Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Removal of Vista Anti-spyware 2011


  • Please log in to reply

#1
lmt0203

lmt0203

    New Member

  • Member
  • Pip
  • 1 posts
OTL logfile created on: 6/5/2011 2:24:58 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\trophybuck1\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 54.89% Memory free
6.12 Gb Paging File | 4.85 Gb Available in Paging File | 79.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.36 Gb Total Space | 89.10 Gb Free Space | 66.31% Space Free | Partition Type: NTFS
Drive F: | 4.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: TROPHYBUCK1-PC | User Name: trophybuck1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/05 14:24:36 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\trophybuck1\Desktop\OTL.exe
PRC - [2011/05/31 15:43:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2011/05/31 15:43:44 | 000,245,760 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe
PRC - [2011/05/31 15:43:44 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2011/05/31 15:43:44 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe
PRC - [2011/04/23 12:02:02 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10p_ActiveX.exe
PRC - [2009/06/03 14:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/15 00:13:50 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2008/10/04 15:58:04 | 000,208,896 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/09/04 01:29:18 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/09/04 01:29:10 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/09/04 01:29:10 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/09/04 01:29:10 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/08/27 02:29:00 | 001,662,032 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/05/23 16:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/07 19:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (SafeList) ==========

MOD - [2011/06/05 14:24:36 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\trophybuck1\Desktop\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/31 15:43:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2011/05/31 15:43:44 | 000,245,760 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe -- (STacSV)
SRV - [2011/05/31 15:43:44 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2011/05/31 15:43:44 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe -- (AESTFilters)
SRV - [2009/01/28 17:38:26 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/10/04 15:58:04 | 000,208,896 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV - [2009/04/11 00:45:37 | 000,185,856 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2008/12/15 00:13:54 | 000,393,216 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/11/20 06:19:34 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/09/04 01:29:08 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/20 22:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=3090128

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=3090128
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10p_ActiveX.exe (Adobe Systems, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\trophybuck1\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\trophybuck1\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/05 14:24:36 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\trophybuck1\Desktop\OTL.exe
[2011/05/27 11:04:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/05/22 15:26:38 | 000,000,000 | ---D | C] -- C:\Users\trophybuck1\AppData\Roaming\PCDr

========== Files - Modified Within 30 Days ==========

[2011/06/05 14:24:36 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\trophybuck1\Desktop\OTL.exe
[2011/06/05 12:52:46 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/05 12:52:46 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/05 12:42:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/04 13:00:20 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/04 13:00:20 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/04 12:53:16 | 000,000,949 | ---- | M] () -- C:\Users\trophybuck1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/04 12:52:27 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/04 12:32:57 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/06/04 12:32:57 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/06/04 12:32:44 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/05/27 23:03:56 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/05/27 11:04:51 | 219,482,699 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/12 10:28:29 | 000,000,118 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2011/05/12 10:24:22 | 000,010,324 | -HS- | M] () -- C:\Users\trophybuck1\AppData\Local\14grodlvhk23dco132iblh0542k43388dtyvcljk286
[2011/05/12 10:24:22 | 000,010,324 | -HS- | M] () -- C:\ProgramData\14grodlvhk23dco132iblh0542k43388dtyvcljk286

========== Files Created - No Company Name ==========

[2011/06/04 12:32:44 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/05/27 23:03:56 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/27 11:04:51 | 219,482,699 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/05/12 10:28:29 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/04/25 10:00:22 | 000,010,324 | -HS- | C] () -- C:\Users\trophybuck1\AppData\Local\14grodlvhk23dco132iblh0542k43388dtyvcljk286
[2011/04/25 10:00:22 | 000,010,324 | -HS- | C] () -- C:\ProgramData\14grodlvhk23dco132iblh0542k43388dtyvcljk286
[2011/04/24 21:06:16 | 000,010,436 | -HS- | C] () -- C:\Users\trophybuck1\AppData\Local\7y6774w28t81a
[2011/04/24 21:06:16 | 000,010,436 | -HS- | C] () -- C:\ProgramData\7y6774w28t81a
[2009/09/20 21:18:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/20 21:18:50 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/20 21:18:25 | 000,185,856 | ---- | C] () -- C:\Windows\System32\drivers\netbt.sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/19 23:02:13 | 000,003,584 | ---- | C] () -- C:\Users\trophybuck1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/17 21:22:46 | 000,026,340 | ---- | C] () -- C:\Users\trophybuck1\AppData\Roaming\UserTile.png
[2009/03/09 00:05:36 | 000,006,080 | ---- | C] () -- C:\Users\trophybuck1\AppData\Local\d3d9caps.dat
[2009/01/28 19:10:05 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1576.dll
[2009/01/28 19:10:04 | 002,026,604 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2009/01/28 19:10:04 | 000,445,796 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/01/28 19:10:04 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2009/01/28 19:06:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/28 17:30:02 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2009/01/28 17:30:02 | 000,027,136 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/02/03 19:11:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,280,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011/05/22 15:26:38 | 000,000,000 | ---D | M] -- C:\Users\trophybuck1\AppData\Roaming\PCDr
[2009/06/17 21:22:46 | 000,000,000 | ---D | M] -- C:\Users\trophybuck1\AppData\Roaming\PeerNetworking
[2011/05/01 14:36:48 | 000,000,000 | ---D | M] -- C:\Users\trophybuck1\AppData\Roaming\Sling Media
[2011/06/04 12:51:40 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 443 bytes -> C:\Users\trophybuck1\Documents\licsence code for vista.eml:OECustomProperty

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP