|
-
August 14th, 2010, 08:48 PM
#16
OTL (posted in several parts, sorry):
OTL logfile created on: 14/08/2010 8:33:45 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Emily\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.30 Gb Total Space | 2.88 Gb Free Space | 9.84% Space Free | Partition Type: NTFS
Drive D: | 105.94 Gb Total Space | 8.49 Gb Free Space | 8.01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VISTA
Current User Name: Emily
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/08/14 20:31:45 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Emily\Desktop\OTL.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/19 18:14:45 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/04/05 01:43:09 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/03/02 10:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/15 02:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/10/26 01:07:49 | 000,241,664 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\VeriFace\PManage.exe
PRC - [2007/08/09 19:38:58 | 000,417,792 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Lenovo\ShuttleCenter\PCMService.exe
PRC - [2007/07/26 17:05:44 | 001,232,896 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe
PRC - [2007/07/26 15:20:38 | 002,502,656 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\EnergyCut\utilty.exe
PRC - [2007/05/23 14:13:15 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/04/23 03:51:44 | 004,435,968 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/04/14 02:47:46 | 000,502,544 | ---- | M] (Dritek System Inc.) -- C:\Program Files\EzButton\EzButton.EXE
PRC - [2006/12/28 19:48:10 | 000,569,344 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2006/11/22 04:31:28 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2004/12/14 04:44:16 | 000,032,256 | ---- | M] (Adobe Systems Incorporated) -- D:\Program Files\adobeacrobat\Acrobat\acrobat_sl.exe
PRC - [2004/12/14 02:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\adobeacrobat\Distillr\acrotray.exe
========== Modules (SafeList) ==========
MOD - [2010/08/14 20:31:45 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Emily\Desktop\OTL.exe
MOD - [2006/11/02 05:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- D:\Program Files\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2010/07/12 04:55:38 | 001,352,832 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/19 18:14:45 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 23:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/05/23 14:13:15 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/10/31 11:32:09 | 002,541,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/07/12 04:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/03/01 09:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 13:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/06/19 18:24:30 | 000,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2007/08/02 04:46:24 | 000,156,672 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/20 16:51:30 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007/06/05 17:39:26 | 000,011,776 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2007/04/30 06:39:46 | 001,747,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/04/23 06:13:24 | 001,769,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/08 15:03:20 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/28 16:20:40 | 009,599,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2006/11/22 04:35:02 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/02 09:29:40 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006/11/02 09:27:38 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\EzButton\DPortIO.sys -- (DritekPortIO)
DRV - [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 05:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 05:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 05:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006/11/02 03:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
-
August 14th, 2010, 08:50 PM
#17
OTL cont'd...
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.1
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/05 01:44:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/24 14:42:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/24 14:42:07 | 000,000,000 | ---D | M]
[2008/12/09 11:47:16 | 000,000,000 | ---D | M] -- C:\Users\Emily\AppData\Roaming\Mozilla\Extensions
[2010/08/14 17:05:00 | 000,000,000 | ---D | M] -- C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\0rr64awa.default\extensions
[2010/08/10 22:31:14 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\0rr64awa.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/05/12 11:31:34 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\0rr64awa.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/07/07 12:12:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/20 13:28:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2008/12/09 11:47:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/08/14 18:36:02 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\adobeacrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] D:\Program Files\adobeacrobat\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EnergyCut] C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\EnergyCut\utilty.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Lenovo\ShuttleCenter\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VeriFacePassManager] C:\Program Files\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skyscape SmartUpdate.lnk = C:\Program Files\Common Files\Skyscape\SmartUpdate.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - D:\Program Files\adobeacrobat\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\Program Files\Lenovo\VeriFace\OpenWnd.exe (Lenovo)
O9 - Extra 'Tools' menuitem : Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\Program Files\Lenovo\VeriFace\OpenWnd.exe (Lenovo)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: D:\b&w\classic hollywood\!!!\6stripes - young.jpg
O24 - Desktop BackupWallPaper: D:\b&w\classic hollywood\!!!\6stripes - young.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.clmp3enc - C:\Program Files\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ==========
[2010/08/14 20:31:41 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Emily\Desktop\OTL.exe
[2010/08/14 20:28:36 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/08/14 20:27:43 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/14 18:41:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/14 18:41:35 | 000,000,000 | ---D | C] -- C:\Users\Emily\AppData\Local\temp
[2010/08/14 18:36:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/08/14 17:09:25 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/13 19:58:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2010/08/13 19:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/08/13 19:32:24 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/07/18 18:31:16 | 000,000,000 | ---D | C] -- C:\Users\Emily\Desktop\New Folder (2)
[2010/06/23 00:51:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/06/23 00:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/23 00:04:46 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/06/06 13:44:20 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/06/01 00:37:13 | 000,000,000 | ---D | C] -- C:\Users\Emily\Desktop\reports
[2010/06/01 00:36:44 | 000,000,000 | ---D | C] -- C:\Users\Emily\Desktop\maps
[2010/05/28 11:44:56 | 000,000,000 | ---D | C] -- C:\Users\Emily\AppData\Roaming\dvdcss
[2010/05/20 17:41:57 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2007/10/26 00:35:16 | 000,098,304 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2007/10/26 00:35:16 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[15 C:\Users\Emily\Desktop\*.tmp files -> C:\Users\Emily\Desktop\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/08/14 20:37:25 | 000,670,050 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/14 20:37:25 | 000,126,048 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/14 20:37:24 | 000,782,632 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/14 20:37:20 | 003,932,160 | -HS- | M] () -- C:\Users\Emily\NTUSER.DAT
[2010/08/14 20:31:45 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Emily\Desktop\OTL.exe
[2010/08/14 20:30:08 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/14 20:30:08 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/14 20:30:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/14 20:29:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/14 20:29:54 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/14 20:28:56 | 004,655,436 | -H-- | M] () -- C:\Users\Emily\AppData\Local\IconCache.db
[2010/08/14 20:17:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2106239528-3222921034-3804467947-1004UA.job
[2010/08/14 18:36:13 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/08/14 18:36:02 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/14 18:32:45 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2106239528-3222921034-3804467947-1004Core.job
[2010/08/14 17:00:51 | 000,080,384 | ---- | M] () -- C:\Users\Emily\Desktop\MBRCheck.exe
[2010/08/14 14:34:59 | 000,525,824 | ---- | M] () -- C:\Users\Emily\Desktop\dds.scr
[2010/08/14 14:07:01 | 243,886,436 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/14 12:20:39 | 000,000,622 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/14 12:19:48 | 000,089,600 | ---- | M] () -- C:\Users\Emily\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/13 22:12:44 | 000,384,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/13 19:58:52 | 000,001,031 | ---- | M] () -- C:\Users\Emily\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/08/13 19:58:52 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/08/13 19:47:34 | 000,000,636 | ---- | M] () -- C:\Users\Emily\Desktop\CCleaner.lnk
[2010/08/13 19:40:58 | 000,001,615 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2010/08/13 19:40:57 | 000,002,437 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/08/13 19:34:37 | 000,001,550 | ---- | M] () -- C:\Users\Emily\Desktop\DivX Movies.lnk
[2010/08/11 23:58:39 | 000,796,945 | ---- | M] () -- C:\Users\Emily\Documents\AnnualReport0809web.pdf
[2010/07/23 18:54:20 | 015,584,760 | ---- | M] () -- C:\Users\Emily\Desktop\Dean_Martin_Variety_Show_-_Don_Rickles_part_1.flv.mp4
[2010/07/21 22:03:57 | 013,114,550 | ---- | M] () -- C:\Users\Emily\Desktop\Dean_Martin_Variety_Show_-_Don_Rickles_part_2.flv.mp4
[2010/07/14 17:59:12 | 000,105,148 | ---- | M] () -- C:\Users\Emily\Desktop\TCM!!!.pdf
[2010/07/13 18:02:34 | 010,794,108 | ---- | M] () -- C:\Users\Emily\Desktop\Bing Crosby, Frank Sinatra & Dean Martin - Skit From Guys and Dolls.mp4
[2010/07/12 04:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/07/12 04:55:38 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010/07/07 18:16:24 | 001,962,784 | ---- | M] () -- C:\Users\Emily\Desktop\ocpSummary+of+Laws.pdf
[2010/07/07 18:09:44 | 001,829,612 | ---- | M] () -- C:\Users\Emily\Desktop\ocpJP+Seminar.pdf
[2010/07/07 18:09:31 | 000,250,930 | ---- | M] () -- C:\Users\Emily\Desktop\ocpOwning_Operating.pdf
[2010/07/07 18:09:16 | 000,070,362 | ---- | M] () -- C:\Users\Emily\Desktop\ocpOnt+Drug+Benefit+Act.pdf
[2010/07/03 09:57:18 | 000,010,761 | ---- | M] () -- C:\Users\Emily\Desktop\Year 4 Timetable.pdf
[2010/07/01 22:27:14 | 000,015,951 | ---- | M] () -- C:\Users\Emily\Desktop\1_FINAL---2010-Residents---Frequently-Asked-Questions.pdf
[2010/07/01 22:27:08 | 000,412,029 | ---- | M] () -- C:\Users\Emily\Desktop\1_CHPRB-brochure_EN-2005.pdf
[2010/07/01 22:27:02 | 000,038,523 | ---- | M] () -- C:\Users\Emily\Desktop\1_FAQs---updated-August-2008-_2_.pdf
[2010/06/26 12:12:40 | 015,885,663 | ---- | M] () -- C:\Users\Emily\Desktop\monograph_201003.pdf
[2010/06/07 19:36:04 | 000,044,631 | ---- | M] () -- C:\Users\Emily\Desktop\dsr_20100607.pdf
[2010/05/20 17:41:48 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[15 C:\Users\Emily\Desktop\*.tmp files -> C:\Users\Emily\Desktop\*.tmp -> ]
-
August 14th, 2010, 08:50 PM
#18
OTL cont'd...
========== Files Created - No Company Name ==========
[2010/08/14 17:00:50 | 000,080,384 | ---- | C] () -- C:\Users\Emily\Desktop\MBRCheck.exe
[2010/08/14 14:34:57 | 000,525,824 | ---- | C] () -- C:\Users\Emily\Desktop\dds.scr
[2010/08/14 13:42:04 | 243,886,436 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/14 12:20:39 | 000,000,622 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/13 22:12:16 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/13 19:58:52 | 000,001,031 | ---- | C] () -- C:\Users\Emily\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/08/13 19:58:52 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/08/13 19:47:34 | 000,000,636 | ---- | C] () -- C:\Users\Emily\Desktop\CCleaner.lnk
[2010/08/13 19:40:58 | 000,001,615 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2010/08/13 19:34:37 | 000,001,550 | ---- | C] () -- C:\Users\Emily\Desktop\DivX Movies.lnk
[2010/08/11 23:58:39 | 000,796,945 | ---- | C] () -- C:\Users\Emily\Documents\AnnualReport0809web.pdf
[2010/07/23 18:54:15 | 015,584,760 | ---- | C] () -- C:\Users\Emily\Desktop\Dean_Martin_Variety_Show_-_Don_Rickles_part_1.flv.mp4
[2010/07/21 22:03:54 | 013,114,550 | ---- | C] () -- C:\Users\Emily\Desktop\Dean_Martin_Variety_Show_-_Don_Rickles_part_2.flv.mp4
[2010/07/14 17:59:12 | 000,105,148 | ---- | C] () -- C:\Users\Emily\Desktop\TCM!!!.pdf
[2010/07/13 18:02:33 | 010,794,108 | ---- | C] () -- C:\Users\Emily\Desktop\Bing Crosby, Frank Sinatra & Dean Martin - Skit From Guys and Dolls.mp4
[2010/07/07 18:16:24 | 001,962,784 | ---- | C] () -- C:\Users\Emily\Desktop\ocpSummary+of+Laws.pdf
[2010/07/07 18:09:43 | 001,829,612 | ---- | C] () -- C:\Users\Emily\Desktop\ocpJP+Seminar.pdf
[2010/07/07 18:09:31 | 000,250,930 | ---- | C] () -- C:\Users\Emily\Desktop\ocpOwning_Operating.pdf
[2010/07/07 18:09:16 | 000,070,362 | ---- | C] () -- C:\Users\Emily\Desktop\ocpOnt+Drug+Benefit+Act.pdf
[2010/07/03 09:57:18 | 000,010,761 | ---- | C] () -- C:\Users\Emily\Desktop\Year 4 Timetable.pdf
[2010/07/01 22:27:14 | 000,015,951 | ---- | C] () -- C:\Users\Emily\Desktop\1_FINAL---2010-Residents---Frequently-Asked-Questions.pdf
[2010/07/01 22:27:08 | 000,412,029 | ---- | C] () -- C:\Users\Emily\Desktop\1_CHPRB-brochure_EN-2005.pdf
[2010/07/01 22:27:02 | 000,038,523 | ---- | C] () -- C:\Users\Emily\Desktop\1_FAQs---updated-August-2008-_2_.pdf
[2010/06/26 12:12:40 | 015,885,663 | ---- | C] () -- C:\Users\Emily\Desktop\monograph_201003.pdf
[2010/06/07 19:36:04 | 000,044,631 | ---- | C] () -- C:\Users\Emily\Desktop\dsr_20100607.pdf
[2009/02/22 13:24:44 | 000,000,502 | ---- | C] () -- C:\Windows\System32\CNCMFP34.INI
[2008/10/16 22:26:31 | 000,000,035 | ---- | C] () -- C:\Windows\A5W.INI
[2008/10/16 22:05:22 | 000,000,000 | ---- | C] () -- C:\Windows\QuickInstall.INI
[2008/03/13 15:12:03 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/12/22 01:05:15 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/12/22 01:05:15 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/12/02 14:28:14 | 000,000,543 | ---- | C] () -- C:\Windows\DNAPrinters.ini
[2007/10/26 01:07:51 | 001,560,576 | ---- | C] () -- C:\Windows\System32\MainOp.dll
[2007/10/26 01:07:51 | 001,327,104 | ---- | C] () -- C:\Windows\System32\ImageReog.dll
[2007/10/26 01:07:51 | 000,491,520 | ---- | C] () -- C:\Windows\System32\picn.dll
[2007/10/26 01:07:51 | 000,208,896 | ---- | C] () -- C:\Windows\System32\Image.dll
[2007/10/26 01:07:51 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll
[2007/10/26 01:07:51 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll
[2007/10/26 01:07:51 | 000,094,208 | ---- | C] () -- C:\Windows\System32\ApBlend.dll
[2007/10/26 01:07:51 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll
[2007/10/26 01:07:50 | 000,622,592 | ---- | C] () -- C:\Windows\System32\PicNotify.dll
[2007/10/26 00:42:51 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/10/26 00:39:33 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll
[2007/10/26 00:39:33 | 000,023,040 | ---- | C] () -- C:\Windows\ScrSav.dll
[2007/10/26 00:35:17 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2007/10/26 00:35:16 | 009,599,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/10/26 00:31:23 | 000,000,143 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/07/18 02:33:25 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/07/18 02:33:25 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/07/18 02:33:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1268.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/08/09 18:13:31 | 000,831,488 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005/08/09 18:13:31 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2005/08/09 18:12:28 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
========== LOP Check ==========
[2009/02/27 21:43:27 | 000,000,000 | ---D | M] -- C:\Users\Emily\AppData\Roaming\Canon
[2010/01/03 18:34:04 | 000,000,000 | ---D | M] -- C:\Users\Emily\AppData\Roaming\FFSJ
[2009/12/29 17:48:31 | 000,000,000 | ---D | M] -- C:\Users\Emily\AppData\Roaming\ImgBurn
[2009/10/31 11:52:17 | 000,000,000 | ---D | M] -- C:\Users\Emily\AppData\Roaming\OpenOffice.org
[2010/08/14 20:29:07 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2010/08/14 20:29:53 | 000,187,469 | ---- | M] () -- C:\aaw7boot.log
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 05:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2007/05/23 17:39:49 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2007/11/28 22:59:18 | 000,034,385 | ---- | M] () -- C:\caavsetupLog.txt
[2008/12/13 19:41:13 | 000,850,383 | ---- | M] () -- C:\caisslog.txt
[2010/08/14 18:41:33 | 000,015,329 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/08/14 20:30:16 | 022,213,052 | ---- | M] () -- C:\FaceProv.log
[2008/08/18 10:53:41 | 000,074,526 | ---- | M] () -- C:\HeadVideo.log
[2010/08/14 20:29:54 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/14 20:29:53 | 2451,374,080 | -HS- | M] () -- C:\pagefile.sys
[2007/10/26 00:32:08 | 000,000,420 | ---- | M] () -- C:\RHDSetup.log
[2005/07/05 22:44:10 | 000,000,496 | ---- | M] () -- C:\sysprep
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 08:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 05:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2006/11/02 05:46:13 | 000,221,184 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\user32.dll /md5 >
[2007/05/23 14:12:26 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2006/11/02 05:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2006/11/02 05:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-12 22:15:55
========== Files - Unicode (All) ==========
[2010/08/13 02:03:57 | 000,064,000 | ---- | M] ()(C:\Users\Emily\Desktop\?.doc) -- C:\Users\Emily\Desktop\ಠ.doc
[2010/06/22 16:55:02 | 000,000,162 | -H-- | M] ()(C:\Users\Emily\Desktop\~$?.doc) -- C:\Users\Emily\Desktop\~$ಠ.doc
[2010/06/22 16:55:02 | 000,000,162 | -H-- | C] ()(C:\Users\Emily\Desktop\~$?.doc) -- C:\Users\Emily\Desktop\~$ಠ.doc
[2010/03/29 05:20:42 | 000,064,000 | ---- | C] ()(C:\Users\Emily\Desktop\?.doc) -- C:\Users\Emily\Desktop\ಠ.doc
< End of report >
-
August 14th, 2010, 08:52 PM
#19
Extras (posted in 2 parts):
OTL Extras logfile created on: 14/08/2010 8:33:45 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Emily\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.30 Gb Total Space | 2.88 Gb Free Space | 9.84% Space Free | Partition Type: NTFS
Drive D: | 105.94 Gb Total Space | 8.49 Gb Free Space | 8.01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VISTA
Current User Name: Emily
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7AB018B0-7451-4E8D-BB46-468D808C9AE2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{85E87DBE-835B-4A65-B5A3-74C19D4F993E}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D2D9367-5CE2-459D-A1E8-9B8A897949A2}" = protocol=6 | dir=in | app=d:\program files\adaware\ad-watch.exe |
"{1C06E800-F58C-4F84-A076-799A03EB6F85}" = protocol=17 | dir=in | app=c:\users\emily\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{2C3A1B66-89A3-4716-A5D4-56EF08FB5559}" = protocol=6 | dir=in | app=d:\programs to be installed\itunes\itunes.exe |
"{2DFD6C04-8A01-4211-98F6-71AF3CEBE820}" = dir=in | app=c:\program files\lenovo\shuttlecenter\kernel\dms\clmsservice.exe |
"{409FDC67-0665-481D-A3E9-72F29DB5F637}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{49F4BEBE-5373-41B9-B0EC-85B2423F3707}" = protocol=17 | dir=in | app=d:\program files\ccleaner\ccleaner.exe |
"{603007AC-F74B-4C34-ADE1-CBFBDC6EC212}" = protocol=6 | dir=in | app=c:\program files\symantec antivirus\rtvscan.exe |
"{6704C967-84EC-453D-AF19-48829E5F1332}" = protocol=17 | dir=in | app=c:\program files\symantec antivirus\vpc32.exe |
"{7554593E-8B3B-445C-9B95-1E1600A1D86E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7D1D448F-9041-40AC-81FA-A74C82E27728}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{900F0BB4-FAA4-40C1-9744-54CFA9C68751}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{900FD129-8260-4DDC-BC67-656BBE4DA5D0}" = protocol=17 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{915B712E-4E21-43C3-8AAA-64F9C1573A52}" = protocol=17 | dir=in | app=d:\program files\malwarebytes' anti-malware\mbam.exe |
"{94CB4C0B-F2FC-4628-82EC-5452A6DD880F}" = protocol=17 | dir=in | app=d:\program files\adaware\ad-aware.exe |
"{94F423FD-C0B0-4BD5-A472-77E4DCAA9DBD}" = protocol=6 | dir=in | app=d:\program files\adaware\ad-aware.exe |
"{9A1279F7-7DC3-4044-910C-AF7C28410749}" = protocol=6 | dir=in | app=c:\users\emily\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{9C69F862-18BF-4B94-ACBE-841685C0ABFE}" = protocol=17 | dir=in | app=c:\program files\windows defender\msascui.exe |
"{9C6E01C0-6583-4135-BEB6-83EEBB7B0C1B}" = protocol=6 | dir=in | app=c:\users\emily\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{9EA95060-9F01-43BE-8CAD-B250103A5529}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9FEC9F83-53E0-4F70-8B9B-945158E1F395}" = dir=in | app=c:\program files\lenovo\shuttlecenter\pcmservice.exe |
"{A6E69C82-3375-4FA9-814E-EA7413E5E51A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A9425C2E-CB65-4E1B-B839-FBCA20FA6DFA}" = protocol=17 | dir=in | app=c:\users\emily\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{A9D6D4EC-B8E4-4A18-8CCB-EDB4BD2A93AE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{ABF798AD-A749-4F9A-AA64-D6FD8521813C}" = protocol=6 | dir=in | app=d:\program files\ccleaner\ccleaner.exe |
"{BDF28F48-F2B5-4232-B5AD-FF1E382B4E3C}" = protocol=17 | dir=in | app=c:\program files\symantec antivirus\rtvscan.exe |
"{CDFEEDB3-A178-4E1C-BE1F-206480892290}" = protocol=6 | dir=in | app=c:\program files\symantec antivirus\vpc32.exe |
"{D39C8F23-3030-462D-9271-A3D5D326BEF7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D67C4985-4AD0-44C2-8AC1-D1E675C64FF5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E0AB64AD-1421-41BD-867F-7EE7DCA174DB}" = protocol=17 | dir=in | app=d:\program files\adaware\ad-watch.exe |
"{E15BCC49-62E3-4A80-83EA-593E46BDAAD8}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{E81AC5D5-2BD7-4B9B-B5B8-4689D462A6BE}" = protocol=6 | dir=in | app=c:\program files\windows defender\msascui.exe |
"{E8227E6A-9036-42F8-A121-A827A3545A20}" = dir=in | app=c:\program files\lenovo\shuttlecenter\kernel\dmp\clbrowserengine.exe |
"{E87CEE9E-F540-463B-B576-6D108F7697AB}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F0B88B1A-A768-456F-AAB1-8E78B29F8212}" = protocol=17 | dir=in | app=d:\programs to be installed\itunes\itunes.exe |
"{F1A302FA-1851-4769-B4F6-14840F6E63D7}" = protocol=6 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{F99423F3-B17F-4906-B9BA-D8776B1CD8DE}" = dir=in | app=c:\program files\lenovo\shuttlecenter\powercinema.exe |
"{FDA8C40C-90A2-40E5-A0A4-F2324DAA2488}" = protocol=6 | dir=in | app=d:\program files\malwarebytes' anti-malware\mbam.exe |
"TCP Query User{A1FF5E2A-AF67-4E60-A81A-23CE42F01007}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{A661F4F9-FDDF-4B02-930E-9B4BD19AA0C2}D:\program files\vlc\vlc.exe" = protocol=6 | dir=in | app=d:\program files\vlc\vlc.exe |
"TCP Query User{CFD046C8-73F8-4516-A972-13B14D187E3F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{FEEF0604-0A5D-411F-8E38-9532B3CE64CE}D:\program files\realplay.exe" = protocol=6 | dir=in | app=d:\program files\realplay.exe |
"UDP Query User{3CBCD3EA-131E-42C2-A681-3CEB4D29E519}D:\program files\realplay.exe" = protocol=17 | dir=in | app=d:\program files\realplay.exe |
"UDP Query User{5001C088-1C9F-448D-8BD6-666E708CA403}D:\program files\vlc\vlc.exe" = protocol=17 | dir=in | app=d:\program files\vlc\vlc.exe |
"UDP Query User{8885EC49-B6E2-40DB-AA09-BF8E028291D7}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{E59C323A-AA1A-4BE8-BC14-CCBCD36F57F7}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
-
August 14th, 2010, 08:53 PM
#20
Extras cont'd..
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = ShuttleCenter
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{26B878A8-5704-3B64-BDBC-4F0EACA38121}" = Google Talk Plugin
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = USB Video Device
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}" = EnergyCut
"{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.6
"{AC76BA86-7AD7-2448-0000-800000000003}" = Chinese Traditional Fonts Support For Adobe Reader 8
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP1
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.0 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP1
"CCleaner" = CCleaner
"EasyCapture2.5" = EasyCapture
"EzButton" = Easy Button
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"PROHYBRIDR" = 2007 Microsoft Office system
"RealPlayer 12.0" = RealPlayer
"smARTupdate" = smARTupdate
"SMSERIAL" = Motorola SM56 Data Fax Modem
"VeriFace" = VeriFace
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03/05/2009 10:59:27 AM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
Error - 04/05/2009 11:49:02 AM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
Error - 05/05/2009 11:36:49 PM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
Error - 06/05/2009 11:02:36 AM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
Error - 07/05/2009 10:40:05 AM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
Error - 08/05/2009 11:07:43 AM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
Error - 09/05/2009 9:27:09 AM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
Error - 09/05/2009 6:07:05 PM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
Error - 09/05/2009 9:39:38 PM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
Error - 09/05/2009 10:21:39 PM | Computer Name = vista | Source = WerSvc | ID = 5007
Description =
[ OSession Events ]
Error - 31/03/2008 11:25:42 PM | Computer Name = vista | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 35 seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 14/08/2010 6:10:24 PM | Computer Name = vista | Source = Service Control Manager | ID = 7022
Description =
Error - 14/08/2010 6:17:21 PM | Computer Name = vista | Source = Service Control Manager | ID = 7000
Description =
Error - 14/08/2010 6:24:13 PM | Computer Name = vista | Source = Service Control Manager | ID = 7030
Description =
Error - 14/08/2010 6:32:12 PM | Computer Name = vista | Source = Service Control Manager | ID = 7030
Description =
Error - 14/08/2010 6:32:27 PM | Computer Name = vista | Source = Service Control Manager | ID = 7030
Description =
Error - 14/08/2010 7:58:20 PM | Computer Name = vista | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 14/08/2010 8:06:32 PM | Computer Name = vista | Source = Service Control Manager | ID = 7000
Description =
Error - 14/08/2010 8:08:16 PM | Computer Name = vista | Source = Service Control Manager | ID = 7022
Description =
Error - 14/08/2010 8:28:53 PM | Computer Name = vista | Source = DCOM | ID = 10010
Description =
Error - 14/08/2010 8:30:35 PM | Computer Name = vista | Source = Service Control Manager | ID = 7000
Description =
< End of report >
-
August 14th, 2010, 08:56 PM
#21
You didn't say, what are current computer issues.
-
August 14th, 2010, 09:01 PM
#22
Sorry!
Well many of my programs were inexplicably uninstalled after I installed that divx converter program, and I am wondering what caused it - virus, etc? Also, can I still trust this computer in terms of 'security' or has it been compromised?
Thanks very much for your help. I really appreciate it.
-
August 14th, 2010, 09:27 PM
#23
There was some infection, but nothing serious, so you should be OK.
many of my programs were inexplicably uninstalled after I installed that divx converter program
Is this, what you're talking about:
a bunch of the shortcuts on my desktop have the cannot find exe icon
If so, did you try to create new shortcuts?
================================================================
You're running very low on C drive free space:
Drive C: | 29.30 Gb Total Space | 2.88 Gb Free Space | 9.84% Space Free
You need to start moving some stuff out of C drive.
Honestly, you have really small drive as for Vista.
=================================================================
Update your Java version here: http://www.java.com/en/download/installed.jsp
Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.
Now, we need to remove old Java version and its remnants...
Download JavaRa to your desktop and unzip it to its own folder
- Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
- Accept any prompts.
=============================================================
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
Code:
:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
[15 C:\Users\Emily\Desktop\*.tmp files -> C:\Users\Emily\Desktop\*.tmp -> ]
:Services
:Reg
:Files
:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- You will get a log that shows the results of the fix. Please post it.
================================================================
Last scans....
1. Download Security Check from HERE, and save it to your Desktop.
- Double-click SecurityCheck.exe
- Follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
2. Download Temp File Cleaner (TFC)
- Double click on TFC.exe to run the program.
- Click on Start button to begin cleaning process.
- TFC will close all running programs, and it may ask you to restart computer.
3. Go to Kaspersky website and perform an online antivirus scan.
- Disable your active antivirus program.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Archives
- Mail databases
- Click on My Computer under Scan.
- Once the scan is complete, it will display the results. Click on View Scan Report.
- You will see a list of infected items there. Click on Save Report As....
- Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
-
August 14th, 2010, 11:24 PM
#24
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{10134636-E7AF-4AC5-A1DC-C7C44BB97D81} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10134636-E7AF-4AC5-A1DC-C7C44BB97D81}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\Users\Emily\Desktop\~WRL0003.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL0088.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL0134.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL0625.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL1144.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL1225.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL1320.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL1387.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL1546.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL1785.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL2335.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL2662.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL3370.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL3524.tmp deleted successfully.
C:\Users\Emily\Desktop\~WRL3634.tmp deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Emily
->Temp folder emptied: 33308 bytes
->Temporary Internet Files folder emptied: 46135 bytes
->Java cache emptied: 87045427 bytes
->FireFox cache emptied: 43948611 bytes
->Flash cache emptied: 2960162 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 91518 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 128.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Emily
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.9.1 log created on 08142010_230801
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
August 14th, 2010, 11:30 PM
#25
Security Check:
Results of screen317's Security Check version 0.99.5
Windows Vista (UAC is enabled)
Out of date service pack!!
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 20
Java(TM) 6 Update 3
Out of date Java installed!
Adobe Flash Player 10.1.82.76
Adobe Reader 8.1.6
Chinese Traditional Fonts Support For Adobe Reader 8
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
Windows Defender MSASCui.exe
````````````````````````````````
DNS Vulnerability Check:
Unknown. This method cannot test your vulnerability to DNS cache poisoning. (Wireless connection?)
``````````End of Log````````````
-
August 14th, 2010, 11:39 PM
#26
You didn't answer my question regarding shortcuts.
You didn't follow my instructions about running JavaRa to remove old Java versions.
In fact, you didn't even update Java.
We can't work like that.
Why your Vista doesn't have any service pack installed?
Do NOT do anything about it now, just answer my question.
-
August 15th, 2010, 12:00 AM
#27
Shortcuts:
For example, I tried to create a shortcut for realplayer. But I could not find realplayer.exe, thus I could not create a shortcut. Same for the other missing programs such as winrar. Is there another way to create shortcuts?
My internet connection is sporadic and your http://www.java.com/en/download/installed.jsp website is not working for me at this time.
Service pack: This is news to me, so I have no answer for you, other than I mistakenly thought I had it.
-
August 15th, 2010, 12:06 AM
#28
Well, all I need is just a simple information like you just provided.
If you can't do something, I need to know.
What's wrong with your internet connection?
Is it internet connection issue, or browser issue?
Did you try different browser?
I guess, the easiest way to get those programs back, would be to reinstall them.
How many of them do you have messed up?
-
August 15th, 2010, 12:28 AM
#29
Firefox is definitely slower than IE so I've switched to IE temporarily. However our internet connection sometimes is unstable so I'm not sure which of the two is the problem today.
Shall I keep trying the java website?
There are many programs missing/messed up now. The ones I've noticed missing are Microsoft Office, Real Player, Photoshop, vlc media player, audacity, winRAR, winzip, the program for my external hard drive. itunes is still "there" but apparently it was "not installed correctly".
-
August 15th, 2010, 12:33 AM
#30
Well, since the whole mess started with installation of some "divX plus converter", there is really not much we can do, but eventually to reinstall missing programs.
You can deal with it later though...
Regarding your connection...
Has it been going for a while? Possibly ISP issue? What's your opinion?
See, if this will help...
Close Firefox. Go Start>All Programs>Mozilla Firefox, click on Mozilla Firefox (safe mode). Same thing?
OR
Close IE.
Go Start>All Programs>Accessories>System Tools, and click on Internet Explorer (no add-ons). Same thing?
Try to sort out Java issue then.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
