1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Ie 8 Not Responding On Facebook, Etc.

Discussion in 'Browser Issues' started by SusanCarmenaHernandez, Jan 30, 2012.

  1. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    I am going to try that and see if the problems are the same.
     
  2. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Ok, let me know if there's any change.
     
  3. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    Still having the same problems on Facebook with IE8. Also, Chrome seems to run very slowly while on Facebook.

    Another thing, Something keeps turning off DEP even though I have it checked for all programs. I have Microsoft FixIt installed. Every time I run it, it says DEP is disabled.
     
  4. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    So is the problem only related to Facebook?

    Did you mean... Microsoft Security Essentials?
    Are you saying that you have the option checked to 'Turn on DEP for all programs and services except those I select:'

    If so, please change this to: 'Turn on DEP for essential Windows programs and services only'

    There's a guide on changing the setting here:
    http://techblissonline.com/enable-disable-dep-in-windows-xp-vista/

    My setting is set to Turn on DEP for essential Windows programs and services only and i never have a problem.
    Not all software is compatible with DEP, so it's best not to allow it for all programs.
     
  5. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    I know how to change it. I have Microsoft Essentials, but I was talking about Microsoft FixIt Online. I am going to change DEP back to Windows programs and services only. Let you know if it works.
     
  6. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    It happens on Facebook all the time. I only have problems ocassionaly on other websites.
     
  7. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    Facebook is still having problems. In fact, I was on it just a few minutes ago and my computer shut down and restarted by itself! I checked the event viewer and it did not show anything out of the ordinary at that time.
     
  8. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Ok, let's take a closer look at your system and see if anything is hiding.

    Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

    Link 1
    Link 2

    [​IMG]


    [​IMG]

    This is an example, you may rename ComboFix to anything you want.

    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with the running of ComboFix.
      For more information read:
      How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

      Then:

      Double click on Combo-Fix.exe & follow the prompts.

      Vista/Win7 users should right click on the icon and select Run as Administrator.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

      If running Vista/Win7, you will not see the recovery console screens as they are Win XP related
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    [​IMG]

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    [​IMG]

    Click on Yes, to continue scanning for malware.

    Note:
    Do not mouseclick combofix's window while it's running. That may cause it to stall


    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
     
  9. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    Okay Starbuck!
    The ComboFix log is attached.

    Soimething weird happened when I got back on the internet to post this. I got a message that Internet Explorer was not the default browser and asked me if I wanted to set it as default. Before I ran ComboFix, it was the default. I reset it as default.

    I thing I noticed from the log is that it deleted my squelchies screensaver setup. I had it saved because everytime they update Flash, I have to download it again because the screensaver stops working. A little screen pops up that says can't find flash.ocx. I will download it again. I had it on this machine since I got it in 2009. And on my previous one since 2005.

    ComboFix 12-02-08.02 - Susan 02/08/2012 23:29:20.1.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1332 [GMT -6:00]
    Running from: c:\documents and settings\Susan\Desktop\MYCOMBO.EXE
    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\TEMP
    c:\documents and settings\Default User\Application Data\DPInst.exe
    c:\documents and settings\Default User\Application Data\gacutil.exe
    c:\documents and settings\Default User\Application Data\PnPutil.exe
    c:\documents and settings\Susan\Favorites\squelchies1ss_setup.exe
    c:\documents and settings\Susan\GoToAssistDownloadHelper.exe
    c:\documents and settings\test\GoToAssistDownloadHelper.exe
    c:\windows\Downloaded Program Files\ODCTOOLS
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-01-09 to 2012-02-09 )))))))))))))))))))))))))))))))
    .
    .
    2012-02-09 03:48 . 2012-01-06 02:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5AB19660-181F-4CC8-B481-F5D621866C3E}\mpengine.dll
    2012-02-05 22:00 . 2012-02-05 22:00 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2012-02-05 02:24 . 2012-02-05 02:24 -------- d-----w- c:\documents and settings\Susan\Local Settings\Application Data\APN
    2012-02-04 16:23 . 2012-02-04 16:24 -------- dc-h--w- c:\windows\ie8
    2012-02-03 17:25 . 2012-02-06 14:24 -------- dc----w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
    2012-02-02 02:38 . 2012-02-02 02:38 -------- d-----w- c:\windows\UltraDefrag
    2012-02-01 22:12 . 2012-02-01 22:12 -------- dc----w- C:\_OTL
    2012-02-01 15:56 . 2012-02-01 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2012-01-31 21:42 . 2012-01-31 21:42 30720 ----a-w- c:\windows\system32\udefrag.exe
    2012-01-31 21:41 . 2012-01-31 21:41 9728 ----a-w- c:\windows\system32\bootexctrl.exe
    2012-01-31 21:41 . 2012-01-31 21:41 6144 ----a-w- c:\windows\system32\hibernate4win.exe
    2012-01-31 21:41 . 2012-01-31 21:41 16896 ----a-w- c:\windows\system32\wgx.dll
    2012-01-31 21:41 . 2012-01-31 21:41 92160 ----a-w- c:\windows\system32\lua5.1a.dll
    2012-01-31 21:41 . 2012-01-31 21:41 48640 ----a-w- c:\windows\system32\udefrag.dll
    2012-01-31 21:41 . 2012-01-31 21:41 64000 ----a-w- c:\windows\system32\zenwinx.dll
    2012-01-31 21:41 . 2012-01-31 21:41 114688 ----a-w- c:\windows\system32\defrag_native.exe
    2012-01-26 15:41 . 2012-01-26 15:41 -------- d-----w- c:\windows\system32\wbem\Repository
    2012-01-26 15:39 . 2012-01-27 14:03 -------- d-----w- c:\documents and settings\Susan\Application Data\Auslogics
    2012-01-26 15:39 . 2012-01-27 13:16 -------- d-----w- c:\program files\Auslogics
    2012-01-24 19:07 . 2012-01-26 17:10 -------- d-----w- c:\documents and settings\All Users\Application Data\RingCentral
    2012-01-22 16:10 . 2012-01-22 16:10 -------- d-----w- c:\documents and settings\Susan\Local Settings\Application Data\FixItCenter
    2012-01-22 16:02 . 2012-01-22 16:02 -------- d-----w- c:\windows\MATS
    2012-01-22 16:02 . 2012-01-22 16:02 -------- d-----w- c:\program files\Microsoft Fix it Center
    2012-01-22 12:45 . 2012-01-06 02:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-01-20 16:20 . 2012-01-20 16:20 -------- d-----w- c:\program files\Common Files\Java
    2012-01-20 16:20 . 2012-01-20 16:19 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2012-01-20 15:27 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-01-20 15:16 . 2012-01-20 15:16 -------- d-----w- c:\program files\Microsoft Security Client
    2012-01-17 05:52 . 2012-01-17 05:52 -------- d-----w- c:\program files\Common Files\Apple
    2012-01-17 05:51 . 2012-01-17 05:51 -------- d-----w- c:\program files\Apple Software Update
    2012-01-11 06:12 . 2012-01-11 06:12 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
    2012-01-11 00:04 . 2012-01-11 00:04 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Temp
    2012-01-10 17:28 . 2008-02-18 07:11 18048 ----a-r- c:\windows\system32\drivers\SMC2209.sys
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-01-20 16:19 . 2010-04-18 15:34 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-12-19 22:32 . 2011-12-19 22:32 323624 ----a-w- c:\windows\system32\wiaaut.dll
    2011-12-13 18:28 . 2011-12-13 18:28 16024 ----a-w- c:\windows\system32\drivers\pssnap.sys
    2011-12-11 14:22 . 2011-12-11 14:22 964 ----a-w- c:\windows\system32\ud-boot-time.cmd
    2011-12-11 14:22 . 2011-12-11 14:22 55 ----a-w- c:\windows\system32\boot-config.cmd
    2011-12-11 14:22 . 2011-12-11 14:22 40 ----a-w- c:\windows\system32\boot-off.cmd
    2011-12-11 14:22 . 2011-12-11 14:22 222 ----a-w- c:\windows\system32\ud-help.cmd
    2011-12-11 14:22 . 2011-12-11 14:22 40 ----a-w- c:\windows\system32\boot-on.cmd
    2011-11-25 21:57 . 2004-08-04 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
    2011-11-23 13:25 . 2004-08-04 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
    2011-11-20 13:36 . 2011-08-10 12:17 194560 ----a-w- c:\windows\Squelchies Screen Saver #1.scr
    2011-11-20 13:35 . 2009-12-27 15:29 606848 ----a-w- c:\windows\flashax.exe
    2011-11-20 13:35 . 2009-12-27 15:29 12288 ----a-w- c:\windows\impborl.dll
    2011-11-19 06:34 . 2011-11-19 06:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-18 12:35 . 2004-08-04 12:00 60416 ----a-w- c:\windows\system32\packager.exe
    2011-11-16 14:21 . 2004-08-04 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll
    2011-11-16 14:21 . 2004-08-04 12:00 152064 ----a-w- c:\windows\system32\schannel.dll
    2011-05-06 03:36 . 2011-05-06 03:36 475 -c--a-w- c:\program files\0505201122364734.bat
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-08 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-06 131072]
    "Conime"="c:\windows\system32\conime.exe" [2008-04-14 27648]
    "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-06 54832]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
    "EKIJ5000StatusMonitor"="c:\windows\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2011-06-16 2510848]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "KodakHomeCenter"="c:\program files\Kodak\AiO\Center\AiOHomeCenter.exe" [2011-12-12 2234288]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck AUTONTFS C: PAGE=MIN DIRS=MFTZ MFT=MIN
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EKIJ5000StatusMonitor]
    2011-06-16 22:53 2510848 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
    2011-04-24 15:43 135168 ----a-w- c:\windows\system32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2011-06-09 19:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
    "c:\\Program Files\\AIM\\aim.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\Kodak\\AiO\\Center\\AiOHomeCenter.exe"=
    "c:\\Program Files\\Kodak\\AiO\\Center\\Kodak.Statistics.exe"=
    "c:\\Program Files\\Kodak\\AiO\\Center\\NetworkPrinterDiscovery.exe"=
    "c:\\Program Files\\Kodak\\AiO\\Firmware\\KodakAiOUpdater.exe"=
    "c:\\Documents and Settings\\All Users\\Application Data\\Kodak\\Installer\\Setup.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\Auslogics\\Auslogics BoostSpeed\\BoostSpeed.exe"=
    "c:\\Program Files\\Microsoft Silverlight\\5.0.61118.0\\Silverlight.Configuration.exe"=
    "c:\\Program Files\\FileHippo.com\\UpdateChecker.exe"=
    "c:\\Program Files\\CCleaner\\CCleaner.exe"=
    "c:\\Program Files\\Defraggler\\Defraggler.exe"=
    "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
    "c:\\Program Files\\123 Free Solitaire\\123FreeSolitaire.exe"=
    "c:\\Program Files\\Microsoft Fix it Center\\FixitCenter.exe"=
    "c:\\Program Files\\Microsoft Security Client\\msseces.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "5353:UDP"= 5353:UDP:Bonjour Port 5353
    "9322:TCP"= 9322:TCP:EKDiscovery
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
    "AllowInboundEchoRequest"= 1 (0x1)
    .
    R1 MpKsl476ad4dc;MpKsl476ad4dc;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5AB19660-181F-4CC8-B481-F5D621866C3E}\MpKsl476ad4dc.sys [2/8/2012 11:22 PM 29904]
    R3 SMC2209;SMC2209USB/ETH 10/100 USB 2.0 Adapter;c:\windows\system32\drivers\SMC2209.sys [1/10/2012 11:28 AM 18048]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/27/2010 6:25 AM 136176]
    S2 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/27/2010 6:25 AM 136176]
    S3 0131641296172501mcinstcleanup;McAfee Application Installer Cleanup (0131641296172501); [x]
    S3 cpudrv;cpudrv;\??\c:\program files\SystemRequirementsLab\cpudrv.sys --> c:\program files\SystemRequirementsLab\cpudrv.sys [?]
    S3 iscFlash;iscFlash;\??\c:\windows\SYSTEM32\DRIVERS\iscflash.sys --> c:\windows\SYSTEM32\DRIVERS\iscflash.sys [?]
    S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [6/13/2011 10:09 PM 267568]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2/5/2012 4:00 PM 40776]
    S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [5/10/2010 10:44 AM 22328]
    S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;\??\c:\program files\MSI\Live Update 5\msibios32_100507.sys --> c:\program files\MSI\Live Update 5\msibios32_100507.sys [?]
    S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [5/10/2010 10:44 AM 16696]
    S3 NTIOLib_1_0_4;NTIOLib_1_0_4;\??\c:\program files\MSI\Live Update 5\NTIOLib.sys --> c:\program files\MSI\Live Update 5\NTIOLib.sys [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
    S4 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\EKAiOHostService.exe [12/19/2011 4:32 PM 394672]
    S4 RapportIaso;RapportIaso;\??\c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys --> c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys [?]
    S4 SABKUTIL;SABKUTIL;\??\c:\documents and settings\Susan\Local Settings\Temporary Internet Files\Content.IE5\IA7PJYQS\SABKUTIL.sys --> c:\documents and settings\Susan\Local Settings\Temporary Internet Files\Content.IE5\IA7PJYQS\SABKUTIL.sys [?]
    S4 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.SYS --> c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [?]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - GUSVC
    *NewlyCreated* - MPKSL476AD4DC
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    getPlusHelper REG_MULTI_SZ getPlusHelper
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
    .
    2012-02-08 c:\windows\Tasks\ConfigExec.job
    - c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-14 04:09]
    .
    2012-02-09 c:\windows\Tasks\DataUpload.job
    - c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-14 04:09]
    .
    2012-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 12:25]
    .
    2012-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 12:25]
    .
    2012-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-602609370-682003330-1005Core.job
    - c:\documents and settings\Susan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-01 03:06]
    .
    2012-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-602609370-682003330-1005UA.job
    - c:\documents and settings\Susan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-01 03:06]
    .
    2012-02-08 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 21:39]
    .
    2012-02-09 c:\windows\Tasks\User_Feed_Synchronization-{508D7A56-9EDD-46CE-B68C-C1DFF09E0BE0}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-08 10:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.aol.com/
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
    TCP: DhcpNameServer = 209.124.193.101 209.124.193.100
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-02-08 23:35
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-1078081533-602609370-682003330-1005\Software\Microsoft\SystemCertificates\AddressBook*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    .
    Completion time: 2012-02-08 23:38:37
    ComboFix-quarantined-files.txt 2012-02-09 05:38
    .
    Pre-Run: 130,012,975,104 bytes free
    Post-Run: 130,130,190,336 bytes free
    .
    WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
    .
    - - End Of File - - FFBECBDD5D1282F2B21797301EAF1D0D
     

    Attached Files:

  10. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    That's perfectly normal when Combofix is run.
    You just reset the browser of your choice as the default again.

    I really can't see this being a malware issue.

    It would seem that Facebook is the governing factor here.

    Has there been any change since altering the DEP settings?
     
  11. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    No, Facebook is still responding slowly and freezing. If I didn't use it to keep in touch with a lot of family and friends that I went to school with, I would not worry about it. It is just aggravating to have to sit and wait for it to start responding again. It always comes back, but takes a couple of minutes..

    One thing on the log report, I saw some items from Rapport, Trusteer and SASUTIL ( SuperAntiSpware). I thought all of that had already been cleared out completely.
     
  12. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin

    Some of the Trusteer & Rapport items are from the logs from the the things you had me check. butthe dates on the others are from mid November. trusteer.JPG trusteer.JPG
    superanti.JPG

    Superantispyware is not on the add/remove list but it is STLL there! I found the EXE for it in the folder TimPC. Tim's is the place I bought my computer from. I never knew this folder was on my computer! timpc.JPG
     

    Attached Files:

  13. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    We haven't run an OTL scan since you said that you would uninstall Trusteer Rapport, let's get another scan done and see what's left on the system.

    Double click on OTL to run it.
    • Under Extra Registry section, select Use SafeList.
    • Don't check the boxes beside 'LOP Check' and 'Purity Check' this time.
    • Click on Run Scan at the top left hand corner.
    • When done, two Notepad files will open. Please post the contents of these 2 Notepad files in your next reply.

    Thanks
     
  14. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    Here they are.

    OTL logfile created on: 2/12/2012 1:29:00 PM - Run 2
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Susan\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.99 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 78.34% Memory free
    3.83 Gb Paging File | 3.56 Gb Available in Paging File | 92.85% Paging File free
    Paging file location(s): C:\pagefile.sys 0 0 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 149.04 Gb Total Space | 120.98 Gb Free Space | 81.17% Space Free | Partition Type: NTFS

    Computer Name: SUSANSPUTER | User Name: Susan | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Susan\desktop\OTL.scr (OldTimer Tools)
    PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


    ========== Modules (No Company Name) ==========


    ========== Win32 Services (SafeList) ==========

    SRV - (NMIndexingService) -- File not found
    SRV - (AppMgmt) -- File not found
    SRV - (0131641296172501mcinstcleanup) McAfee Application Installer Cleanup (0131641296172501) -- File not found
    SRV - (Kodak AiO Network Discovery Service) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company)
    SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
    SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
    SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)


    ========== Driver Services (SafeList) ==========

    DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
    DRV - (MSI_DVD_010507) -- C:\Program Files\MSI\MSIWDev\DVDSYS32_100507.sys (Your Corporation)
    DRV - (MSI_VGASYS_010507) -- C:\Program Files\MSI\MSIWDev\VGASYS32_100507.sys ()
    DRV - (SMC2209) -- C:\WINDOWS\system32\drivers\SMC2209.sys (SMC Networks)
    DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
    DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)



    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\gcswf32.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
    CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
    CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
    CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
    CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
    CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: Ask Toolbar = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaapodhaoggdemfffbmjpgfgekfjjpe\7.14.1.0_0\
    CHR - Extension: YouTube = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
    CHR - Extension: Google Search = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
    CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
    CHR - Extension: Gmail = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2012/02/08 23:35:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
    O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
    O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
    O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1254950168828 (MUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.124.193.101 209.124.193.100
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63732C85-853A-4138-B39C-FD38C537399A}: DhcpNameServer = 209.124.193.101 209.124.193.100
    O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/10/05 12:35:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (autocheck AUTONTFS C: PAGE=MIN DIRS=MFTZ MFT=MIN)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/02/12 11:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Start Menu\Programs\CyberLink PowerDVD
    [2012/02/12 00:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
    [2012/02/11 23:13:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Susan\Recent
    [2012/02/11 16:54:13 | 001,832,544 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\Susan\Desktop\MCPR.exe
    [2012/02/10 12:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2012/02/09 14:40:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012/02/08 23:27:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2012/02/08 23:25:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2012/02/08 23:25:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2012/02/08 23:25:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2012/02/08 23:25:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2012/02/08 23:25:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2012/02/08 23:22:49 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/02/08 23:22:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Susan\Start Menu\Programs\Administrative Tools
    [2012/02/08 23:20:44 | 004,399,064 | R--- | C] (Swearware) -- C:\Documents and Settings\Susan\Desktop\MYCOMBO.EXE
    [2012/02/08 14:45:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
    [2012/02/05 16:00:02 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2012/02/04 20:24:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Local Settings\Application Data\APN
    [2012/02/04 10:23:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
    [2012/02/03 11:25:44 | 000,000,000 | ---D | C] -- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
    [2012/02/01 20:38:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\UltraDefrag
    [2012/02/01 16:12:58 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012/02/01 11:38:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Susan\Desktop\OTL.scr
    [2012/02/01 09:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2012/01/31 15:42:02 | 000,030,720 | ---- | C] (UltraDefrag Development Team) -- C:\WINDOWS\System32\udefrag.exe
    [2012/01/31 15:41:58 | 000,009,728 | ---- | C] (UltraDefrag Development Team) -- C:\WINDOWS\System32\bootexctrl.exe
    [2012/01/31 15:41:58 | 000,006,144 | ---- | C] (UltraDefrag Development Team) -- C:\WINDOWS\System32\hibernate4win.exe
    [2012/01/31 15:41:56 | 000,016,896 | ---- | C] (UltraDefrag Development Team) -- C:\WINDOWS\System32\wgx.dll
    [2012/01/31 15:41:38 | 000,048,640 | ---- | C] (UltraDefrag Development Team) -- C:\WINDOWS\System32\udefrag.dll
    [2012/01/31 15:41:32 | 000,064,000 | ---- | C] (UltraDefrag Development Team) -- C:\WINDOWS\System32\zenwinx.dll
    [2012/01/31 15:41:22 | 000,114,688 | ---- | C] (UltraDefrag Development Team) -- C:\WINDOWS\System32\defrag_native.exe
    [2012/01/31 11:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\My Documents\OnDemandDump
    [2012/01/31 11:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\My Documents\CrashLog
    [2012/01/31 10:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Desktop\Unused Desktop Shortcuts
    [2012/01/30 22:52:41 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Susan\My Documents\TFC.exe
    [2012/01/26 09:39:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Application Data\Auslogics
    [2012/01/26 09:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
    [2012/01/26 09:39:23 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
    [2012/01/22 10:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Susan\Local Settings\Application Data\FixItCenter
    [2012/01/22 10:02:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
    [2012/01/22 10:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
    [2012/01/20 10:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2012/01/20 10:20:20 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2012/01/20 10:20:20 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2012/01/20 10:20:20 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2012/01/20 10:20:20 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2012/01/20 09:27:35 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
    [2012/01/16 23:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
    [2012/01/16 23:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

    ========== Files - Modified Within 30 Days ==========

    [2012/02/12 12:51:47 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{508D7A56-9EDD-46CE-B68C-C1DFF09E0BE0}.job
    [2012/02/12 11:52:37 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
    [2012/02/12 11:47:33 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
    [2012/02/12 11:47:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/02/12 11:47:27 | 2138,427,392 | -HS- | M] () -- C:\hiberfil.sys
    [2012/02/12 10:06:00 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
    [2012/02/12 01:13:50 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Microsoft Security Essentials.lnk
    [2012/02/12 00:37:37 | 000,001,058 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Computer Help Forums.url
    [2012/02/12 00:21:05 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
    [2012/02/12 00:20:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/02/11 16:54:27 | 001,832,544 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\Susan\Desktop\MCPR.exe
    [2012/02/10 23:02:21 | 000,001,758 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\The Weather Channel Desktop.lnk
    [2012/02/10 13:13:23 | 000,000,970 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\AOL.com.url
    [2012/02/10 11:35:43 | 000,001,231 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Bleeping Computer - Computer Help and Discussion.url
    [2012/02/10 00:40:09 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Shortcut to mspaint.exe.lnk
    [2012/02/09 01:46:08 | 001,380,588 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\squelchies1ss_setup.exe
    [2012/02/08 23:35:50 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2012/02/08 23:27:58 | 000,000,327 | RHS- | M] () -- C:\boot.ini
    [2012/02/08 23:21:26 | 004,399,064 | R--- | M] (Swearware) -- C:\Documents and Settings\Susan\Desktop\MYCOMBO.EXE
    [2012/02/08 14:45:07 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
    [2012/02/08 12:42:05 | 000,101,157 | ---- | M] () -- C:\fraglist.luar
    [2012/02/07 21:15:48 | 000,000,211 | ---- | M] () -- C:\Boot.bak
    [2012/02/07 18:14:49 | 000,569,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/02/07 18:14:49 | 000,106,870 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2012/02/07 16:43:37 | 002,339,459 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\0211inside.pdf
    [2012/02/07 16:28:16 | 003,238,540 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\0211outside.pdf
    [2012/02/07 15:27:23 | 000,810,102 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\cfoa form renewal.pdf
    [2012/02/07 14:58:15 | 000,690,539 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\state auction list 2112012.pdf
    [2012/02/06 10:26:15 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-602609370-682003330-1005UA.job
    [2012/02/06 10:26:13 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-602609370-682003330-1005Core.job
    [2012/02/06 10:26:12 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2012/02/06 10:26:11 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2012/02/05 20:40:56 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2012/02/05 16:00:02 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2012/02/05 10:17:20 | 000,001,152 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\cpuz.cvf
    [2012/02/05 10:12:16 | 000,001,152 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\cpuzval
    [2012/02/04 12:30:26 | 000,983,040 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
    [2012/02/04 12:30:26 | 000,421,888 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
    [2012/02/04 11:16:05 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/02/04 10:29:54 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Susan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012/02/01 20:38:50 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\Susan\Application Data\Microsoft\Internet Explorer\Quick Launch\UltraDefrag.lnk
    [2012/02/01 20:38:50 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\UltraDefrag.lnk
    [2012/02/01 12:41:31 | 000,000,517 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Shortcut to TFC.exe.lnk
    [2012/02/01 11:38:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Susan\Desktop\OTL.scr
    [2012/02/01 08:02:40 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Susan\My Documents\TFC.exe
    [2012/01/31 15:42:02 | 000,030,720 | ---- | M] (UltraDefrag Development Team) -- C:\WINDOWS\System32\udefrag.exe
    [2012/01/31 15:41:58 | 000,009,728 | ---- | M] (UltraDefrag Development Team) -- C:\WINDOWS\System32\bootexctrl.exe
    [2012/01/31 15:41:58 | 000,006,144 | ---- | M] (UltraDefrag Development Team) -- C:\WINDOWS\System32\hibernate4win.exe
    [2012/01/31 15:41:56 | 000,016,896 | ---- | M] (UltraDefrag Development Team) -- C:\WINDOWS\System32\wgx.dll
    [2012/01/31 15:41:46 | 000,092,160 | ---- | M] () -- C:\WINDOWS\System32\lua5.1a.dll
    [2012/01/31 15:41:38 | 000,048,640 | ---- | M] (UltraDefrag Development Team) -- C:\WINDOWS\System32\udefrag.dll
    [2012/01/31 15:41:32 | 000,064,000 | ---- | M] (UltraDefrag Development Team) -- C:\WINDOWS\System32\zenwinx.dll
    [2012/01/31 15:41:22 | 000,114,688 | ---- | M] (UltraDefrag Development Team) -- C:\WINDOWS\System32\defrag_native.exe
    [2012/01/31 09:07:34 | 000,192,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/01/31 06:44:05 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
    [2012/01/30 09:45:15 | 000,000,980 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Facebook.url
    [2012/01/27 07:17:34 | 000,000,914 | ---- | M] () -- C:\Documents and Settings\Susan\Application Data\Microsoft\Internet Explorer\Quick Launch\Auslogics BoostSpeed.lnk
    [2012/01/27 07:17:34 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Auslogics BoostSpeed.lnk
    [2012/01/27 06:31:06 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
    [2012/01/27 06:19:07 | 000,001,988 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\cc_20120127_061900.reg
    [2012/01/25 20:41:21 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Calculator.lnk
    [2012/01/24 21:46:42 | 000,001,543 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\Solitaire.lnk
    [2012/01/24 12:18:35 | 000,308,453 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\Free Fax • Free Internet Faxing.mht
    [2012/01/24 11:50:55 | 000,000,658 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
    [2012/01/24 11:35:30 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\123 Free Solitaire.lnk
    [2012/01/23 19:58:36 | 000,001,584 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
    [2012/01/22 11:41:24 | 000,002,989 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\UICC Claims.htm
    [2012/01/22 10:02:59 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
    [2012/01/20 10:31:34 | 000,000,960 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\AOL MAIL.url
    [2012/01/20 10:19:58 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2012/01/20 10:19:58 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2012/01/20 10:19:58 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2012/01/20 10:19:58 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2012/01/20 10:19:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [2012/01/19 13:17:19 | 000,644,186 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\2011 state tax return.pdf
    [2012/01/19 12:44:44 | 000,042,437 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\2011 1040.pdf
    [2012/01/19 12:43:15 | 000,097,452 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\2011 federal tax.pdf
    [2012/01/19 11:54:35 | 000,248,147 | ---- | M] () -- C:\Documents and Settings\Susan\My Documents\2011 sally W2.pdf
    [2012/01/18 21:52:11 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\Susan\Desktop\BLANK TAB.url
    [2012/01/16 23:56:57 | 000,035,544 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

    ========== Files Created - No Company Name ==========

    [2012/02/12 01:13:50 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Microsoft Security Essentials.lnk
    [2012/02/12 00:25:49 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
    [2012/02/12 00:20:39 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
    [2012/02/10 23:02:21 | 000,001,758 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\The Weather Channel Desktop.lnk
    [2012/02/10 00:40:09 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Shortcut to mspaint.exe.lnk
    [2012/02/09 01:46:04 | 001,380,588 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\squelchies1ss_setup.exe
    [2012/02/08 23:27:58 | 000,000,211 | ---- | C] () -- C:\Boot.bak
    [2012/02/08 23:27:56 | 000,260,272 | RHS- | C] () -- C:\cmldr
    [2012/02/08 23:25:40 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2012/02/08 23:25:40 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2012/02/08 23:25:40 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2012/02/08 23:25:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2012/02/08 23:25:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2012/02/08 14:45:07 | 000,001,919 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
    [2012/02/08 12:42:05 | 000,101,157 | ---- | C] () -- C:\fraglist.luar
    [2012/02/07 16:43:37 | 002,339,459 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\0211inside.pdf
    [2012/02/07 16:28:15 | 003,238,540 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\0211outside.pdf
    [2012/02/07 15:27:23 | 000,810,102 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\cfoa form renewal.pdf
    [2012/02/07 14:58:15 | 000,690,539 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\state auction list 2112012.pdf
    [2012/02/05 10:17:19 | 000,001,152 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\cpuz.cvf
    [2012/02/05 10:12:16 | 000,001,152 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\cpuzval
    [2012/02/05 08:52:21 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{508D7A56-9EDD-46CE-B68C-C1DFF09E0BE0}.job
    [2012/02/04 09:56:30 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
    [2012/02/01 20:38:50 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\Susan\Application Data\Microsoft\Internet Explorer\Quick Launch\UltraDefrag.lnk
    [2012/02/01 20:38:50 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\UltraDefrag.lnk
    [2012/02/01 20:38:50 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\UltraDefrag.lnk
    [2012/02/01 16:07:12 | 000,001,231 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Bleeping Computer - Computer Help and Discussion.url
    [2012/02/01 16:06:17 | 000,001,058 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Computer Help Forums.url
    [2012/02/01 12:41:31 | 000,000,517 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Shortcut to TFC.exe.lnk
    [2012/02/01 12:15:11 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-602609370-682003330-1005UA.job
    [2012/02/01 12:15:10 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-602609370-682003330-1005Core.job
    [2012/01/31 15:41:46 | 000,092,160 | ---- | C] () -- C:\WINDOWS\System32\lua5.1a.dll
    [2012/01/31 09:07:34 | 000,192,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/01/30 09:45:15 | 000,000,980 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Facebook.url
    [2012/01/27 07:17:34 | 000,000,914 | ---- | C] () -- C:\Documents and Settings\Susan\Application Data\Microsoft\Internet Explorer\Quick Launch\Auslogics BoostSpeed.lnk
    [2012/01/27 07:17:34 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\Auslogics BoostSpeed.lnk
    [2012/01/27 06:19:05 | 000,001,988 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\cc_20120127_061900.reg
    [2012/01/24 12:18:33 | 000,308,453 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\Free Fax • Free Internet Faxing.mht
    [2012/01/24 11:35:30 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\123 Free Solitaire.lnk
    [2012/01/22 11:41:24 | 000,002,989 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\UICC Claims.htm
    [2012/01/22 10:06:02 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job
    [2012/01/22 10:06:02 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job
    [2012/01/22 10:02:59 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
    [2012/01/22 10:02:59 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
    [2012/01/20 10:31:34 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\AOL MAIL.url
    [2012/01/20 09:16:44 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
    [2012/01/19 13:17:14 | 000,644,186 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\2011 state tax return.pdf
    [2012/01/19 12:44:43 | 000,042,437 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\2011 1040.pdf
    [2012/01/19 12:43:15 | 000,097,452 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\2011 federal tax.pdf
    [2012/01/19 11:54:34 | 000,248,147 | ---- | C] () -- C:\Documents and Settings\Susan\My Documents\2011 sally W2.pdf
    [2012/01/18 21:52:11 | 000,000,154 | ---- | C] () -- C:\Documents and Settings\Susan\Desktop\BLANK TAB.url
    [2012/01/16 23:56:57 | 000,035,544 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
    [2012/01/16 23:51:39 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2012/01/16 23:51:28 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
    [2011/12/11 08:22:22 | 000,000,101 | ---- | C] () -- C:\WINDOWS\System32\ud-boot-time.ini
    [2011/05/05 21:36:47 | 000,000,475 | ---- | C] () -- C:\Program Files\0505201122364734.bat
    [2010/01/11 13:55:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2009/12/27 09:29:36 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
    [2009/12/10 11:04:09 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Susan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/10/14 07:57:26 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
    [2009/10/10 06:49:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IntIgn0xF28456.dat
    [2009/10/09 06:41:42 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Susan\Local Settings\Application Data\fusioncache.dat
    [2009/10/07 14:46:35 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2009/10/07 12:23:22 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\unzdll.dll
    [2009/10/05 12:58:55 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
    [2009/10/05 12:52:24 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
    [2009/10/05 12:49:18 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
    [2009/10/05 12:37:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2009/10/05 12:32:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2009/10/05 07:02:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
    [2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
    [2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
    [2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
    [2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
    [2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
    [2004/08/04 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2004/08/04 06:00:00 | 000,569,686 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2004/08/04 06:00:00 | 000,106,870 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2004/08/04 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
    [2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Susan\My Documents\TFC.exe:SummaryInformation
    @Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

    < End of report >
     

    Attached Files:

  15. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    Hey Starbuck!

    Have you had a chance to go over the OTL logs?
     
  16. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Susan,

    My apologies, I must have over looked your reply.

    There is nothing in the reports for SuperAntiSpyware or Trusteer.
    But i can take the folders from the Combofix report and add them to an OTL fix, just to make sure they've gone.

    Double click on OTL to run it.
    Copy the lines in bold below. (make sure that :Otl is on the first line )

    :Otl
    SRV - (0131641296172501mcinstcleanup) McAfee Application Installer Cleanup (0131641296172501) -- File not found
    O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    @Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

    :Files
    c:\program files\SUPERAntiSpyware
    c:\documents and settings\all users\application data\trusteer

    :commands
    [emptytemp]

    • Return to OTL,
    • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

      .
    • Click the red Run Fix button.

      [​IMG]
    • OTL will reboot your system once the fix has completed.
    • After the reboot, you may need to double click OTL to launch the program and retrieve the log.

    Copy and paste the contents of the OTL log that comes up after the fix in your next reply.

    if you lose the report, there will be a copy here:
    C:\_OTL\MovedFiles

    If the TimPc folder was placed there by the shop you bought the system from and you no longer need it, it can be removed.
    Just right click on the folder and select delete from the menu.


    Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
    • Download the latest version of Java Runtime Environment (JRE) 7 Update 3 and save it to your desktop.
    • Scroll down to where it says "Java SE 7 Update 3".
    • Click the "Download JRE" button to the right.
    • Accept the license agreement.
    • select 'Windows x86'offline from the list.
    • Save the file to your desktop.
    • Close any programs you may have running - especially your web browser.
    • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
    • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button.
    • Repeat as many times as necessary to remove each Java versions.
      .
      Java(TM) 6 Update 30
      .
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-7u3-windows-i586-p.exe to install the newest version.


    In your next reply, please submit:
    Otl Fix report


    Thanks.
     
    Last edited by a moderator: Feb 4, 2014
  17. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    Here is the otl log
     

    Attached Files:

  18. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Otl couldn't find SuperAntiSpyware in the program folder, but did remove some Trusteer entries from the Application Data folder.
    Looking back i see that you have Firefox installed.... is Facebook still slow if you use Firefox?
     
  19. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    I removed Fiirefox a good while ago. If it is still showing up, it must be some leftover files that di not get deleted when I removed it. If those files are still there can I download Firefox again without them interfering with it?
     
  20. SusanCarmenaHernandez

    SusanCarmenaHernandez Registered Members

    Joined:
    Jan 30, 2012
    Messages:
    52
    Location:
    French Settlement, La.
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Msi Wind PC Mini Tower Motherboard is MSI MS 7418
    CPU:
    Intel Atom 1.6 ghz Diamondville 45nm Technology
    Memory:
    2.0GB Single Channel DDR @ @1.99MHz
    Hard Drive:
    156GB Western Digital
    Graphics Card:
    Dell Ppp21024x768@60Hz, Intel 82945 Express Chipset Family
    Power Supply:
    Don't know it plugs in a surge protector from Belkin
    I also installed the newest Java Runtime.
     

Share This Page