I don't have Avast. Please start the scan with default settings.
Web pages load very slowly or not at all
Started by
Meow kitty
, Sep 10 2011 03:28 PM
-
This topic is locked
#16
Posted 20 September 2011 - 04:07 AM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
I don't have Avast. Please start the scan with default settings.
#17
Posted 20 September 2011 - 04:09 AM
Meow kitty
- Topic Starter
-
- Member
-
- 18 posts
Member
ALSO DO I RUN JUST ONE REPORT OR SCAN IT INTO SEPARATE REPORTS, SINCE THERE ARE SO MANY SECTIONS???
#18
Posted 20 September 2011 - 04:15 AM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
One report please.
#19
Posted 20 September 2011 - 06:18 AM
Meow kitty
- Topic Starter
-
- Member
-
- 18 posts
Member
ran scan and checked everything. after scan was completed it showed no threat found and also a woman's voice says 'no threat found'. when i went to the report nothing shows and when i went to scan log it just shows no virus found so no report.
Now do I download free superantisypware or free malwareware from geeks to go? what about the microsoft malicious software virus removal tool or windows live care? what about ccleaner, it removes broken registry keys when a program[s] have been deleted?
Now do I download free superantisypware or free malwareware from geeks to go? what about the microsoft malicious software virus removal tool or windows live care? what about ccleaner, it removes broken registry keys when a program[s] have been deleted?
#20
Posted 20 September 2011 - 06:29 AM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Please do the following:
Step 1
We need to run an OTL Fix
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.
Step 2
Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here and double click on mbam-setup.exe to install the application
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
When completed the above, please post back the following in the order asked for:
Step 1
We need to run an OTL Fix
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.
- Please double click on
on your Desktop (If running Vista or Windows 7, right click on it and select "Run as an Administrator") - Under the Custom Scans/Fixes box copy and paste this in:
:OTL :Files ipconfig /flushdns /c :Reg :Commands [purity] [resethosts] [emptytemp] [emptyflash] [createrestorepoint] [reboot]
- Make sure all other windows are closed and to let it run uninterrupted.
- Click on
button. - OTL may ask to reboot the machine. Please do so if asked.
- Click on
button. - A report will open. Copy and Paste that report in your next reply.
- If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Step 2
Malwarebytes' Anti-MalwarePlease download Malwarebytes' Anti-Malware from Here and double click on mbam-setup.exe to install the application
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Click on Check for Updates button.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
When completed the above, please post back the following in the order asked for:
- OTL fix log
- OTL scan log
- MBAM log
#21
Posted 20 September 2011 - 08:14 AM
Meow kitty
- Topic Starter
-
- Member
-
- 18 posts
Member
Hi, here is the otl fix. otl scan log. and mbam log will follow.
All processes killed
========== OTL ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Amy\Desktop\cmd.bat deleted successfully.
C:\Users\Amy\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Amy
->Temp folder emptied: 403288 bytes
->Temporary Internet Files folder emptied: 10149096 bytes
->Java cache emptied: 1668797 bytes
->Flash cache emptied: 25208 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170563 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 12.00 mb
[EMPTYFLASH]
User: All Users
User: Amy
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.29.1 log created on 09202011_082324
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Amy\Desktop\cmd.bat deleted successfully.
C:\Users\Amy\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Amy
->Temp folder emptied: 403288 bytes
->Temporary Internet Files folder emptied: 10149096 bytes
->Java cache emptied: 1668797 bytes
->Flash cache emptied: 25208 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170563 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 12.00 mb
[EMPTYFLASH]
User: All Users
User: Amy
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.29.1 log created on 09202011_082324
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
#22
Posted 20 September 2011 - 08:18 AM
Meow kitty
- Topic Starter
-
- Member
-
- 18 posts
Member
here is otl scan text:
All processes killed
========== OTL ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Amy\Desktop\cmd.bat deleted successfully.
C:\Users\Amy\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Amy
->Temp folder emptied: 403288 bytes
->Temporary Internet Files folder emptied: 10149096 bytes
->Java cache emptied: 1668797 bytes
->Flash cache emptied: 25208 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170563 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 12.00 mb
[EMPTYFLASH]
User: All Users
User: Amy
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.29.1 log created on 09202011_082324
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Amy\Desktop\cmd.bat deleted successfully.
C:\Users\Amy\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Amy
->Temp folder emptied: 403288 bytes
->Temporary Internet Files folder emptied: 10149096 bytes
->Java cache emptied: 1668797 bytes
->Flash cache emptied: 25208 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170563 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 12.00 mb
[EMPTYFLASH]
User: All Users
User: Amy
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.29.1 log created on 09202011_082324
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
#23
Posted 20 September 2011 - 08:22 AM
Meow kitty
- Topic Starter
-
- Member
-
- 18 posts
Member
here is the extras text scan:
OTL Extras logfile created on: 9/20/2011 8:40:53 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Amy\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 64.44% Memory free
3.96 Gb Paging File | 3.22 Gb Available in Paging File | 81.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.54 Gb Total Space | 229.53 Gb Free Space | 79.55% Space Free | Partition Type: NTFS
Drive D: | 9.55 Gb Total Space | 1.28 Gb Free Space | 13.45% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 297.62 Gb Free Space | 99.84% Space Free | Partition Type: NTFS
Computer Name: FRAZZLED | User Name: Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4F6A7786-1A9A-4075-9630-C2C286059F1D}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{6138D9C1-404D-487D-9C76-B74F066CA926}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{706D28CF-1769-471D-8CBA-B9910FA71570}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{8EFFB1E7-B99A-45C4-ACAB-A9CD6B8FE657}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{A1DB7591-3ACD-48D3-BFD9-0002A9B3FB16}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{EB239846-5449-4DAC-9304-EDBEC9B0ABCD}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{FC219AA4-A5D6-4CA2-8119-1F34DEAF72C9}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3EBA6E7C-3DF6-48AE-B87B-4CAFB2C1C3F7}" = LightScribe Template Labeler
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{AFAD41A9-9687-48A3-848F-693C11451433}" = HP Customer Experience Enhancements
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C792A75A-2A1F-4991-9B85-291745478A79}" = NetAssistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E6CFBFB5-9232-410C-B353-AF6E614B2681}" = LightScribe System Software 1.10.16.1
"{E8C2622C-9FF1-4F60-8008-A0208154F9F3}" = muvee autoProducer 6.1
"{e96b3d28-47d6-43cc-98fd-7069eeab6b11}" = HP Total Care Advisor
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"avast" = avast! Free Antivirus
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"NVIDIA Drivers" = NVIDIA Drivers
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Yahoo! Toolbar" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NetAssistant 3.8.3" = Freeze.com NetAssistant
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/1/2008 4:53:58 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 4:57:09 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 5:21:09 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 5:23:14 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 5:33:43 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 5:55:38 AM | Computer Name = FRAZZLED | Source = Perflib | ID = 1008
Description =
Error - 1/1/2008 5:55:38 AM | Computer Name = FRAZZLED | Source = Perflib | ID = 1010
Description =
Error - 9/20/2011 9:15:44 AM | Computer Name = FRAZZLED | Source = Perflib | ID = 1008
Description =
Error - 9/20/2011 9:15:44 AM | Computer Name = FRAZZLED | Source = Perflib | ID = 1010
Description =
Error - 9/20/2011 11:31:17 AM | Computer Name = FRAZZLED | Source = WerSvc | ID = 5007
Description =
[ System Events ]
Error - 1/1/2008 3:02:50 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7026
Description =
Error - 1/1/2008 3:34:36 AM | Computer Name = FRAZZLED | Source = DCOM | ID = 10005
Description =
Error - 1/1/2008 3:49:01 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7000
Description =
Error - 1/1/2008 3:49:01 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7022
Description =
Error - 1/1/2008 4:02:46 AM | Computer Name = FRAZZLED | Source = W32Time | ID = 39452706
Description = The time service has detected that the system time needs to be changed
by +117289371 seconds. The time service will not change the system time by more
than +54000 seconds. Verify that your time and time zone are correct, and that
the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.21:123) is
working properly.
Error - 1/1/2008 4:16:22 AM | Computer Name = FRAZZLED | Source = W32Time | ID = 39452706
Description = The time service has detected that the system time needs to be changed
by +117333028 seconds. The time service will not change the system time by more
than +54000 seconds. Verify that your time and time zone are correct, and that
the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->64.4.11.167:123) is
working properly.
Error - 9/20/2011 11:25:06 AM | Computer Name = FRAZZLED | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
9, function 0. Please contact your system vendor for technical assistance.
Error - 9/20/2011 11:25:06 AM | Computer Name = FRAZZLED | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
11, function 0. Please contact your system vendor for technical assistance.
Error - 9/20/2011 11:27:06 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7000
Description =
Error - 9/20/2011 11:27:06 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7022
Description =
< End of report >
OTL Extras logfile created on: 9/20/2011 8:40:53 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Amy\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 64.44% Memory free
3.96 Gb Paging File | 3.22 Gb Available in Paging File | 81.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.54 Gb Total Space | 229.53 Gb Free Space | 79.55% Space Free | Partition Type: NTFS
Drive D: | 9.55 Gb Total Space | 1.28 Gb Free Space | 13.45% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 297.62 Gb Free Space | 99.84% Space Free | Partition Type: NTFS
Computer Name: FRAZZLED | User Name: Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4F6A7786-1A9A-4075-9630-C2C286059F1D}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{6138D9C1-404D-487D-9C76-B74F066CA926}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{706D28CF-1769-471D-8CBA-B9910FA71570}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{8EFFB1E7-B99A-45C4-ACAB-A9CD6B8FE657}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{A1DB7591-3ACD-48D3-BFD9-0002A9B3FB16}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{EB239846-5449-4DAC-9304-EDBEC9B0ABCD}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{FC219AA4-A5D6-4CA2-8119-1F34DEAF72C9}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3EBA6E7C-3DF6-48AE-B87B-4CAFB2C1C3F7}" = LightScribe Template Labeler
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{AFAD41A9-9687-48A3-848F-693C11451433}" = HP Customer Experience Enhancements
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C792A75A-2A1F-4991-9B85-291745478A79}" = NetAssistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E6CFBFB5-9232-410C-B353-AF6E614B2681}" = LightScribe System Software 1.10.16.1
"{E8C2622C-9FF1-4F60-8008-A0208154F9F3}" = muvee autoProducer 6.1
"{e96b3d28-47d6-43cc-98fd-7069eeab6b11}" = HP Total Care Advisor
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"avast" = avast! Free Antivirus
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"NVIDIA Drivers" = NVIDIA Drivers
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Yahoo! Toolbar" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NetAssistant 3.8.3" = Freeze.com NetAssistant
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/1/2008 4:53:58 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 4:57:09 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 5:21:09 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 5:23:14 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 5:33:43 AM | Computer Name = FRAZZLED | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/1/2008 5:55:38 AM | Computer Name = FRAZZLED | Source = Perflib | ID = 1008
Description =
Error - 1/1/2008 5:55:38 AM | Computer Name = FRAZZLED | Source = Perflib | ID = 1010
Description =
Error - 9/20/2011 9:15:44 AM | Computer Name = FRAZZLED | Source = Perflib | ID = 1008
Description =
Error - 9/20/2011 9:15:44 AM | Computer Name = FRAZZLED | Source = Perflib | ID = 1010
Description =
Error - 9/20/2011 11:31:17 AM | Computer Name = FRAZZLED | Source = WerSvc | ID = 5007
Description =
[ System Events ]
Error - 1/1/2008 3:02:50 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7026
Description =
Error - 1/1/2008 3:34:36 AM | Computer Name = FRAZZLED | Source = DCOM | ID = 10005
Description =
Error - 1/1/2008 3:49:01 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7000
Description =
Error - 1/1/2008 3:49:01 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7022
Description =
Error - 1/1/2008 4:02:46 AM | Computer Name = FRAZZLED | Source = W32Time | ID = 39452706
Description = The time service has detected that the system time needs to be changed
by +117289371 seconds. The time service will not change the system time by more
than +54000 seconds. Verify that your time and time zone are correct, and that
the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.21:123) is
working properly.
Error - 1/1/2008 4:16:22 AM | Computer Name = FRAZZLED | Source = W32Time | ID = 39452706
Description = The time service has detected that the system time needs to be changed
by +117333028 seconds. The time service will not change the system time by more
than +54000 seconds. Verify that your time and time zone are correct, and that
the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->64.4.11.167:123) is
working properly.
Error - 9/20/2011 11:25:06 AM | Computer Name = FRAZZLED | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
9, function 0. Please contact your system vendor for technical assistance.
Error - 9/20/2011 11:25:06 AM | Computer Name = FRAZZLED | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
11, function 0. Please contact your system vendor for technical assistance.
Error - 9/20/2011 11:27:06 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7000
Description =
Error - 9/20/2011 11:27:06 AM | Computer Name = FRAZZLED | Source = Service Control Manager | ID = 7022
Description =
< End of report >
#24
Posted 20 September 2011 - 08:31 AM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
OK. But please post also new OTL scan log. You posted OTL fix log twice.
#25
Posted 21 September 2011 - 11:46 AM
Meow kitty
- Topic Starter
-
- Member
-
- 18 posts
Member
I must have deleted the OTL scan log, thinking I sent it to you. so do i have to rerun the scan log?
ALSO, A WEIRD THING HAPPEN LAST NIGHT, WHEN I TRIED TO TURN ON COMPUTER: I GOT IT TURN ON AND I GOT THE 1ST SCREEN SHOT WHICH SHOWS HP INVENT WITH THE OPTIONS OF ESC, F10, OR F12. BUT ANY BUTTON I PRESSED NOTHING WOULD HAPPEN. TRIED STARTING IT SEVERAL TIMES AND THE SAME THING WOULD HAPPEN. SO JUST NOW, I THOUGHT I WOULD TRIED TO TURN IT ON AND I GOT THE SAME SCREEN BUT THIS TIME I PRESSED THE F10 BUTTON AND RESET THE SETTINGS TO DEFAULT AND SAVED IT. NOW THE COMPUTER IS WORKING AGAIN. WHAT IN THE WORLD HAPPENED LAST NIGHT? NOW I AM AFRAID TO TURN OFF THE COMPUTER. WHAT IS YOUR INPUT ON THIS?
ALSO, I AM NOW GOING TO TRIED TO DOWNLOAD MALWAREBYTES.
ALSO, A WEIRD THING HAPPEN LAST NIGHT, WHEN I TRIED TO TURN ON COMPUTER: I GOT IT TURN ON AND I GOT THE 1ST SCREEN SHOT WHICH SHOWS HP INVENT WITH THE OPTIONS OF ESC, F10, OR F12. BUT ANY BUTTON I PRESSED NOTHING WOULD HAPPEN. TRIED STARTING IT SEVERAL TIMES AND THE SAME THING WOULD HAPPEN. SO JUST NOW, I THOUGHT I WOULD TRIED TO TURN IT ON AND I GOT THE SAME SCREEN BUT THIS TIME I PRESSED THE F10 BUTTON AND RESET THE SETTINGS TO DEFAULT AND SAVED IT. NOW THE COMPUTER IS WORKING AGAIN. WHAT IN THE WORLD HAPPENED LAST NIGHT? NOW I AM AFRAID TO TURN OFF THE COMPUTER. WHAT IS YOUR INPUT ON THIS?
ALSO, I AM NOW GOING TO TRIED TO DOWNLOAD MALWAREBYTES.
#26
Posted 21 September 2011 - 11:58 AM
Meow kitty
- Topic Starter
-
- Member
-
- 18 posts
Member
hi, i just reran the otl scan log and here it is. malwarebytes log will follow after i get downloaded.
OTL logfile created on: 12/31/2007 11:38:32 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Amy\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 57.19% Memory free
3.96 Gb Paging File | 3.07 Gb Available in Paging File | 77.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.54 Gb Total Space | 229.47 Gb Free Space | 79.53% Space Free | Partition Type: NTFS
Drive D: | 9.55 Gb Total Space | 1.28 Gb Free Space | 13.45% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 297.62 Gb Free Space | 99.84% Space Free | Partition Type: NTFS
Computer Name: FRAZZLED | User Name: Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/20 05:15:57 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Amy\Desktop\OTL.exe
PRC - [2011/09/06 13:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2007/12/08 20:42:54 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/25 05:52:08 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/04/18 07:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 03:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/11/02 01:45:39 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
========== Modules (No Company Name) ==========
MOD - [2007/11/06 00:50:44 | 000,189,760 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\NeoLoggingLib.dll
MOD - [2007/11/06 00:50:44 | 000,140,608 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll
MOD - [2007/11/06 00:50:44 | 000,107,840 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll
MOD - [2007/11/06 00:50:44 | 000,042,304 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (GameConsoleService)
SRV - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/12/08 20:06:32 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/09/06 13:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 13:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 13:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/05/08 04:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 04:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/26 03:51:22 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/10 12:17:40 | 001,035,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/07/06 17:45:00 | 007,568,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2005/12/12 09:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2011/09/20 07:23:29 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4ACE1838-ADF8-409C-BE62-7B86F1EF8CC9}: NameServer = 64.136.173.8 64.136.164.66
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Amy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Amy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/08 21:01:18 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/20 07:23:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/20 05:15:26 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Amy\Desktop\OTL.exe
[2011/09/17 03:44:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/09/17 03:44:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/09/17 03:44:13 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\temp
[2011/09/17 03:37:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/09/17 03:37:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/09/17 03:37:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/09/17 03:37:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/09/17 03:08:13 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/17 03:07:50 | 000,000,000 | ---D | C] -- C:\Combo-Fix
[2011/09/17 03:07:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/01 04:06:15 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/07/30 21:23:02 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\ElevatedDiagnostics
[2011/07/14 06:41:17 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Template
[2011/07/05 17:02:07 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2011/06/26 17:54:34 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Adobe
[2011/06/26 17:54:34 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\Adobe
[2011/05/16 15:22:43 | 000,000,000 | ---D | C] -- C:\Users\Amy\Documents\My Scans
[2011/05/16 15:16:56 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\HP
[2011/05/16 14:59:50 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\HP
[2011/05/16 14:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2011/05/16 14:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2011/05/16 14:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2011/05/15 15:02:58 | 000,320,856 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/05/15 15:02:58 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/05/15 15:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/05/15 15:02:57 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/05/15 15:02:57 | 000,054,616 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/05/15 15:02:57 | 000,052,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/05/15 15:02:57 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/05/15 15:02:39 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/05/15 15:02:39 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/05/15 15:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/05/15 15:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/14 22:14:36 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\Microsoft Games
[2011/05/14 17:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/05/14 17:42:39 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\CyberLink
[2011/05/13 21:18:50 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\Hewlett-Packard
[2011/05/13 21:17:55 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Symantec
[2011/05/13 21:17:32 | 000,000,000 | R--D | C] -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/05/13 21:17:32 | 000,000,000 | R--D | C] -- C:\Users\Amy\Searches
[2011/05/13 21:17:32 | 000,000,000 | R--D | C] -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/05/13 21:17:25 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Identities
[2011/05/13 21:17:23 | 000,000,000 | R--D | C] -- C:\Users\Amy\Contacts
[2011/05/13 21:17:22 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\VirtualStore
[2011/05/13 21:16:07 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Macromedia
[2011/05/13 21:15:34 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Hewlett-Packard
[2011/05/13 21:13:25 | 000,000,000 | --SD | C] -- C:\Users\Amy\AppData\Roaming\Microsoft
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Videos
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Saved Games
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Pictures
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Music
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Links
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Favorites
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Downloads
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Documents
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Desktop
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\AppData\Local\Temporary Internet Files
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Templates
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Start Menu
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\SendTo
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Recent
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\PrintHood
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\NetHood
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Documents\My Videos
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Documents\My Pictures
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Documents\My Music
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\My Documents
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Local Settings
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\AppData\Local\History
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Cookies
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Application Data
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\AppData\Local\Application Data
[2011/05/13 21:13:25 | 000,000,000 | -H-D | C] -- C:\Users\Amy\AppData
[2011/05/13 21:13:25 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\Microsoft
[2011/05/13 21:13:25 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Media Center Programs
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2011/05/13 20:54:57 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/05/13 20:52:54 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2007/12/08 21:24:06 | 000,000,000 | ---D | C] -- C:\Windows\SMINST
[2007/12/08 21:18:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2007/12/08 21:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2007/12/08 21:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
[2007/12/08 21:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\earthlink totalaccess
[2007/12/08 21:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2007/12/08 21:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\AWS
[2007/12/08 21:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2007/12/08 21:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2007/12/08 21:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides
[2007/12/08 21:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor
[2007/12/08 21:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC-Doctor 5 for Windows
[2007/12/08 21:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2007/12/08 21:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2007/12/08 21:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2007/12/08 21:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2007/12/08 21:03:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2007/12/08 21:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2007/12/08 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2007/12/08 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2007/12/08 21:01:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\muvee
[2007/12/08 21:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\muvee Technologies
[2007/12/08 21:01:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2007/12/08 21:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\muvee Technologies
[2007/12/08 21:00:43 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribeTemplateLabeler
[2007/12/08 20:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2007/12/08 20:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started
[2007/12/08 20:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2007/12/08 20:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2007/12/08 20:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2007/12/08 20:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2007/12/08 20:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2007/12/08 20:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2007/12/08 20:52:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2007/12/08 20:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2007/12/08 20:45:29 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2007/12/08 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2007/12/08 20:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2007/12/08 20:45:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2007/12/08 20:45:09 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2007/12/08 20:45:09 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2007/12/08 20:45:08 | 004,702,208 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2007/12/08 20:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2007/12/08 20:33:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
[2007/12/08 20:31:07 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2007/12/08 20:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2007/12/08 20:22:50 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2007/12/08 20:21:19 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2007/12/08 20:20:08 | 000,000,000 | ---D | C] -- C:\hp
[2007/12/08 20:04:51 | 000,000,000 | ---D | C] -- C:\Windows\Users
[2007/12/08 20:04:47 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2007/12/08 20:04:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2007/12/08 20:04:31 | 000,000,000 | ---D | C] -- C:\Boot
========== Files - Modified Within 30 Days ==========
[2011/09/20 07:23:29 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/09/20 05:15:57 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Amy\Desktop\OTL.exe
[2011/09/15 23:36:08 | 000,288,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/09/10 12:10:54 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/09/09 22:18:43 | 000,000,945 | ---- | M] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/09/06 13:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/09/06 13:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/06 13:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/09/06 13:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/09/06 13:36:26 | 000,054,616 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/08/28 06:46:15 | 000,589,824 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2011/08/28 06:46:14 | 000,327,680 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2011/08/28 06:46:14 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2011/07/14 06:33:33 | 000,000,000 | ---- | M] () -- C:\Users\Amy\AppData\Roaming\wklnhst.dat
[2011/06/25 22:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe
[2011/05/16 14:51:04 | 000,157,786 | ---- | M] () -- C:\Windows\hpoins28.dat
[2011/05/16 14:45:02 | 000,001,974 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/05/16 14:44:39 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/05/14 22:00:20 | 000,003,584 | ---- | M] () -- C:\Users\Amy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/13 21:17:20 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat
[2011/05/13 21:14:04 | 000,001,878 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_CPC_GX626AA-ABA a6313w_YC_0Pavi_QCNH802_E81NAv3PrA3_49_INARRA2_SASUSTek Computer INC._V2.00_B5.14_T080201_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.6_#080628_N10DE03EF_Z14F12F20_G10DE03D0.MRK
[2010/11/07 09:20:24 | 000,208,896 | ---- | M] () -- C:\Windows\MBR.exe
[2009/04/19 20:56:28 | 000,060,416 | ---- | M] (NirSoft) -- C:\Windows\NIRCMD.exe
[2008/05/06 04:42:56 | 000,146,036 | ---- | M] () -- C:\Windows\System32\drivers\HSFProf.cty
[2008/01/01 00:30:54 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2007/12/31 23:05:50 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2007/12/31 23:05:50 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2007/12/31 23:01:35 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2007/12/31 23:01:35 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2007/12/31 23:01:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2007/12/31 23:01:27 | 2011,684,864 | -HS- | M] () -- C:\hiberfil.sys
[2007/12/12 16:01:47 | 000,000,932 | ---- | M] () -- C:\Windows\hpomdl28.dat
[2007/12/08 21:15:21 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\MSN.lnk
[2007/12/08 21:11:42 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk
[2007/12/08 21:01:18 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2007/12/08 20:52:36 | 000,102,451 | ---- | M] () -- C:\Windows\hpqins13.dat
[2007/12/08 20:47:33 | 000,000,258 | ---- | M] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2007/12/08 20:47:33 | 000,000,240 | ---- | M] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2007/12/08 20:42:54 | 001,655,289 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2007/12/08 20:27:51 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[2007/12/08 20:25:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
[2007/12/08 20:15:59 | 000,008,888 | ---- | M] () -- C:\Windows\System32\RacUR.xml
[2007/12/08 20:15:59 | 000,000,150 | ---- | M] () -- C:\Windows\System32\RacUREx.xml
[2007/12/08 20:14:10 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2007/12/08 20:04:33 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
========== Files Created - No Company Name ==========
[2011/09/17 03:37:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/09/17 03:37:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/09/17 03:37:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/09/17 03:37:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/09/17 03:37:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/07/14 06:33:33 | 000,000,000 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\wklnhst.dat
[2011/07/05 01:26:17 | 000,327,680 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2011/07/05 01:26:17 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2011/07/05 01:26:16 | 000,589,824 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2011/05/16 14:45:02 | 000,001,974 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/05/16 14:44:39 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/05/16 14:35:56 | 000,157,786 | ---- | C] () -- C:\Windows\hpoins28.dat
[2011/05/16 14:35:56 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2011/05/15 15:02:58 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/05/14 22:00:18 | 000,003,584 | ---- | C] () -- C:\Users\Amy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/13 21:35:26 | 000,000,945 | ---- | C] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/13 21:17:33 | 000,000,951 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/05/13 21:17:32 | 000,000,946 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/05/13 21:17:23 | 000,000,917 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/05/13 21:17:20 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat
[2011/05/13 21:13:57 | 000,001,878 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_CPC_GX626AA-ABA a6313w_YC_0Pavi_QCNH802_E81NAv3PrA3_49_INARRA2_SASUSTek Computer INC._V2.00_B5.14_T080201_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.6_#080628_N10DE03EF_Z14F12F20_G10DE03D0.MRK
[2011/05/13 21:13:47 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\MSN.lnk
[2011/05/13 21:13:47 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk
[2011/05/13 21:13:47 | 000,001,867 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Total Care Advisor.lnk
[2011/05/13 21:13:25 | 000,001,046 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk
[2011/05/13 21:13:25 | 000,000,258 | ---- | C] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/05/13 21:13:25 | 000,000,240 | ---- | C] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2008/05/06 04:42:56 | 000,146,036 | ---- | C] () -- C:\Windows\System32\drivers\HSFProf.cty
[2007/12/31 23:47:15 | 2011,684,864 | -HS- | C] () -- C:\hiberfil.sys
[2007/12/08 21:33:16 | 000,001,630 | ---- | C] () -- C:\Users\Public\Desktop\Windows Media Center.lnk
[2007/12/08 21:15:26 | 000,000,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora Internet Radio.url
[2007/12/08 21:07:41 | 000,000,172 | ---- | C] () -- C:\Users\Public\Desktop\Help and Support.lnk
[2007/12/08 21:05:20 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2007/12/08 21:05:00 | 000,001,018 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2007/12/08 21:02:26 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2007/12/08 20:52:19 | 000,102,451 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/12/08 20:43:40 | 000,017,254 | ---- | C] () -- C:\Windows\System32\nvwsapps.xml
[2007/12/08 20:43:38 | 000,006,335 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu
[2007/12/08 20:43:37 | 000,123,651 | ---- | C] () -- C:\Windows\System32\nvapps.xml
[2007/12/08 20:42:54 | 001,655,289 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2007/12/08 20:34:30 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2007/12/08 20:31:43 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007/12/08 20:31:42 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/12/08 20:19:58 | 000,001,901 | ---- | C] () -- C:\Windows\System32\nvnrm.nvu
[2007/12/08 20:15:59 | 000,008,888 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2007/12/08 20:15:59 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2007/12/08 20:14:10 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2007/12/08 20:04:33 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2007/12/08 20:04:32 | 000,438,840 | RHS- | C] () -- C:\bootmgr
[2006/11/02 04:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 04:47:37 | 000,288,216 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 04:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:33:01 | 000,618,410 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 02:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 02:33:01 | 000,103,818 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 02:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 02:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 00:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 00:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/01 23:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/01 23:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
========== LOP Check ==========
[2011/07/14 06:41:17 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Template
[2011/09/20 08:34:03 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
OTL logfile created on: 12/31/2007 11:38:32 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Amy\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 57.19% Memory free
3.96 Gb Paging File | 3.07 Gb Available in Paging File | 77.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.54 Gb Total Space | 229.47 Gb Free Space | 79.53% Space Free | Partition Type: NTFS
Drive D: | 9.55 Gb Total Space | 1.28 Gb Free Space | 13.45% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 297.62 Gb Free Space | 99.84% Space Free | Partition Type: NTFS
Computer Name: FRAZZLED | User Name: Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/20 05:15:57 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Amy\Desktop\OTL.exe
PRC - [2011/09/06 13:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2007/12/08 20:42:54 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/25 05:52:08 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/04/18 07:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 03:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/11/02 01:45:39 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
========== Modules (No Company Name) ==========
MOD - [2007/11/06 00:50:44 | 000,189,760 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\NeoLoggingLib.dll
MOD - [2007/11/06 00:50:44 | 000,140,608 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll
MOD - [2007/11/06 00:50:44 | 000,107,840 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll
MOD - [2007/11/06 00:50:44 | 000,042,304 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (GameConsoleService)
SRV - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/12/08 20:06:32 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/09/06 13:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 13:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 13:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/05/08 04:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 04:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/26 03:51:22 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/10 12:17:40 | 001,035,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/07/06 17:45:00 | 007,568,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2005/12/12 09:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2011/09/20 07:23:29 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4ACE1838-ADF8-409C-BE62-7B86F1EF8CC9}: NameServer = 64.136.173.8 64.136.164.66
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Amy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Amy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/08 21:01:18 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/20 07:23:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/20 05:15:26 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Amy\Desktop\OTL.exe
[2011/09/17 03:44:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/09/17 03:44:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/09/17 03:44:13 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\temp
[2011/09/17 03:37:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/09/17 03:37:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/09/17 03:37:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/09/17 03:37:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/09/17 03:08:13 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/17 03:07:50 | 000,000,000 | ---D | C] -- C:\Combo-Fix
[2011/09/17 03:07:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/01 04:06:15 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/07/30 21:23:02 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\ElevatedDiagnostics
[2011/07/14 06:41:17 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Template
[2011/07/05 17:02:07 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2011/06/26 17:54:34 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Adobe
[2011/06/26 17:54:34 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\Adobe
[2011/05/16 15:22:43 | 000,000,000 | ---D | C] -- C:\Users\Amy\Documents\My Scans
[2011/05/16 15:16:56 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\HP
[2011/05/16 14:59:50 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\HP
[2011/05/16 14:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2011/05/16 14:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2011/05/16 14:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2011/05/15 15:02:58 | 000,320,856 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/05/15 15:02:58 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/05/15 15:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/05/15 15:02:57 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/05/15 15:02:57 | 000,054,616 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/05/15 15:02:57 | 000,052,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/05/15 15:02:57 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/05/15 15:02:39 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/05/15 15:02:39 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/05/15 15:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/05/15 15:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/14 22:14:36 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\Microsoft Games
[2011/05/14 17:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/05/14 17:42:39 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\CyberLink
[2011/05/13 21:18:50 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\Hewlett-Packard
[2011/05/13 21:17:55 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Symantec
[2011/05/13 21:17:32 | 000,000,000 | R--D | C] -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/05/13 21:17:32 | 000,000,000 | R--D | C] -- C:\Users\Amy\Searches
[2011/05/13 21:17:32 | 000,000,000 | R--D | C] -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/05/13 21:17:25 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Identities
[2011/05/13 21:17:23 | 000,000,000 | R--D | C] -- C:\Users\Amy\Contacts
[2011/05/13 21:17:22 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\VirtualStore
[2011/05/13 21:16:07 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Macromedia
[2011/05/13 21:15:34 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Hewlett-Packard
[2011/05/13 21:13:25 | 000,000,000 | --SD | C] -- C:\Users\Amy\AppData\Roaming\Microsoft
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Videos
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Saved Games
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Pictures
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Music
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Links
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Favorites
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Downloads
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Documents
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\Desktop
[2011/05/13 21:13:25 | 000,000,000 | R--D | C] -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\AppData\Local\Temporary Internet Files
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Templates
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Start Menu
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\SendTo
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Recent
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\PrintHood
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\NetHood
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Documents\My Videos
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Documents\My Pictures
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Documents\My Music
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\My Documents
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Local Settings
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\AppData\Local\History
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Cookies
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\Application Data
[2011/05/13 21:13:25 | 000,000,000 | -HSD | C] -- C:\Users\Amy\AppData\Local\Application Data
[2011/05/13 21:13:25 | 000,000,000 | -H-D | C] -- C:\Users\Amy\AppData
[2011/05/13 21:13:25 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\Microsoft
[2011/05/13 21:13:25 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Media Center Programs
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2011/05/13 21:10:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2011/05/13 20:54:57 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/05/13 20:52:54 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2007/12/08 21:24:06 | 000,000,000 | ---D | C] -- C:\Windows\SMINST
[2007/12/08 21:18:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2007/12/08 21:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2007/12/08 21:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
[2007/12/08 21:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\earthlink totalaccess
[2007/12/08 21:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2007/12/08 21:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\AWS
[2007/12/08 21:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2007/12/08 21:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2007/12/08 21:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides
[2007/12/08 21:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor
[2007/12/08 21:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC-Doctor 5 for Windows
[2007/12/08 21:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2007/12/08 21:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2007/12/08 21:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2007/12/08 21:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2007/12/08 21:03:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2007/12/08 21:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2007/12/08 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2007/12/08 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2007/12/08 21:01:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\muvee
[2007/12/08 21:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\muvee Technologies
[2007/12/08 21:01:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2007/12/08 21:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\muvee Technologies
[2007/12/08 21:00:43 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribeTemplateLabeler
[2007/12/08 20:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2007/12/08 20:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started
[2007/12/08 20:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2007/12/08 20:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2007/12/08 20:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2007/12/08 20:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2007/12/08 20:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2007/12/08 20:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2007/12/08 20:52:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2007/12/08 20:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2007/12/08 20:45:29 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2007/12/08 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2007/12/08 20:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2007/12/08 20:45:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2007/12/08 20:45:09 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2007/12/08 20:45:09 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2007/12/08 20:45:08 | 004,702,208 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2007/12/08 20:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2007/12/08 20:33:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
[2007/12/08 20:31:07 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2007/12/08 20:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2007/12/08 20:22:50 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2007/12/08 20:21:19 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2007/12/08 20:20:08 | 000,000,000 | ---D | C] -- C:\hp
[2007/12/08 20:04:51 | 000,000,000 | ---D | C] -- C:\Windows\Users
[2007/12/08 20:04:47 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2007/12/08 20:04:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2007/12/08 20:04:31 | 000,000,000 | ---D | C] -- C:\Boot
========== Files - Modified Within 30 Days ==========
[2011/09/20 07:23:29 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/09/20 05:15:57 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Amy\Desktop\OTL.exe
[2011/09/15 23:36:08 | 000,288,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/09/10 12:10:54 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/09/09 22:18:43 | 000,000,945 | ---- | M] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/09/06 13:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/09/06 13:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/06 13:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/09/06 13:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/09/06 13:36:26 | 000,054,616 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/08/28 06:46:15 | 000,589,824 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2011/08/28 06:46:14 | 000,327,680 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2011/08/28 06:46:14 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2011/07/14 06:33:33 | 000,000,000 | ---- | M] () -- C:\Users\Amy\AppData\Roaming\wklnhst.dat
[2011/06/25 22:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe
[2011/05/16 14:51:04 | 000,157,786 | ---- | M] () -- C:\Windows\hpoins28.dat
[2011/05/16 14:45:02 | 000,001,974 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/05/16 14:44:39 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/05/14 22:00:20 | 000,003,584 | ---- | M] () -- C:\Users\Amy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/13 21:17:20 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat
[2011/05/13 21:14:04 | 000,001,878 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_CPC_GX626AA-ABA a6313w_YC_0Pavi_QCNH802_E81NAv3PrA3_49_INARRA2_SASUSTek Computer INC._V2.00_B5.14_T080201_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.6_#080628_N10DE03EF_Z14F12F20_G10DE03D0.MRK
[2010/11/07 09:20:24 | 000,208,896 | ---- | M] () -- C:\Windows\MBR.exe
[2009/04/19 20:56:28 | 000,060,416 | ---- | M] (NirSoft) -- C:\Windows\NIRCMD.exe
[2008/05/06 04:42:56 | 000,146,036 | ---- | M] () -- C:\Windows\System32\drivers\HSFProf.cty
[2008/01/01 00:30:54 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2007/12/31 23:05:50 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2007/12/31 23:05:50 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2007/12/31 23:01:35 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2007/12/31 23:01:35 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2007/12/31 23:01:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2007/12/31 23:01:27 | 2011,684,864 | -HS- | M] () -- C:\hiberfil.sys
[2007/12/12 16:01:47 | 000,000,932 | ---- | M] () -- C:\Windows\hpomdl28.dat
[2007/12/08 21:15:21 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\MSN.lnk
[2007/12/08 21:11:42 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk
[2007/12/08 21:01:18 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2007/12/08 20:52:36 | 000,102,451 | ---- | M] () -- C:\Windows\hpqins13.dat
[2007/12/08 20:47:33 | 000,000,258 | ---- | M] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2007/12/08 20:47:33 | 000,000,240 | ---- | M] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2007/12/08 20:42:54 | 001,655,289 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2007/12/08 20:27:51 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[2007/12/08 20:25:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
[2007/12/08 20:15:59 | 000,008,888 | ---- | M] () -- C:\Windows\System32\RacUR.xml
[2007/12/08 20:15:59 | 000,000,150 | ---- | M] () -- C:\Windows\System32\RacUREx.xml
[2007/12/08 20:14:10 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2007/12/08 20:04:33 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
========== Files Created - No Company Name ==========
[2011/09/17 03:37:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/09/17 03:37:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/09/17 03:37:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/09/17 03:37:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/09/17 03:37:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/07/14 06:33:33 | 000,000,000 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\wklnhst.dat
[2011/07/05 01:26:17 | 000,327,680 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2011/07/05 01:26:17 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2011/07/05 01:26:16 | 000,589,824 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2011/05/16 14:45:02 | 000,001,974 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/05/16 14:44:39 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/05/16 14:35:56 | 000,157,786 | ---- | C] () -- C:\Windows\hpoins28.dat
[2011/05/16 14:35:56 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2011/05/15 15:02:58 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/05/14 22:00:18 | 000,003,584 | ---- | C] () -- C:\Users\Amy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/13 21:35:26 | 000,000,945 | ---- | C] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/13 21:17:33 | 000,000,951 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/05/13 21:17:32 | 000,000,946 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/05/13 21:17:23 | 000,000,917 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/05/13 21:17:20 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat
[2011/05/13 21:13:57 | 000,001,878 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_CPC_GX626AA-ABA a6313w_YC_0Pavi_QCNH802_E81NAv3PrA3_49_INARRA2_SASUSTek Computer INC._V2.00_B5.14_T080201_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.6_#080628_N10DE03EF_Z14F12F20_G10DE03D0.MRK
[2011/05/13 21:13:47 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\MSN.lnk
[2011/05/13 21:13:47 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk
[2011/05/13 21:13:47 | 000,001,867 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Total Care Advisor.lnk
[2011/05/13 21:13:25 | 000,001,046 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk
[2011/05/13 21:13:25 | 000,000,258 | ---- | C] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/05/13 21:13:25 | 000,000,240 | ---- | C] () -- C:\Users\Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2008/05/06 04:42:56 | 000,146,036 | ---- | C] () -- C:\Windows\System32\drivers\HSFProf.cty
[2007/12/31 23:47:15 | 2011,684,864 | -HS- | C] () -- C:\hiberfil.sys
[2007/12/08 21:33:16 | 000,001,630 | ---- | C] () -- C:\Users\Public\Desktop\Windows Media Center.lnk
[2007/12/08 21:15:26 | 000,000,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora Internet Radio.url
[2007/12/08 21:07:41 | 000,000,172 | ---- | C] () -- C:\Users\Public\Desktop\Help and Support.lnk
[2007/12/08 21:05:20 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2007/12/08 21:05:00 | 000,001,018 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2007/12/08 21:02:26 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2007/12/08 20:52:19 | 000,102,451 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/12/08 20:43:40 | 000,017,254 | ---- | C] () -- C:\Windows\System32\nvwsapps.xml
[2007/12/08 20:43:38 | 000,006,335 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu
[2007/12/08 20:43:37 | 000,123,651 | ---- | C] () -- C:\Windows\System32\nvapps.xml
[2007/12/08 20:42:54 | 001,655,289 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2007/12/08 20:34:30 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2007/12/08 20:31:43 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007/12/08 20:31:42 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/12/08 20:19:58 | 000,001,901 | ---- | C] () -- C:\Windows\System32\nvnrm.nvu
[2007/12/08 20:15:59 | 000,008,888 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2007/12/08 20:15:59 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2007/12/08 20:14:10 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2007/12/08 20:04:33 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2007/12/08 20:04:32 | 000,438,840 | RHS- | C] () -- C:\bootmgr
[2006/11/02 04:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 04:47:37 | 000,288,216 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 04:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:33:01 | 000,618,410 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 02:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 02:33:01 | 000,103,818 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 02:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 02:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 00:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 00:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/01 23:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/01 23:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
========== LOP Check ==========
[2011/07/14 06:41:17 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Template
[2011/09/20 08:34:03 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
#27
Posted 21 September 2011 - 12:51 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
I don't know. How old is this computer?WHAT IS YOUR INPUT ON THIS?
Please run MBAM now.
#28
Posted 21 September 2011 - 03:44 PM
Meow kitty
- Topic Starter
-
- Member
-
- 18 posts
Member
Hi, just ran the MBAM scan and here it is using the quick scan:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7765
Windows 6.0.6000
Internet Explorer 7.0.6000.16982
9/21/2011 4:10:37 AM
mbam-log-2011-09-21 (04-10-37).txt
Scan type: Quick scan
Objects scanned: 160928
Time elapsed: 2 minute(s), 2 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I have a microsoft windows vista home premium (x32), does that tell the age of it? if not where do i find info? Also, the date and time has been going back to 2008, is there a fix for this? or do i just keep adjusting every time?
Please continue to work with me and thank you so very much for everything so far.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7765
Windows 6.0.6000
Internet Explorer 7.0.6000.16982
9/21/2011 4:10:37 AM
mbam-log-2011-09-21 (04-10-37).txt
Scan type: Quick scan
Objects scanned: 160928
Time elapsed: 2 minute(s), 2 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I have a microsoft windows vista home premium (x32), does that tell the age of it? if not where do i find info? Also, the date and time has been going back to 2008, is there a fix for this? or do i just keep adjusting every time?
Please continue to work with me and thank you so very much for everything so far.
#29
Posted 21 September 2011 - 04:01 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Approximately, yes.I have a microsoft windows vista home premium (x32), does that tell the age of it?
You have to enter BIOS and set correct date and time there. See here how to enter BIOS.Also, the date and time has been going back to 2008, is there a fix for this? or do i just keep adjusting every time?
Then here we have hardware problem:
Error - 9/10/2011 4:04:21 PM | Computer Name = FRAZZLED | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
9, function 0. Please contact your system vendor for technical assistance.
Probably this is your sound card or some other device is in conflict with it. When you are in BIOS also check if you have set to Plug&Play OS. Also you can try to put your sound card in some other free PCI slot.
Now do this please:
From the Start menu open your Computer
You should see something like this:
Right click your system partition (usually C) and select Properties
Select Tools tab and then Check now...
The second window will popup
Ensure you have ticks in both boxes
Then click Start
Windows will schedule it for the next boot
Reboot
Once that has completed:
Go to Start > All Programs > Accessories
Right click Command Prompt and select Run as administrator
When the prompt opens type the following bolded text and press enter
sfc /scannow (Note: There is a space between sfc and /scannow)
On completion reboot
Let me know then if there is any improvement
#30
Posted 21 September 2011 - 09:10 PM
Meow kitty
- Topic Starter
-
- Member
-
- 18 posts
Member
Hi, did the sfc scannow. it said verification 98% complete, windows resource protection found corrput files and successfully repaired them. details are included in the CBS.Log windir\Logs\CBS\CBS log. for example C:\Windows\Logs\CBS\CBS log.
I tried to open file, but was denied access. i know it has something to do with permissions, please advise. I am shutting the computer down for the night, my knee is really hurting. hopefully i can get the computer turn on tomorrow. again thank you so very much for helping me. talk to you later. bye
I tried to open file, but was denied access. i know it has something to do with permissions, please advise. I am shutting the computer down for the night, my knee is really hurting. hopefully i can get the computer turn on tomorrow. again thank you so very much for helping me. talk to you later. bye
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
