Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

'Warning! You're in danger' blue background


  • This topic is locked This topic is locked

#1
Hexx

Hexx

    New Member

  • Member
  • Pip
  • 1 posts
Hi there people,

I searched google when my mum told me she got this virus and got a link that took me here. I followed the users instructions of using malwarebytes which unfortunately didn't solve the issue and then also tried using OTL which I'm not sure if it was meant to fix it but regardless the problem was is still there.

I'm not sure why neither has worked as I had something similar on my computer once and malwarebytes dealt with it pretty quickly, the only difference I can see is that my mums comp can't connect to the internet or run things out of safe mode (I did all scans in safe mode).

In the other thread the guy helping said to post the scan reports into the thread so I've done this here and are as following:


OTL:

OTL logfile created on: 05/03/2011 00:06:49 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = D:\
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,015.00 Mb Total Physical Memory | 690.00 Mb Available Physical Memory | 68.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 8.82 Gb Free Space | 23.67% Space Free | Partition Type: NTFS
Drive D: | 7.46 Gb Total Space | 7.45 Gb Free Space | 99.84% Space Free | Partition Type: FAT32
Drive E: | 35.80 Gb Total Space | 35.71 Gb Free Space | 99.75% Space Free | Partition Type: NTFS

Computer Name: ANASTASIA-PC | User Name: Anastasia | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - D:\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20533_none_4634c4a0218d65c1\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)


========== Driver Services (SafeList) ==========

DRV - (AvgLdx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (ADILOADER) General Purpose USB Driver (adildr.sys) -- C:\Windows\System32\drivers\adildr.sys (Analog Deivces)
DRV - (adiusbaw) -- C:\Windows\System32\drivers\adiusbaw.sys (Analog Devices Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {ca4eedb3-5719-4e27-a478-8d13f761c28d} - C:\Program Files\SparkleBox\prxtbSpa0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ca4eedb3-5719-4e27-a478-8d13f761c28d} - C:\Program Files\SparkleBox\prxtbSpa0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy1.equinoxsolutions.com:80

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://go.microsoft..../?LinkId=69157"
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "proxy1.equinoxsolutions.com"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "proxy1.equinoxsolutions.com"
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: "proxy1.equinoxsolutions.com"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "proxy1.equinoxsolutions.com"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "proxy1.equinoxsolutions.com"
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010/01/13 07:00:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/01 19:47:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/16 19:38:17 | 000,000,000 | ---D | M]

[2009/10/29 11:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anastasia\AppData\Roaming\Mozilla\Firefox\Profiles\z0dz5fnj.default\extensions
[2009/10/29 11:04:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Anastasia\AppData\Roaming\Mozilla\Firefox\Profiles\z0dz5fnj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/03/21 13:51:44 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Anastasia\AppData\Roaming\Mozilla\Firefox\Profiles\z0dz5fnj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/10/14 15:52:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/10/14 15:51:56 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/03/28 14:45:20 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/01/13 07:00:04 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG8\FIREFOX
[2008/05/31 16:26:31 | 000,067,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2008/05/31 16:26:31 | 000,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2008/05/31 16:26:31 | 000,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2008/05/31 16:26:31 | 000,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2008/05/31 16:26:31 | 000,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2008/02/04 18:49:18 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (SparkleBox Toolbar) - {ca4eedb3-5719-4e27-a478-8d13f761c28d} - C:\Program Files\SparkleBox\prxtbSpa0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (SparkleBox Toolbar) - {ca4eedb3-5719-4e27-a478-8d13f761c28d} - C:\Program Files\SparkleBox\prxtbSpa0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (SparkleBox Toolbar) - {CA4EEDB3-5719-4E27-A478-8D13F761C28D} - C:\Program Files\SparkleBox\prxtbSpa0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [adiras] File not found
O4 - HKLM..\Run: [autoclk] C:\Windows\autoclk.exe ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKCU..\RunOnce: [nNeObGi06300] C:\ProgramData\nNeObGi06300\nNeObGi06300.exe ()
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....NPUplden-gb.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail....NPUplden-gb.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a7d649c0-3182-11de-8dfe-001a92fac211}\Shell - "" = AutoRun
O33 - MountPoints2\{a7d649c0-3182-11de-8dfe-001a92fac211}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/04 23:48:31 | 000,000,000 | ---D | C] -- C:\Users\Anastasia\AppData\Roaming\Malwarebytes
[2011/03/04 23:48:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/03/04 23:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/04 23:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/04 23:48:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/03/04 23:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/04 22:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\nNeObGi06300
[2011/03/04 19:31:11 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2011/03/04 19:31:05 | 000,000,000 | ---D | C] -- C:\Users\Anastasia\AppData\Local\Conduit
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/05 00:04:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/05 00:01:40 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/05 00:01:40 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/05 00:01:35 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/04 23:38:40 | 000,623,342 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/04 23:38:40 | 000,108,526 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/04 23:01:24 | 072,010,050 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/03/04 22:24:15 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/04 19:30:28 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{72A0FA5D-DBDF-45A8-9E9A-BB756F2635B6}.job
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2008/02/25 21:43:15 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/11/13 22:36:47 | 000,007,168 | ---- | C] () -- C:\Users\Anastasia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/22 20:38:47 | 000,000,680 | ---- | C] () -- C:\Users\Anastasia\AppData\Local\d3d9caps.dat
[2007/10/14 15:52:00 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/09/23 17:32:23 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini
[2007/09/23 17:31:43 | 000,000,342 | ---- | C] () -- C:\Windows\adiras.ini
[2007/09/23 17:31:43 | 000,000,154 | ---- | C] () -- C:\Windows\adidsl.ini
[2007/09/23 17:31:41 | 000,127,456 | ---- | C] () -- C:\Windows\System32\ipdetect.exe
[2007/09/23 17:31:39 | 000,106,496 | ---- | C] () -- C:\Windows\System32\coclassfast.dll
[2007/09/23 17:31:39 | 000,046,892 | ---- | C] () -- C:\Windows\System32\adadix16.dll
[2007/09/23 17:31:37 | 000,022,395 | ---- | C] () -- C:\Windows\System32\drivers\fpga.bin
[2007/09/23 17:31:36 | 000,143,360 | ---- | C] () -- C:\Windows\autoclk.exe
[2007/05/30 16:53:32 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/05/30 16:52:57 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2007/05/30 08:40:56 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/05/30 08:38:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/05/30 08:38:08 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/05/30 08:38:08 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/05/30 08:38:08 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/05/30 08:38:08 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/05/30 08:38:08 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/05/30 08:31:36 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/05/30 08:29:39 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/05/30 08:29:39 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/05/30 08:29:39 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/05/30 08:29:39 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 000,275,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,623,342 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,108,526 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:25:21 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 07:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 07:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/09/12 11:08:38 | 006,172,672 | ---- | C] () -- C:\Windows\System32\HwRecogK.dll
[2006/08/14 09:56:52 | 007,946,240 | ---- | C] () -- C:\Windows\System32\HWRecogT.dll
[2006/08/13 17:48:58 | 015,147,008 | ---- | C] () -- C:\Windows\System32\HWRecog.dll
[2003/08/07 16:01:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2003/03/24 06:03:00 | 000,279,552 | ---- | C] () -- C:\Windows\System32\FGWVB32.DLL
[1998/03/26 01:12:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll

< End of report >


Extras:

OTL Extras logfile created on: 05/03/2011 00:06:49 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = D:\
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,015.00 Mb Total Physical Memory | 690.00 Mb Available Physical Memory | 68.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 8.82 Gb Free Space | 23.67% Space Free | Partition Type: NTFS
Drive D: | 7.46 Gb Total Space | 7.45 Gb Free Space | 99.84% Space Free | Partition Type: FAT32
Drive E: | 35.80 Gb Total Space | 35.71 Gb Free Space | 99.75% Space Free | Partition Type: NTFS

Computer Name: ANASTASIA-PC | User Name: Anastasia | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{32C769B1-2BF6-4DEF-AC39-FF073E6135C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{42282F54-A842-42C0-9E2E-54A5B231B715}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{487BE4A5-7EFE-49CB-9DA6-F441135845B4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5D8E577F-9174-4127-884A-834D9AB38EDE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A28B7C16-88C0-4C81-A3C5-22F762B14999}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AD7E3539-E0BA-4A9F-999C-61C0F8DF03D4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C33E685E-D2F6-44AA-B33A-FDAA9B28F650}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DFDC1B84-141A-4345-BD47-BF9E3C706F5C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A8AC5F2-9E3A-48FE-9D9C-870620721A00}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager 1.0\mediamanager.exe |
"{258E7EFD-7FD5-4901-AB6D-8DAE3184636B}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager 1.0\mediamanager.exe |
"{2B2C9738-EA43-4169-AF0A-4B578F32EB97}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{35A0FBD1-73C7-4202-996D-6E69A17B9145}" = protocol=17 | dir=in | app=c:\program files\thomson\st330\service\st330service.exe |
"{3B7DF76F-6DBF-4178-83B8-37D4059E6453}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{43953B85-F803-43F9-9A45-8CDE245CB2C5}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{6A0D9882-5F35-41E3-A1D1-D6ADFFDDED2A}" = protocol=6 | dir=in | app=f:\sthiwv\stinstall.exe |
"{966C9E49-28EC-4BC2-9A9A-2E52B2988E22}" = protocol=17 | dir=in | app=f:\sthiwv\stinstall.exe |
"{9D2DEFCD-5DD7-4023-86E9-5786A829F5AA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ADE62EEB-7F3E-4E4C-A795-84F5A330C90B}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{C6D279AD-D611-49CE-B5F2-188CE5600BF8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D557574E-F86B-47C2-899A-376238F1E51D}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{F20CB075-1C82-4531-824E-683A039CB6FF}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F86BAAD7-DF9A-485F-98F4-42CBD0710C68}" = protocol=6 | dir=in | app=c:\program files\thomson\st330\service\st330service.exe |
"TCP Query User{A30EC64D-F014-4922-824A-895EEF357081}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{BEAA3171-A63E-4E00-AA15-FA3979D31CD0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{BD102C6E-8F38-4C97-90B9-066CAFD198FF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{CB8BB0C5-3DBF-4050-993B-7D118F9F130A}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00AD87E3-85EB-408A-BEDA-6AAE0F4D11B3}" = Activprimary v3.0.71
"{06AC45D1-CB9B-48CC-B5C8-1A55DEE26AD0}" = Sony Ericsson Media Manager 1.0
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0F4F4815-76AD-4B26-8763-72F3344041C2}" = TOSHIBA Manuals
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2C544254-39F2-4ACA-B779-ABF7297C96CF}" = Accessibility
"{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}" = Windows Live Photo Gallery
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{653B0060-CF5A-4FE2-A6EC-C643FB3BC793}" = Activprimary Resources (GBR) v3.0.2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AAC6881-844B-4A5F-9807-61289FE5F618}" = Activprimary Resources (GBR) v3.0.1
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"alotToolbar" = ALOT Toolbar
"AVG8Uninstall" = AVG Free 8.5
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (2.0.0.14)" = Mozilla Firefox (2.0.0.14)
"myphotobook" = myphotobook 3.1
"SparkleBox Toolbar" = SparkleBox Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9 Series

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Smilebox" = Smilebox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03/03/2011 19:13:47 | Computer Name = Anastasia-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 33212

Error - 03/03/2011 19:13:47 | Computer Name = Anastasia-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 33212

Error - 04/03/2011 18:58:57 | Computer Name = Anastasia-PC | Source = WerSvc | ID = 5007
Description =

Error - 04/03/2011 19:04:27 | Computer Name = Anastasia-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 04/03/2011 19:04:27 | Computer Name = Anastasia-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16536

Error - 04/03/2011 19:04:27 | Computer Name = Anastasia-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16536

Error - 04/03/2011 19:33:17 | Computer Name = Anastasia-PC | Source = WerSvc | ID = 5007
Description =

Error - 04/03/2011 19:44:07 | Computer Name = Anastasia-PC | Source = WerSvc | ID = 5007
Description =

Error - 04/03/2011 19:46:28 | Computer Name = Anastasia-PC | Source = EventSystem | ID = 4609
Description =

Error - 04/03/2011 20:04:25 | Computer Name = Anastasia-PC | Source = EventSystem | ID = 4609
Description =

[ System Events ]
Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/03/2011 20:05:45 | Computer Name = Anastasia-PC | Source = Service Control Manager | ID = 7001
Description =


< End of report >


  • 0

Advertisements


#2
Gammo

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hi,

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O4 - HKCU..\RunOnce: [nNeObGi06300] C:\ProgramData\nNeObGi06300\nNeObGi06300.exe ()
    O33 - MountPoints2\{a7d649c0-3182-11de-8dfe-001a92fac211}\Shell - "" = AutoRun
    O33 - MountPoints2\{a7d649c0-3182-11de-8dfe-001a92fac211}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
    [2011/03/04 22:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\nNeObGi06300
    [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    
    :Services
    
    :Reg
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, click the "Update" tab and click the "Check For updates" button.
  • Once the updates were downloaded, click the "Scanner" tab, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
  • 0

#3
Gammo

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP