Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

System Restore; BLANK

Started by jodimac , Mar 15 2012 04:01 PM

  • Please log in to reply

#1
jodimac
Posted 15 March 2012 - 04:01 PM

jodimac

    Member

  • Member
  • PipPip
  • 30 posts
Please I need help with my system, it has been going REALLY slow, so my virus protection was not showing anything. I decided to run a system restore, it shows a blank screen...here is my run on OTL;



OTL logfile created on: 3/13/2012 7:05:08 PM - Run 2
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Documents and Settings\Jodi MacDonald\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.36 Mb Total Physical Memory | 333.15 Mb Available Physical Memory | 32.84% Memory free
2.38 Gb Paging File | 1.57 Gb Available in Paging File | 65.83% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.24 Gb Total Space | 123.59 Gb Free Space | 88.76% Space Free | Partition Type: NTFS

Computer Name: DSOTOMAC | User Name: Jodi MacDonald | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/13 19:04:26 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jodi MacDonald\Desktop\OTL.com
PRC - [2012/02/14 16:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Jodi MacDonald\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/08/03 21:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccsvchst.exe
PRC - [2009/09/01 09:02:06 | 000,024,576 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\OA012Mon.exe
PRC - [2009/07/22 08:22:54 | 000,623,984 | ---- | M] (Dell) -- C:\Program Files\Battery Meter\BTMeter.exe
PRC - [2009/06/03 13:46:42 | 001,025,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\gs_agent\dsc.exe
PRC - [2009/06/03 13:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/06/03 13:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/27 14:24:54 | 000,247,080 | ---- | M] (Dell) -- C:\Program Files\WSED\WSED.exe
PRC - [2009/02/23 08:03:06 | 000,320,808 | ---- | M] (Compal Electronics, Inc) -- C:\Program Files\CapsLKNotify\CapsLKNotify.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/18 21:36:38 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012/02/18 21:35:09 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2011/11/03 08:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/13 16:03:58 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2009/02/04 14:30:42 | 000,577,536 | ---- | M] () -- C:\WINDOWS\system32\EMSC.DLL
MOD - [2009/01/06 16:53:20 | 000,143,360 | ---- | M] () -- C:\WINDOWS\system32\preflib.dll
MOD - [2009/01/06 16:52:22 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2008/04/14 05:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 05:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (MpfService)
SRV - File not found [On_Demand | Stopped] -- -- (McSysmon)
SRV - File not found [Auto | Stopped] -- -- (McShield)
SRV - File not found [Auto | Stopped] -- -- (McProxy)
SRV - File not found [On_Demand | Stopped] -- -- (McODS)
SRV - File not found [Auto | Stopped] -- -- (McNASvc)
SRV - File not found [Auto | Stopped] -- -- (mcmscsvc)
SRV - File not found [On_Demand | Stopped] -- -- (MBackMonitor)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/08/03 21:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2009/06/03 13:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (MPFP)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (mfesmfk)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (mferkdk)
DRV - File not found [Kernel | System | Stopped] -- -- (mfehidk)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (mfebopk)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (mfeavfk)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/03/02 11:58:02 | 000,820,856 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120302.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/02/05 16:59:58 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/02/05 16:59:58 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/12/15 16:33:22 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120313.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/11/11 13:56:03 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120313.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/11/11 13:56:03 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120313.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/21 19:53:36 | 000,362,360 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/08/21 19:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2011/08/03 21:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010/11/08 12:37:42 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/04/28 22:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 19:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 19:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/10/14 20:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009/09/01 09:05:42 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OA012Afx.sys -- (OA012Afx)
DRV - [2009/09/01 09:05:04 | 000,272,256 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OA012Vid.sys -- (OA012Vid)
DRV - [2009/09/01 09:04:06 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OA012Ufd.sys -- (OA012Ufd)
DRV - [2009/03/15 15:48:00 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/03/15 15:44:18 | 000,120,064 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/03/15 14:32:18 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/03/15 14:32:08 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/03/15 14:31:54 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/03/12 10:36:38 | 000,143,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/01/06 16:53:14 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/11/04 19:24:58 | 000,014,248 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\EMSC.SYS -- (EMSC)
DRV - [2008/04/14 05:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 05:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008/04/14 05:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/11/29 13:05:36 | 000,013,104 | ---- | M] (Freecom Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FCUSB.sys -- (FCUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.msn.com/sphome.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USCON/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...4908&n=77ce5dba

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/sphome.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...4908&n=77ce5dba
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...pr&d=2012-03-10 15:40:17&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...il&geo=US&ver=4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Jodi MacDonald\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/21 07:53:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2012/03/13 18:17:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/02/22 13:49:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/22 13:49:25 | 000,000,000 | ---D | M]

[2010/10/11 10:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jodi MacDonald\Application Data\Mozilla\Extensions
[2011/06/18 06:41:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jodi MacDonald\Application Data\Mozilla\Firefox\Profiles\tvnnz4ny.default\extensions
[2010/10/11 10:47:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jodi MacDonald\Application Data\Mozilla\Firefox\Profiles\tvnnz4ny.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/09 10:19:28 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Jodi MacDonald\Application Data\Mozilla\Firefox\Profiles\tvnnz4ny.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/10/11 10:42:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN
[2011/07/21 07:53:40 | 000,000,000 | ---D | M] (Norton IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2009/11/30 14:32:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/03/10 16:40:05 | 000,003,747 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

========== Chrome ==========


O1 HOSTS File: ([2008/04/14 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BTMeter] C:\Program Files\Battery Meter\BTMeter.exe (Dell)
O4 - HKLM..\Run: [CapsLKNotify] C:\Program Files\CapsLKNotify\CapsLKNotify.exe (Compal Electronics, Inc)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey File not found
O4 - HKLM..\Run: [OA012Mon] C:\WINDOWS\OA012Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [WSED] C:\Program Files\WSED\WSED.exe (Dell)
O4 - Startup: C:\Documents and Settings\Jodi MacDonald\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Jodi MacDonald\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DA32CF6-724D-476E-8976-3265984E5A72}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jodi MacDonald\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jodi MacDonald\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 18:45:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/13 19:04:26 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jodi MacDonald\Desktop\OTL.com
[2012/03/13 18:49:10 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jodi MacDonald\Desktop\OTL.exe
[2012/03/10 16:36:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/03/10 16:26:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/03/10 16:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/03/07 13:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jodi MacDonald\Desktop\extra taxes
[2012/02/29 15:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jodi MacDonald\Desktop\exp files
[2012/02/28 14:35:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jodi MacDonald\Desktop\shellys taxes
[2012/02/26 21:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jodi MacDonald\Desktop\insurance and car info
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/13 19:04:26 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jodi MacDonald\Desktop\OTL.com
[2012/03/13 19:03:41 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\Jodi MacDonald\Desktop\Safari.lnk
[2012/03/13 19:00:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2012/03/13 18:49:10 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jodi MacDonald\Desktop\OTL.exe
[2012/03/13 18:39:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/13 18:21:41 | 000,464,526 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/13 18:21:41 | 000,079,636 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/13 18:19:47 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/13 18:16:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/13 18:16:41 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/13 18:04:59 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C0A42360-ABB9-4359-91FD-D029180A849A}.job
[2012/03/13 17:14:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/10 15:48:16 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/03/05 13:39:40 | 000,002,640 | ---- | M] () -- C:\Documents and Settings\Jodi MacDonald\Desktop\vet reception.rtf
[2012/03/01 14:11:27 | 000,001,059 | ---- | M] () -- C:\Documents and Settings\Jodi MacDonald\Start Menu\Programs\Startup\Dropbox.lnk
[2012/03/01 14:11:26 | 000,001,059 | ---- | M] () -- C:\Documents and Settings\Jodi MacDonald\Desktop\Dropbox.lnk
[2012/02/29 14:16:52 | 000,041,695 | ---- | M] () -- C:\Documents and Settings\Jodi MacDonald\My Documents\SSF1330550192548 rachelle 2011.pdf
[2012/02/28 20:05:45 | 000,454,111 | ---- | M] () -- C:\Documents and Settings\Jodi MacDonald\Desktop\dmv test.jpg
[2012/02/18 21:34:03 | 000,167,504 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/17 20:30:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/14 13:35:46 | 000,323,813 | ---- | M] () -- C:\Documents and Settings\Jodi MacDonald\My Documents\STF1329251723981 jodis state taxes2011.pdf
[2012/02/14 13:35:22 | 000,146,689 | ---- | M] () -- C:\Documents and Settings\Jodi MacDonald\My Documents\FTF1329251698511 jodis taxes 2011.pdf
[2012/02/13 19:19:49 | 000,422,825 | ---- | M] () -- C:\Documents and Settings\Jodi MacDonald\My Documents\job aplication template.jpg
[2012/02/13 17:43:35 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/05 13:39:39 | 000,002,640 | ---- | C] () -- C:\Documents and Settings\Jodi MacDonald\Desktop\vet reception.rtf
[2012/02/29 14:16:51 | 000,041,695 | ---- | C] () -- C:\Documents and Settings\Jodi MacDonald\My Documents\SSF1330550192548 rachelle 2011.pdf
[2012/02/28 20:05:06 | 000,454,111 | ---- | C] () -- C:\Documents and Settings\Jodi MacDonald\Desktop\dmv test.jpg
[2012/02/17 13:27:31 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/17 13:27:31 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/14 13:35:46 | 000,323,813 | ---- | C] () -- C:\Documents and Settings\Jodi MacDonald\My Documents\STF1329251723981 jodis state taxes2011.pdf
[2012/02/14 13:35:21 | 000,146,689 | ---- | C] () -- C:\Documents and Settings\Jodi MacDonald\My Documents\FTF1329251698511 jodis taxes 2011.pdf
[2012/02/13 19:20:59 | 000,422,825 | ---- | C] () -- C:\Documents and Settings\Jodi MacDonald\My Documents\job aplication template.jpg
[2012/01/23 10:55:58 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\Jodi MacDonald\Application Data\.backup.dm
[2011/05/24 09:30:59 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Jodi MacDonald\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/22 18:54:09 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/11 10:42:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/11 06:52:35 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/10/07 13:24:05 | 000,275,040 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/07 12:15:16 | 000,141,025 | ---- | C] () -- C:\WINDOWS\hpoins27.dat
[2010/10/07 12:15:16 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat
[2010/10/07 11:45:11 | 000,000,558 | ---- | C] () -- C:\WINDOWS\hphmdl32.dat.temp
[2010/10/07 11:29:10 | 000,135,978 | ---- | C] () -- C:\WINDOWS\hphins32.dat
[2010/10/07 11:29:10 | 000,000,558 | ---- | C] () -- C:\WINDOWS\hphmdl32.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FA5F15C4
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

I didnt think thje first OTL ran, so I ran another one, not sure which one ran, either OTL.exe, or OTL.com. Does it matter?

Thanks for any help, my daughter has been using my computer for awhile and I just got it back, and its running like this.

Edited by jodimac, 17 March 2012 - 08:49 AM.

  • 0

Advertisements

#2
jodimac
Posted 17 March 2012 - 08:53 AM

jodimac

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
This morning when I logging it said it could not load my personal setting, and had to reload. I didnt get to read the messages, they went to fast, they were timed. I think it rebooted a new screen like factory reset??? Please someone help me. Thank you,
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP