Author Topic: can't get 'system restore' date sorry, this is long (Read 1446 times)

ilmbg · « **on:** November 09, 2012, 01:34:13 PM »

Now that I already posted- maybe this should be in another area?

Hi All,
Ravencajun from Gardenweb suggested I need to be here.
About 6 weeks ago I tried to download Houzztv so I could watch tv. It said I needed Mozilla/Firefox. I thought I was downloading the 'real site'.
I was never able to get the Houzztv to work..
Now, I have about 50 extra 'icons-files..whatever you call them on my desktop.
When I make a letter in Microsoft Words Processor and 'save', the letter has always gone to 'documents'. Now I have no idea where it goes- I can't find it! It will say, deborah ann/computer/attachments_exe', but there is nothing there.
I have tried to 'restore', by start>all programs>accessories>system tools>system restore on left hand column. Usually when I click 'systems restore', it goes back to 'system tools'. ONCE, it had three dates listed- Mozilla 10/19/2012
Firefox 10/4/2012
(something else)
I downloaded the Mozilla WAY before Oct 19th! But, I can't find a way to get to/make a date!
Now, I can only get to the 'systems Resore', which is on the left hand column. If I click that, it goes back to the first window/systems Tools.
I need help, please.

HP Mini/just went from 1 gb ram to 2 gb ram/IE/win7 starter

How do I get back to before I tried to watch Houzztv?!
Thanks

Corrine · « **Reply #1 on:** November 09, 2012, 02:59:30 PM »

Hi, ilmbg. Welcome to LandzDown Forum.

We will do our best to assist you. However, in order to do so, please follow all instructions provided in the sequence given. Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use. This may cause conflicts with the tools being used in the cleanup process.

If you have questions regarding any of the instructions or problems running any tools, please let us know.

With those 50 or so extra icons on your desktop, we need to see what is running on your computer in order to determine where they came from and most likely what is causing your problem accessing System Restore. Please provide a copy of the logs in the Log Posting Instructions topic.

R-C · « **Reply #2 on:** November 09, 2012, 03:59:28 PM »

http://ths.gardenweb.com/forums/load/comphelp/msg1107340816368.html?5
the link at GW

It sounds like another case of getting something other than what they wanted from the download site. Firefox was what was wanted but as we know you do not get about 50 additional items along with firefox.
Glad you made it over here ilmbg!

Corrine · « **Reply #3 on:** November 09, 2012, 04:17:15 PM »

Thanks, R-C. I was just looking at the thread at GW. I'm trying to figure out what Houzztv is. Search results don't show it as a program but there is a website: http://www.houzz.com/

ilmbg · « **Reply #4 on:** November 10, 2012, 02:13:34 AM »

Hello,
Thank you for the instructions.
I will have to wait until I see my neighbor to do this, as I don't know how to copy and paste. The instructions I googled don't seem to work- I obviously am doing something wrong.
Thanks

ilmbg · « **Reply #5 on:** November 10, 2012, 02:53:26 AM »

I have downloaded the first 2.
I can't get 'security check' to download- when I try it says 'delete' or 'actions'.
1. Under 'actions', is a list: download link- that sends me to the 'download instruction page you guys have'.
2. 'go to download web-page'- that also sends me to your page
3. open folder- nothing happens
4. report as unsafe
5.'run security check on this program'
I have gone to>internet tools>disable scrip debugging(it was already checked)
What do I do, or how can I download this part?

ilmbg · « **Reply #6 on:** November 10, 2012, 03:14:25 AM »

I downloaded the logs...they are on 'notepad'. How do I paste them to the LZD site- there is a place top left side of page that says 'attach notepad', with no 'address' line at the top of the page to paste to
Thank you

MikeW · « **Reply #7 on:** November 10, 2012, 07:17:02 AM »

Just copy and paste logs from notepad straight into your next post

Corrine · « **Reply #8 on:** November 10, 2012, 01:39:22 PM »

Hi, ilmbg.

Forget about SecurityCheck for now. Let's get the other logs posted.

Open DDS.txt
Click Edit > Select All
Click Edit > Copy
Paste the results in the reply here.
Repeat with attach.txt.

If you use keyboard shortcuts: Ctrl+A > Ctrl+C > Ctrl+V. See the attached image and let us know if you have any questions.

ilmbg · « **Reply #9 on:** November 12, 2012, 11:25:23 AM »

DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.5.1
Run by deborah ann at 22:06:05 on 2012-11-09
Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.2039.556 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\STacSV.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\SPLASH.SYS\config\DVMExportService.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\HPBTWD.exe
C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
C:\Program Files\Yahoo!\Companion\Installs\cpn0\ytbb.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\HP\HP Officejet 4620 series\bin\HPNetworkCommunicator.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - <orphaned>
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: hpBHO Class: {ABD3B5E1-B268-407B-A150-2641DAB8D898} - c:\program files\common files\homepage protection\HomepageProtection.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0560.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\program files\msn\toolbar\3.0.0560.0\msneshellx.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [HP Officejet 4620 series (NET)] "c:\program files\hp\hp officejet 4620 series\bin\ScanToPCActivationApp.exe" -deviceID "CN24D1324Y05S1:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [HP BTW Detect Program] c:\program files\hp\HPBTWD.exe
mRun: [HP] c:\program files\hewlett-packard\hp quicksync\QuickSync.exe
mRun: [UpdatePRCShortCut] "c:\program files\hewlett-packard\recovery\muitransfer\muistartmenu.exe" "c:\program files\hewlett-packard\recovery" updatewithcreateonce "software\cyberlink\PowerRecover"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
StartupFolder: c:\users\debora~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-System: WallpaperStyle = 2
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: WallpaperStyle = 2
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smartprint\smartprintsetup.exe
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFCF48D-8E34-4490-8154-026191D73924} - hxxp://192.168.1.3/codebase/NetVideoActiveX_V23.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{010BCC22-3A62-4458-96E2-63A0E815BC1C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{010BCC22-3A62-4458-96E2-63A0E815BC1C}\05C616A716449616E656 : DHCPNameServer = 192.168.168.207 192.168.168.208
TCP: Interfaces\{010BCC22-3A62-4458-96E2-63A0E815BC1C}\4656661657C647 : DHCPNameServer = 68.94.156.1 192.168.1.1
TCP: Interfaces\{010BCC22-3A62-4458-96E2-63A0E815BC1C}\75169707F62747F5143636563737 : DHCPNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\deborah ann\appdata\roaming\mozilla\firefox\profiles\7xqwyzcb.default\
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2012-09-13 12:17; {1E73965B-8B48-48be-9C8D-68B920ABC1C4}; c:\program files\avg\avg2012\Firefox4
FF - ExtSQL: 2012-10-03 23:52; quickprint@hp.com; c:\program files\hewlett-packard\smartprint\QPExtension
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [2012-3-14 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [2012-3-14 15856]
R0 SysCow;SysCow;c:\windows\system32\drivers\syscow32v.sys [2009-7-2 78832]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-7-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920]
R1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-7-27 16984]
R1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [2012-3-14 25584]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\roxio\backontrack\disaster recovery\SaibSVC.exe [2009-6-2 457200]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\AEstSrv.exe [2012-3-14 81920]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 BOTService;BOTService;c:\program files\roxio\backontrack\instant restore\BOTService.exe [2009-7-9 199152]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-7-8 323584]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2012-3-14 29472]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-4-27 50688]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-3-14 167424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 rcmirror;HP RC Mirror Driver;c:\windows\system32\drivers\rcmirror.sys [2012-8-13 11168]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-5-13 121064]
.
=============== Created Last 30 ================
.
2012-10-14 19:44:58   --------   d-----w-   c:\users\deborah ann\appdata\local\ElevatedDiagnostics
2012-10-14 02:41:10   --------   d-----w-   c:\users\deborah ann\appdata\local\Mozilla
.
==================== Find3M ====================
.
2012-10-09 14:10:47   73656   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 14:10:47   696760   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-09-14 18:30:38   2048   ----a-w-   c:\windows\system32\tzres.dll
2012-08-31 17:21:56   1210736   ----a-w-   c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:18:33   3958128   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:18:33   3902832   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-08-29 16:05:04   100344   ----a-w-   c:\windows\HPBroker.dll
2012-08-24 20:43:18   301920   ----a-w-   c:\windows\system32\drivers\avgtdix.sys
2012-08-24 17:10:47   172544   ----a-w-   c:\windows\system32\wintrust.dll
2012-08-24 06:59:17   1800704   ----a-w-   c:\windows\system32\jscript9.dll
2012-08-24 06:51:27   1129472   ----a-w-   c:\windows\system32\wininet.dll
2012-08-24 06:51:02   1427968   ----a-w-   c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26   142848   ----a-w-   c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12   420864   ----a-w-   c:\windows\system32\vbscript.dll
2012-08-24 06:43:58   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2012-08-18 11:23:05   169984   ----a-w-   c:\windows\system32\winsrv.dll
2012-08-18 11:21:20   293376   ----a-w-   c:\windows\system32\KernelBase.dll
2012-08-18 11:18:47   271360   ----a-w-   c:\windows\system32\conhost.exe
2012-08-18 09:07:02   6144   ---ha-w-   c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-18 09:07:02   4608   ---ha-w-   c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 09:07:02   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 09:07:02   3072   ---ha-w-   c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-14 01:36:14   11168   ----a-w-   c:\windows\system32\drivers\rcmirror.sys
2012-08-14 01:36:02   18336   ----a-w-   c:\windows\system32\rcmirror.dll
.
============= FINISH: 22:06:47.18 ===============

ilmbg · « **Reply #10 on:** November 12, 2012, 11:31:44 AM »

The info you requested and showed me how to paste to here is on the prior post. I didn't want to chance trying to add something to the post- was afraid it might do something unwanted/wreck something.
Thank you all for showing me how to copy/paste it to you, also for taking the time to look at this mess.
You must be 'far away', as post time shows about 'noon', and it is just after 7am here. Amazing...
Thank you.

ilmbg · « **Reply #11 on:** November 12, 2012, 11:38:03 AM »

Almost forgot this part:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows 7 Starter
Boot Device: \Device\HarddiskVolume3
Install Date: 3/14/2012 8:48:51 PM
System Uptime: 11/9/2012 1:39:44 PM (9 hours ago)
.
Motherboard: Hewlett-Packard | | 308F
Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz | CPU 1 | 1600/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 137 GiB total, 90.321 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.585 GiB free.
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 4620 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 4620 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: RTS5121LUN0
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MULTI-CARD&REV_1.00#00000#
Manufacturer: REALSIL
Name: E:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MULTI-CARD&REV_1.00#00000#
Service: WUDFRd
.
==== System Restore Points ===================
.
RP25: 10/19/2012 10:03:07 PM - october 10
RP26: 10/19/2012 10:10:11 PM - mozilla firefox
RP27: 10/27/2012 12:00:07 AM - Scheduled Checkpoint
RP28: 11/4/2012 9:42:31 AM - Scheduled Checkpoint
RP30: 11/9/2012 6:54:53 AM - housetv
RP31: 11/9/2012 6:59:38 AM - 10/1/2012
RP32: 11/9/2012 7:08:58 AM - mozilla
RP29: 11/9/2012 7:38:06 AM - Restore Operation
RP33: 11/9/2012 8:05:16 AM - firefox
RP34: 11/9/2012 8:07:26 AM - mozille
RP35: 11/9/2012 8:13:48 AM - firefox
RP36: 11/9/2012 8:16:15 AM - september 2012
.
==== Installed Programs ======================
.
1600
1600_Help
1600Trb
32 Bit HP CIO Components Installer
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.1 MUI
Adobe Shockwave Player
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft WebCam Companion 3
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
AVG 2012
Bonjour
Broadcom 802.11 Wireless LAN Adapter
BufferChm
Ccleaner Business Edition x64 x86 Tom_Da_Man
Choice Guard
Compatibility Pack for the 2007 Office system
Copy
CyberLink DVD Suite
Destinations
Fax
Google Chrome
Google Earth
Google Update Helper
Homepage Protection
HP Customer Experience Enhancements
HP Games
HP Imaging Device Functions 13.0
HP Instant Web
HP Integrated Module with Bluetooth wireless technology
HP Officejet 4620 series Basic Device Software
HP Officejet 4620 series Help
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
HP QuickSync
HP Setup
HP Support Assistant
HP Update
HP User Guides 0166
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPPhotoGadget
I.R.I.S. OCR
IDT Audio
inSSIDer
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
iVMS-4000(v2.0)
Java Auto Updater
Java(TM) 6 Update 14
Java(TM) 7 Update 5
JavaFX 2.1.1
LiveUpdate 3.2 (Symantec Corporation)
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Live Search Toolbar
Microsoft Office Excel Viewer
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MiniStumbler 0.4.0 (remove only)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network
Power2Go
PowerRecover
Realtek USB 2.0 Card Reader
Roxio BackOnTrackRoxio Disaster Recovery
Roxio Instant Restore
Roxio Instant Restore Recovery Disk
Roxio Update Manager
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Skype™ 5.10
Status
Synaptics Pointing Device Driver
Toolbox
TrayApp
UGRS2 OCX
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
WinPcap 4.1.2
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
11/9/2012 7:26:50 AM, Error: Virtual Disk Service [9] - Unexpected provider failure. Restarting the service may fix the problem. Error code: 8007001F@02000014
11/9/2012 6:53:18 AM, Error: Service Control Manager [7034] - The Audio Service service terminated unexpectedly. It has done this 1 time(s).
11/7/2012 12:55:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BOTService service.
11/7/2012 1:44:42 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DIANE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{010BCC22-3A62-4458-96E2-63A0E815B. The master browser is stopping or an election is being forced.
11/7/2012 1:36:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
11/4/2012 11:42:21 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
11/3/2012 8:35:17 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
.
==== End Of File ===========================

Corrine · « **Reply #12 on:** November 12, 2012, 01:24:36 PM »

Hi, ilmbg.

Good job getting the logs posted! First, let's take care of the outdated, vulnerable software on your computer and then we'll see what else needs addressing. Be sure to ask if you have any questions.

1. Oracle Java:

Unfortunately, Oracle did not do a good job with the upgrade to JRE version 7 and left the old, vulnerable version behind. First, please uninstall Java(TM) 6 Update 14. Next, update to Java SE 7u9 from http://java.com/en/download/inc/windows_new_xpi.jsp?locale=en

Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

2. Adobe Software: Direct installation links are provided for Adobe Reader and Adobe Flash Player, which shouldn't have any unnecessary extras. However, for Adobe Air and Shockwave Player, please watch that unwanted extras such as McAfee virus scan or toolars are not checked.

Adobe Reader: Version XI has been released. Please install the current version from here: Download Adobe Reader.
Adobe Air: Please update to the latest version, Adobe AIR 3.5
Adobe Shockwave Player: If you do not have version 11.6.8.638, please update from here: http://get.adobe.com/shockwave/
Adobe Flash Player: It is necessary to update Flash Player for both IE and Firefox. Please get the updates from the direct links below.
- Flash Player For Internet Explorer 7, 8 & 9: http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_active_x.exe
- Non-IE (Opera, Firefox, Etc.): http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_plugin.exe

3. Please follow these instructions carefully. Download ComboFix from here.

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your antivirus and anti-malware security applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray.

Note: If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum: How to disable your security applications.

Now, please run ComboFix:

Note: If infections are found, ComboFix will automatically reboot the machine to complete the removal process. Please ensure all opened windows are closed before proceeding.
Double-click ComboFix.exe on your desktop and follow the prompts.
As part of the process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it is strongly recommended to have this pre-installed on your machine before doing any malware removal. The Recovery Console will allow you to start up the computer in a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Please note: If the Microsoft Windows Recovery Console is already installed on the computer, ComboFix will continue the malware removal procedures.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
After the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click "Yes" to continue scanning for malware.
When finished, a log will be produced. Please include the C:\ComboFix.txt in your next reply.

ilmbg · « **Reply #13 on:** December 02, 2012, 01:57:31 AM »

I have been trying to get up enough nerve to do what you have told me...
Do I go to 'programs/features' to delete the programs?
I can't put windows side by side anymore, so I have to switch back and forth.
Also, by the numbers- I am not certain what you mean- such as
1. Oracle
Oracle Java update 6.... I think you mean to go to 'program/features' and the first one to delete is 'Oracle', and there are several parts to delete...correct?
Also, do I stop the AVG, and security software BEFORE I do ANYTHING, or not until I am ready to install Combofix?
Thank you.

ilmbg · « **Reply #14 on:** December 02, 2012, 02:20:00 AM »

This is what happened when I tried to delete program Oracle- Java 6 update 14= ok, it did
Then I tried to update Java SE 5E7U, and I got a message: File C:\\deborahann\AppData\LocalLaw\sun\java_sp.d\\is corrupt

What now?
Thank you

LandzDown Forum

News:

Author Topic: can't get 'system restore' date sorry, this is long (Read 1446 times)

ilmbg

can't get 'system restore' date sorry, this is long

Corrine

Re: can't get 'system restore' date sorry, this is long

R-C

Re: can't get 'system restore' date sorry, this is long

Corrine

Re: can't get 'system restore' date sorry, this is long

ilmbg

Re: can't get 'system restore' date sorry, this is long

ilmbg

Re: can't get 'system restore' date sorry, this is long- having problem with 's

ilmbg

I have downloaded the 'logs' but 'security' won't download

MikeW

Re: I have downloaded the 'logs' but 'security' won't download

Corrine

Re: can't get 'system restore' date sorry, this is long

ilmbg

Re: can't get 'system restore' date sorry, this is long

ilmbg

Re: can't get 'system restore' date sorry, this is long -HERE IS THE INFO

ilmbg

Re: can't get 'system restore' date sorry, this is long

Corrine

Re: can't get 'system restore' date sorry, this is long

ilmbg

Re: can't get 'system restore' date sorry, this is long...(I'm terrified to do

ilmbg

Re: can't get 'system restore' date sorry, this is long