Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Screen message upon startup


  • Please log in to reply
12 replies to this topic

#1 wml52

wml52

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 04 September 2014 - 02:12 PM

I am new to this site so a quick hello to all!

 

The reason I'm writing is recently my computer has developed a glitch. I am running Windows XP home addition and when I start up the computer I get a screen messsage stating "Cmd.exe The System Cannot Find The File Specified C:\windows\system32>" If I X out the message box the program continues to load normally to the desk top. I don't seem to have any problems once I get passed the message screen but can't figure out why it's suddenly displaying this message. I have not added or deleated any software. Any help would be appreciated.

 

Thanks to all

Bill



BC AdBot (Login to Remove)

 


m

#2 hamluis

hamluis

    Moderator


  • Moderator
  • 54,864 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:38 AM

Posted 04 September 2014 - 02:38 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 wml52

wml52
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 04 September 2014 - 02:53 PM

http://speccy.piriform.com/results/COb1zShfg0H2ctGNBEIWJmc

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Bill Lang (administrator) on 04-09-2014 at 15:42:51
Running from "C:\Documents and Settings\Bill Lang\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/29/2014 10:10:02 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/29/2014 08:07:54 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/28/2014 07:20:02 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/25/2014 07:35:01 AM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/24/2014 02:09:19 AM) (Source: MPSampleSubmission) (User: )
Description: mptelemetry0x80070005mpupdateengineam fe11.1.4590.0mpsigstub.exe2.1.6519.0microsoft antimalwareNILNILNIL

Error: (08/22/2014 11:12:49 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/22/2014 02:32:50 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/22/2014 00:12:46 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/21/2014 00:19:39 AM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/18/2014 08:53:04 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]


System errors:
=============
Error: (09/04/2014 02:55:28 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (09/04/2014 02:55:28 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated with the following error:
%%2147949456

Error: (09/04/2014 02:54:16 PM) (Source: Microsoft Antimalware) (User: )
Description: %%861 grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled.

    Expiration Reason: %%873

    Expiration Date (UTC): 1/1/1601 12:00:00 AM

    Error Code: 0x80070002

    Error Description: The system cannot find the file specified.

Error: (09/03/2014 08:22:33 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (09/03/2014 08:22:33 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated with the following error:
%%2147949456

Error: (09/03/2014 08:20:37 PM) (Source: Microsoft Antimalware) (User: )
Description: %%861 grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled.

    Expiration Reason: %%873

    Expiration Date (UTC): 1/1/1601 12:00:00 AM

    Error Code: 0x80070002

    Error Description: The system cannot find the file specified.

Error: (09/02/2014 09:37:58 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (09/02/2014 09:37:49 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated with the following error:
%%2147949456

Error: (09/02/2014 09:36:28 PM) (Source: Microsoft Antimalware) (User: )
Description: %%861 grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled.

    Expiration Reason: %%873

    Expiration Date (UTC): 1/1/1601 12:00:00 AM

    Error Code: 0x80070002

    Error Description: The system cannot find the file specified.

Error: (09/01/2014 06:10:43 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd


Microsoft Office Sessions:
=========================
Error: (08/29/2014 10:10:02 PM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (08/29/2014 08:07:54 PM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (08/28/2014 07:20:02 PM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (08/25/2014 07:35:01 AM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (08/24/2014 02:09:19 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry0x80070005mpupdateengineam fe11.1.4590.0mpsigstub.exe2.1.6519.0microsoft antimalwareNILNILNIL

Error: (08/22/2014 11:12:49 PM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (08/22/2014 02:32:50 PM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (08/22/2014 00:12:46 PM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (08/21/2014 00:19:39 AM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (08/18/2014 08:53:04 PM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b



=========================== Installed Programs ============================
32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
7500_7600_7700_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
AD_Install (Version: 1.00.0000 - HP) Hidden
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\Adobe Shockwave Player) (Version: 10.3.0.24 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5183 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.23-060209a1-030546C-Dell - )
Audio User's Guide (HKLM\...\Audigy2 Audio UG) (Version:  - )
BPD_HPSU (Version: 1.00.0000 - Hewlett-Packard) Hidden
BPD_Scan (Version: 2.00.0000 - Hewlett-Packard) Hidden
BPDfax (Version: 70.0.184.000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 70.0.283.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom Advanced Control Suite 2 (HKLM\...\InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C}) (Version: 7.58.01 - Broadcom)
Broadcom Advanced Control Suite 2 (Version: 7.58.01 - Broadcom) Hidden
BufferChm (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CCScore (Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
Cisco WebEx Meeting Center for Firefox or Chrome (HKLM\...\{9CAB12A4-519B-49DA-9EAF-35C841703F5B}) (Version: 8.29.3212 - Cisco WebEx LLC)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Corel Paint Shop Pro X (HKLM\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.03 - Corel Inc)
CP_CalendarTemplates1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_OnlineProjectsConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Package_Basic1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Panorama1Config (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_PosterPrintConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Crash Analysis Tool (HKLM\...\{D5F881C2-B134-474E-AA60-B25DD218AE0D}) (Version: 1.00.0001 - Dell)
Creative MediaSource (HKLM\...\{56F3E1FF-54FE-4384-A153-6CCABA097814}) (Version:  - )
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
CueTour (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Debugging Tools for Windows (x86) (HKLM\...\{1CD0C3C5-809D-4CFC-904A-1B67C6243637}) (Version: 6.9.3.113 - Microsoft Corporation)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell Media Experience (HKLM\...\{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}) (Version: 3.0 - Dell)
Dell Media Experience Update (HKLM\...\{CDE4CC8B-134B-421E-943C-90799E56F664}) (Version:  - )
Dell Networking Guide (Version: 1.00.0001 - Dell) Hidden
Dell Picture Studio v3.0 (HKLM\...\{AF06CAE4-C134-44B1-B699-14FBDB63BD37}) (Version: 3.0.0 - Jasc Software, Inc.)
Dell Support (HKLM\...\{43FCA273-9534-40DB-B7C5-D7758875616A}) (Version: 2.1.1.0 - Dell)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)
Destinations (Version: 70.0.170.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dimension 4 v5.0 (HKLM\...\{935FF092-EEBA-4E97-8C1B-CD2364F392A4}) (Version: 5.0.33 - Thinking Man Software)
DocProc (Version: 7.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocumentViewer (Version: 70.0.170.000 - Hewlett-Packard) Hidden
DocumentViewerQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Emsisoft Anti-Malware (HKLM\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 7.0 - Emsisoft GmbH)
ESSBrwr (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (Version: 6.04.0000.0003 - EASTMAN KODAK Company) Hidden
ESSgui (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPDock (Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden
ESSSONIC (Version: 6.4.0000.0001 - EASTMAN KODAK Company) Hidden
ESSTOOLS (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
File Shredder 2.0 (HKLM\...\File Shredder_is1) (Version:  - WipeSoft)
FullDPAppQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
GearDrvs (Version: 5.0.0.2 - Symantec Corporation) Hidden
Get High Speed Internet! (HKLM\...\{7A3F0566-5E05-4919-9C98-456F6B5CF831}) (Version: 1.00.0000 - Dell)
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version:  - )
HP Customer Participation Program 7.0 (HKLM\...\HPExtendedCapabilities) (Version: 7.0 - HP)
HP Document Viewer 7.0 (HKLM\...\HP Document Viewer) (Version: 7.0 - HP)
HP Imaging Device Functions 7.0 (HKLM\...\HP Imaging Device Functions) (Version: 7.0 - HP)
HP Officejet Pro All-In-One Series (HKLM\...\{7729A02E-D1AD-4830-8FC5-11853500D90D}) (Version: 1.0 - HP)
HP Photosmart Essential (HKLM\...\{6994491D-D491-48F1-AE1F-E179C1FFFC2F}) (Version: 1.9.1.3 - HP)
HP Photosmart Premier Software 6.5 (HKLM\...\HP Photo & Imaging) (Version: 6.5 - HP)
HP Software Update (HKLM\...\{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}) (Version: 3.0.7.014 - HEWLET~1|Hewlett-Packard)
HP Solution Center 7.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 7.0 - HP)
HPPhotoSmartExpress (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 70.0.170.000 - Hewlett-Packard) Hidden
ImageMixer VCD/DVD2 for OLYMPUS (HKLM\...\{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}) (Version: 2.01.081 - )
InstantShareDevices (Version: 70.0.170.000 - Hewlett-Packard) Hidden
InstantShareDevicesMFC (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Intel® 537EP V9x DF PCI Modem (HKLM\...\Intel® 537EP V9x DF PCI Modem) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
iTunes (HKLM\...\{69995C7A-062A-4A90-A4DF-8C22895DF522}) (Version: 10.4.1.10 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jawbone Updater (HKLM\...\Jawbone Updater) (Version: 0.1 - Aliph)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
kgcbase (Version: 5.03.0000.0004 - EASTMAN KODAK Company) Hidden
Kodak EasyShare software (HKLM\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version:  - Eastman Kodak Company)
L7500 (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 2.1.6519.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version:  - )
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0090 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2000 SR-1 Premium (HKLM\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.9327 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Modem Event Monitor (HKLM\...\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}) (Version:  - )
Modem On Hold (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 1.12 - BVRP Software, Inc)
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM\...\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}) (Version: 9.00.2028 - )
My Way Search Assistant (Version: 1.0.256 - MyWay.com) Hidden
Napster (HKLM\...\{BBBCAE4B-B416-4182-A6F2-438180894A81}) (Version: 4.5.1.1 - Napster)
Napster Burn Engine (Version: 3.5.0000 - Roxio) Hidden
netbrdg (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
Norton 360 (HKLM\...\N360) (Version: 21.5.0.19 - Symantec Corporation)
OCR Software by I.R.I.S 7.0 (HKLM\...\HPOCR) (Version: 7.0 - HP)
OfotoXMI (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
OLYMPUS Master (HKLM\...\InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}) (Version: 1.31.2000 - OLYMPUS IMAGING CORP.)
OLYMPUS Master (Version: 1.31.2000 - OLYMPUS IMAGING CORP.) Hidden
PanoStandAlone (Version: 70.0.170.000 - Hewlett-Packard) Hidden
PCDADDIN (Version: 4.00.0000.0001 - Eastman Kodak Company) Hidden
PCDHELP (Version: 4.0000.0000.0002 - Eastman Kodak Company) Hidden
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1022.0 - Passmark Software)
PhotoGallery (Version: 70.0.170.000 - Hewlett-Packard) Hidden
PowerDVD 5.3 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Preclick PhotoBack Plug-in (HKLM\...\{FEF74584-95A8-4A6C-9612-CDCE1E3732AF}) (Version: 1.9.2.19 - Preclick Inc.)
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Qualxserve Service Agreement (HKLM\...\{0F756CD9-4A1E-409B-B101-601DDC4C03AA}) (Version: 1.10.0000 - Dell)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RandMap (Version: 70.0.170.000 - Hewlett-Packard) Hidden
RealDownloader (Version: 1.3.1 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rhapsody (HKLM\...\Rhapsody) (Version:  - )
Rhapsody Player Engine (HKLM\...\{84F1DE76-C48C-4281-87A0-CC9548D1E7F9}) (Version: 1.0.2.636 - RealNetworks)
Scan (Version: 7.0.0.0 - Hewlett-Packard) Hidden
Security Task Manager 1.8g (HKLM\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
SFR (Version: 6.04.0000.0001 - Eastman Kodak Company) Hidden
SFR2 (Version: 3.03.0000.0002 - EASTMAN KODAK Company) Hidden
SHASTA (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
skin0001 (Version: 6.04.0000.0004 - EASTMAN KODAK Company) Hidden
SkinsHP1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SKINXSDK (Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
SlideShow (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.98 - Sonic Solutions)
Sonic MyDVD (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 5.3.0 - Sonic Solutions)
Sonic RecordNow! (HKLM\...\{9541FED0-327F-4DF0-8B96-EF57EF622F19}) (Version: 7.3 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{09DA4F91-2A09-4232-AB8C-6BC740096DE3}) (Version: 2.9 - Sonic Solutions)
Sonic_PrimoSDK (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sound Blaster Audigy 2 ZS (HKLM\...\{9E2514D9-DC24-4634-B348-61F3EF0F1628}) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
staticcr (Version: 6.04.0000.0005 - EASTMAN KODAK Company) Hidden
Status (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SumatraPDF 2.4 (HKLM\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Symantec Technical Support Web Controls (HKLM\...\{20C53FA2-4307-4671-A93F-9463B29DFCF1}) (Version: 3.5.3 - Symantec Corporation)
Toolbox (Version: 70.0.170.000 - Hewlett-Packard) Hidden
tooltips (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
TrayApp (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Uniblue RegistryBooster 2 (HKLM\...\RegistryBooster 2_is1) (Version:  - Uniblue)
Uniblue System Tweaker (HKLM\...\System Tweaker_is1) (Version:  - Uniblue)
Unload (Version: 7.0.0 - Hewlett-Packard) Hidden
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
USB Converter Driver (HKLM\...\InstallShield_{8A08C9CB-4C84-4FA5-9A4B-6994A93481F6}) (Version: 1.00.0000 - Susteen)
USB Converter Driver (Version: 1.00.0000 - Susteen) Hidden
User Profile Hive Cleanup Service (HKLM\...\{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}) (Version: 1.6.30 - Microsoft Corporation)
VPRINTOL (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
WeatherBug (HKLM\...\{70DECFBF-9119-4434-B2D3-A3C283D15E45}) (Version: 6.8.1.1 - AWS Convergence Technologies)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Windows Backup Utility (HKLM\...\{76EFFC7C-17A6-479D-9E47-8E658C1695AE}) (Version: 5.1 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 10 (Version: 9.00.3636 - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows PowerShell™ 1.0 (HKLM\...\PowerShell) (Version: 1 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WIRELESS (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
WordPerfect Office 12 (HKLM\...\{AF19F291-F22F-4798-9662-525305AE9E48}) (Version: 12.0.0.238 - Corel Corporation)
Your Uninstaller! 2008 Version 6.0 (HKLM\...\Your Uninstaller! 2008_is1) (Version: 6.0 - URSoft, Inc.)
ZipDownloader (HKLM\...\ZipDownloader) (Version:  - )

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 2046.09 MB
Available physical RAM: 535.03 MB
Total Pagefile: 3425.79 MB
Available Pagefile: 1554 MB
Total Virtual: 2047.88 MB
Available Virtual: 1978.34 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:145.92 GB) (Free:111.15 GB) NTFS

========================= Users: ========================================

User accounts for \\DHYHKG61

Administrator            Bill Lang                Guest                    
HelpAssistant            SUPPORT_388945a0         


**** End of log ****
 



#4 hamluis

hamluis

    Moderator


  • Moderator
  • 54,864 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:38 AM

Posted 04 September 2014 - 04:40 PM

I may be wrong...but those errors in Event Viewer make me believe that you are infected.

 

You also have "registry cleaner/optimizer" software installed, which probably doesn't help your system.

 

Moving topic to Am I Infected forum to check out possibility of malware.

 

Louis



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:38 AM

Posted 09 September 2014 - 07:13 PM

Hi -

 

You have several Antivirus programs installed, so we are checking these and other programs.

 

Download Screen317 Security Check from Here or Here and save it to your Desktop.
 * Double-click SecurityCheck.exe
 * Follow the onscreen instructions inside of the black box.
 * A Notepad document should open automatically called checkup.txt
 * Please Copy/Paste the contents of that document.
Note:: If any security program requests for permission to access the Internet, allow it to, or Temporarily Disable your Antivirus

 

 

You need to try and remove these 2 useless programs.

Uniblue RegistryBooster 2 (HKLM\...\RegistryBooster 2_is1) (Version:  - Uniblue)
and Uniblue System Tweaker (HKLM\...\System Tweaker_is1) (Version:  - Uniblue)

 

 

Now -

Please download and run RKill by Grinler.

  • A black DOS box will appear for a short time and then disappear.
  • This is normal and indicates the tool ran successfully.
  • At most the tool will usually run for about 2 minutes

Please Copy and Paste the log back here.

 
Do not reboot your computer until you complete the next step.

 

 NOW :

  • Download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
     * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.

 Next

  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
    Copy and Paste the contents of that log in your next reply.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner and JRT to fix any remaining entries they may find.

 

 

Also -

Please download Junkware Removal Tool to your desktop.
* Temporarily Disable your Antivirus now to avoid potential conflicts.
* Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
* The tool will open and start scanning your system.
* Please be patient as this can take a while to complete depending on your system's specifications.
* On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
* Post the contents of JRT.txt into your next message.
 

 

 

NEXT - -

Run ESET Online Scanner. Temporarily Disable your Antivirus if needed First for Internet Explorer users =>

  • Hold down Control and click on This Link to open ESET OnlineScan in a new window.
  • Click the Esetonline button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use." (the program is safe)
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives and Remove Threats"
  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient as this WILL take some time. - 1 to 3 hours is not unusual -
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE: Sometimes if ESET finds no infections it will not create a log.

 

 

 

Finally

Please download Temp File Cleaner by Old Timer
Usage Instructions:
1 .Download TFC from the download link above and save the file on your desktop.
2 .Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
3 .Double-click on the TFC icon.
4 .When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
5 .When done, press OK > Exit, and reboot your computer and finish the cleanup
No log is produced or expected.

 

Thank You -



#6 wml52

wml52
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 10 September 2014 - 01:36 AM

# AdwCleaner v3.309 - Report created 09/09/2014 at 22:57:30
# Updated 02/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Bill Lang - DHYHKG61
# Running from : C:\Documents and Settings\Bill Lang\My Documents\Downloads\AdwCleaner(2).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SecTaskMan
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
Folder Deleted : C:\Documents and Settings\Bill Lang\Application Data\ParetoLogic
File Deleted : C:\Documents and Settings\Bill Lang\Application Data\Mozilla\Firefox\Profiles\knfp404j.Test1\user.js
File Deleted : C:\Documents and Settings\Bill Lang\Application Data\Mozilla\Firefox\Profiles\tg4umuad.default-1387066749031\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gmfzhe0x.default\prefs.js ]


[ File : C:\Documents and Settings\Bill Lang\Application Data\Mozilla\Firefox\Profiles\knfp404j.Test1\prefs.js ]


[ File : C:\Documents and Settings\Bill Lang\Application Data\Mozilla\Firefox\Profiles\tg4umuad.default-1387066749031\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Bill Lang\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg

*************************

AdwCleaner[R0].txt - [5000 octets] - [03/07/2014 19:55:02]
AdwCleaner[R1].txt - [2180 octets] - [09/09/2014 22:53:44]
AdwCleaner[S0].txt - [5110 octets] - [03/07/2014 19:56:29]
AdwCleaner[S1].txt - [2121 octets] - [09/09/2014 22:57:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2181 octets] ##########
 

 

 Results of screen317's Security Check version 0.99.87  
 Windows XP Service Pack 3 x86   
 Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
 Norton 360     
 Ad-Aware Antivirus     
 Microsoft Security Essentials successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
 Ad-Aware
 MVPS Hosts File  
 Spybot - Search & Destroy
 SUPERAntiSpyware     
 CCleaner     
 Java 7 Update 45  
 Java version out of Date!
  Adobe Flash Player     13.0.0.214 Flash Player out of Date!  
 Adobe Reader 8 Adobe Reader out of Date!
 Mozilla Firefox (Meeting.)
````````Process Check: objlist.exe by Laurent````````  
 Ad-Aware AAWService.exe is disabled!
 Ad-Aware AAWTray.exe is disabled!
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.3.6321.0\AdAwareService.exe
 Emsisoft Anti-Malware a2service.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 9%
````````````````````End of Log``````````````````````
 

 

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip    Win32/Bagle.gen.zip worm
C:\Documents and Settings\Bill Lang\My Documents\Downloads\ARO2011_tbt.exe    a variant of Win32/Systweak potentially unwanted application
C:\Documents and Settings\Bill Lang\My Documents\Downloads\cbsidlm-tr1_7-File_Shredder-ORG-10662831.exe    Win32/DownloadAdmin.D potentially unwanted application
C:\Documents and Settings\Bill Lang\My Documents\Downloads\ccsetup417.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Documents and Settings\Bill Lang\My Documents\Downloads\mpfreesetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Documents and Settings\Bill Lang\My Documents\Downloads\PCHealthBoost-Setup(2).exe    Win32/Distromatic.C potentially unwanted application
C:\Documents and Settings\Bill Lang\My Documents\Downloads\speedzookasetup.exe    probably a variant of Win32/Adware.RegGenie application
C:\Documents and Settings\Bill Lang\My Documents\Downloads\spsetup126.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Documents and Settings\Bill Lang\My Documents\Downloads\WinZipRegistryOptimizer.exe    a variant of Win32/OpenInstall potentially unwanted application
C:\Documents and Settings\Bill Lang\My Documents\Downloads\ZipOpenerSetup.exe    a variant of Win32/InstallCore.IX potentially unwanted application
C:\Program Files\SpeedZooka\SpeedZooka.exe    probably a variant of Win32/Adware.RegGenie application
C:\Qoobox\Quarantine\C\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe.vir    Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TelevisionFanatic\bar\1.bin\64brstub.dll.vir    Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TelevisionFanatic\bar\1.bin\64highin.exe.vir    Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TelevisionFanatic\bar\1.bin\64tpinst.dll.vir    a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP990\A0155759.exe    a variant of MSIL/BrowseFox.G potentially unwanted application
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Bill Lang on Tue 09/09/2014 at 23:09:13.20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 09/09/2014 at 23:29:51.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/09/2014 10:50:03 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\system32\CTsvcCDA.EXE (PID: 1992) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost
  127.0.0.1    www.007guard.com
  127.0.0.1    007guard.com
  127.0.0.1    008i.com
  127.0.0.1    www.008k.com
  127.0.0.1    008k.com
  127.0.0.1    www.00hq.com
  127.0.0.1    00hq.com
  127.0.0.1    010402.com
  127.0.0.1    www.032439.com
  127.0.0.1    032439.com
  127.0.0.1    www.0scan.com
  127.0.0.1    0scan.com
  127.0.0.1    1000gratisproben.com
  127.0.0.1    www.1000gratisproben.com
  127.0.0.1    1001namen.com
  127.0.0.1    www.1001namen.com
  127.0.0.1    100888290cs.com
  127.0.0.1    www.100888290cs.com
  127.0.0.1    www.100sexlinks.com

  20 out of 15493 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 09/09/2014 10:51:43 PM
Execution time: 0 hours(s), 1 minute(s), and 39 seconds(s)
 



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:38 AM

Posted 10 September 2014 - 04:49 AM

Thanks for those logs.

Sorry I was a bit late in getting the scans to you.

Were you able to remove Uniblue RegistryBooster 2 (HKLM\...\RegistryBooster 2_is1) (Version:  - Uniblue)
and Uniblue System Tweaker (HKLM\...\System Tweaker_is1) (Version:  - Uniblue). These programs will always cause roblems.

From the logs these need attention : - You should only have one Antivirus program installed, as they will clash with each other.

 Norton 360     
 Ad-Aware Antivirus     
 Microsoft Security Essentials
From the Antivirus programs above, which one do you wish to keep ??
Spybot - Search & Destroy and  Ad-Aware are related, so both of these should also be removed.
Ad-Aware AAWService.exe is disabled, so it is not performing any purpose.

As your Antimalware program, I always find that .MalwareBytes Anti-Malware is the preferred option.

Adobe Reader has now passed 11.0.0, so you could update that from their site.
Do not accept any pre-ticked offers with the download.
 

Thanks -



#8 wml52

wml52
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 10 September 2014 - 07:30 AM

No appoligies necessary I really appreciate your help with all this. I believe I was able to uninstall the UniBlue. Norton 360 is the primary software I use, the adaware software is only run manually once a week or so, so I don't know if that makes a difference or not regarding issues but I will remove it if you think it is of no benifit. With respect to Microsoft Security Essentials I've never used it so I don't know much about it or how to uninstall it. I will install the updated Adobe leter this afternoon. Thanks again.



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:38 AM

Posted 10 September 2014 - 05:09 PM

Microsoft Security Essentials can usually be removed by just  going Start > Add/Remove programs > Uninstall from there.
It is often installed by accident when looking for M/soft updates.

If  you have an active Antivirus, then Ad-Aware (or other Antivirus programs) become a pointless idea, since > You would need to uninstall your normal Antivirus > Update Ad-Aware > Run the scan > Uninstall Ad-Aware > Reinstall your normal Antivirus > Update that program > Rescan and redo any settings ..........
Just as easy to remove any un-needed programs first > (you can re-install them later if you prefer) <

 

My Way Search Assistant was included with many early Dell computers, but it proved to be a flop, so if it is in Add/Remove you can Remove it.
 

 

Has the error message stopped now, or is there still problems ??



#10 wml52

wml52
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 11 September 2014 - 12:39 AM

Still gettin the error message



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:38 AM

Posted 11 September 2014 - 03:56 AM

Did you post this to Microsoft Experts Forum ??

wml52 asked on

|72 views

 

Cmd.exe The System Cannot Find The File Specified C:\windows\system32>

I am new to this site so a quick hello to all!

The reason I'm writing is recently my computer has developed a problem. I am running Windows XP home addition and when I start up the computer I get a screen message just before the desk top loads stating Cmd.exe The System Cannot Find The File Specified C:\windows\system32> If I X out the message box the program continues to load normally to the desk top. I don't seem to have any problems once I get passed the message screen but can't figure out why it's suddenly displaying this message. I have not added or deleted any software. Any help would be appreciated.

 

Thanks to all

Bill

***********************************************************************************************************************************************************************************************

Elise or one of our Experts may be able to help but you have gone beyond the "basic help" I can offer -

 

Regards -


Edited by noknojon, 11 September 2014 - 07:42 AM.


#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,620 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:38 PM

Posted 11 September 2014 - 05:29 AM

Could you tell me exactly at which point you get this pop up and whether or not the desktop is loaded or not, if you see the wallpaper/icons or not and so on. This may help us determine what command is being executed.

Usually this type of error means that Windows is trying to load something (a file) via the command line, but the file is no longer on your computer.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 wml52

wml52
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 11 September 2014 - 10:49 AM

Well, I booted the computer this morning and the problem seems to have been resolved as I'm not getting the message any longer. To all who have helped me I can't thank you enough, your help was very, very much appreciated.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users