Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I know I've got something wrong w/ my pc....just not sure what.

Started by mmhlj1014 , Jul 06 2011 04:54 PM

  • Please log in to reply

#1
mmhlj1014
Posted 06 July 2011 - 04:54 PM

mmhlj1014

    New Member

  • Member
  • Pip
  • 1 posts
Hi....hoping someone can help me....I know that there is something wrong w/ my pc....just not sure what or what to do about it.

Attached is the OTL scan that I just completed....I don't know what I'm looking for so.....

Any help you can offer will be greatly appreciated.
Thanks
Marlo

OTL logfile created on: 7/6/2011 6:38:32 PM - Run 1
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\Marlo_2\Documents
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 46.63% Memory free
3.99 Gb Paging File | 2.80 Gb Available in Paging File | 70.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.03 Gb Total Space | 77.95 Gb Free Space | 56.48% Space Free | Partition Type: NTFS
Drive D: | 11.02 Gb Total Space | 1.51 Gb Free Space | 13.68% Space Free | Partition Type: NTFS

Computer Name: MARLO-PC | User Name: marlo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/06 18:36:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Marlo_2\Documents\OTL.exe
PRC - [2011/03/07 12:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2010/12/12 19:29:23 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/08/25 09:33:13 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/02/09 06:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/01/20 22:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (SafeList) ==========

MOD - [2011/07/06 18:36:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Marlo_2\Documents\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 12:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/08/25 09:33:13 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/09 06:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/21 15:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)


========== Driver Services (SafeList) ==========

DRV - [2009/07/28 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/07/28 02:00:00 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/04/03 21:51:17 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 13:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/12/05 00:43:58 | 000,270,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20090129.001\IDSvix86.sys -- (IDSvix86)
DRV - [2008/07/30 18:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/06/06 15:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/06/06 15:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/05/22 15:20:54 | 000,020,640 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2008/05/22 10:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/22 05:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/05/21 07:44:10 | 001,049,760 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/02/12 11:27:34 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS3.sys -- (HSXHWBS3)
DRV - [2008/02/12 11:25:22 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/01/31 07:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 07:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 07:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/10/18 11:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/08/08 07:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.ne...ch?r=minisearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.ne...ch?r=minisearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startsearcher.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.startsearcher.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.ne...ch?r=minisearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.ne...ch?r=minisearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.ne...ch?r=minisearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.theprizeday.com/today.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.startsearcher.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.theprizeday.com/today.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49362

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Start Searcher"
FF - prefs.js..browser.search.defaultthis.engineName: "Start Searcher"
FF - prefs.js..browser.search.defaulturl: "http://www.startsearcher.com/?q="
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/...06&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: {2224E955-00E9-4613-A844-CE69FCCAAE91}:3.4.0.4340
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.356
FF - prefs.js..extensions.enabledItems: {E88BA048-1B0A-474F-A9C8-C6E62B0E3FA0}:1.9.1
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..keyword.URL: "http://ws.infospace...._id=60531&qkw="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found

FF - HKLM\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF [2009/07/09 18:49:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.3.0.790\FF [2009/07/09 18:49:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/18 22:42:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 19:29:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/12 19:29:26 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF [2009/07/09 18:49:27 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.3.0.790\FF [2009/07/09 18:49:31 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/18 22:42:31 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 19:29:26 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/12 19:29:26 | 000,000,000 | ---D | M]

[2010/04/02 15:25:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marlo\AppData\Roaming\mozilla\Extensions
[2011/05/10 08:04:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marlo\AppData\Roaming\mozilla\Firefox\Profiles\1on5qxto.default\extensions
[2010/06/03 18:13:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\marlo\AppData\Roaming\mozilla\Firefox\Profiles\1on5qxto.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/19 14:18:17 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\marlo\AppData\Roaming\mozilla\Firefox\Profiles\1on5qxto.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/02/08 19:22:06 | 000,000,000 | ---D | M] (Gamers Unite! Snag Bar) -- C:\Users\marlo\AppData\Roaming\mozilla\Firefox\Profiles\1on5qxto.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}
[2010/10/31 22:12:42 | 000,001,919 | ---- | M] () -- C:\Users\marlo\AppData\Roaming\Mozilla\Firefox\Profiles\1on5qxto.default\searchplugins\bing-zugo.xml
[2010/09/12 17:34:48 | 000,000,917 | ---- | M] () -- C:\Users\marlo\AppData\Roaming\Mozilla\Firefox\Profiles\1on5qxto.default\searchplugins\conduit.xml
[2010/10/12 17:27:19 | 000,001,484 | ---- | M] () -- C:\Users\marlo\AppData\Roaming\Mozilla\Firefox\Profiles\1on5qxto.default\searchplugins\start-searcher.xml
[2010/04/02 15:23:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/09 18:49:27 | 000,000,000 | ---D | M] ("NP Helper Class") -- C:\PROGRAM FILES\INTERNET SAVING OPTIMIZER\3.4.0.4340\FF
[2010/06/17 08:29:49 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\MARLO\APPDATA\LOCAL\{E88BA048-1B0A-474F-A9C8-C6E62B0E3FA0}

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.3.0.790\HPIEAddOn.dll ()
O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll ()
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (no name) - {66D8FBA6-D90F-40A9-AC55-84896F79CA69} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB)
O3 - HKLM\..\Toolbar: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DPService] C:\Program Files\HP\DVDPlay\DPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: hp.com ([pavilion.buttonredirect] http in Trusted sites)
O15 - HKCU\..Trusted Domains: hp.com ([presario.buttonredirect] http in Trusted sites)
O15 - HKCU\..Trusted Domains: netzero.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: netzero.net ([]* in Trusted sites)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\marlo\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\marlo\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/25 09:12:57 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========


========== Files - Modified Within 30 Days ==========

[2011/07/06 18:42:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FE0F2C18-724F-430E-8274-3E349C0A9FFA}.job
[2011/07/06 17:57:49 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/06 17:57:49 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/06 17:53:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/06 17:53:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/06 17:53:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/06 16:47:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2237125450-2810781539-3896734031-1001UA.job
[2011/07/06 11:47:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2237125450-2810781539-3896734031-1001Core.job
[2011/07/04 20:00:00 | 000,000,546 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - marlo.job
[2011/06/30 08:06:18 | 000,406,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/02/15 20:46:37 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/10/12 13:15:31 | 000,000,294 | ---- | C] () -- C:\Users\marlo\AppData\Roaming\dsfsds.bat
[2010/07/13 10:22:44 | 000,000,253 | ---- | C] () -- C:\Windows\Creator.INI
[2010/06/22 08:30:10 | 000,602,112 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2010/06/17 08:29:49 | 000,000,120 | ---- | C] () -- C:\Users\marlo\AppData\Local\Upakeyudafawinaq.dat
[2010/06/17 08:29:49 | 000,000,000 | ---- | C] () -- C:\Users\marlo\AppData\Local\Twigogujaged.bin
[2010/03/18 22:41:55 | 000,023,112 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/03/18 19:14:56 | 000,077,351 | ---- | C] () -- C:\Windows\hpqins05.dat
[2009/09/24 08:43:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 08:43:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/03/20 11:49:46 | 000,476,273 | ---- | C] () -- C:\ProgramData\phn.dat
[2009/03/16 12:11:02 | 000,005,058 | ---- | C] () -- C:\Users\marlo\AppData\Roaming\wklnhst.dat
[2009/01/30 20:08:24 | 000,007,168 | ---- | C] () -- C:\Users\marlo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/01 15:33:48 | 000,157,361 | ---- | C] () -- C:\Windows\hpoins27.dat
[2008/12/27 11:51:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/14 19:24:10 | 000,000,680 | ---- | C] () -- C:\Users\marlo\AppData\Local\d3d9caps.dat
[2008/08/25 09:13:58 | 000,107,357 | ---- | C] () -- C:\Windows\hpqins13.dat
[2008/08/25 08:46:22 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2008/08/25 08:46:22 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2008/01/18 11:56:22 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl27.dat
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 000,406,296 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2008/12/15 08:37:14 | 000,000,000 | ---D | M] -- C:\Users\marlo\AppData\Roaming\Gamelab
[2010/05/09 21:15:22 | 000,000,000 | ---D | M] -- C:\Users\marlo\AppData\Roaming\GetRightToGo
[2008/12/31 14:38:46 | 000,000,000 | ---D | M] -- C:\Users\marlo\AppData\Roaming\iWin
[2009/02/10 20:56:11 | 000,000,000 | ---D | M] -- C:\Users\marlo\AppData\Roaming\PlayFirst
[2009/01/30 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\marlo\AppData\Roaming\SPORE Creature Creator
[2009/03/16 12:11:04 | 000,000,000 | ---D | M] -- C:\Users\marlo\AppData\Roaming\Template
[2009/01/10 22:24:51 | 000,000,000 | ---D | M] -- C:\Users\marlo\AppData\Roaming\Webfoot
[2010/03/18 19:03:12 | 000,000,000 | ---D | M] -- C:\Users\marlo\AppData\Roaming\WinBatch
[2011/07/06 17:03:22 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/07/06 18:42:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{FE0F2C18-724F-430E-8274-3E349C0A9FFA}.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP