21:36:48 | 000,000,475 | ---- | M] () -- C:\Program Files\0505201122364734.bat

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 05:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 05:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 05:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe"

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 05:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 05:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 05:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe"

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\mshtml.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Susan\My Documents\TFC.exe:SummaryInformation
@Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5EC637CB

< End of report >

#12
BeeCeeBee
Posted 01 Feb 2012 - 12:43 PM

BeeCeeBee

    ADMINISTRATOR

  • Administrators
  • 6028 posts
  • LocationNew Jersey and Ireland
  • Computer Experience:Very Experienced
  • OS:Windows 7
I think it is important that Starbuck have a look at your logs now that they have been posted. In the meantime, have you checked your IE settings?
Tools>Internet options> security. Make certain that your security settings are on Internet not trusted sites. If you select trusted sites you will have to add them. Next check your privacy settings, anything above medium high will block all cookies and that would effect your ability to use Facebook.

Also have you tried disabling your firewall for a short check. The fact that everything is fine with Chrome leads me to believe that the Firewall is probably not the issue but it is worth checking.

Posted Image

We are all here to help each other! If you are a guest reading these forums why not register HERE

Posted Image

Posted Image
No animals were harmed in the production of this forum.

#13
starbuck
Posted 01 Feb 2012 - 03:18 PM

starbuck

    MALWARE REMOVAL SPECIALIST - MODERATOR

  • Moderators
  • 1169 posts
  • LocationMidlands, UK
  • Computer Experience:Very Experienced
  • OS:Windows 7
Hi Susan

Quote

have you checked your IE settings?
Tools>Internet options> security. Make certain that your security settings are on Internet not trusted sites. If you select trusted sites you will have to add them. Next check your privacy settings, anything above medium high will block all cookies and that would effect your ability to use Facebook
That's right....Definitely nothing higher than Medium/High for the security settings and possibly even medium for the privacy settings.
Facebook doesn't like your settings being too high. :confused:

Quote

This has been happening for a couple of months
Could this possibly have been about the middle of November by any chance?

There's nothing to suggest malware in the reports, but there are a few things we need to clean up.

Step 1
Double click on OTL to run it.
Copy the lines in bold below. (make sure that :Otl is on the first line )

:Otl
SRV - (Nero BackItUp Scheduler 4.0) -- File not found
SRV - (ioloSystemService) -- File not found
SRV - (ioloFileInfoList) -- File not found
SRV - (ACDaemon) -- File not found
SRV - (0131641296172501mcinstcleanup) McAfee Application Installer Cleanup (0131641296172501) -- File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O15 - HKCU\..Trusted Domains: com ([www.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Reg Error: Key error.)
O33 - MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\Shell - "" = AutoRun
O33 - MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Autorun.exe
[2010/03/24 09:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\IObit
@Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5EC637CB

:Files
ipconfig /flushdns /c

:commands
[emptytemp]
[purity]
[RESETHOSTS]



  • Return to OTL,
  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

    Posted Image

  • Click the red Run Fix button.

    Posted Image

  • OTL will reboot your system once the fix has completed.
  • After the reboot, you may need to double click OTL to launch the program and retrieve the log.

Copy and paste the contents of the OTL log that comes up after the fix in your next reply.

if you lose the report, there will be a copy here:
C:\_OTL\MovedFiles


Note:
if by any chance the Otl fix freezes for quite a time....
Fetch up the Task Manager (alt+Control+Delete) and stop any MalwareBytes process's from running, then try running the fix again.
This was a problem with the new version of MBAM, but it has meant to have been fixed in the last few days.... so as you have the latest updates, it may not occur.


In your next reply, please submit:
Otl fix report
Let us know what your IE settings were and if they are now changed.
Also, can you pinpoint when this problem started.


Thanks.

Posted Image

Posted Image

Posted Image Posted Image

#14
Susanherna
Posted 01 Feb 2012 - 06:56 PM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home
All processes killed
========== OTL ==========
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
File File not found not found.
Service ioloSystemService stopped successfully!
Service ioloSystemService deleted successfully!
File File not found not found.
Service ioloFileInfoList stopped successfully!
Service ioloFileInfoList deleted successfully!
File File not found not found.
Service ACDaemon stopped successfully!
Service ACDaemon deleted successfully!
File File not found not found.
Error: No service named 0131641296172501mcinstcleanup) McAfee Application Installer Cleanup (0131641296172501 was found to stop!
Service\Driver key 0131641296172501mcinstcleanup) McAfee Application Installer Cleanup (0131641296172501 not found.
File File not found not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\com\www.msi\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\com.tw\asia.msi\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\com.tw\global.msi\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ not found.
Starting removal of ActiveX control {0742B9EF-8C83-41CA-BFBA-830A59E23533}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12648d92-b1e1-11de-ab4a-002421a566cf}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12648d92-b1e1-11de-ab4a-002421a566cf}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12648d92-b1e1-11de-ab4a-002421a566cf}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Autorun.exe not found.
C:\Documents and Settings\Susan\Application Data\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
C:\Documents and Settings\Susan\Application Data\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Documents and Settings\Susan\Application Data\IObit\Advanced SystemCare folder moved successfully.
C:\Documents and Settings\Susan\Application Data\IObit folder moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5EC637CB deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Susan\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Susan\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 9120 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Susan
->Temp folder emptied: 5829422 bytes
->Temporary Internet Files folder emptied: 2528810 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 9513096 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 470 bytes

User: test
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18398 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 17.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 02012012_161258
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...

#15
Susanherna
Posted 01 Feb 2012 - 06:59 PM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home
Everything in IE is set to default except in advanced. I have it set to delete temporary files when browser is closed.

#16
BeeCeeBee
Posted 02 Feb 2012 - 07:59 AM

BeeCeeBee

    ADMINISTRATOR

  • Administrators
  • 6028 posts
  • LocationNew Jersey and Ireland
  • Computer Experience:Very Experienced
  • OS:Windows 7
I am not sure what "default" is in IE8 have you actually looked and Internet Properties and made certain that the settings are as indicated above?

Posted Image

We are all here to help each other! If you are a guest reading these forums why not register HERE

Posted Image

Posted Image
No animals were harmed in the production of this forum.

#17
Susanherna
Posted 02 Feb 2012 - 08:00 AM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home

 starbuck, on 01 Feb 2012 - 03:18 PM, said:

Hi Susan


That's right....Definitely nothing higher than Medium/High for the security settings and possibly even medium for the privacy settings.
Facebook doesn't like your settings being too high. :confused:


Could this possibly have been about the middle of November by any chance?

There's nothing to suggest malware in the reports, but there are a few things we need to clean up.

Step 1
Double click on OTL to run it.
Copy the lines in bold below. (make sure that :Otl is on the first line )

:Otl
SRV - (Nero BackItUp Scheduler 4.0) -- File not found
SRV - (ioloSystemService) -- File not found
SRV - (ioloFileInfoList) -- File not found
SRV - (ACDaemon) -- File not found
SRV - (0131641296172501mcinstcleanup) McAfee Application Installer Cleanup (0131641296172501) -- File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O15 - HKCU\..Trusted Domains: com ([www.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Reg Error: Key error.)
O33 - MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\Shell - "" = AutoRun
O33 - MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{12648d92-b1e1-11de-ab4a-002421a566cf}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Autorun.exe
[2010/03/24 09:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Susan\Application Data\IObit
@Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5EC637CB

:Files
ipconfig /flushdns /c

:commands
[emptytemp]
[purity]
[RESETHOSTS]



  • Return to OTL,
  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

    Posted Image
  • Click the red Run Fix button.

    Posted Image
  • OTL will reboot your system once the fix has completed.
  • After the reboot, you may need to double click OTL to launch the program and retrieve the log.

Copy and paste the contents of the OTL log that comes up after the fix in your next reply.

if you lose the report, there will be a copy here:
C:\_OTL\MovedFiles


Note:
if by any chance the Otl fix freezes for quite a time....
Fetch up the Task Manager (alt+Control+Delete) and stop any MalwareBytes process's from running, then try running the fix again.
This was a problem with the new version of MBAM, but it has meant to have been fixed in the last few days.... so as you have the latest updates, it may not occur.


In your next reply, please submit:
Otl fix report
Let us know what your IE settings were and if they are now changed.
Also, can you pinpoint when this problem started.


Thanks.


I had a few problems before that, but they definitely got Really bad around the middle of November.

#18
Susanherna
Posted 02 Feb 2012 - 08:03 AM

Susanherna

    Member

  • Registered Members
  • PipPipPip
  • 38 posts
  • LocationFrench Settlement, La.
  • Computer Experience:Some Experience
  • OS:Windows XP Home

 BeeCeeBee, on 02 Feb 2012 - 07:59 AM, said:

I am not sure what "default" is in IE8 have you actually looked and Internet Properties and made certain that the settings are as indicated above?

Privacy is set to medium and security is set to medium high.

#19
BeeCeeBee
Posted 02 Feb 2012 - 08:08 AM

BeeCeeBee

    ADMINISTRATOR

  • Administrators
  • 6028 posts
  • LocationNew Jersey and Ireland
  • Computer Experience:Very Experienced
  • OS:Windows 7
I am not an expert at reading OTL logs the way Starbuck is but I do see some things that appear to be related to Internet Explorer. Have you run the OTL fixes suggested?

Once that is done (and not before) you may need to do a reinstall of Internet Explorer. If you do it first there may be no effect since some of the "fixes" deal with registry entries that would continue after a reinstallation.

Posted Image

We are all here to help each other! If you are a guest reading these forums why not register HERE

Posted Image

Posted Image
No animals were harmed in the production of this forum.

#20
starbuck
Posted 02 Feb 2012 - 01:50 PM

starbuck

    MALWARE REMOVAL SPECIALIST - MODERATOR

  • Moderators
  • 1169 posts
  • LocationMidlands, UK
  • Computer Experience:Very Experienced
  • OS:Windows 7
Hi Susan

Quote

I had a few problems before that, but they definitely got Really bad around the middle of November.
The reason i asked about the middle of November is because i see that Trusteer Rapport was added then.
They do say that it is compatible with all security software and browsers.... but if you take a look on the Internet, this just isn't true.
Some people have all sorts of problems with it and to be honest.... it's debatable if it actually does help.
If you have good security on your system, you'll be protected anyway.
You could always try uninstalling it and see if the system runs better.
A lot of people say their system runs a lot faster without it.
If there's no change... you can always install it again.
My bank keeps pushing it, but I refuse to install it.

If you uninstall IE8, the system will automatically revert back to IE7.
You won't be left without Internet Explorer.
Have you tried this to see if the same problems occur with IE7.



Posted Image

Posted Image

Posted Image Posted Image

Back to Browser Issues


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. Computer Help Forums
  2. Network and Internet World
  3. Browser Issues