To Johnb35 from Jovin
- Thread starter Jovin
- Start date
Question regarding reformatting
Johh, it looks like this might be the way this computer has to go, or reinstalling windows, I guess. Can you tell me which is the preferred way to get this laptop up and back to normal for my SIL? Also will someone still be able to get the information out of the programs that won't open now because of the error window re: the Windows Installer not being accessed? For example, the Excel program or Star Office and such? I hope that the information stored there is not completely unaccessible now.
Thanks so much for all of your help, and I have got to get this back to my SIL today. I've had it for two weeks now, and I've improved some things and obviously caused more problems.
Jovin
Johh, it looks like this might be the way this computer has to go, or reinstalling windows, I guess. Can you tell me which is the preferred way to get this laptop up and back to normal for my SIL? Also will someone still be able to get the information out of the programs that won't open now because of the error window re: the Windows Installer not being accessed? For example, the Excel program or Star Office and such? I hope that the information stored there is not completely unaccessible now.
Thanks so much for all of your help, and I have got to get this back to my SIL today. I've had it for two weeks now, and I've improved some things and obviously caused more problems.
Jovin
There are 2 things we can do yet. I'm concerned about 1 entry in your hijackthis log.
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\WINDOWS\system32\Msiexec.exe/v (file missing)
I have a feeling this is what is causing your issue.
Do this. click start, click on run, type "services.msc" without the quotes, click ok. Find the one that says java quick starter and double click it, click on stop and then change the startup type to disabled.
Try installing the lastest version of windows installer from here.
http://www.microsoft.com/downloads/...6f-60b6-4412-95b9-54d056d6f9f4&displaylang=en
Download the file that is labeled for XP that is 3.2 mb and install it. There are other issues in your hijackthis log but they are minor, we'll fix those later if we get this problem figured out.
After performing all that please run a fresh hijackthis log and post it for me.
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\WINDOWS\system32\Msiexec.exe/v (file missing)
I have a feeling this is what is causing your issue.
Do this. click start, click on run, type "services.msc" without the quotes, click ok. Find the one that says java quick starter and double click it, click on stop and then change the startup type to disabled.
Try installing the lastest version of windows installer from here.
http://www.microsoft.com/downloads/...6f-60b6-4412-95b9-54d056d6f9f4&displaylang=en
Download the file that is labeled for XP that is 3.2 mb and install it. There are other issues in your hijackthis log but they are minor, we'll fix those later if we get this problem figured out.
After performing all that please run a fresh hijackthis log and post it for me.
thanks, John
I can't tell you how sick I am over this, and I've just lost sleep so much. I've never had anything like this happen even on my own computer.
Will do...
I have to admit another "transgression"...last night I was so upset that I'd have to take this back the way it is, that I paid online for another program to solve the windows installer program...it didn't and I've asked for a refund, and apparently they're going to give it to me...WHAT ON EARTH ....I'll run a new hijack log for you, and I'm so sorry...
I can't tell you how sick I am over this, and I've just lost sleep so much. I've never had anything like this happen even on my own computer.
Will do...
I have to admit another "transgression"...last night I was so upset that I'd have to take this back the way it is, that I paid online for another program to solve the windows installer program...it didn't and I've asked for a refund, and apparently they're going to give it to me...WHAT ON EARTH ....I'll run a new hijack log for you, and I'm so sorry...
Well, I'm sorry about last night, I had just gotten home from work and another moderator from the forum asked if I would help him remove an infection. We finally got done around midnight my time and I went to bed.
You still might have to end up reformatting and installing the Operating System. Infections do crazy things to computers, and messing with windows installer is one of them unfortunately.
Lets hope we can get this cleaned up for you.
You still might have to end up reformatting and installing the Operating System. Infections do crazy things to computers, and messing with windows installer is one of them unfortunately.
Lets hope we can get this cleaned up for you.
Dear Lord!
Things are going from bad to worse! The laptop is stuck on the "Windows is starting up" screen! I did control alt del and nothing...I tried turning it off and nothing...if I unplug the ethernet cord that I plug in from this computer of mine, to get the cable, NOTHING...if I unplug the power cord to it, the battey is still active. HOLY NELLY! did that last Error Wiz program do this late last night?
Things are going from bad to worse! The laptop is stuck on the "Windows is starting up" screen! I did control alt del and nothing...I tried turning it off and nothing...if I unplug the ethernet cord that I plug in from this computer of mine, to get the cable, NOTHING...if I unplug the power cord to it, the battey is still active. HOLY NELLY! did that last Error Wiz program do this late last night?
Last edited:
I did a new Malwarebytes scan and this is the log
It did have that Error Wiz as a rogue something or other and I removed them..will do a HiJack this now.
Malwarebytes' Anti-Malware 1.44
Database version: 3902
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
3/24/2010 12:20:34 PM
mbam-log-2010-03-24 (12-20-34).txt
Scan type: Quick Scan
Objects scanned: 121971
Time elapsed: 9 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Documents and Settings\Lynn\Application Data\ErrorWiz (Rogue.ErrorWiz) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lynn\Application Data\ErrorWiz\Backup (Rogue.ErrorWiz) -> Quarantined and deleted successfully.
Files Infected:
C:\Documents and Settings\Lynn\Application Data\ErrorWiz\settings.ini (Rogue.ErrorWiz) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lynn\Application Data\ErrorWiz\Backup\Automatic Backup_03-23-2010_23-43-38.reg (Rogue.ErrorWiz) -> Quarantined and deleted successfully.
It did have that Error Wiz as a rogue something or other and I removed them..will do a HiJack this now.
Malwarebytes' Anti-Malware 1.44
Database version: 3902
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
3/24/2010 12:20:34 PM
mbam-log-2010-03-24 (12-20-34).txt
Scan type: Quick Scan
Objects scanned: 121971
Time elapsed: 9 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Documents and Settings\Lynn\Application Data\ErrorWiz (Rogue.ErrorWiz) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lynn\Application Data\ErrorWiz\Backup (Rogue.ErrorWiz) -> Quarantined and deleted successfully.
Files Infected:
C:\Documents and Settings\Lynn\Application Data\ErrorWiz\settings.ini (Rogue.ErrorWiz) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lynn\Application Data\ErrorWiz\Backup\Automatic Backup_03-23-2010_23-43-38.reg (Rogue.ErrorWiz) -> Quarantined and deleted successfully.
HiJack This
I haven't "fixed" anything, per your instructions before on this.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:34:14 PM, on 3/24/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = Empty
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-299502267-1078081533-725345543-1004\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User '?')
O4 - HKUS\S-1-5-21-299502267-1078081533-725345543-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} (WWHearts Control) - http://www.worldwinner.com/games/v52/wwhearts/wwhearts.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} (SpiderSolitaire Control) - http://www.worldwinner.com/games/v56/spidersolitaire/spidersolitaire.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://www.worldwinner.com/games/v41/freecell/freecell.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (MSN Games – Hearts) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab98974.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://blockade-runner.axiscam.net/activex/AMC.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
--
End of file - 7802 bytes
I haven't "fixed" anything, per your instructions before on this.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:34:14 PM, on 3/24/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = Empty
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-299502267-1078081533-725345543-1004\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User '?')
O4 - HKUS\S-1-5-21-299502267-1078081533-725345543-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} (WWHearts Control) - http://www.worldwinner.com/games/v52/wwhearts/wwhearts.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} (SpiderSolitaire Control) - http://www.worldwinner.com/games/v56/spidersolitaire/spidersolitaire.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://www.worldwinner.com/games/v41/freecell/freecell.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (MSN Games – Hearts) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab98974.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://blockade-runner.axiscam.net/activex/AMC.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
--
End of file - 7802 bytes
John, thank you...
I'll check with you tonight, but I think you've done more than could be expected of you, and I am very thankful. I might have to just take this back to her and admit my mess, but I'm just dreading it. I hope that she can have her information recovered from the programs if it does have to be reformatted. Without that Windows Installer, I'm not sure if it will work that way.
Thank you a million times over...
Jovin
I'll check with you tonight, but I think you've done more than could be expected of you, and I am very thankful. I might have to just take this back to her and admit my mess, but I'm just dreading it. I hope that she can have her information recovered from the programs if it does have to be reformatted. Without that Windows Installer, I'm not sure if it will work that way.
Thank you a million times over...
Jovin
Any documents created within programs like excel or word can be backed up without having the program actually running. Any documents created should be saved in the "my documents" folderm. So you shouldn't be worrying about her documents, the only time you need tio worry is when the hard drive actually crashes. I'm still working and should be home in another 5 hours. You can try reinstalling the programs that are coming up with that error in the mean time.
John, thank you again.
I actually had my daughter here this afternoon, and she knows alot more than I do about computers and she thought she could do something to fix the problem. She tried and couldn't. I called my SIL and finally told her what the story was, and I took it back to her. She's going to get a friend to reinstall windows for her. She doesn't have a disk or a recovery disk.
My daughter checked the documents folder, like you mentioned, and found that she didn't really have much of anything in them, so she did put what she found on a flashdrive that was with the laptop, and we took it back.
I just couldn't deal with this anymore. I've been losing sleep and going crazy over this. Hopefully it won't be a huge problem for them, because she seemed okay with it. Anyway, I'd really improved it so much over what it was when she gave it to me, so I shouldn't feel too bad, but I do feel guilty over having created that problem. She can't get any programs to download until she reinstalls, I guess.
I am so very grateful to you for all of your help and endless patience with me. I know you did everything you could to help me, and I really appreciate it. Thank you again, and again.
Jovin
I actually had my daughter here this afternoon, and she knows alot more than I do about computers and she thought she could do something to fix the problem. She tried and couldn't. I called my SIL and finally told her what the story was, and I took it back to her. She's going to get a friend to reinstall windows for her. She doesn't have a disk or a recovery disk.
My daughter checked the documents folder, like you mentioned, and found that she didn't really have much of anything in them, so she did put what she found on a flashdrive that was with the laptop, and we took it back.
I just couldn't deal with this anymore. I've been losing sleep and going crazy over this. Hopefully it won't be a huge problem for them, because she seemed okay with it. Anyway, I'd really improved it so much over what it was when she gave it to me, so I shouldn't feel too bad, but I do feel guilty over having created that problem. She can't get any programs to download until she reinstalls, I guess.
I am so very grateful to you for all of your help and endless patience with me. I know you did everything you could to help me, and I really appreciate it. Thank you again, and again.
Jovin