Author Topic: [Inactive] Multiple system problems - suspect Mozilla Firefox issue?  (Read 4666 times)

Offline blackzzz01

  • Bronze Member
  • Posts: 52
Just in the last few days I've suddenly gotten system/internet issues that I suspect may be related to Mozilla Firefox. I'm unable to get any response when clicking on Firefox icon and am unable to uninstall. Performed a couple of system restores when the problems first started appearing but it only seems to have made matters worse. I can log on to internet using I/E but most websites I'm able to access act real flakey and tend to freeze up system. when then closing I always get error messages.
Included is the HiJack log from this morning. Please, please help!  Thanks!   

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:15:28 AM, on 8/16/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21376)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\WINDOWS\SCMain.exe
C:\WINDOWS\WCMain.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Pete Konefke\Local Settings\Apps\2.0\376NOQMZ.O15\LEE1PMPA.8DY\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Documents and Settings\Pete Konefke\Local Settings\Apps\2.0\376NOQMZ.O15\LEE1PMPA.8DY\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\LocalServiceJre\bin\AmazonCloudDriveW.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-21-4191100092-4119948040-1106457078-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [SetDefaultMIDI] MIDIDef.exe (User '?')
O4 - HKUS\S-1-5-21-4191100092-4119948040-1106457078-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-4191100092-4119948040-1106457078-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-4191100092-4119948040-1106457078-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-4191100092-4119948040-1106457078-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe (User '?')
O4 - HKUS\S-1-5-21-4191100092-4119948040-1106457078-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DellSupport-] "C:\Program Files\Dell Support\DSAgnt.exe" /startup (User '?')
O4 - S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Amazon Cloud Drive.lnk = C:\Documents and Settings\Pete Konefke\Local Settings\Apps\2.0\376NOQMZ.O15\LEE1PMPA.8DY\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe (User '?')
O4 - S-1-5-21-4191100092-4119948040-1106457078-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Amazon Cloud Drive.lnk = C:\Documents and Settings\Pete Konefke\Local Settings\Apps\2.0\376NOQMZ.O15\LEE1PMPA.8DY\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe (User '?')
O4 - S-1-5-18 Startup: Amazon Cloud Drive.lnk = C:\Documents and Settings\Pete Konefke\Local Settings\Apps\2.0\376NOQMZ.O15\LEE1PMPA.8DY\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Amazon Cloud Drive.lnk = C:\Documents and Settings\Pete Konefke\Local Settings\Apps\2.0\376NOQMZ.O15\LEE1PMPA.8DY\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe (User 'Default user')
O4 - Startup: Amazon Cloud Drive.lnk = C:\Documents and Settings\Pete Konefke\Local Settings\Apps\2.0\376NOQMZ.O15\LEE1PMPA.8DY\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = C:\WINDOWS\SCMain.exe
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = C:\WINDOWS\WCMain.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Apps\Dell Game Console\GameConsoleService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: Util BatBrowse - Unknown owner - C:\Program Files\BatBrowse\bin\utilBatBrowse.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 15394 bytes
« Last Edit: October 03, 2015, 03:27:05 PM by Hoov »

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27141
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: Multiple system problems - suspect Mozilla Firefox issue?
« Reply #1 on: August 16, 2015, 07:31:25 AM »
Platypuss will be helping you with your problem, please wait for his first post.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline blackzzz01

  • Bronze Member
  • Posts: 52
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #2 on: August 16, 2015, 08:14:56 AM »
Thanks Hoov!

Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 444
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #3 on: August 17, 2015, 12:47:21 AM »
 

    I am Platypuss & I will be helping you with your problem  :)1

 I am a SpwareHammer trainee, but Hoov will be checking all my posts.
 There may be a small delay in replies but it does mean that you will get
 the highest standard of service.
 
 We do not use HighjackThis any longer as it has become outdated.
 Please go HERE
 & follow the instructions carefully for downloading & running DDS by sUBs.
 
Please copy & paste the resultant log in your next reply.

Platypuss
 


Offline blackzzz01

  • Bronze Member
  • Posts: 52
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #4 on: August 17, 2015, 06:13:11 AM »
Hi Platypuss and thanks so much for taking the time to help me with my problems! As requested here are the two files generated from DDS. Looking forward to hearing from you.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/20/2006 1:11:34 PM
System Uptime: 8/15/2015 9:22:48 PM (35 hours ago)
.
Motherboard: Dell Inc. |  | 0XD720
Processor: Genuine Intel(R) CPU           T2400  @ 1.83GHz | Microprocessor | 1830/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 65 GiB total, 7.626 GiB free.
D: is FIXED (NTFS) - 22 GiB total, 21.785 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 466 GiB total, 314.086 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1510: 7/23/2015 5:50:53 AM - Software Distribution Service 3.0
RP1511: 7/24/2015 8:40:45 AM - Software Distribution Service 3.0
RP1512: 7/25/2015 9:17:08 AM - Software Distribution Service 3.0
RP1513: 7/26/2015 9:31:05 AM - Software Distribution Service 3.0
RP1514: 7/27/2015 9:26:58 AM - Software Distribution Service 3.0
RP1515: 7/28/2015 9:41:44 AM - Software Distribution Service 3.0
RP1516: 7/29/2015 12:20:44 PM - System Checkpoint
RP1517: 7/30/2015 8:18:36 PM - System Checkpoint
RP1518: 7/31/2015 10:55:03 PM - System Checkpoint
RP1519: 8/2/2015 12:01:16 AM - System Checkpoint
RP1520: 8/3/2015 8:36:53 AM - System Checkpoint
RP1521: 8/4/2015 2:41:12 PM - System Checkpoint
RP1522: 8/5/2015 3:03:39 PM - System Checkpoint
RP1523: 8/6/2015 4:49:09 PM - System Checkpoint
RP1524: 8/7/2015 6:48:00 PM - System Checkpoint
RP1525: 8/8/2015 8:00:39 PM - System Checkpoint
RP1526: 8/9/2015 10:02:04 PM - System Checkpoint
RP1527: 8/11/2015 10:28:59 AM - System Checkpoint
RP1528: 8/12/2015 11:33:46 AM - System Checkpoint
RP1529: 8/13/2015 7:06:12 AM - Software Distribution Service 3.0
RP1530: 8/14/2015 8:21:54 AM - Restore Operation
RP1531: 8/14/2015 8:29:22 AM - avast! antivirus system restore point
RP1532: 8/15/2015 9:33:48 AM - Software Distribution Service 3.0
RP1533: 8/15/2015 10:31:42 AM - Restore Operation
RP1534: 8/15/2015 11:55:28 AM - avast! antivirus system restore point
RP1535: 8/16/2015 1:11:29 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 18 ActiveX
Adobe Flash Player 18 NPAPI
Adobe Photoshop Elements 3.0
Adobe Reader XI (11.0.08)
Amazon Cloud Drive
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avast Free Antivirus
Bonjour
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
iTunes
Java 8 Update 40
Java Auto Updater
Malwarebytes Anti-Malware version 2.1.6.1022
McAfee Security Scan Plus
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.0 Security Update (KB2904878)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Mozilla Firefox 39.0 (x86 en-US)
Musicmatch for Windows Media Player
QuickTime 7
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB2722913)
Security Update for Windows Internet Explorer 7 (KB2744842)
Security Update for Windows Internet Explorer 7 (KB2761465)
Security Update for Windows Internet Explorer 7 (KB2792100)
Security Update for Windows Internet Explorer 7 (KB2797052)
Security Update for Windows Internet Explorer 7 (KB2799329)
Security Update for Windows Internet Explorer 7 (KB2809289)
Security Update for Windows Internet Explorer 7 (KB2817183)
Security Update for Windows Internet Explorer 7 (KB2829530)
Security Update for Windows Internet Explorer 7 (KB2838727)
Security Update for Windows Internet Explorer 7 (KB2846071)
Security Update for Windows Internet Explorer 7 (KB2862772)
Security Update for Windows Internet Explorer 7 (KB2870699)
Security Update for Windows Internet Explorer 7 (KB2879017)
Security Update for Windows Internet Explorer 7 (KB2888505)
Security Update for Windows Internet Explorer 7 (KB2898785)
Security Update for Windows Internet Explorer 7 (KB2909921)
Security Update for Windows Internet Explorer 7 (KB2925418)
Security Update for Windows Internet Explorer 7 (KB2936068)
Security Update for Windows Internet Explorer 7 (KB2964358)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834905-v2)
Security Update for Windows Media Player (KB2834905)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2909212)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2922229)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wmiiper
TurboTax 2010 wrapper
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB2934207)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
VLC media player
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows PowerShell(TM) 1.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB908250
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
8/15/2015 12:38:52 PM, error: Service Control Manager [7009]  - Timeout (120000 milliseconds) waiting for the iPod Service service to connect.
8/15/2015 12:38:52 PM, error: Service Control Manager [7000]  - The iPod Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
8/15/2015 12:37:50 PM, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
8/15/2015 10:24:12 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD APPDRV AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
8/15/2015 10:24:12 AM, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
8/15/2015 10:24:12 AM, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
8/15/2015 10:24:12 AM, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
8/15/2015 10:24:12 AM, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
8/15/2015 10:24:12 AM, error: Service Control Manager [7001]  - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
8/15/2015 10:24:12 AM, error: Service Control Manager [7001]  - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
8/15/2015 10:23:46 AM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
8/15/2015 10:23:21 AM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/14/2015 9:23:57 AM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000043' while processing the file '' on the volume 'HarddiskVolume2'.  It has stopped monitoring the volume.
8/14/2015 8:28:14 AM, error: Service Control Manager [7000]  - The Util BatBrowse service failed to start due to the following error:  The system cannot find the path specified.
8/13/2015 5:13:31 PM, error: Service Control Manager [7011]  - Timeout (120000 milliseconds) waiting for a transaction response from the MBAMService service.
8/11/2015 8:32:03 AM, error: Dhcp [1002]  - The IP address lease 192.168.1.11 for the Network Card with network address 001302B7E1FF has been denied by the DHCP server 172.20.20.1 (The DHCP Server sent a DHCPNACK message).
8/11/2015 8:31:32 AM, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.21376  BrowserJavaVersion: 11.40.2
Run by Pete Konefke at 8:03:02 on 2015-08-17
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2046.813 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\WINDOWS\SCMain.exe
C:\WINDOWS\WCMain.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Pete Konefke\Local Settings\Apps\2.0\376NOQMZ.O15\LEE1PMPA.8DY\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Documents and Settings\Pete Konefke\Local Settings\Apps\2.0\376NOQMZ.O15\LEE1PMPA.8DY\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\LocalServiceJre\bin\AmazonCloudDriveW.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.150\McAfeeMSS_IE.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_40\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_40\bin\jp2ssv.dll
EB: Real.com: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\shdocvw.dll
uRun: [SetDefaultMIDI] MIDIDef.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 4.0\apdproxy.exe"
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\peteko~1\startm~1\programs\startup\amazon~1.lnk - c:\documents and settings\pete konefke\local settings\apps\2.0\376noqmz.o15\lee1pmpa.8dy\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.8.150\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\stardu~1.lnk - c:\windows\SCMain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\stardu~2.lnk - c:\windows\WCMain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: SoftwareSASGeneration = dword:1
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{42A718B7-0FBF-47E5-A858-60BFE21544D5} : DHCPNameServer = 75.75.75.75 75.75.76.76
Notify: AtiExtEvent - Ati2evxx.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages =  msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\44.0.2403.155\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 0.0.0.1   mssplus.mcafee.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\pete konefke\application data\mozilla\firefox\profiles\9js8h4ko.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\mycamera download plugin\NPCIG.dll
FF - plugin: c:\program files\easy media player\npvlc.dll
FF - plugin: c:\program files\google\update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_40\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre1.8.0_40\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\1\NP_wtapp.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_18_0_0_209.dll
.
---- FIREFOX POLICIES ----
.
user_pref(extensions.autoDisableScopes,14);
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-4-20 49904]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-4-20 209048]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-11-10 787760]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-11-10 428120]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 98304]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-10-3 24144]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-4-20 74976]
R2 avast! Antivirus;Avast Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-10 343336]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2013-6-28 14624]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-11-24 1871160]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-11-24 1080120]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackup\MemeoBackgroundService.exe [2010-7-8 25824]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2010-7-6 14088]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-11-24 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-24 119512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Util BatBrowse;Util BatBrowse;"c:\program files\batbrowse\bin\utilbatbrowse.exe" --> c:\program files\batbrowse\bin\utilBatBrowse.exe [?]
S3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files\wildtangent games\app\GamesAppIntegrationService.exe [2013-9-5 240736]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.8.150\McCHSvc.exe [2014-4-9 235696]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2015-08-16 17:37:45   9284296   ----a-w-   c:\windows\system32\FlashPlayerInstaller.exe
2015-08-15 15:49:31   --------   d-----w-   c:\windows\system32\wbem\repository\FS
2015-08-15 15:49:31   --------   d-----w-   c:\windows\system32\wbem\Repository
2015-08-15 15:04:14   --------   d-----w-   c:\program files\McAfee Security Scan
2015-08-12 14:54:37   --------   d-----w-   c:\program files\McAfee Security Scan(2)
.
==================== Find3M  ====================
.
2015-08-17 11:16:59   119512   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-16 18:38:55   778440   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2015-08-16 18:38:55   142536   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-17 17:56:05   56   --sh--r-   c:\windows\system32\2FC5E775B5.sys
2015-07-17 17:56:05   4704   -csha-w-   c:\windows\system32\KGyGaAvL.sys
2015-06-15 00:55:02   74976   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2015-06-15 00:55:02   49904   ----a-w-   c:\windows\system32\drivers\aswRvrt.sys
2015-06-15 00:55:02   24144   ----a-w-   c:\windows\system32\drivers\aswHwid.sys
2015-06-15 00:55:02   209048   ----a-w-   c:\windows\system32\drivers\aswVmm.sys
2015-06-15 00:54:54   43112   ----a-w-   c:\windows\avastSS.scr
2015-06-15 00:54:40   787760   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
.
============= FINISH:  8:09:46.82 ===============

Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 444
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #5 on: August 18, 2015, 01:05:48 AM »
 
  Hello Blackzzz01,
  Thank you for the logs, you are infected & we need to do some cleaning to remove them.
  STEP 1
  • Please open your copy of Malwarebytes Anti-Malware (MBAM)
  • Should it fail to open, refer to the MBAM FAQ for alternate ways to start the program.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits, scan within archives & use Advanced       Heuristic Engine.
  • In the Non-Malware Protection box select Treat detections as malware for both PUP & PUM detections.
  • Now return to the Dashboard & select Scan Now
  • If you receive a message that updates are available, click the Update Now(The update will be downloaded,installed & scan will start.
  • N.B. it may take some time so please be patient.
  • If potential threats are detected, click Quarantine all button
  • While still on the Scan tab, click the Export Log button, select Text file (*.txt), and save the log to your Desktop.
  • If asked to restart the computer, please do so immediately.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
>>>>>>>
Step 2
Please download AdwCleaner[/B] by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
>>>>>>>>>>>>>>>>
Step 3
Please download Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
>>>>>>>>>>>>
Step 4
Download Security Check from HERE  or HERE  and save it to your Desktop.
  • Double-click SecurityCheck.exe
       
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.
>>>>>>>>>>>>>>>
I need the following please:-
 
  • The MBAM log
  • Adw Cleaner log
  • JRT.txt log
  • Checkup.txt log

platypuss



 

Offline blackzzz01

  • Bronze Member
  • Posts: 52
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #6 on: August 18, 2015, 01:03:05 PM »
Hi Platypuss and thanks again for picking this up.

Here are the 4 logs that you have requested. Hopefully they will be of some help. Looking forward to hearing from you!

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/18/2015
Scan Time: 9:39:31 AM
Logfile: MBAM818.txt
Administrator: Yes

Version: 2.01.8.1057
Malware Database: v2015.08.18.04
Rootkit Database: v2015.08.16.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Pete Konefke

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 382535
Time Elapsed: 36 min, 21 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.Bandoo.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D515A3B4-E8C1-492E-AB7B-F8B435EF9899}, , [27254fbbe3a85ed8629a1c92f90b6b95],

Registry Values: 1
PUP.Optional.Bandoo.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D515A3B4-E8C1-492E-AB7B-F8B435EF9899}|AppPath, C:\PROGRA~1\SEARCH~2\Datamngr\ToolBar, , [27254fbbe3a85ed8629a1c92f90b6b95]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

# AdwCleaner v5.001 - Logfile created 18/08/2015 at 13:00:40
# Updated 17/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Pete Konefke - DELLNOTEBOOK
# Running from : C:\Documents and Settings\Pete Konefke\Local Settings\Temporary Internet Files\Content.IE5\J00WXV1I\adwcleaner_5.001[1].exe
# Option : Scan

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
Folder Found : C:\Documents and Settings\Pete Konefke\My Documents\Updater
Folder Found : C:\Program Files\Viewpoint
Folder Found : C:\Program Files\Coupons
Folder Found : C:\Program Files\Coupons

***** [ Files ] *****

File Found : C:\Documents and Settings\Pete Konefke\Application Data\Mozilla\Firefox\Profiles\9js8h4ko.default\user.js
File Found : C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\ccncljhbalbbkkfgopogabimepmfkmff
File Found : C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage
File Found : C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ocifcogajbgikalbpphmoedjlcfjkhgh_0.localstorage

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\d
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5}
Key Found : HKLM\SOFTWARE\MetaStream
Key Found : HKLM\SOFTWARE\Viewpoint
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BatBrowse
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ConvertAd

***** [ Web browsers ] *****

[C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxps://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=926458&p={searchTerms}","usage_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"install_time":"13027706156910750","location":5,"manifest":{"app":{"launch":{"web_url":"hxxps://chrome.google.com/webstore"},"urls":["hxxps://chrome.google.com/webstore"]},"description":"Chrome Web Store","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Store","permissions":["webstorePrivate","management"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files\\Google\\Chrome\\Application\\30.0.1599.101\\resources\\web_store","was_installed_by_default":false},"aohghmighlieiainnegkcijnfilokake":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"w","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"has_declarative_rules":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13073414966939500","lastpingday":"13073382025642500","location":1,"manifest":{"api_console_project_id":"619683526622","app":{"launch":{"local_path":"main.html"}},"container":"GOOGLE_DRIVE","current_locale":"en_US","default_locale":"en_US","description":"Create and edit documents ","icons":{"128":"icon_128.png","16":"icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJhLK6fk/BWTEvJhywpk7jDe4A2r0bGXGOLZW4/AdBp3IiD9o9nx4YjLAtv0tIPxi7MvFd/GUUbQBwHT5wQWONJj1z/0Rc2qBkiJA0yqXh42p0snuA8dCfdlhOLsp7/XTMEwAVasjV5hC4awl78eKfJYlZ+8fM/UldLWJ/51iBQwIDAQAB","manifest_version":2,"name":"Google Docs","offline_enabled":true,"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"0.9"},"page_ordinal":"n","path":"aohghmighlieiainnegkcijnfilokake\\0.9_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"apdfllckaahabafndbhieahigkjlhalf":{"ack_external":true,"active_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"has_declarative_rules":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13073414988910500","lastpingday":"13073382025642500","location":1,"manifest":{"app":{"launch":{"web_url":"hxxps://drive.google.com/?usp=chrome_app"},"urls":["hxxp://docs.google.com/","hxxp://drive.google.com/","hxxps://docs.google.com/","hxxps://drive.google.com/"]},"background":{"allow_js_access":false},"current_locale":"en_US","default_locale":"en_US","description":"Google Drive: create, share and keep all your stuff in one place.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB","manifest_version":2,"name":"Google Drive","offline_enabled":true,"options_page":"hxxps://drive.google.com/settings","permissions":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"6.4"},"page_ordinal":"n","path":"apdfllckaahabafndbhieahigkjlhalf\\6.4_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"bepbmhgboaologfdajaanbcjmnhjmhfn":{"disable_reasons":1,"state":0},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"z","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"has_declarative_rules":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13073414962557500","lastpingday":"13073382025642500","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/?feature=ytca"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"en_US","default_locale":"en","description":"The world's most popular online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","manifest_version":2,"name":"YouTube","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.7"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"bopakagnckmlgajfccecajhnimjiiedh":{"ack_external":true,"active_permissions":{"api":[],"explicit_host":["*://*.adobe.com/*"],"manifest_permissions":[],"scriptable_host":["*://*.adobe.com/*"]},"content_settings":[],"creation_flags":9,"events":[],"from_bookmark":false,"from_webstore":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13041138874176000","lastpingday":"13041068406235000","location":6,"manifest":{"content_scripts":[{"js":["insert_node.js"],"matches":["*://*.adobe.com/*"],"run_at":"document_end"}],"description":"This extension lets Adobe installers to detect McAfee Security Scan+ software on your PC.","icons":{"128":"128.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu828SpvpJLVwfcoIHTuHwDp4t4N1vW+vdd+jiQtz/rJrS4FDssqsXIW1he62DjTpXI58O3Dj/avUUxf+gp1h3KRE86uVOqT1Tv04jneh5g2ACWoCdJGWMzDX/OwWt8Sge9MwfC/WEVVyQtoFxxPgLMDbf0rLvxFvM85UCiQhm8E7xsohA+a2RcmblFbA36wLpHCNeohCgbxoknmILJgunMaiwmhnL+sMnHL+jvecS79IvIYDKEtqmglqqq9OhRghVgcCPbjQdpvPq4FCE43kCZOztezKSLod8inFiFZ/mKasHTNaku1O8STN/nFaody72zNK9ZVEIqWqx9GW51pgwwIDAQAB","manifest_version":2,"name":"McAfee Security Scan+","permissions":["*://*.adobe.com/*"],"short_name":"MSS+ Extension","update_url":"hxxps://clients2.google.com/service/update2/crx","version":"3.8.141.12"},"path":"bopakagnckmlgajfccecajhnimjiiedh\\3.8.141.12_0","preferences":{},"regular_only_preferences":{},"state":2,"was_installed_by_default":false},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"has_declarative_rules":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13073414970138500","lastpingday":"13073382025642500","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"en_US","default_locale":"en","description":"The fastest way to search the web.

*************************

C:\AdwCleaner[S1].txt - [22863 bytes] - [10/11/2012 14:58:08]
C:\AdwCleaner[S2].txt - [11808 bytes] - [18/08/2015 13:00:40]

########## EOF - C:\AdwCleaner[S2].txt - [11871 bytes] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Microsoft Windows XP x86
Ran by Pete Konefke on Tue 08/18/2015 at 14:49:21.92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] Util BatBrowse [Reboot required]



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update BatBrowse
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util BatBrowse



~~~ Files

Successfully deleted: [File] C:\Documents and Settings\Pete Konefke\Application Data\Microsoft\Internet Explorer\Quick Launch\play games.lnk
Successfully deleted: [File] C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\google\chrome\user data\default\local storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage
Successfully deleted: [File] C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\google\chrome\user data\default\local storage\chrome-extension_ocifcogajbgikalbpphmoedjlcfjkhgh_0.localstorage



~~~ Folders

Successfully deleted: [Folder] C:\Documents and Settings\All Users\Start Menu\Programs\coupons
Successfully deleted: [Folder] C:\Program Files\coupons
Successfully deleted: [Folder] C:\Program Files\viewpoint



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Pete Konefke\Application Data\mozilla\firefox\profiles\9js8h4ko.default\user.js
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@viewpoint.com/vmp
Emptied folder: C:\Documents and Settings\Pete Konefke\Application Data\mozilla\firefox\profiles\9js8h4ko.default\minidumps [5 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh

[C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  bopakagnckmlgajfccecajhnimjiiedh
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 08/18/2015 at 14:54:19.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Results of screen317's Security Check version 1.007 
 Windows XP Service Pack 3 x86   
 Internet Explorer 5 Out of date!
``````````````Antivirus/Firewall Check:``````````````[/u]
 Windows Firewall Enabled! 
avast! Antivirus   
 Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````[/u]
 Java 8 Update 40 
 Java version 32-bit out of Date!
 Adobe Flash Player    18.0.0.232 
 Adobe Reader XI 
 Mozilla Firefox (39.0)
 Google Chrome (44.0.2403.107)
 Google Chrome (44.0.2403.155)
 Google Chrome (CTB.log..)
 Google Chrome (plugins...)
````````Process Check: objlist.exe by Laurent````````[/u] 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````[/u]
 Total Fragmentation on Drive C:: 32% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````[/u]



Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 444
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #7 on: August 19, 2015, 01:55:40 AM »

 
Hello again,
A little more to do please.   


Using AdwCleaner v3: Scan & Clean:
Double click on AdwCleaner.exe to run the tool again.
   

    Click on the Scan button.
    AdwCleaner will begin to scan your computer like it did before.
    After the scan has finished...This time, click on the Clean button.
       
    Press OK when asked to close all programs and follow the onscreen prompts.
       
    Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
       
    After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.


You will note that Viewpoint Media Player has been removed by the junkware cleaner..here is the reason:-
   
   
Viewpoint Media Player is a web browser plug-in that enables users to view 3D content and other media. It is bundled with AOL, AIM, versions of Netscape, certain Adobe products and sometimes not mentioned in the license agreement. Viewpoint is also bundled with Adobe Atmosphere and hardware manufacturers pre-install some of these applications.

Viewpoint Manager is used by various products of Viewpoint Corporation and is responsible for managing and updating Viewpoint Media Player’s components. Viewpoint Manager will access the internet and check for updates periodically. If it detects an update, it will automatically download and install the change. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting "Disable auto-updating for the Viewpoint Manager" -- the player will no longer attempt to check for updates. Although, Viewpoint is not technically malware it is considered to be foistware since it is often installed without a user's knowledge or approval.

I need the AdwCleaner.txt log please.

How is the machine running now?

Platypuss

Offline blackzzz01

  • Bronze Member
  • Posts: 52
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #8 on: August 19, 2015, 06:06:19 AM »
Ran the AdwCleaner V5.002 as requested and performed the scan but stopped there as I was unsure of what to do at this point. After the scan it said:
 'Waiting for action. Please uncheck elements you want to keep'
The Scan and Uninstall boxes were highlighted but the Cleaning box was not highlighted and also had a red x in the box. The Logfile box was also not highlighted.

Please advise!

At this point there has been no improvement in the way the machine is running.

Here's the logfile from the scan if needed:

   # AdwCleaner v5.002 - Logfile created 19/08/2015 at 07:52:21
# Updated 18/08/2015 by Xplode
# Database : 2015-08-18.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Pete Konefke - DELLNOTEBOOK
# Running from : C:\Documents and Settings\Pete Konefke\Desktop\adwcleaner_5.002.exe
# Option : Scan

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\Pete Konefke\My Documents\Updater

***** [ Files ] *****

File Found : C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\ccncljhbalbbkkfgopogabimepmfkmff

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\d
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5}
Key Found : HKLM\SOFTWARE\MetaStream
Key Found : HKLM\SOFTWARE\Viewpoint
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BatBrowse
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ConvertAd

***** [ Web browsers ] *****

[C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com

*************************

C:\AdwCleaner[S1].txt - [22863 bytes] - [10/11/2012 14:58:08]
C:\AdwCleaner[S2].txt - [11940 bytes] - [18/08/2015 13:00:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2858 bytes] ##########
« Last Edit: August 19, 2015, 06:11:17 AM by blackzzz01 »

Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 444
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #9 on: August 19, 2015, 02:21:02 PM »
Hello Blackxxx01,

Thank you for the advice on AdwareCleaner v5.002, it has just been updated again.
Please follow these instructions:-

  • Double click on adwcleaner_5.002 to open it up.
  • Click on the Scan in the Actions box
  • Allow to the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C2)-Notepad log will appear, please copy/paste it in your next reply.
>>>>>>>>>>>>>>>>>>>>>>
We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

   **Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

  • Go to Eset web page HEREto run an online scan from ESET.

       
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
       
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
       
  • When asked, allow the add/on to be installed
  • Click Start
       
  • Make sure that the option "Remove found threats"  is ticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Select "Change" next to Current scan targets A new window will open, select any extra drives, Flash drives etc as required.
       
  • Click Scan
       
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish
When the scan is complete
   
  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found
If threats were found

   
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
       
  • put a checkmark in "Uninstall application on close"
       
  • click onFinish
Close program

Copy and paste the report in next reply please.
platypuss

Offline blackzzz01

  • Bronze Member
  • Posts: 52
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #10 on: August 21, 2015, 05:42:57 AM »
Hi again Platypuss!

Here are the two logs that you have requested. Thanks!

# AdwCleaner v5.002 - Logfile created 20/08/2015 at 07:07:08
# Updated 18/08/2015 by Xplode
# Database : 2015-08-18.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Pete Konefke - DELLNOTEBOOK
# Running from : C:\Documents and Settings\Pete Konefke\Desktop\adwcleaner_5.002.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
[-] Folder Deleted : C:\Documents and Settings\Pete Konefke\My Documents\Updater

***** [ Files ] *****

[-] File Deleted : C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\ccncljhbalbbkkfgopogabimepmfkmff

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\d
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5}
[-] Key Deleted : HKLM\SOFTWARE\MetaStream
[-] Key Deleted : HKLM\SOFTWARE\Viewpoint
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BatBrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ConvertAd

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Documents and Settings\Pete Konefke\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com

*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[S1].txt - [22863 bytes] - [10/11/2012 14:58:08]
C:\AdwCleaner[S2].txt - [11940 bytes] - [18/08/2015 13:00:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3103 bytes] ##########


C:\Documents and Settings\Pete Konefke\My Documents\Downloads\WinZip175.exe   a variant of Win32/OpenInstall potentially unwanted application   cleaned by deleting - quarantined
C:\Program Files\Trend Micro\HiJackThis\backups\backup-20121110-035346-567.dll   Win32/Toolbar.Conduit.O potentially unwanted application   cleaned by deleting - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe   a variant of Win32/Systweak.L potentially unwanted application   cleaned by deleting - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll   a variant of Win32/Systweak.N potentially unwanted application   cleaned by deleting - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe   a variant of Win32/Systweak.L potentially unwanted application   cleaned by deleting - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe   a variant of Win32/Systweak potentially unwanted application   cleaned by deleting - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe   a variant of Win32/Systweak.L potentially unwanted application   cleaned by deleting - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe   a variant of Win32/Systweak.L potentially unwanted application   cleaned by deleting - quarantined
C:\zoek_backup\C_Documents and Settings_Pete Konefke_Local Settings_Application Data_AnyProtectScannerSetup.exe.vir   Win32/AnyProtect.A potentially unwanted application   deleted - quarantined
C:\zoek_backup\C_AI_RecycleBin\{0AA1252F-7F82-4A77-A8C3-36378B48EDFD}\3\Strongvault\StrongVaultApp.exe   MSIL/Adware.StrongVault.A application   cleaned by deleting - quarantined
C:\zoek_backup\C_Documents and Settings_Pete Konefke_Application Data_Mozilla_Firefox_Profiles_9js8h4ko.default_extensions_crossriderapp15804@crossrider.com\chrome\content\core\xhr.js   JS/Toolbar.Crossrider.G potentially unwanted application   cleaned by deleting - quarantined
C:\zoek_backup\C_Documents and Settings_Pete Konefke_Local Settings_Application Data_Google_Chrome_User Data_Default_Extensions_ccncljhbalbbkkfgopogabimepmfkmff\1.0.0_1\background.js   Win32/BrowseFox.B potentially unwanted application   cleaned by deleting - quarantined
C:\zoek_backup\C_Documents and Settings_Pete Konefke_Local Settings_Application Data_Google_Chrome_User Data_Default_Extensions_ccncljhbalbbkkfgopogabimepmfkmff\1.0.0_1\content.js   Win32/BrowseFox.B potentially unwanted application   cleaned by deleting - quarantined
C:\zoek_backup\C_Program Files_BatBrowse\updateBatBrowse.exe   a variant of Win32/BrowseFox.G potentially unwanted application   cleaned by deleting - quarantined
C:\zoek_backup\C_Program Files_BatBrowse\bin\utilBatBrowse.exe   a variant of Win32/BrowseFox.G potentially unwanted application   cleaned by deleting - quarantined
C:\zoek_backup\C_Program Files_BatBrowse\bin\plugins\BatBrowse.FFUpdate.dll   a variant of MSIL/BrowseFox.G potentially unwanted application   deleted - quarantined
C:\zoek_backup\C_Program Files_BatBrowse\bin\plugins\BatBrowse.GCUpdate.dll   a variant of MSIL/BrowseFox.G potentially unwanted application   deleted - quarantined
C:\zoek_backup\C_Program Files_BatBrowse\bin\plugins\BatBrowse.IEUpdate.dll   a variant of MSIL/BrowseFox.G potentially unwanted application   deleted - quarantined

Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 444
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #11 on: August 22, 2015, 02:30:17 AM »

Thanks for the logs, unfortunately one infected registry key was not removed by AdwCleaner.
Please remove it as follows:-
  • Click Start.
  • Click Run.
  • Type cmd or command and press enter.
  • Copy/Paste the following code in the Command Prompt black box
Code: [Select]
C:\> reg delete HKEY_Local_Machine\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5 /f
  • Press your Enter button & exit.
>>>>>>>>>>>>>>>

N.B. Please make a note of how the machine is running before updating Java.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

Go to https://www.java.com/en/download/installed.jsp?detect=jre and click on "Do I have Java"
It will check your current version and then offer to update to the latest version
Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. <<-- Very Important

 Please advise how your machine is running before & after Java update

Platypuss


Offline blackzzz01

  • Bronze Member
  • Posts: 52
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #12 on: August 22, 2015, 04:59:31 AM »
Performed the requested tasks and really haven't noticed any difference before or after.

Some websites I can get to and all appears normal but most others are still troublesome with bad graphics, incomplete, slow opening, errors upon closing, etc., etc.   

Only way I can get to internet is through I/E. The browser I was using which was Mozilla Firefox 39.0 is still unusable as I reported in initial posting. Unable to open Firefox by clicking on icon or in any other way. Problems seemed to begin happening at the same time Firefox became unusable. Tried to uninstall through Add/Remove programs but that didn't work. Nothing happens when I click on the 'remove' button. That is still the case. I thought by removing my current version and reinstalling a new one that would help solve the issue?

Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 444
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #13 on: August 23, 2015, 11:23:50 AM »

 Hello,
Your machine appears to free of malware now, so we can move on to the Firefox problem

Quote
Just in the last few days I've suddenly gotten system/internet issues that I suspect may be related to Mozilla Firefox. I'm unable to get any response when clicking on Firefox icon
  Can you remember if you downloaded/updated any particular app/software immediately
prior to the Firefox failure ?

If Firefox previously worked but suddenly doesn't start, it may be due to some corrupt data in your settings. Uninstalling and reinstalling Firefox would not fix this problem because your settings are not removed on uninstall.

To test to see if this is the problem, use the Profile Manager to create a new profile. If the problem goes away, you can then move your bookmarks and other important settings into the new profile.

Please go HERE & follow the instructions to create a new profile. If you have any problems with them, let me know

platypuss



Offline blackzzz01

  • Bronze Member
  • Posts: 52
Re: [In Progress] Multiple system problems - suspect Mozilla Firefox issue?
« Reply #14 on: August 24, 2015, 07:15:36 AM »
I do not recall an exact situation or occasion when the problems first occurred but it was pretty sudden.

Haven't had any luck in starting the Profile Manager. I believe I followed the instructions correctly and either the Profile Manager window didn't open or I got a message saying that:

C:\Program Files (x86) Mozilla Firefox refers to a location that is unavailable.

I copied and pasted commands into the Run window from the Firefox instructions so they should have been correct.

Please advise. 

Thanks!