Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Brutal Laptop Performance

Started by Triskelion , May 29 2011 02:14 PM

  • This topic is locked This topic is locked

#16
Triskelion
Posted 06 June 2011 - 12:57 AM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts
Step 2: aswMBR Log

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-06-06 00:54:14
-----------------------------
00:54:14.862 OS Version: Windows 6.0.6002 Service Pack 2
00:54:14.862 Number of processors: 2 586 0xF0D
00:54:14.862 ComputerName: FRED-PC UserName: Fred
00:54:15.595 Initialize success
00:54:18.310 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
00:54:18.325 Disk 0 Vendor: TOSHIBA_ DL03 Size: 152627MB BusType: 3
00:54:18.341 Disk 0 MBR read successfully
00:54:18.356 Disk 0 MBR scan
00:54:18.356 Disk 0 unknown MBR code
00:54:18.372 Disk 0 scanning sectors +312580096
00:54:18.403 Disk 0 scanning C:\Windows\system32\drivers
00:54:26.780 Service scanning
00:54:30.852 Disk 0 trace - called modules:
00:54:30.868 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
00:54:30.883 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85acc858]
00:54:30.883 3 CLASSPNP.SYS[867138b3] -> nt!IofCallDriver -> [0x84afe688]
00:54:30.899 5 acpi.sys[826996bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84b08030]
00:54:30.899 Scan finished successfully
00:55:07.543 Disk 0 MBR has been saved successfully to "C:\Users\Fred\Desktop\MBR.dat"
00:55:07.543 The log file has been saved successfully to "C:\Users\Fred\Desktop\aswMBR.txt"




Step 3: I did what you asked and haven't really noticed any difference performance wise. One thing is that the wireless will not come on. other than that it hasn't changed much, if any? Why would the wireless be disabled by pulling the battery?

Edited by Triskelion, 06 June 2011 - 01:10 AM.

  • 0

Advertisements

#17
maliprog
Posted 06 June 2011 - 01:14 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
You system is clean now. I think you have problem with system.

Please open new topic in Windows Vista™ and Windows 7™. Write down that you were sent from here (include link) and the Tech guys will help you more than I would.

I'll leave this topic open for any question until you solve your problem there. Good luck!
  • 0

#18
Triskelion
Posted 06 June 2011 - 01:27 AM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts
Thanks mailprog.. posted over in the other forum.

For your reference;

http://www.geekstogo...em-with-laptop/
  • 0

#19
Triskelion
Posted 06 June 2011 - 10:00 AM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts
Hey mailprog;

Wanted to say thanks for all the help!

Feel like taking a look at another log while we wait on the tech guys?

Wouldn't mind knowing if there is something to do on this laptop as well. Overall performance is good, but some weird issues at times and I've never been able to nail down if there is a problem with it?

Thanks;

Triskelion
  • 0

#20
maliprog
Posted 06 June 2011 - 11:13 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Triskelion,

There is nothing to remove based on your logs. Let's see what will happened with Tech guys.
  • 0

#21
Triskelion
Posted 06 June 2011 - 11:30 PM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts
No I meant would you want to take a look at an OTL log from a different laptop?
  • 0

#22
maliprog
Posted 06 June 2011 - 11:54 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
I miss understood you :). Please write down what is wrong with it and post OTL scan log.
  • 0

#23
Triskelion
Posted 07 June 2011 - 01:45 AM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts
Thanks mailprog;

I haven't really noticed anything too serious with the laptop, apart from when it goes into hibernation, it freezes up when I wake it up. I never really paid any attention to it. I would just reboot it and everything would be fine. However I used to let my nephew use my computer on the condition that he didn't dload anything.

Well found him doing some things i don't approve of and needless to say, permissions have been revoked.

Just want to make sure everything is clean.

Here is the OTL Log:

OTL logfile created on: 07/06/2011 1:04:03 AM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\JsButler\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.75 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 66.39% Memory free
5.49 Gb Paging File | 4.24 Gb Available in Paging File | 77.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.57 Gb Total Space | 63.11 Gb Free Space | 56.57% Space Free | Partition Type: NTFS
Drive D: | 111.55 Gb Total Space | 110.55 Gb Free Space | 99.10% Space Free | Partition Type: NTFS

Computer Name: JSBUTLER-PC | User Name: JsButler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/07 01:02:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\JsButler\Desktop\OTL.exe
PRC - [2011/02/17 22:34:58 | 001,509,176 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/02/17 22:34:58 | 000,821,048 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/12/04 17:37:12 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010/08/24 03:38:18 | 000,092,008 | ---- | M] (TomTom) -- D:\TomTom\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2007/01/01 15:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\JsButler\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (SafeList) ==========

MOD - [2011/06/07 01:02:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\JsButler\Desktop\OTL.exe
MOD - [2010/11/20 05:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/12/01 20:45:18 | 000,932,864 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2011/02/17 22:34:58 | 000,821,048 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/12/04 17:37:12 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/08/24 03:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- D:\TomTom\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/01/11 05:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/04 17:37:12 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 03:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/06/16 14:38:08 | 000,092,160 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2010/06/09 18:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2010/06/09 18:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010/04/22 20:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009/11/02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 18:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 18:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/13 18:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 14:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/12/01 22:15:04 | 005,000,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/01/19 06:36:14 | 000,036,352 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2011/02/17 22:35:32 | 000,060,688 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2011/02/17 22:35:32 | 000,052,496 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/?pc=AVBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0C 9B F0 EB 40 22 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.webi.dsf-...-dfs.com/en-CA"
FF - prefs.js..extensions.enabledItems: [email protected]:11.0.1.400
FF - prefs.js..extensions.enabledItems: [email protected]:11.0.1.400
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {1c530060-b0ae-11d9-9669-0800200c9a66}:0.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/23 00:46:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/10 15:52:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/10 15:52:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/05/01 13:47:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011/04/24 23:42:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010/12/04 16:46:36 | 000,000,000 | ---D | M]

[2011/02/07 23:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Extensions
[2010/07/12 23:07:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/08/02 14:37:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/05/09 22:26:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Firefox\Profiles\va8blk9i.default\extensions
[2011/05/09 22:25:51 | 000,000,000 | ---D | M] (TextMarker!) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Firefox\Profiles\va8blk9i.default\extensions\{1c530060-b0ae-11d9-9669-0800200c9a66}
[2011/04/04 10:50:18 | 000,000,000 | ---D | M] ("Malware Search") -- C:\Users\JsButler\AppData\Roaming\Mozilla\Firefox\Profiles\va8blk9i.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2011/04/04 10:50:23 | 000,000,000 | ---D | M] (WOT) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Firefox\Profiles\va8blk9i.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/01/27 00:47:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Waterdog\Profiles\24xopiz5.default\extensions
[2010/07/12 22:23:15 | 000,000,000 | ---D | M] ("Malware Search") -- C:\Users\JsButler\AppData\Roaming\Mozilla\Waterdog\Profiles\24xopiz5.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2010/09/10 20:57:38 | 000,000,000 | ---D | M] (WOT) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Waterdog\Profiles\24xopiz5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/08/04 09:54:13 | 000,000,000 | ---D | M] (TextMarker Go) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Waterdog\Profiles\24xopiz5.default\extensions\{cd6c4ebf-366e-45a0-98b5-b8217288eed7}
[2010/07/12 22:27:16 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\JsButler\AppData\Roaming\Mozilla\Waterdog\Profiles\24xopiz5.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2011/01/14 15:29:45 | 000,000,000 | ---D | M] (Canadian English Dictionary) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Waterdog\Profiles\24xopiz5.default\extensions\[email protected]
[2010/07/12 23:18:18 | 000,000,000 | ---D | M] (Nuvola) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Waterdog\Profiles\24xopiz5.default\extensions\[email protected]
[2010/09/18 17:43:50 | 000,000,000 | ---D | M] (printpdf) -- C:\Users\JsButler\AppData\Roaming\Mozilla\Waterdog\Profiles\24xopiz5.default\extensions\[email protected]
[2011/02/25 12:01:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/15 15:35:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/10 12:53:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/25 12:01:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/12/04 16:48:13 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2010/12/04 16:48:09 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
File not found (No name found) --
[2011/05/10 15:52:33 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2009/11/19 15:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2011/02/25 12:01:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 15:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2011/05/10 15:52:39 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2010/07/15 15:31:42 | 000,609,487 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16077 more lines...
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [EPSON Stylus Photo RX680 Series] File not found
O4 - HKCU..\Run: [googletalk] C:\Users\JsButler\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.135.133 64.59.135.135 64.59.128.120
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\kloehk.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3c774bfd-a420-11df-a143-001d723d1a3e}\Shell - "" = AutoRun
O33 - MountPoints2\{3c774bfd-a420-11df-a143-001d723d1a3e}\Shell\AutoRun\command - "" = F:\Foresight.exe
O33 - MountPoints2\{fe8285f6-bd45-11df-a40b-001d723d1a3e}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/07 01:02:37 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\JsButler\Desktop\OTL.exe
[2011/06/06 15:59:33 | 000,000,000 | ---D | C] -- C:\Users\JsButler\Desktop\Practice Log #6 - Geeks to Go Forums_files
[2011/05/29 22:18:13 | 000,000,000 | ---D | C] -- C:\Users\JsButler\AppData\Roaming\mIRC
[2011/05/29 22:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2010/08/10 11:41:32 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\Implode.dll
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/07 01:02:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\JsButler\Desktop\OTL.exe
[2011/06/07 00:55:45 | 000,739,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/07 00:55:45 | 000,637,228 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/07 00:55:45 | 000,114,638 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/07 00:47:02 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3357115817-3825197339-238091159-1000UA.job
[2011/06/06 22:08:36 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/06 22:08:36 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/06 22:00:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/06 22:00:42 | 2213,105,664 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/06 15:59:47 | 000,277,389 | ---- | M] () -- C:\Users\JsButler\Desktop\Practice Log #6 - Geeks to Go Forums.htm
[2011/06/06 11:38:11 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3357115817-3825197339-238091159-1000Core.job
[2011/06/05 21:51:12 | 000,002,469 | ---- | M] () -- C:\Users\JsButler\Desktop\Google Chrome.lnk
[2011/05/29 22:18:13 | 000,000,504 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2011/05/23 12:10:08 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2011/05/11 15:37:27 | 000,001,435 | ---- | M] () -- C:\Users\Public\Desktop\Desjardins Financial Security.lnk
[2011/05/10 15:53:33 | 000,002,052 | ---- | M] () -- C:\Users\JsButler\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/10 14:56:05 | 001,180,077 | ---- | M] () -- C:\Users\JsButler\Desktop\Ex-MP.jpg
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/06 15:59:32 | 000,277,389 | ---- | C] () -- C:\Users\JsButler\Desktop\Practice Log #6 - Geeks to Go Forums.htm
[2011/05/29 22:18:13 | 000,000,504 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2011/05/10 15:53:05 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/10 14:56:10 | 001,180,077 | ---- | C] () -- C:\Users\JsButler\Desktop\Ex-MP.jpg
[2010/11/29 13:03:47 | 000,626,688 | ---- | C] () -- C:\Windows\SysWow64\MFCDIB.dll
[2010/11/29 13:03:47 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\MFCExt.dll
[2010/11/29 13:03:47 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\PDDIB.dll
[2010/08/10 11:46:00 | 000,000,000 | ---- | C] () -- C:\Windows\iireport46.INI
[2010/08/10 11:45:59 | 000,000,000 | ---- | C] () -- C:\Windows\iireport45.INI
[2010/08/10 11:45:58 | 000,000,000 | ---- | C] () -- C:\Windows\iireport49.INI
[2010/08/10 11:42:20 | 000,000,000 | ---- | C] () -- C:\Windows\IIREPO~4.INI
[2010/08/10 11:41:52 | 000,000,156 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/08/10 11:41:51 | 000,149,504 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2010/08/10 11:41:39 | 000,010,912 | ---- | C] () -- C:\Windows\SHARE.EXE
[2010/08/10 11:41:32 | 000,022,776 | ---- | C] () -- C:\Windows\SysWow64\FDPTOOLS.DLL
[2010/08/10 11:41:27 | 000,000,097 | ---- | C] () -- C:\Windows\fdpxld.ini
[2010/08/10 11:41:27 | 000,000,000 | ---- | C] () -- C:\Windows\IIREPO~1.INI
[2010/08/10 11:40:08 | 000,000,000 | ---- | C] () -- C:\Windows\efgtemp.ini
[2010/08/10 11:37:20 | 000,000,537 | ---- | C] () -- C:\Windows\slac.ini
[2010/08/03 10:18:58 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2010/07/27 13:29:14 | 000,000,029 | ---- | C] () -- C:\Windows\MLI.INI
[2010/07/23 00:45:39 | 000,023,145 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/07/17 00:14:14 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/07/17 00:14:14 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/07/17 00:14:14 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/07/17 00:14:14 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/07/17 00:14:14 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/07/17 00:14:14 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/07/17 00:14:14 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/07/17 00:14:14 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/07/17 00:14:14 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/07/17 00:14:14 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/07/17 00:14:14 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/07/17 00:14:14 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/07/17 00:14:14 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/07/17 00:14:14 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/07/17 00:14:14 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/07/17 00:14:14 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/07/14 15:34:42 | 000,000,096 | ---- | C] () -- C:\Users\JsButler\AppData\Local\fusioncache.dat
[2010/07/14 14:13:02 | 000,202,342 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010/07/14 14:13:02 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010/07/12 22:51:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/07/12 21:31:03 | 000,735,290 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/12 21:29:44 | 000,000,641 | ---- | C] () -- C:\Windows\Wininit.ini
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/12/01 20:08:40 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2004/10/19 15:40:44 | 000,000,000 | ---- | C] () -- C:\Windows\UL.ini
[2004/10/19 14:30:18 | 000,000,172 | ---- | C] () -- C:\Windows\Maritimelife.ini
[2004/06/17 23:20:38 | 000,517,120 | ---- | C] () -- C:\Windows\SysWow64\olexlsf.dll
[2002/02/27 09:41:28 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\nsldappr32v50.dll
[2002/02/27 09:41:26 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\nsldap32v50.dll
[2002/02/27 09:41:26 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nsldapssl32v50.dll

========== LOP Check ==========

[2011/02/16 12:23:24 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\Avery
[2010/10/14 13:54:17 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\AVG10
[2010/07/18 23:50:54 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\CheckPoint
[2011/03/03 22:28:32 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\EPSON
[2011/03/08 14:22:16 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\Foxit Software
[2011/02/22 11:42:42 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\Frau-Mann BT
[2010/09/07 14:42:50 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\Opera
[2010/08/10 11:48:34 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\RBC Illustrations
[2010/10/06 13:57:28 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\RBC Insurance
[2010/09/05 01:22:05 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\Research In Motion
[2010/07/12 23:07:24 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\Thunderbird
[2010/08/02 14:37:19 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\TomTom
[2010/11/04 15:09:00 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\Trusteer
[2011/04/18 20:44:29 | 000,000,000 | ---D | M] -- C:\Users\JsButler\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/04/29 23:33:25 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:C31F31E6

< End of report >
  • 0

#24
maliprog
Posted 07 June 2011 - 03:08 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Nothing much. Just some leftovers to remove. After that we will do little TLC to speed things up

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O33 - MountPoints2\{3c774bfd-a420-11df-a143-001d723d1a3e}\Shell - "" = AutoRun
    O33 - MountPoints2\{3c774bfd-a420-11df-a143-001d723d1a3e}\Shell\AutoRun\command - "" = F:\Foresight.exe
    O33 - MountPoints2\{fe8285f6-bd45-11df-a40b-001d723d1a3e}\Shell - "" = AutoRun
    [2011/05/23 12:10:08 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat

    :Files
    C:\Windows\SysNative\drivers\klin.dat

    :Commands
    [emptytemp]
    [emptyflash]
    [purity]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles
Step 2


Startuplite is a tool to help you stop some programs not needed when you start your computer from loading. They will begin automatically only when needed.

Run the tool and it will disable all unnecessary sturtup entries.
Click on Continue button to save changes.

Step 3

Download and run Puran Disc Defragmenter
For the first run I would recommend a boot defrag and disk check

Posted Image
  • 0

#25
Triskelion
Posted 07 June 2011 - 01:25 PM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts
Thanks mailprog;

Any idea what would cause the freezing issue if the comp goes into sleep mode, and why I have to reboot it when it happens?

Did the defrag, here is the OTL Moved log

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c774bfd-a420-11df-a143-001d723d1a3e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c774bfd-a420-11df-a143-001d723d1a3e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c774bfd-a420-11df-a143-001d723d1a3e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c774bfd-a420-11df-a143-001d723d1a3e}\ not found.
File F:\Foresight.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe8285f6-bd45-11df-a40b-001d723d1a3e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fe8285f6-bd45-11df-a40b-001d723d1a3e}\ not found.
File move failed. C:\Windows\SysNative\drivers\klin.dat scheduled to be moved on reboot.
File ptytemp] not found.
File ptyflash] not found.
File rity] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.23.0 log created on 06072011_103441

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\drivers\klin.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...
  • 0

Advertisements

#26
maliprog
Posted 07 June 2011 - 02:12 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
I really can't say why. I had one case and the solution was changing video card driver. If you are using ATI grafhic card and you have your manufacture driver installed then try to install ATI Catalyst driver and vice verse. Sometimes this helps.

If nothing works that you can always use Hibernating mode :)
  • 0

#27
Triskelion
Posted 07 June 2011 - 03:15 PM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts
I have an ATI Radeon X1200 Series graphics card.

Driver Provider: ATI Technologies Inc.

Driver Version: 8.561.0.0
  • 0

#28
maliprog
Posted 07 June 2011 - 11:09 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Then you should try downloading and installing new driver from Here. This is version 10.2. Hope it works!
  • 0

#29
Triskelion
Posted 08 June 2011 - 11:45 AM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts
That driver is for xp. Does it matter that I have Win 7?
  • 0

#30
maliprog
Posted 08 June 2011 - 12:42 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Sorry about that. Please choose suitable from Here :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP