Novice wants to add a memory card

teddysmith1952

New Member
Thanks John. I noticed that as well and tried to do a re-scan. This time I received a message that the combofix scan ran into my AVG anti virus and stated it could cause damage unless I disabled it and did I want to continue anyway. I went thru my AVG and could not find a way to disable but, I'm not the sharpest knife in the drawer with P/C's.
 

johnb35

Administrator
Staff member
Just run it without disabling avg. I've tried disabling it and it still says its active. And i'm not uninstalling it just to run combofix. i've never run into any problems. Run it and lets see the new log.
 

teddysmith1952

New Member
Ok this is crazy. I tried to re-scan and I ignored the request to disable my anti virus. I then received this error message:

"You cannot rename combofix as combofix(1)
Please use another name,preferably made up of alfanumeric characters"

I didn't rename anything !! Humm
 

johnb35

Administrator
Staff member
delete all existing combofix that you have downloaded and redownload it again. Or download it to a different location on your hard drive and then run it.
 

teddysmith1952

New Member
I deleted all combofix stuff. I reran and got the same message. I found this reappeared on my P/C:

COMBOFIX(1).EXE-275D2D05.pf.

I deleted this and reran. Again received the same error and deleted again and so on...
 

teddysmith1952

New Member
That did it. Instead of hitting run, I saved to another location. Here's the log report:

ComboFix 09-07-12.03 - Jim's 07/12/2009 17:16.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1983.1509 [GMT -7:00]
Running from: c:\documents and settings\Jim's\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Starware
c:\documents and settings\Compaq_Owner\Application Data\alot
c:\documents and settings\Denise's\Application Data\alot
c:\documents and settings\Denise's\Application Data\alot\BrowserSearch\BrowserSearch.xml
c:\documents and settings\Denise's\Application Data\alot\BrowserSearch\BrowserSearch.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_0\Button_0.xml
c:\documents and settings\Denise's\Application Data\alot\Button_0\Button_0.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_1\Button_1.xml
c:\documents and settings\Denise's\Application Data\alot\Button_1\Button_1.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_10\Button_10.xml
c:\documents and settings\Denise's\Application Data\alot\Button_10\Button_10.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_11\Button_11.xml
c:\documents and settings\Denise's\Application Data\alot\Button_11\Button_11.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_2\Button_2.xml
c:\documents and settings\Denise's\Application Data\alot\Button_2\Button_2.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_3\Button_3.xml
c:\documents and settings\Denise's\Application Data\alot\Button_3\Button_3.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_4\Button_4.xml
c:\documents and settings\Denise's\Application Data\alot\Button_4\Button_4.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_5\Button_5.xml
c:\documents and settings\Denise's\Application Data\alot\Button_5\Button_5.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_6\Button_6.xml
c:\documents and settings\Denise's\Application Data\alot\Button_6\Button_6.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_7\Button_7.xml
c:\documents and settings\Denise's\Application Data\alot\Button_7\Button_7.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_8\Button_8.xml
c:\documents and settings\Denise's\Application Data\alot\Button_8\Button_8.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Button_9\Button_9.xml
c:\documents and settings\Denise's\Application Data\alot\Button_9\Button_9.xml.backup
c:\documents and settings\Denise's\Application Data\alot\configurator\configurator.xml
c:\documents and settings\Denise's\Application Data\alot\configurator\configurator.xml.backup
c:\documents and settings\Denise's\Application Data\alot\ErrorSearch\ErrorSearch.xml
c:\documents and settings\Denise's\Application Data\alot\ErrorSearch\ErrorSearch.xml.backup
c:\documents and settings\Denise's\Application Data\alot\postInstallLayout\postInstallLayout.xml
c:\documents and settings\Denise's\Application Data\alot\postInstallLayout\postInstallLayout.xml.backup
c:\documents and settings\Denise's\Application Data\alot\products\products.xml
c:\documents and settings\Denise's\Application Data\alot\products\products.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_0\images\alot_icon_35x16.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_1\images\alot_search_24x16.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_2\images\default_216_alot_recipe_recipesearch.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\alert-icon.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\alert.png
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\clear.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\cloudy.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\default_281_alot_weather_widget.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\haze.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\mcloud.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\nclear.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\ncloudy.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\nhaze.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\nmcloud.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\npcloud.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\pcloud.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\rain.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\snow.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_3\images\tstorm.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_4\images\default_218_alot_recipe_cupboard.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_4\images\default_338_alot_recipe_reciperssfeed.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_5\images\default_218_alot_recipe_cupboard.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_6\images\default_219_alot_recipe_recipevideos.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_6\images\default_260_alot_lottery_mrkt_dice.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_6\images\default_260_default_288_alot_mrkt_bang.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_7\images\default_205_alot_mrkt_carrot.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_7\images\default_205_default_260_alot_mrkt_dice.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_7\images\default_264_alot_recipe_mrkt_home_marketplace.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_7\images\default_264_american_flag.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_8\images\default_441_alot_mrkt_180.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_8\images\default_441_alot_mrkt_carrot.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Button_8\images\default_441_alot_mrkt_shopping_cart.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\domains.dat
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\alot_brand.png
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\spinner.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\widget_bottom.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\widget_btnmin0.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\widget_btnmin1.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\widget_caption.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\widget_error_close.bmp
c:\documents and settings\Denise's\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp
c:\documents and settings\Denise's\Application Data\alot\TimerManager\TimerManager.xml
c:\documents and settings\Denise's\Application Data\alot\TimerManager\TimerManager.xml.backup
c:\documents and settings\Denise's\Application Data\alot\toolbar.xml
c:\documents and settings\Denise's\Application Data\alot\ToolbarSearch\ToolbarSearch.xml
c:\documents and settings\Denise's\Application Data\alot\ToolbarSearch\ToolbarSearch.xml.backup
c:\documents and settings\Denise's\Application Data\alot\Updater\Updater.xml
c:\documents and settings\Denise's\Application Data\alot\Updater\Updater.xml.backup
c:\documents and settings\Denise's\Application Data\Starware
c:\documents and settings\Guest\Application Data\alot
c:\documents and settings\Jamie's_2\Application Data\alot
c:\documents and settings\Jim's\Application Data\alot
c:\documents and settings\Jim's\Application Data\Starware
c:\program files\Altnet
c:\program files\Altnet\DBBackup\file-10001-100.sig
c:\program files\Altnet\DBBackup\file-10001-1090773661.sig
c:\program files\Altnet\DBBackup\file-10001-1324214290.sig
c:\program files\Altnet\DBBackup\file-10001-1605489741.sig
c:\program files\Altnet\DBBackup\file-10001-1857421833.sig
c:\program files\Altnet\DBBackup\file-10001-1976502640.sig
c:\program files\Altnet\DBBackup\file-10001-20880948.sig
c:\program files\Altnet\DBBackup\file-10001-2229967357.sig
c:\program files\Altnet\DBBackup\file-10001-2266845954.sig
c:\program files\Altnet\DBBackup\file-10001-273606815.sig
c:\program files\Altnet\DBBackup\file-10001-3403301822.sig
c:\program files\Altnet\DBBackup\file-10001-3537779828.sig
c:\program files\Altnet\DBBackup\file-10001-4075227671.sig
c:\program files\Altnet\DBBackup\file-10001-4154067389.sig
c:\program files\Altnet\DBBackup\file-10001-539525141.sig
c:\program files\Altnet\DBBackup\file-10001-696071384.sig
c:\program files\Altnet\DBBackup\file-10001-959979991.sig
c:\program files\Altnet\DBBackup\file-10001-97.sig
c:\program files\Altnet\DBBackup\file-5001-1723642179.sig
c:\program files\Altnet\DBBackup\file-5001-1818565802.sig
c:\program files\Altnet\DBBackup\file-5001-2096449989.sig
c:\program files\Altnet\DBBackup\file-5001-2571611851.sig
c:\program files\Altnet\DBBackup\file-5001-2601756460.sig
c:\program files\Altnet\DBBackup\file-5001-3362558619-1.sig
c:\program files\Altnet\DBBackup\file-5001-4281926898.sig
c:\program files\Altnet\DBBackup\file-5001-522039663.sig
c:\program files\Altnet\DBBackup\file-5001-544007125.sig
c:\program files\Altnet\DBBackup\file-5001-732616597-1.sig
c:\program files\Altnet\DBBackup\file-5001-903641836.sig
c:\program files\Altnet\DBBackup\Sigfiles.db
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.ivd.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.rvd.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.xmd.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\cran.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\cran.cvd.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\cran.ivd.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\emalware.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\emalware.ivd.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\iso.xmd.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\java.cvd.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.ivd.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab (incomplete-3)
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab (incomplete)
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\tar.xmd.cab
c:\program files\iMeshBar
c:\program files\MyWay
c:\program files\MyWay\myBar\1.bin\MY2NS.EXE
c:\program files\MyWay\myBar\Cache\files.ini
c:\program files\Need2Find
c:\program files\Need2Find\bar\1.bin\N2FFXTBR.JAR
c:\program files\Need2Find\bar\1.bin\N2NTSTBR.JAR
c:\program files\Need2Find\bar\1.bin\PARTNER.DAT
c:\program files\Need2Find\bar\Cache\03E016EA
c:\program files\Need2Find\bar\History\search
c:\program files\Need2Find\bar\Settings\prevcfg.htm
c:\program files\PeoplePC\Toolbar\PPCToolbar.dll
c:\program files\RXToolBar
c:\program files\seekmo
c:\program files\SideFind
c:\program files\SoftwareOnline
c:\program files\SoftwareOnline\soproc.exe
c:\program files\starware
c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\INSTALL.LOG
c:\program files\WinPCap\NetMonInstaller.exe
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe
c:\program files\WinPCap\Uninstall.exe
c:\recycler\S-1-5-21-1846433815-1947926138-1940668283-1003
c:\recycler\S-1-5-21-2218385644-1888872791-1663132888-1013
c:\recycler\S-1-5-21-270235759-1964811210-2323045277-1009
c:\recycler\S-1-5-21-270235759-1964811210-2323045277-1011
c:\recycler\S-1-5-21-270235759-1964811210-2323045277-1012
c:\recycler\S-1-5-21-270235759-1964811210-2323045277-1013
c:\recycler\S-1-5-21-2759785638-1562771973-2789229755-1009
c:\windows\cdmxtras
c:\windows\cdmxtras\uninst.exe
c:\windows\Installer\10124e.msi
c:\windows\Installer\1013b8.msi
c:\windows\Installer\1013cd.msi
c:\windows\Installer\101404.msi
c:\windows\Installer\10142a.msi
c:\windows\Installer\101430.msi
c:\windows\Installer\101433.msi
c:\windows\Installer\129d50e.msi
c:\windows\Installer\188105.msi
c:\windows\Installer\1c5471.msp
c:\windows\Installer\2122eb4.msi
c:\windows\Installer\2122eba.msi
c:\windows\Installer\2122ec0.msi
c:\windows\Installer\2122ec8.msi
c:\windows\Installer\2122ed5.msi
c:\windows\Installer\2122edd.msi
c:\windows\Installer\2122ee3.msi
c:\windows\Installer\278c58.msi
c:\windows\Installer\2b106.msi
c:\windows\Installer\2e162.msi
c:\windows\Installer\2e168.msi
c:\windows\Installer\2e16e.msi
c:\windows\Installer\2e177.msi
c:\windows\Installer\2e181.msi
c:\windows\Installer\2e18b.msi
c:\windows\Installer\2e195.msi
c:\windows\Installer\2e19f.msi
c:\windows\Installer\2e1a9.msi
c:\windows\Installer\2e1b0.msi
c:\windows\Installer\2e1b9.msi
c:\windows\Installer\2e1c3.msi
c:\windows\Installer\2e1cd.msi
c:\windows\Installer\2e1d4.msi
c:\windows\Installer\2e1da.msi
c:\windows\Installer\2e1e3.msi
c:\windows\Installer\2e1ed.msi
c:\windows\Installer\2e1f7.msi
c:\windows\Installer\2e201.msi
c:\windows\Installer\2e20b.msi
c:\windows\Installer\2e215.msi
c:\windows\Installer\2e21f.msi
c:\windows\Installer\2e226.msi
c:\windows\Installer\40ea5e.msi
c:\windows\Installer\466072b.msi
c:\windows\Installer\466076e.msi
c:\windows\Installer\471318e.msi
c:\windows\Installer\47131cf.msi
c:\windows\Installer\47131e8.msp
c:\windows\Installer\4713293.msi
c:\windows\Installer\4c8b25a.msi
c:\windows\Installer\53063.msi
c:\windows\Installer\53069.msi
c:\windows\Installer\5306f.msi
c:\windows\Installer\53075.msi
c:\windows\Installer\5307b.msi
c:\windows\Installer\53081.msi
c:\windows\Installer\53087.msi
c:\windows\Installer\5308d.msi
c:\windows\Installer\53093.msi
c:\windows\Installer\5309e.msi
c:\windows\Installer\530a4.msi
c:\windows\Installer\530aa.msi
c:\windows\Installer\586aa5b.msi
c:\windows\Installer\6fe032.msi
c:\windows\Installer\6fe033.msi
c:\windows\Installer\952aaf.msi
c:\windows\system32\config\systemprofile\Application Data\alot
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-06-13 to 2009-07-13 )))))))))))))))))))))))))))))))
.

2009-07-12 16:47 . 2009-06-17 18:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-12 16:47 . 2009-06-17 18:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-11 23:55 . 2009-07-11 23:55 -------- d-----w- c:\windows\system32\wbem\Repository
2009-07-11 15:46 . 2009-07-11 15:46 -------- d-----w- c:\program files\Trend Micro
2009-07-11 14:23 . 2009-07-11 14:23 -------- d-----w- c:\documents and settings\Jim's\Application Data\Malwarebytes
2009-07-11 14:23 . 2009-07-12 16:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-11 14:23 . 2009-07-11 14:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-09 16:55 . 2009-07-01 18:32 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys
2009-07-09 16:55 . 2009-07-01 18:31 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-07-09 16:55 . 2009-07-01 18:31 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll
2009-07-09 16:55 . 2009-07-01 18:32 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll
2009-07-09 16:55 . 2009-07-01 18:32 3298072 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-07-09 16:55 . 2009-07-01 18:31 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll
2009-07-09 16:55 . 2009-07-01 18:31 906520 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgemc.exe
2009-07-09 16:55 . 2009-07-01 18:31 829208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll
2009-07-09 16:52 . 2009-07-01 18:31 1454360 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-07-09 16:52 . 2009-07-01 18:31 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-02 15:57 . 2009-07-02 15:56 2052376 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll
2009-07-01 19:50 . 2009-07-12 07:55 -------- d--h--w- C:\$AVG8.VAULT$
2009-07-01 18:38 . 2009-06-14 23:07 1004800 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-07-01 18:32 . 2009-07-01 18:32 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-07-01 18:32 . 2009-07-01 18:32 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-07-01 18:32 . 2009-07-09 16:54 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-01 18:32 . 2009-07-01 18:32 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-07-01 18:32 . 2009-07-12 15:23 -------- d-----w- c:\windows\system32\drivers\Avg
2009-07-01 18:32 . 2009-07-01 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-07-01 18:31 . 2009-07-01 18:31 -------- d-----w- c:\program files\AVG
2009-07-01 18:31 . 2009-07-01 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-06-30 20:13 . 2009-07-01 18:12 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-06-18 18:11 . 2009-06-18 18:11 1915520 ----a-w- c:\documents and settings\Jim's\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-06-17 20:02 . 2009-06-17 20:02 -------- d-----w- c:\documents and settings\Denise's\Application Data\OpenOffice.org

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-11 23:54 . 2004-08-10 15:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-02 09:08 . 2006-10-25 05:25 -------- d-----w- c:\program files\WinAce
2009-07-02 08:01 . 2007-09-15 22:34 -------- d-----w- c:\program files\Common Files\GMT
2009-07-02 08:01 . 2007-09-15 22:34 -------- d-----w- c:\program files\Common Files\CMEII
2009-07-01 19:39 . 2009-03-09 16:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-30 20:05 . 2004-08-11 13:55 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-06-30 20:04 . 2008-04-20 19:08 -------- d-----w- c:\program files\Jamdat
2009-06-30 20:04 . 2005-01-16 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak
2009-06-30 20:04 . 2005-01-16 18:17 -------- d-----w- c:\program files\Kodak
2009-06-30 20:03 . 2005-01-16 18:25 -------- d-----w- c:\program files\Common Files\Kodak
2009-06-30 19:59 . 2006-02-02 00:43 -------- d-----w- c:\documents and settings\Denise's\Application Data\Symantec
2009-06-30 19:59 . 2004-08-11 13:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-06-30 19:48 . 2008-09-24 23:43 -------- d-----w- c:\documents and settings\Jamie's_2\Application Data\Symantec
2009-06-30 19:48 . 2008-09-24 23:28 -------- d-----w- c:\documents and settings\Guest\Application Data\Symantec
2009-06-30 19:48 . 2006-02-02 01:08 -------- d-----w- c:\documents and settings\Jim's\Application Data\Symantec
2009-06-30 19:48 . 2006-01-28 04:56 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Symantec
2009-06-28 22:22 . 2004-08-10 15:43 4013 -c--a-w- c:\windows\viassary-hp.reg
2009-06-26 17:27 . 2009-04-12 14:31 1 ----a-w- c:\documents and settings\Jim's\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-24 00:37 . 2006-02-18 23:20 -------- d-----w- c:\program files\PartyGaming
2009-06-10 00:27 . 2009-06-10 00:27 -------- d-----w- c:\documents and settings\Jim's\Application Data\ImgBurn
2009-02-08 21:37 . 2009-02-08 21:37 129 ----a-w- C:\Program FilesES_uninst.ini
2008-03-01 19:13 . 2008-03-01 19:13 67 -c--a-w- c:\program files\rem_cdk.bat
2006-09-05 21:35 . 2006-09-05 21:35 60518 -c--a-w- c:\program files\mozilla firefox\components\jar50.dll
2006-09-05 21:35 . 2006-09-05 21:35 49248 -c--a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2006-09-05 21:35 . 2006-09-05 21:35 165992 -c--a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 23:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"Desktop Software"="c:\program files\ComcastUI\Universal Installer\uinstaller.exe" [2008-03-18 984616]
"Universal Installer"="c:\program files\ComcastUI\Universal Installer\uinstaller.exe" [2008-03-18 984616]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-17 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-01 1948440]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-04-29 188728]
"Media Codec Update Service"="c:\program files\Essentials Codec Pack\WECPUpdate.exe" [2009-01-25 196608]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-01 136600]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-09-12 229952]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-30 88363]
"AlcxMonitor"="ALCXMNTR.EXE" - c:\windows\ALCXMNTR.EXE [2003-04-04 50176]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2004-03-27 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-01 18:32 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^palstart.exe]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\palstart.exe
backup=c:\windows\pss\palstart.exeCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [7/1/2009 11:32 AM 335752]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [7/1/2009 11:32 AM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [7/1/2009 11:31 AM 907032]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [7/1/2009 11:31 AM 298776]
R2 litsgt;litsgt;c:\windows\system32\drivers\litsgt.sys [5/17/2006 5:20 PM 137344]
R2 tansgt;tansgt;c:\windows\system32\drivers\tansgt.sys [5/17/2006 5:20 PM 12032]
S3 XIRLINK;Veo PC Camera;c:\windows\system32\drivers\ucdnt.sys [2/11/2005 4:13 PM 899884]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = about:blank
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>;localhost
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
FF - ProfilePath -
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-12 17:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-07-13 17:22
ComboFix-quarantined-files.txt 2009-07-13 00:22

Pre-Run: 50,552,066,048 bytes free
Post-Run: 52,338,360,320 bytes free

401
 

johnb35

Administrator
Staff member
I think that cleaned up your system even more dramatically. Now all I need is fresh hijackthis log posted please.
 

teddysmith1952

New Member
Here you go! Thanks again John

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:42:57 PM, on 7/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe
C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\WECPUpdate.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Desktop Software] "C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe" /ini "uinstaller.ini" /fromrun /starthidden
O4 - HKCU\..\Run: [Universal Installer] "C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe" /fromrun /starthidden
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MiniEYE-MiniREAD Launch.lnk = C:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
O4 - Global Startup: palstart.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1246389110178
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712....akamai.com/6712/player/install/installer.exe
O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://www.candystand.com/assets/activex/virtools/CacheManager.CAB
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

--
End of file - 10549 bytes
 

teddysmith1952

New Member
Thanks for all of your time John! It's funny. It will run like a rocket then all of the sudden it will slow to a crawl and so on. looking at the log above I see symantec stuff which was with the Norton I removed before AVG install. I also see kodak stuff which I also removed.

Overall it is a great improvement which I again thank you for. I did the msconfig and startup thing but was unable to locate anything that looks like the "cannot find file:///" so I'm still getting that dang error when windows starts up.

Jim
 

johnb35

Administrator
Staff member
Go back into add/remove programs and make sure everything is uninstalled regarding Kodak and Symantec, also known as Norton. If you want to, make a list of every item in the startup tab of msconfig and i'll try to pinpoint which item it is for you to uncheck. You probably have some that don't need to be running at bootup anyway, most people do anyway.
 

teddysmith1952

New Member
John,

Running great. Every now and then when I log into internet exporer it will now let me in. After another try or two it will. That's different.

Also, before you fixed me up, I could here the computer running more often than not, even in the middle of the night for hours. Now I very seldom here it.
 

johnb35

Administrator
Staff member
You mean you heard the cooling fans run more and louder? You can also try open the case and use a can of compressed air to blow out the fans and the case. It actually needs every few months anyway.
 

teddysmith1952

New Member
Yes, the fans were running but I think the drive was running as well. Your sure right about the need to blow out the dust that collects. When I added the ram, I took the console out to the garage and opened it. Dust and dust balls everywhere. I adjusted my little air compresser to low and gentle blew all of the crap out. i was thinking that with all of the hard drive clean up (removing the malware and tons of unnecessary stuff) you had me do, that was what was keeping the drive from running so much.
 

teddysmith1952

New Member
Hi John,

i could use your help again. We had an issue connecting to internet explorer yesterday morning. When we clicked on the icon it would not connect. My son tried some "things" however we were unable to connect. Later I noticed that one of my toolbat icons showed "limited or no connectivity". I believe the prob was a loose connection on our router box since I was able to push one line back into the box and I noticed an engagement click. We now have internet. I think though, my son may have changed some settings. When I click on internet explorer I get the following boxd that pops up:

"Windows installer

The feature you are trying to use is on a network resource that is unavailable.
Click OK to try again or enter an alternate path to a folder containing the installation package 'winword.msp' in the box below:"

I click on "cancel" several times and the box will eventually go away and we can proceed to the internet. This box will pop up every time we try to go on line. Any suggestions would again be greatly appreciated.

Jim
 
Last edited:

johnb35

Administrator
Staff member
Try doing a system restore back to yesterday before things started going wrong again.
 

teddysmith1952

New Member
Ok..thanks again. Seems good now. That box is no longer popping up. i did a restore to yesterday but that did not do it. I then did a restore back to Thursday (would not let me do Friday) and working normally.'

Thanks again and again!
 
Top