Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cmd.exe Window During Start-up


  • Please log in to reply
11 replies to this topic

#1 RoadiJeff

RoadiJeff

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:06 AM

Posted 19 October 2014 - 02:45 PM

I am trying to fix a problem on a friend’s PC where a cmd.exe window pops up during start-up.  She is running Windows XP Pro.

 

The cmd.exe box appears for a millisecond right after the Windows desktop screen appears.  Although the PC continues to boot up the cmd.exe box never closes.  It does minimize in the taskbar and the computer can be used normally.  I can click on the window and type EXIT at the command line prompt to close it but I would like to find what is keeping it open and fix the problem.

 

I have spent HOURS trying to fix this on my own.  I have tried many suggestions I have found via a Google search from others who had a similar problem but it did not correct it in my case.

 

Here are some things I have tried thus far so that hopefully duplicate troubleshooting advice can be eliminated:

 

Ran AUTORUNS and unchecked everything in the LOGON and WINLOGON tabs and rebooted.  The cmd.exe box still appears. I also looked through the EVERYTHING tab and did not see anything related to cmd.exe.

 

Ran MSCONFIG and unchecked everything in the SERVICES tab, after checking the “Hide All Microsoft Services” box and rebooted.  The cmd.exe box still appears.

 

I ran MSCONFIG again and, after restoring the boxes I had unchecked previously, I checked “Selective Startup”.  Unchecked the “Process SYSTEM.INI File”, “Process WIN.INI File” and “Load Startup Items” boxes and rebooted.  The cmd.exe box still appears.

 

I again ran the MSCONFIG and restored the previously unchecked boxes.  This time I unchecked the “Load System Services” box.  I read a warning that this would delete any restore points, which it did.  However, when I rebooted this time the cmd.exe box did not pop-up.

 

Since the computer cannot be run like this normally I had to go back in and select the  “Normal Startup” box.  The cmd.exe box reappeared when rebooted.

 

I read that it could be a video driver problem.  I have updated the video drivers but no change in resolving the problem.

 

Any advice would be greatly appreciated.  Thank you.

 

I forgot to mention, here is what it says in the cmd.exe window.

 


C:\WINDOWS\system32>start /b regsvr32.exe /s /n /i:"" "C:\Documents and Settings

\All Users\Application Data\2308189059\BIT4F.tmp"

 

C:\WINDOWS\system32>

 

I cannot find this "BIT4F.TMP file anywhere on the PC.


Edited by RoadiJeff, 19 October 2014 - 02:49 PM.


BC AdBot (Login to Remove)

 


#2 JohnC_21

JohnC_21

  • Members
  • 24,295 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:06 AM

Posted 20 October 2014 - 08:09 AM

I am pretty sure this is an infection. I will ask that this thread be moved.

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:06 AM

Posted 20 October 2014 - 10:45 AM

Lets give it a clean.. I moved this to the Am I Infected forum.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 RoadiJeff

RoadiJeff
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:06 AM

Posted 20 October 2014 - 05:29 PM

First, thank you very much for taking the time to help me with this.  The person I am trying to assist with this on her PC lives about 45 minutes away from me and it will be two days or so before I can get back over there and perform these tasks.  Please do not think that I am ignoring your offer to help - I will definitely follow your instructions but it might be several days before I can get access to the infected PC again.

 

Just to see what it would do, I ran the MiniToolBox utility on my own PC which does not have the problem.  The result.txt certainly has a lot of information in there.  Is that information safe to post on a public forum?



#5 RoadiJeff

RoadiJeff
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:06 AM

Posted 22 October 2014 - 05:17 PM

I finally was able to get back to the problem computer today and I followed your steps.  I'd like to mention that even before I did anything when I first turned the computer on that pesky cmd.exe box did not pop up.  I had not done anything yet.  I still followed your detailed cleaning steps and the log results are shown below.

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Viola (administrator) on 22-10-2014 at 15:47:36
Running from "C:\Documents and Settings\Viola\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    www.1001namen.com
127.0.0.1    1001namen.com
127.0.0.1    www.100888290cs.com
127.0.0.1    100888290cs.com

There are 9945 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : nickjunior

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : attlocal.net



Ethernet adapter Local Area Connection 2:



        Connection-specific DNS Suffix  . : attlocal.net

        Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

        Physical Address. . . . . . . . . : 50-46-5D-05-72-A6

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.64

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.254

        DHCP Server . . . . . . . . . . . : 192.168.1.254

        DNS Servers . . . . . . . . . . . : 192.168.1.254

        Lease Obtained. . . . . . . . . . : Wednesday, October 22, 2014 3:37:01 PM

        Lease Expires . . . . . . . . . . : Thursday, October 23, 2014 3:37:01 PM

Server:  homeportal
Address:  192.168.1.254

Name:    google.com
Addresses:  74.125.225.72, 74.125.225.66, 74.125.225.68, 74.125.225.71
      74.125.225.64, 74.125.225.73, 74.125.225.67, 74.125.225.78, 74.125.225.70
      74.125.225.69, 74.125.225.65



Pinging google.com [74.125.225.41] with 32 bytes of data:



Reply from 74.125.225.41: bytes=32 time=31ms TTL=54

Reply from 74.125.225.41: bytes=32 time=29ms TTL=54



Ping statistics for 74.125.225.41:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 29ms, Maximum = 31ms, Average = 30ms

Server:  homeportal
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=49ms TTL=50

Reply from 98.138.253.109: bytes=32 time=48ms TTL=50



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 48ms, Maximum = 49ms, Average = 48ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...50 46 5d 05 72 a6 ...... Realtek PCIe GBE Family Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.64      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0     192.168.1.64    192.168.1.64      20
     192.168.1.64  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255     192.168.1.64    192.168.1.64      20
        224.0.0.0        240.0.0.0     192.168.1.64    192.168.1.64      20
  255.255.255.255  255.255.255.255     192.168.1.64    192.168.1.64      1
Default Gateway:     192.168.1.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/22/2014 03:37:02 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/22/2014 03:37:02 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/22/2014 03:37:02 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/22/2014 03:37:02 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/22/2014 01:55:42 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/22/2014 01:55:42 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/22/2014 01:55:42 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/22/2014 01:55:42 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/21/2014 03:31:19 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/21/2014 03:31:19 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.


System errors:
=============
Error: (10/22/2014 03:37:22 PM) (Source: Service Control Manager) (User: )
Description: The avast! Firewall service failed to start due to the following error:
%%2

Error: (10/22/2014 03:37:22 PM) (Source: Service Control Manager) (User: )
Description: The InCD Helper service terminated with service-specific error 1 (0x1).

Error: (10/22/2014 01:55:58 PM) (Source: Service Control Manager) (User: )
Description: The avast! Firewall service failed to start due to the following error:
%%2

Error: (10/22/2014 01:55:57 PM) (Source: Service Control Manager) (User: )
Description: The InCD Helper service terminated with service-specific error 1 (0x1).

Error: (10/21/2014 03:31:37 PM) (Source: Service Control Manager) (User: )
Description: The avast! Firewall service failed to start due to the following error:
%%2

Error: (10/21/2014 03:31:37 PM) (Source: Service Control Manager) (User: )
Description: The InCD Helper service terminated with service-specific error 1 (0x1).

Error: (10/21/2014 02:49:20 PM) (Source: Service Control Manager) (User: )
Description: Detected circular dependencies demand starting Remote Access Connection Manager.

Error: (10/21/2014 02:49:17 PM) (Source: Service Control Manager) (User: )
Description: The avast! Firewall service failed to start due to the following error:
%%2

Error: (10/21/2014 02:49:17 PM) (Source: Service Control Manager) (User: )
Description: The InCD Helper service terminated with service-specific error 1 (0x1).

Error: (10/21/2014 02:43:15 PM) (Source: Service Control Manager) (User: )
Description: The avast! Firewall service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (10/22/2014 03:37:02 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (10/22/2014 03:37:02 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (10/22/2014 03:37:02 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (10/22/2014 03:37:02 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (10/22/2014 01:55:42 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (10/22/2014 01:55:42 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (10/22/2014 01:55:42 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (10/22/2014 01:55:42 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (10/21/2014 03:31:19 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (10/21/2014 03:31:19 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}



=========================== Installed Programs ============================
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
AI Suite II (HKLM\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft IntelliPoint 5.2 (HKLM\...\{64635543-70E7-436D-8D6D-4A721595029E}) (Version: 5.20.413.0 - Microsoft)
Microsoft IntelliType Pro 5.2 (HKLM\...\{5D5B9E6A-344C-4976-95AB-ABBDC648E5DA}) (Version: 5.20.413.0 - Microsoft)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
NVIDIA Control Panel 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA nView 141.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.24 - NVIDIA Corporation)
NVIDIA PhysX (Version:  - ) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB976749) (HKLM\...\KB976749-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB980182) (HKLM\...\KB980182-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)

========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 3551.6 MB
Available physical RAM: 2929.06 MB
Total Pagefile: 4923.96 MB
Available Pagefile: 4360.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1985.52 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:441.45 GB) NTFS

========================= Users: ========================================

User accounts for \\NICKJUNIOR

Administrator            ASPNET                   Guest                    
HelpAssistant            SUPPORT_388945a0         Viola                    


**** End of log ****
 

 

The tdsskiller report file would not let me make a copy of it.  I know how to highlight text in blue and right click to copy but the "copy" option never appeared.  I made a jpg image of the result with MS Paint.

 

tdsskiller_zpse04747e1.jpg

 

# AdwCleaner v4.001 - Report created 22/10/2014 at 16:00:16
# DB v
# Updated 20/10/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Viola - NICKJUNIOR
# Running from : C:\Documents and Settings\Viola\My Documents\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\2308189059
Folder Deleted : C:\Program Files\BibleTriviaTime_4lEI
Folder Deleted : C:\Program Files\NetCrawl
Folder Deleted : C:\Documents and Settings\Viola\Local Settings\Application Data\Rocket
Folder Deleted : C:\Documents and Settings\Viola\Application Data\RocketUpdater
[!] Folder Deleted : C:\Documents and Settings\Viola\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
File Deleted : C:\WINDOWS\system32\\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt.sys

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260E0CC-0F75-462E-88A3-1E05C248BF4C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{769A91DA-209F-47FE-88B9-B0321B0982C8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Yahoo!\Messenger\YServer.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe]
Key Deleted : HKCU\Software\BRS
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\NetCrawl
Key Deleted : HKCU\Software\Rocket Browser
Key Deleted : HKCU\Software\RocketUpdater
Key Deleted : HKCU\Software\AppDataLow\NetCrawl
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\NetCrawl
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\NetCrawl
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSE Rocket
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSE_Astromenda

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21376

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v32.0.3 (x86 en-US)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [5334 octets] - [22/10/2014 15:58:26]
AdwCleaner[S0].txt - [4969 octets] - [22/10/2014 16:00:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5029 octets] ##########
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Microsoft Windows XP x86
Ran by Viola on Wed 10/22/2014 at 16:06:10.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update netcrawl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util netcrawl
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{209826C3-EEE9-4B15-98DA-94D0756F8F7B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{92E96947-0E85-4D98-A2FA-294A3A88B200}



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\weatherblinkei"



~~~ FireFox

Emptied folder: C:\Documents and Settings\Viola\Application Data\mozilla\firefox\profiles\6w2xyqei.default\minidumps [2 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 10/22/2014 at 16:08:00.60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

C:\AdwCleaner\Quarantine\C\Documents and Settings\Viola\Local Settings\Application Data\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.2.4_0\js\background.js.vir    JS/Astromenda.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Viola\Local Settings\Application Data\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.2.4_0\js\bootstrap.js.vir    JS/Astromenda.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Viola\Local Settings\Application Data\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.2.4_0\js\newtab.js.vir    JS/Astromenda.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Viola\Local Settings\Application Data\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.2.4_0\js\opentab.js.vir    JS/Astromenda.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\BibleTriviaTime_4lEI\Installr\1.bin\4lEIPlug.dll.vir    Win32/Toolbar.MyWebSearch potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\BibleTriviaTime_4lEI\Installr\1.bin\4lEZSETP.dll.vir    Win32/Toolbar.MyWebSearch.Q potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\BibleTriviaTime_4lEI\Installr\1.bin\NP4lEISb.dll.vir    Win32/Toolbar.MyWebSearch potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\NetCrawl\NetCrawl.FirstRun.exe.vir    a variant of Win64/BrowseFox.N potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\NetCrawl\NetCrawlBHO.dll.vir    a variant of Win32/BrowseFox.O potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\NetCrawl\NetCrawlUn.exe.vir    a variant of Win64/BrowseFox.N potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\NetCrawl\pfhnkainfgebjkhaoadlkjgjhhgpbohg.crx.vir    Win32/BrowseFox.Q potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\NetCrawl\updateNetCrawl.exe.vir    a variant of MSIL/BrowseFox.H potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\WINDOWS\system32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt.sys.vir    a variant of Win64/BrowseFox.N potentially unwanted application    deleted - quarantined
C:\Documents and Settings\All Users\Application Data\{E0A9340B-C01B-42C1-9910-C307D7BE4756}\WeatherBugSetup.res    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Documents and Settings\Viola\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfhnkainfgebjkhaoadlkjgjhhgpbohg\0.0_0\background.js    Win32/BrowseFox.Q potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Viola\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfhnkainfgebjkhaoadlkjgjhhgpbohg\0.0_0\content.js    Win32/BrowseFox.Q potentially unwanted application    deleted - quarantined
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:06 AM

Posted 22 October 2014 - 09:04 PM

Good how is it after doing these?

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
- Kaspersky Lab report: Evaluating the threat level of software vulnerabilities
- Microsoft: Unprecedented Wave of Java Exploitation
- Ghosts of Java Haunt Users

Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select (click on) the download link for your operating system (Windows x86 Offline: jre-7u72-windows-i586.exe or Windows x64: jre-7u72-windows-x64.exe) and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7/8 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u72-windows-i586.exe (or jre-7u72-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7/8 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it. The McAfee Security Scan Plus may be installed unless you uncheck the McAfee installation box when updating Java.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.
>>>>>
Java 8 not supporting Windows XP

>>>>

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 RoadiJeff

RoadiJeff
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:06 AM

Posted 24 October 2014 - 11:44 AM

Good how is it after doing these?

It is running great!  As I mentioned the other day, the cmd.exe window did not pop up for some reason when I first went over there and powered up the PC to follow your original cleaning steps but I went ahead and did them all anyway.  From the looks of the logs it cleaned some other things that had accumulated over time.

 

I was finally able to upgrade it to the latest Java but I had a hard time removing one of the old versions.  It showed in the installed programs list but there was no option to remove it when I selected it from the list.  I had to resort to using Revo Uninstaller, which I have used in the past on other PCs.  It found many traces here and there of the old Java and removed them.  Then I rebooted and installed the new version.

 

TFC cleaned up a lot of things, too.  I think it said that it cleaned 441MB of leftover files and folders.  Then I ran a defrag and rebooted one last time verify that everything worked like it should. Everything seems to be in order.

 

I want to thank you for all of your detailed help with getting this fixed.  I really appreciate it.

 

Jeff



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:06 AM

Posted 24 October 2014 - 06:10 PM

Glad to hear it Jeff and you're welcome.

Sometimes this removes the Java extras.. you may need to install Java again after.

Run JavaRa
  • Please download JavaRa and unzip it in a folder on your desktop.
  • Double-click on JavaRa.exe to start the program.
  • Click on Settings and Place a checkmark beside Create a log file. Click on Back.
  • Click on Update JavaRa Definitions. Click on download. When this is done click on Back.
  • Choose Remove JRE, since you already uninstalled Java, please click on Next.
  • Now click on Perform Removal Routine to remove the older versions of Java installed on your computer.
  • When that's succesfully done, please click OK to close the message.
  • Click on Next. Since you already downloaded the latest version of Java, please click on Next.
  • Now click on Close this wizard and click Finish.
  • From the main menu please choose Additional Tasks
  • Place a checkmark beside Remove Outdated JRE Firefox Extentions and click Run. Mozilla Firefox should be closed before running this task.
  • When that's succesfully done you will see a message at the top saying: "Selected tasks completed successfully".
  • A log file should be created in the same directory as JavaRa.
  • Please post the log in your next reply.
  • Close JavaRa by clicking the red cross button.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 RoadiJeff

RoadiJeff
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:06 AM

Posted 25 October 2014 - 12:10 AM

Thanks for the tip on JavaRa.  Your hotlink to it returns a "File not found" error, although I found the utility via a Google search.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:06 AM

Posted 26 October 2014 - 02:51 PM

Thanks, I'll fix that
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 CompMaestros

CompMaestros

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:36 PM

Posted 17 December 2014 - 10:41 AM

Solved my problem too.

I had a similar problem of blank windows of cmd.exe opening at startup after installing YTD youtube downloader. My antivirus AVG deleted some of its parts. So started getting this error. TDSkiller didn't detect anything. I got the problem solved at step 3 of AdwCleaner. I would like to thank Roadijeff and boopme. Have a good time :)



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:06 AM

Posted 17 December 2014 - 03:37 PM

Your welcome!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




3 user(s) are reading this topic

0 members, 3 guests, 0 anonymous users