Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need help understanding OTS scan results [Solved]

Started by lavenderchef45 , Jan 06 2012 08:44 PM

  • This topic is locked This topic is locked

#1
lavenderchef45
Posted 06 January 2012 - 08:44 PM

lavenderchef45

    Member

  • Member
  • PipPip
  • 37 posts
Hi:
I have a Toshiba Satellite C655 laptop running Win 7. Several Mo ago I when I booted up my system appeared to go thru a complete restructure. My login page display changed, My system now uses my name (which I never entered), system is s l o w. Lots of issues. Including System restore was reset to only saving about a week of restore dates. I use Kaspersky AntiVirus, malwarebytes. I just downloaded and used OTScanner. I would appreciate if you could look at the scan results & let me know if you see anything that I could fix.

TAttached File  OTS.Txt   132.53KB   95 downloads
________________________________________________________________________________________________________________________
OTL logfile created on: 1/7/2012 7:24:56 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Angela\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.60 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 52.74% Memory free
5.20 Gb Paging File | 3.69 Gb Available in Paging File | 70.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.29 Gb Total Space | 252.52 Gb Free Space | 88.51% Space Free | Partition Type: NTFS

Computer Name: LYDIA | User Name: Angela | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/07 19:10:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTL.exe
PRC - [2011/12/29 21:00:49 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/02/28 01:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE


========== Modules (No Company Name) ==========

MOD - [2011/12/29 21:00:48 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/12/23 18:08:50 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2010/02/28 01:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/10 14:52:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/20 16:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/28 14:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/02/05 19:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Pml Driver HPZ12)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Net Driver HPZ12)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/11/02 21:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/14 08:58:46 | 000,274,616 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:64bit: - [2011/08/07 14:45:38 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2011/04/20 08:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 14:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/02/10 15:22:00 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/02/10 14:15:08 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/02/08 21:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/01/05 03:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 14:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/05 09:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/11/05 09:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/10/08 13:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/09/14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/06/09 15:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2010/06/09 15:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010/04/22 17:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009/11/02 18:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/08/14 09:40:44 | 000,260,144 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2011/08/07 15:14:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2011/08/07 15:14:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/29 21:00:50 | 000,000,000 | ---D | M]

[2011/08/07 14:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Angela\AppData\Roaming\mozilla\Extensions
[2012/01/06 19:01:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Angela\AppData\Roaming\mozilla\Firefox\Profiles\81d8y8d2.default\extensions
[2011/09/25 19:34:01 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Angela\AppData\Roaming\mozilla\Firefox\Profiles\81d8y8d2.default\extensions\[email protected]
[2012/01/01 23:55:23 | 000,001,620 | ---- | M] () -- C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\81d8y8d2.default\searchplugins\read-books-online.xml
[2012/01/01 23:53:10 | 000,001,539 | ---- | M] () -- C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\81d8y8d2.default\searchplugins\thesaurus---referencecom.xml
[2012/01/01 23:53:26 | 000,000,705 | ---- | M] () -- C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\81d8y8d2.default\searchplugins\webster.xml
[2011/08/07 15:15:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/07 14:55:44 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
() (No name found) -- C:\USERS\ANGELA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\81D8Y8D2.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ANGELA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\81D8Y8D2.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
() (No name found) -- C:\USERS\ANGELA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\81D8Y8D2.DEFAULT\EXTENSIONS\[email protected]
[2011/12/29 21:00:49 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/12/29 21:00:45 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/12/29 21:00:45 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/11/02 21:43:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [COMODO System Cleaner SafeDelete] "F:\CSC_SETUP_2.2.335611.5_xp_vista_server2003_win7_32bit\COMODO System-Cleaner\CSC.EXE" //safedeletion File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-2340025526-1877037402-2767268562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 204.111.1.210 204.111.1.195
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFF8FA6A-61A2-46A6-9933-844D82298839}: DhcpNameServer = 204.111.1.210 204.111.1.195
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (maliprog @ Geekstogo)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -Explorer.exe (maliprog @ Geekstogo)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/07 19:10:01 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTL.exe
[2012/01/07 18:55:57 | 000,000,000 | ---D | C] -- C:\Users\Angela\Desktop\references
[2012/01/06 22:13:41 | 000,751,581 | ---- | C] (maliprog @ Geekstogo) -- C:\Users\Angela\Desktop\explorer.exe
[2012/01/06 20:54:50 | 000,646,144 | ---- | C] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTS.exe
[2012/01/03 19:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2012/01/03 19:21:27 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\PC_Drivers_Headquarters
[2012/01/03 19:21:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2012/01/03 19:12:35 | 001,182,616 | ---- | C] (PC Drivers HeadQuarters ) -- C:\Users\Angela\Desktop\DriverDetective.exe
[2012/01/03 13:38:41 | 000,000,000 | ---D | C] -- C:\Users\Angela\Desktop\OpenOffice.org 3.3 (en-US) Installation Files
[2012/01/02 17:28:54 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2011/12/29 23:42:07 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Defrag
[2011/12/29 23:42:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Defrag
[2011/12/29 23:42:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eusing Free Registry Defrag
[2011/12/29 22:55:20 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Roaming\Wise Registry Cleaner
[2011/12/29 22:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2011/12/29 22:54:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise Registry Cleaner
[2011/12/29 20:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/29 20:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/12/29 19:36:29 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\Adobe
[2011/12/12 09:20:15 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

========== Files - Modified Within 30 Days ==========

[2012/01/07 19:10:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTL.exe
[2012/01/07 18:50:11 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/07 18:50:11 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/07 18:41:05 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/01/07 18:40:54 | 2094,161,920 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/06 22:52:30 | 000,000,114 | ---- | M] () -- C:\Users\Angela\Desktop\The Freecycle Network.url
[2012/01/06 22:13:49 | 000,751,581 | ---- | M] (maliprog @ Geekstogo) -- C:\Users\Angela\Desktop\explorer.exe
[2012/01/06 20:54:55 | 000,646,144 | ---- | M] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTS.exe
[2012/01/06 19:53:55 | 000,000,230 | ---- | M] () -- C:\Users\Angela\Desktop\Making Home Affordable.url
[2012/01/06 19:51:02 | 000,000,237 | ---- | M] () -- C:\Users\Angela\Desktop\Printable Percentage Chart.url
[2012/01/06 19:23:11 | 000,000,230 | ---- | M] () -- C:\Users\Angela\Desktop\Alternatives to Foreclosure - Freddie Mac.url
[2012/01/04 19:06:02 | 000,727,182 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/01/04 19:06:02 | 000,624,622 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/01/04 19:06:02 | 000,106,708 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/01/03 19:12:47 | 001,182,616 | ---- | M] (PC Drivers HeadQuarters ) -- C:\Users\Angela\Desktop\DriverDetective.exe
[2012/01/03 12:02:36 | 000,274,320 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/01/02 23:31:21 | 000,000,190 | ---- | M] () -- C:\Users\Angela\Desktop\Hyperthymesia - Wikipedia, the free encyclopedia.url
[2012/01/02 19:25:19 | 000,000,213 | ---- | M] () -- C:\Users\Angela\Desktop\Watch Online Person of Interest Season 1 Episode 10 - Number Crunch - Watch Series.url
[2012/01/01 19:40:27 | 000,000,139 | ---- | M] () -- C:\Users\Angela\Desktop\Employment Application Lodge At Old Trail.url
[2012/01/01 17:48:02 | 000,000,183 | ---- | M] () -- C:\Users\Angela\Desktop\Home Loan Modification or Mortgage Refinance CreditFYI.com.url
[2011/12/30 19:17:49 | 158,067,944 | ---- | M] () -- C:\Users\Angela\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe
[2011/12/29 23:42:07 | 000,001,055 | ---- | M] () -- C:\Users\Angela\Desktop\Eusing Free Registry Defrag.lnk
[2011/12/28 12:47:33 | 000,012,805 | ---- | M] () -- C:\Users\Angela\Desktop\products.cfm.htm
[2011/12/26 22:06:08 | 000,000,164 | ---- | M] () -- C:\Users\Angela\Desktop\Jobs.net - Jobs, Job Search, Employment Resources and Career Advice.url
[2011/12/26 22:04:29 | 000,000,229 | ---- | M] () -- C:\Users\Angela\Desktop\Manager, Dining Services.url
[2011/12/26 22:03:35 | 000,000,267 | ---- | M] () -- C:\Users\Angela\Desktop\samuelslibrary.net - employment opportunities.url
[2011/12/21 11:36:20 | 000,000,116 | ---- | M] () -- C:\Users\Angela\Desktop\The Sudarium Trilogy Best Selling Thriller.url
[2011/12/21 11:35:53 | 000,000,145 | ---- | M] () -- C:\Users\Angela\Desktop\ITW Member Directory - David Richards's Profile.url
[2011/12/18 22:52:03 | 000,000,216 | ---- | M] () -- C:\Users\Angela\Desktop\[PC Support] Frequently Asked Windows Problems with Solutions, Help and Troubleshooting Tips - Tweaking with Vishal.url
[2011/12/18 03:33:21 | 000,000,017 | ---- | M] () -- C:\windows\SysWow64\shortcut_ex.dat
[2011/12/16 01:10:13 | 000,000,216 | ---- | M] () -- C:\Users\Angela\Desktop\Diagnose and fix program installing and uninstalling problems automatically.url
[2011/12/15 22:07:11 | 000,000,178 | ---- | M] () -- C:\Users\Angela\Desktop\Completely removing Windows Vista-Windows 7 Printer Driver - Brian Jackson's IT Blog.url
[2011/12/15 21:56:06 | 000,000,191 | ---- | M] () -- C:\Users\Angela\Desktop\How to cancel printing or to delete a print job that is stuck in the print queue in Windows XP.url
[2011/12/12 09:20:16 | 000,001,276 | ---- | M] () -- C:\Users\Angela\Desktop\Revo Uninstaller.lnk
[2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011/12/09 08:39:53 | 000,000,205 | ---- | M] () -- C:\Users\Angela\Desktop\Tennessee Wholesale Nursery Store - Shopping Cart.url
[2011/12/08 21:42:09 | 000,000,123 | ---- | M] () -- C:\Users\Angela\Desktop\Removal Remove-Malware.com.url

========== Files Created - No Company Name ==========

[2012/01/06 22:52:30 | 000,000,114 | ---- | C] () -- C:\Users\Angela\Desktop\The Freecycle Network.url
[2012/01/06 19:53:55 | 000,000,230 | ---- | C] () -- C:\Users\Angela\Desktop\Making Home Affordable.url
[2012/01/06 19:51:01 | 000,000,237 | ---- | C] () -- C:\Users\Angela\Desktop\Printable Percentage Chart.url
[2012/01/06 19:23:11 | 000,000,230 | ---- | C] () -- C:\Users\Angela\Desktop\Alternatives to Foreclosure - Freddie Mac.url
[2012/01/03 12:01:56 | 000,274,320 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/01/02 19:25:18 | 000,000,213 | ---- | C] () -- C:\Users\Angela\Desktop\Watch Online Person of Interest Season 1 Episode 10 - Number Crunch - Watch Series.url
[2012/01/01 19:40:27 | 000,000,139 | ---- | C] () -- C:\Users\Angela\Desktop\Employment Application Lodge At Old Trail.url
[2012/01/01 17:48:02 | 000,000,183 | ---- | C] () -- C:\Users\Angela\Desktop\Home Loan Modification or Mortgage Refinance CreditFYI.com.url
[2011/12/30 18:28:09 | 158,067,944 | ---- | C] () -- C:\Users\Angela\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe
[2011/12/29 23:42:07 | 000,001,055 | ---- | C] () -- C:\Users\Angela\Desktop\Eusing Free Registry Defrag.lnk
[2011/12/28 12:47:25 | 000,012,805 | ---- | C] () -- C:\Users\Angela\Desktop\products.cfm.htm
[2011/12/26 22:06:08 | 000,000,164 | ---- | C] () -- C:\Users\Angela\Desktop\Jobs.net - Jobs, Job Search, Employment Resources and Career Advice.url
[2011/12/26 22:04:29 | 000,000,229 | ---- | C] () -- C:\Users\Angela\Desktop\Manager, Dining Services.url
[2011/12/26 22:03:35 | 000,000,267 | ---- | C] () -- C:\Users\Angela\Desktop\samuelslibrary.net - employment opportunities.url
[2011/12/21 11:36:20 | 000,000,116 | ---- | C] () -- C:\Users\Angela\Desktop\The Sudarium Trilogy Best Selling Thriller.url
[2011/12/21 11:35:53 | 000,000,145 | ---- | C] () -- C:\Users\Angela\Desktop\ITW Member Directory - David Richards's Profile.url
[2011/12/18 22:52:03 | 000,000,216 | ---- | C] () -- C:\Users\Angela\Desktop\[PC Support] Frequently Asked Windows Problems with Solutions, Help and Troubleshooting Tips - Tweaking with Vishal.url
[2011/12/18 03:33:21 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
[2011/12/16 01:10:13 | 000,000,216 | ---- | C] () -- C:\Users\Angela\Desktop\Diagnose and fix program installing and uninstalling problems automatically.url
[2011/12/15 22:07:11 | 000,000,178 | ---- | C] () -- C:\Users\Angela\Desktop\Completely removing Windows Vista-Windows 7 Printer Driver - Brian Jackson's IT Blog.url
[2011/12/15 21:56:06 | 000,000,191 | ---- | C] () -- C:\Users\Angela\Desktop\How to cancel printing or to delete a print job that is stuck in the print queue in Windows XP.url
[2011/12/13 22:56:30 | 000,000,190 | ---- | C] () -- C:\Users\Angela\Desktop\Hyperthymesia - Wikipedia, the free encyclopedia.url
[2011/12/09 08:39:52 | 000,000,205 | ---- | C] () -- C:\Users\Angela\Desktop\Tennessee Wholesale Nursery Store - Shopping Cart.url
[2011/12/08 21:42:09 | 000,000,123 | ---- | C] () -- C:\Users\Angela\Desktop\Removal Remove-Malware.com.url
[2011/10/11 23:38:44 | 000,007,605 | ---- | C] () -- C:\Users\Angela\AppData\Local\Resmon.ResmonCfg
[2011/08/09 15:28:51 | 000,731,106 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/05/21 01:20:52 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2011/05/21 01:13:26 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/05/21 01:10:23 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/12/11 16:00:06 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\GetRightToGo
[2011/10/01 21:30:06 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\GlarySoft
[2011/10/16 19:51:52 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\Iomatic
[2011/09/25 19:34:10 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\QFX Software
[2012/01/05 01:38:20 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\SoftGrid Client
[2011/11/27 18:09:01 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\Toshiba
[2011/08/09 15:30:53 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\TP
[2011/08/07 14:25:46 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\WinBatch
[2011/12/29 23:01:49 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\Wise Registry Cleaner
[2011/12/20 18:31:52 | 000,032,552 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by lavenderchef45, 07 January 2012 - 06:39 PM.

  • 0

Advertisements

#2
Gammo
Posted 12 January 2012 - 08:37 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below.

Your OTL log is clean and your problem(s) doesn't sound like typical malware symptoms to me, so I don't think your PC is infected. I suggest you start a new topic about your problem here. :thumbsup:

But first please run this cleanup tool in order to remove OTL and OTS:
  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

  • 0

#3
lavenderchef45
Posted 12 January 2012 - 04:06 PM

lavenderchef45

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Hi Gammo:

Thank you for responding. I have used the cleanup tool for OTS and rebooted.

I will start a new topic
  • 0

#4
Gammo
Posted 26 January 2012 - 10:48 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP