Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

undiscovered virus/malware or mystery process—inconclusive [Solved]


  • This topic is locked This topic is locked

#1
moscatomg1

moscatomg1

    Member

  • Member
  • PipPipPip
  • 173 posts
Hi all, first I want to offer my sincere thanks in advance to anyone taking their time to read this and voluntarily help solve such tech. problems. I love Geeks to Go!, and you guys (and women) have been so great in the past. . . .

Problem: As the title indicates, I am unsure whether my problem is virus/malware or some rogue process and/or service running in background. I use my computer all the time, browse websites, download files from students, download software updates, etc., so I cannot think of any one thing that may clearly be the cause.

Symptoms: a somewhat noticeable system slowdown has lately occurred with lackluster performance quality in simple programs from Excel/spreadsheets to even media players (VLC, Media Player Classic) skipping on familiar video/movie files that never skipped before. . . .

Solutions/scans thus far: a full sys. scan in windows safe mode with Avast yielded 100% clean results; a full sys. scan with Dr. Web in normal mode yielded 100% clean results; and a full sys. scan with Malwarebytes in both modes yielded 100% clean results. I did sys. restore more than a few times (and got one of those horrible blue screens shortly after one, but it has thankfully not returned). I restored to before a recent Java update, I uninstalled and re-installed VLC several times, and I removed relatively recent Google talk and google talk plugin that I suspect may have been causing an odd but only occasional googleupdate.exe (?) process—among a few other measures that I cannot recall. Then I even deleted all sys. restore points prior to some of those virus/malware scans.

Both the normal OTL log and "extras" logs are below. Thank you so much for any help.






Normal log:

OTL logfile created on: 10/21/2012 10:41:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\little blue\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.22% Memory free
3.98 Gb Paging File | 3.06 Gb Available in Paging File | 76.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.23 Gb Total Space | 29.16 Gb Free Space | 13.06% Space Free | Partition Type: NTFS

Computer Name: LITTLEBLUE-PC | User Name: little blue | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/21 22:39:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\little blue\Desktop\OTL.exe
PRC - [2012/09/27 09:39:37 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/08/21 04:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010/10/20 16:40:16 | 000,128,416 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2010/09/28 15:28:30 | 000,468,392 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2010/02/05 19:41:00 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/12/03 00:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/03 00:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/30 01:59:26 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/27 09:39:34 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll


========== Services (SafeList) ==========

SRV - [2012/09/27 09:39:34 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/16 10:00:28 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/04/22 14:51:04 | 000,720,936 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/19 20:05:50 | 000,176,128 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe -- (becldr3Service)
SRV - [2010/11/29 16:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/11/11 20:22:16 | 000,189,880 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2010/10/20 16:40:16 | 000,128,416 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2010/09/28 15:28:30 | 000,468,392 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2010/08/04 20:11:34 | 001,809,920 | ---- | M] (Realsil Microelectronics Inc.) [Disabled | Stopped] -- C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/07/28 16:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/02/05 19:41:00 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/12/16 21:02:16 | 000,045,056 | ---- | M] (Intuit) [On_Demand | Stopped] -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/12/07 14:49:24 | 000,040,960 | ---- | M] (Realtek) [On_Demand | Stopped] -- C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe -- (Realtek87B)
SRV - [2009/12/03 00:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/03 00:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/07/23 23:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2012/08/21 04:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 04:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 04:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 04:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/08/21 04:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/08/21 04:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/05/15 18:04:39 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2012/05/15 18:04:39 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2012/04/22 14:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/01/09 18:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012/01/09 18:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012/01/09 18:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012/01/09 18:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012/01/09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012/01/09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/10/18 19:46:40 | 000,999,016 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV - [2010/07/20 20:43:14 | 000,194,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/01/07 12:20:22 | 000,375,808 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtl8187.sys -- (RTL8187)
DRV - [2009/12/03 00:23:52 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2009/12/03 00:23:50 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2009/12/03 00:23:48 | 000,195,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2009/12/03 00:23:46 | 000,550,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2009/07/31 00:02:34 | 000,036,208 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2009/07/30 19:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/14 18:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/06/22 20:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {E7954EDA-C89B-4259-9920-A509995E10A8}
IE - HKLM\..\SearchScopes\{E7954EDA-C89B-4259-9920-A509995E10A8}: "URL" = http://www.google.co...ng}&rlz=1I7TSNH

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0CBDB9CF-1E41-4E6E-BB80-5774A011F790}
IE - HKCU\..\SearchScopes\{0CBDB9CF-1E41-4E6E-BB80-5774A011F790}: "URL" = http://www.google.co...&rlz=1I7TSNH_en
IE - HKCU\..\SearchScopes\{E7954EDA-C89B-4259-9920-A509995E10A8}: "URL" = http://www.google.co...ng}&rlz=1I7TSNH
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165
FF - prefs.js..extensions.enabledItems: [email protected]:20110101
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
FF - prefs.js..browser.startup.homepage: "http://xfinity.comca...nsDate06012012"
FF - prefs.js..browser.search.selectedEngine: "XFINITY"
FF - prefs.js..browser.search.defaultenginename: "XFINITY"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/29 11:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/28 19:22:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/27 09:39:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/27 09:20:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/27 09:39:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/27 09:20:20 | 000,000,000 | ---D | M]

[2011/02/26 01:47:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\little blue\AppData\Roaming\Mozilla\Extensions
[2012/10/03 12:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions
[2011/02/26 11:40:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/09/27 09:35:17 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2011/02/26 11:40:25 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2012/09/27 09:35:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/04/02 11:54:23 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2012/02/19 19:47:00 | 000,000,000 | ---D | M] (Magnetiser) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\[email protected]
[2011/05/03 11:50:06 | 000,000,000 | ---D | M] (ImageTools) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\[email protected]
[2011/02/26 11:33:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\fvo76jj7.default\extensions
[2011/02/26 11:33:41 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\fvo76jj7.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2012/09/27 09:35:18 | 000,340,018 | ---- | M] () (No name found) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012/09/27 11:25:35 | 000,150,579 | ---- | M] () (No name found) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}.xpi
[2012/09/27 09:35:12 | 000,529,316 | ---- | M] () (No name found) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/10/03 12:59:51 | 000,257,937 | ---- | M] () (No name found) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2010/03/24 12:38:12 | 000,057,418 | ---- | M] (flashget) (No name found) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashGetXPI.dll
[2008/10/17 12:03:56 | 000,000,205 | ---- | M] () (No name found) -- C:\Users\little blue\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.ff\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\IFlashgetXpi.xpt
[2012/09/27 09:20:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/26 02:42:31 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012/08/23 09:46:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2012/09/16 10:08:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/10/20 23:19:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012/08/28 19:22:59 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/09/27 09:39:39 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/27 09:39:27 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/27 09:39:27 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/02/28 15:04:46 | 000,020,569 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\xfinity.xml

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\little blue\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\little blue\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\little blue\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.176.141 10.0.176.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B0DAFBE-86D4-41EA-A312-7E760EBC1ED6}: DhcpNameServer = 10.0.176.141 10.0.176.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E6EEAED-A9F7-4A0B-9BED-440B1AAFA5C5}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (C:\windows\SYSTEM32\RtlGina\RtlGina.DLL) - C:\Windows\System32\RtlGina\RtlGina.dll (Realtek)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13c6d179-55bc-11e0-a433-1c750876eac2}\Shell - "" = AutoRun
O33 - MountPoints2\{13c6d179-55bc-11e0-a433-1c750876eac2}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{5192d03c-4128-11e0-a074-1c750876eac2}\Shell - "" = AutoRun
O33 - MountPoints2\{5192d03c-4128-11e0-a074-1c750876eac2}\Shell\AutoRun\command - "" = D:\INSTALL.EXE id=10000010000034000003 ver=1.0.0.0
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/21 22:39:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\little blue\Desktop\OTL.exe
[2012/10/21 09:13:27 | 000,000,000 | ---D | C] -- C:\Users\little blue\DoctorWeb
[2012/10/21 00:34:53 | 000,000,000 | ---D | C] -- C:\Users\little blue\AppData\Roaming\vlc
[2012/10/21 00:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/10/20 21:17:21 | 000,000,000 | ---D | C] -- C:\Users\little blue\Documents\Quick-PDF PDF to Word
[2012/10/16 13:52:36 | 000,000,000 | ---D | C] -- C:\Users\little blue\Desktop\Tor Browser
[2012/10/14 12:00:34 | 000,000,000 | ---D | C] -- C:\6b84e3d452ea973e013807db
[2012/10/14 11:44:57 | 000,000,000 | ---D | C] -- C:\Program Files\ComicRack
[2012/10/12 12:45:20 | 000,000,000 | ---D | C] -- C:\Users\little blue\AppData\Local\Macromedia
[2012/09/27 16:38:46 | 000,000,000 | ---D | C] -- C:\Users\little blue\AppData\Roaming\Malwarebytes
[2012/09/27 16:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/27 16:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/27 16:38:19 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/09/27 16:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/27 09:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/09/27 09:20:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/09/27 09:17:21 | 000,000,000 | ---D | C] -- C:\Users\little blue\Documents\FF backups
[2012/09/25 11:41:09 | 000,000,000 | ---D | C] -- C:\Users\little blue\AppData\Local\AtomPark
[2012/09/25 11:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AtomParkOfficial
[2012/09/25 11:40:41 | 000,000,000 | ---D | C] -- C:\Program Files\AtomParkOfficial
[2012/09/23 13:22:33 | 000,000,000 | ---D | C] -- C:\Users\little blue\AppData\Roaming\Google
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/21 22:39:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\little blue\Desktop\OTL.exe
[2012/10/21 19:02:35 | 000,618,708 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/10/21 19:02:35 | 000,104,732 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/10/21 19:00:52 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/10/21 09:06:12 | 000,022,864 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/21 09:06:12 | 000,022,864 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/21 08:58:27 | 1602,293,760 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/21 00:34:09 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/10/20 23:44:12 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/10/20 23:44:08 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2012/10/14 12:01:03 | 000,000,000 | -H-- | M] () -- C:\windows\wusa.lock
[2012/09/30 11:22:57 | 000,003,564 | ---- | M] () -- C:\Users\little blue\Desktop\000_movie list - Shortcut.lnk
[2012/09/28 12:35:12 | 000,004,946 | ---- | M] () -- C:\Users\little blue\Desktop\Ingram, Zero Balance Statement 9-25-12 - Shortcut.lnk
[2012/09/28 12:34:37 | 000,001,947 | ---- | M] () -- C:\Users\little blue\Desktop\FF backups - Shortcut.lnk
[2012/09/28 12:34:03 | 000,003,991 | ---- | M] () -- C:\Users\little blue\Desktop\How to Merge Two PDF files with Bullzip - Shortcut.lnk
[2012/09/28 12:28:54 | 000,004,376 | ---- | M] () -- C:\Users\little blue\Desktop\CMTH102, Comm. Theory-Speech.lnk
[2012/09/28 12:09:29 | 000,001,887 | ---- | M] () -- C:\Users\little blue\Desktop\Writing, 2012.lnk
[2012/09/27 09:39:54 | 000,002,001 | ---- | M] () -- C:\Users\little blue\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/21 00:34:09 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/10/14 12:01:03 | 000,000,000 | -H-- | C] () -- C:\windows\wusa.lock
[2012/09/30 11:22:57 | 000,003,564 | ---- | C] () -- C:\Users\little blue\Desktop\000_movie list - Shortcut.lnk
[2012/09/28 12:35:12 | 000,004,946 | ---- | C] () -- C:\Users\little blue\Desktop\Ingram, Zero Balance Statement 9-25-12 - Shortcut.lnk
[2012/09/28 12:34:37 | 000,001,947 | ---- | C] () -- C:\Users\little blue\Desktop\FF backups - Shortcut.lnk
[2012/09/28 12:34:03 | 000,003,991 | ---- | C] () -- C:\Users\little blue\Desktop\How to Merge Two PDF files with Bullzip - Shortcut.lnk
[2012/09/28 12:28:54 | 000,004,376 | ---- | C] () -- C:\Users\little blue\Desktop\CMTH102, Comm. Theory-Speech.lnk
[2012/09/28 12:09:29 | 000,001,887 | ---- | C] () -- C:\Users\little blue\Desktop\Writing, 2012.lnk
[2012/09/27 09:20:25 | 000,001,111 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/24 20:03:52 | 000,004,096 | -H-- | C] () -- C:\Users\little blue\AppData\Local\keyfile3.drm
[2012/02/20 11:50:21 | 000,001,043 | ---- | C] () -- C:\Users\little blue\AppData\Roaming\coreavc.ini
[2011/12/18 19:11:33 | 000,000,017 | ---- | C] () -- C:\windows\System32\shortcut_ex.dat
[2011/11/16 15:03:01 | 000,005,632 | ---- | C] () -- C:\Users\little blue\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/06 17:02:10 | 000,001,944 | ---- | C] () -- C:\Users\little blue\jarnalbook.conf
[2011/05/06 12:36:39 | 000,000,418 | ---- | C] () -- C:\Users\little blue\jarnalshell.conf
[2011/04/02 13:16:08 | 000,015,164 | ---- | C] () -- C:\windows\System32\secustat.dat
[2011/04/02 12:02:52 | 000,099,632 | ---- | C] () -- C:\windows\System32\secushr.dat
[2011/04/02 11:53:38 | 000,000,025 | ---- | C] () -- C:\windows\libem.INI
[2011/03/17 22:41:47 | 000,109,056 | ---- | C] () -- C:\windows\System32\UNINSTAL.EXE
[2011/02/26 14:49:41 | 000,000,095 | ---- | C] () -- C:\windows\QBChanUtil_Trigger.ini
[2011/02/26 03:26:38 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2011/02/26 02:46:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/25 17:55:00 | 000,000,013 | RHS- | C] () -- C:\windows\System32\drivers\fbd.sys
[2010/12/14 21:39:16 | 000,080,416 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2010/12/14 21:36:43 | 000,451,072 | ---- | C] () -- C:\windows\System32\ISSRemoveSP.exe
[2010/12/14 21:33:57 | 000,000,852 | ---- | C] () -- C:\windows\System32\drivers\RTKHDRC1.dat
[2010/12/14 21:33:57 | 000,000,852 | ---- | C] () -- C:\windows\System32\drivers\RTKHDRC0.dat
[2010/12/14 21:33:57 | 000,000,712 | ---- | C] () -- C:\windows\System32\drivers\RTEQEX1.dat
[2010/12/14 21:33:57 | 000,000,712 | ---- | C] () -- C:\windows\System32\drivers\RTEQEX0.dat
[2010/12/14 21:29:10 | 000,045,056 | ---- | C] () -- C:\windows\System32\HWS_Ctrl.dll

========== ZeroAccess Check ==========

[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 09:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/25 11:41:08 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\AtomPark
[2012/09/23 13:16:15 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\BITS
[2012/07/15 13:20:27 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\Blackboard
[2012/01/24 13:10:41 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\calibre
[2012/07/15 13:13:18 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\Collaborate
[2012/09/10 20:33:40 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\Dropbox
[2012/04/03 10:57:56 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\eFax Messenger
[2011/04/02 11:53:08 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\FlashGet
[2011/04/02 11:53:01 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\FlashGetBHO
[2012/04/03 10:56:28 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\j2 Global
[2012/06/22 16:57:52 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\PC Suite
[2012/05/27 11:05:51 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\PDF Writer
[2012/05/27 11:26:52 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\Pdf2Word
[2012/10/18 12:16:33 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\SoftGrid Client
[2011/02/25 20:48:24 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\Tific
[2011/02/26 21:46:02 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\Toshiba
[2011/12/13 10:41:57 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\TP
[2011/02/25 17:54:12 | 000,000,000 | ---D | M] -- C:\Users\little blue\AppData\Roaming\WinBatch

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:8B4F37E5

< End of report >















Extras log:

OTL Extras logfile created on: 10/21/2012 10:41:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\little blue\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.22% Memory free
3.98 Gb Paging File | 3.06 Gb Available in Paging File | 76.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.23 Gb Total Space | 29.16 Gb Free Space | 13.06% Space Free | Partition Type: NTFS

Computer Name: LITTLEBLUE-PC | User Name: little blue | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A445CF2-49A0-4605-A05A-97D554451636}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{26933F28-D5AF-42D2-974B-9B6096E97E0E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2D52C648-4656-4C55-8A6B-D7B41BF762BE}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{60C9604B-DE65-4565-AB6E-C6EAEC8062EE}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{A27513BF-8278-4C8B-925A-91089A467693}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10E04F45-53AB-4F50-BDBE-EA0E9051DC4C}" = protocol=17 | dir=in | app=c:\program files\atompark\atomic mail sender\atomicmailsender.exe |
"{1AF3E76D-450A-4B2E-864D-2E05DB3A8041}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{217CD7FF-D87B-4155-98C1-DF4A94EBFF46}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{468DDF77-2A7B-4D68-AFF3-33DEC82E2AA4}" = protocol=17 | dir=in | app=c:\users\little blue\appdata\roaming\dropbox\bin\dropbox.exe |
"{47EF888B-27CE-476F-9C08-3213407ECCC9}" = protocol=17 | dir=in | app=c:\program files\realtek\rtl8187 wireless lan utility\rtwlan.exe |
"{4895BFBE-D13C-4D6E-AD14-A92EF5273078}" = protocol=17 | dir=in | app=c:\users\little blue\appdata\roaming\dropbox\bin\dropbox.exe |
"{4960E72A-7372-4472-BAB0-73F06EE2863D}" = protocol=17 | dir=in | app=c:\program files\superantispyware\superantispyware.exe |
"{5E8CC75E-EFA1-4977-9E19-9D18969EE88C}" = protocol=6 | dir=in | app=c:\program files\peerblock\peerblock.exe |
"{65D54560-FFA5-4FFA-8532-C15EA4C276CD}" = protocol=6 | dir=in | app=c:\program files\atomparkofficial\atomic mail sender\atomicmailsender.exe |
"{6F51FDCD-3EE5-46C0-B138-97B4C730C531}" = protocol=6 | dir=in | app=c:\program files\atompark\atomic mail sender\atomicmailsender.exe |
"{79DE1FF0-25A7-486B-BF90-976D6BE9D088}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{7FCB28EB-7603-42EE-8ECC-7A53A3270DBA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9EF354A6-7C83-4783-880E-43E67B438C08}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2675690-D0F3-424B-BC68-856B4BD7895F}" = protocol=6 | dir=in | app=c:\users\little blue\appdata\roaming\dropbox\bin\dropbox.exe |
"{A3730F7A-2B39-4D39-9E6A-A45DDB59CEE9}" = protocol=17 | dir=in | app=c:\program files\peerblock\peerblock.exe |
"{A64405C6-6128-417C-9323-1D47C0FE6050}" = protocol=6 | dir=in | app=c:\users\little blue\appdata\roaming\dropbox\bin\dropbox.exe |
"{B5098C11-4BAB-4E37-BC8B-8F77C813ABF2}" = protocol=17 | dir=in | app=c:\program files\atomparkofficial\atomic mail sender\atomicmailsender.exe |
"{C09AAFF3-3F50-4D5E-8291-8334D3E4F489}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CB0AD155-3781-4BDB-9C00-8DD3F93018EE}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{D8C6A440-917D-4E0D-B5A6-46AC3091D9EA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E5CB3A58-F0FA-4B49-AE54-011D9BA924F3}" = protocol=6 | dir=in | app=c:\program files\realtek\rtl8187 wireless lan utility\rtwlan.exe |
"{ECC1451D-524B-4139-9AB4-AD7F19AA93A2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F4825912-92D8-446C-A188-2D9ECA09B9DE}" = protocol=6 | dir=in | app=c:\program files\superantispyware\superantispyware.exe |
"{F837E7C3-348A-422F-B2F9-0E32EBD058F5}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{12C214D1-7365-4C06-B258-68BE4E257495}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{40841213-1ED3-476B-A437-E2E218E19047}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{578AF2E8-6D25-4593-9F67-0F6655FB810C}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{DE44E6FF-06AF-4387-8160-20A8F0A3C9EC}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{E55BB412-0712-4ACF-97B0-BA3CF08E4917}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{746A12AA-7B3E-4124-A349-0DD4BAF8D7B6}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{AD354146-A4F4-4A8E-A579-99E4CE67D182}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{B0D19B42-DB98-40E1-A835-7013CAE583E3}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{CCAA986D-CAC8-4A4E-8B61-E5AE4F245BFF}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"UDP Query User{E60015BE-1B4E-4AC9-B3A2-F264B596B47A}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A424-40A5-BD20-04BF618CA0F9}" = QuickBooks Premier Edition 2010
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DF70CB6-553A-4C57-8E6D-87635EECFB78}" = REALTEK Wireless LAN Driver and Utility
"{111225F7-13A9-4AD6-A759-C7923C8981E6}" = BCL easyConverter 3.0 RTF SDK Module
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema 1.6.0.4014
"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java™ 6 Update 35
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39187A4B-7538-4BE7-8BAD-9E83303793AA}" = Toshiba Book Place
"{392A74D0-4DFE-49F7-87C3-8A61708F8856}" = Eraser 6.0.8.2273
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{5598FBEB-CEB5-41CE-BAA4-70128DF02FFB}" = BCL easyConverter 3.0 Licensing Module (BCL License)
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7F92FF5F-C7EA-40BA-9481-02B6B4479C93}" = calibre
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83E61899-81B2-4F35-A3EB-42CF51B94BBD}" = BCL easyConverter 3.0 Loader SDK Module
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}" = TOSHIBA ReelTime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application and Driver Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A29549FD-65F3-440C-A552-6B8114CF319D}" = Skype Toolbars
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}" = TOSHIBA Bulletin Board
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1BDAC32-B358-442C-A337-D91BA0386824}" = BCL easyConverter 3.0 SDK Module
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8D605A4-979D-43FF-9FD5-6BDDF1E3E288}" = BCL easyConverter 3.0 Module (Loader, BCL License)
"{FBE9E2A1-E7F0-42AA-875A-E230EB9AFA19}" = BCL easyConverter 3.0 Module (RTF, BCL License)
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Atomic Mail Sender_is1" = Atomic Mail Sender 4.25
"AtomicMailSender_is1" = Atomic Mail Sender 8.23.0.82
"avast" = avast! Free Antivirus
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 8.2.0.1406
"CDisplay_is1" = CDisplay 1.8
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"Digital Editions" = Adobe Digital Editions
"DivX Setup" = DivX Setup
"FlashGet 3.7" = FlashGet 3.7
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}" = TOSHIBA ReelTime
"InstallShield_{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PDF2Word Converter (bioPDF)_is1" = PDF2Word Converter Version 1.0.8 (Build 164, bioPDF)
"RarZilla Free Unrar 2.53" = RarZilla Free Unrar 2.53
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Game Console" = WildTangent ORB Game Console
"VB Runtime" = VB Runtime
"VLC media player" = VLC media player 1.1.5
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WT088682" = Bejeweled 2 Deluxe
"WT088696" = Chuzzle Deluxe
"WT088750" = Jewel Quest - Heritage
"WT088759" = Polar Bowler
"WT089368" = FATE - The Traitor Soul
"WT089379" = Mystery P.I. - The London Caper
"WT089381" = Slingo Supreme
"WT089386" = Governor of Poker 2 Premium Edition
"WT089395" = Plants vs. Zombies - Game of the Year
"Zip Repair Pro_is1" = Zip Repair Pro

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/12/2012 5:33:42 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 262471

Error - 10/12/2012 5:33:42 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 262471

Error - 10/12/2012 5:39:53 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/12/2012 5:39:53 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1872

Error - 10/12/2012 5:39:53 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1872

Error - 10/12/2012 9:35:56 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/12/2012 9:35:56 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1139

Error - 10/12/2012 9:35:56 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1139

Error - 10/12/2012 9:35:58 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/12/2012 9:35:58 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3307

Error - 10/12/2012 9:35:58 PM | Computer Name = littleblue-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3307

[ System Events ]
Error - 10/21/2012 9:59:41 AM | Computer Name = littleblue-PC | Source = RTL8192Ce | ID = 0
Description =

Error - 10/21/2012 9:59:42 AM | Computer Name = littleblue-PC | Source = RTL8192Ce | ID = 0
Description =

Error - 10/21/2012 9:59:42 AM | Computer Name = littleblue-PC | Source = RTL8192Ce | ID = 0
Description =

Error - 10/21/2012 8:00:50 PM | Computer Name = littleblue-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 10/21/2012 8:00:52 PM | Computer Name = littleblue-PC | Source = RTL8192Ce | ID = 0
Description =

Error - 10/21/2012 8:00:52 PM | Computer Name = littleblue-PC | Source = RTL8192Ce | ID = 0
Description =

Error - 10/21/2012 11:19:58 PM | Computer Name = littleblue-PC | Source = RTL8192Ce | ID = 0
Description =

Error - 10/21/2012 11:20:15 PM | Computer Name = littleblue-PC | Source = RTL8192Ce | ID = 0
Description =

Error - 10/21/2012 11:20:16 PM | Computer Name = littleblue-PC | Source = RTL8192Ce | ID = 0
Description =

Error - 10/21/2012 11:20:16 PM | Computer Name = littleblue-PC | Source = RTL8192Ce | ID = 0
Description =


< End of report >
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello moscatomg1 and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed


I don't see any malware on your system and I don't think this is malware related problem. Let's try to clean your system a little. Tell me how is it after these two steps.


Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Download and run Puran Disc Defragmenter
Click on Boot Time Defrag button and choose Restart-Defrag-Restart + Check Disk

Posted Image

Step 3

Please don't forget to include these items in your reply:

  • OTL fix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
moscatomg1

moscatomg1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts
Hi Maliprog, thanks so much for the reply. I will follow these instructions and post results as soon as I have them.
  • 0

#4
moscatomg1

moscatomg1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts
Ok. As requested, the log/results are in the following posts. . . . Also, here is basic sys. info that I forgot to include in my first post.

Toshiba NB505
Windows 7 Home Premium
Intel Atom CPU N455 @ 1.66 GHz
RAM 2.00 GB
32 bit OS

However, the sys. is still experiencing general lag and poor performance quality w/ programs from Excel to Word to media players (again, VLC, Media Player Classic). Also, although I have vigilantly been examining processes & services in the task manager and can see no red flags, there *may* be a disconnect between what is showing there (even w/ “Show processes from all users” clicked) and what I believe I hear and even see w/ the busy, blinking green processor led on the keyboard edge. . . . Also, Puran log shows two video files from rips I made as being fragmented (which was a surprise), BUT media players skip on many more video files than just these two. . . .

Therefore, I am still wracking my brain to think of potentially significant events in the past month that may have adversely affected things, so here are a few. Again, it’s difficult to recollect everything, since the computer is in active use several hours each day. (And some of these should already be apparent from the first OTL log.)

-updated mozilla/firefox browser from relatively earlier version to 15.0.1
-updated to Microsoft net framework 4.0 as required by Comic Rack software (but subsequently removed both in sys. restore)
-updated TOR browser (but subsequently removed in sys. restore, though a mostly emptied folder does still exist on desktop)
-Although the sys. has the 3D impact sensor and Puran and (previously before first post) both Toshiba hdd sdd utility and Windows hdd scans all indicate no major problems/errors, I do remember that one day I stubbed my foot on the small table that my netbook was lying on. So that could have jostled the hdd, BUT there were not any immediate red flags w/ the sys. after that happened (and it’s possible that these sys. performance issues were occurring *before* this even happened).

Thank you again for your continued help on this!

*EDIT: Since the media players are the most (and most obviously) affected elements, should I try to re-install them and all codecs? (Although previous to the first post I already tried a re-install just w/ VLC.)*

*EDIT 2: In addition to all this, I'm not sure if the bit about that "blue screen of death" was lost among all the info in that first post, . . . however, from what I've read in regards to Windows 7, it often can mean hardware failure and/or a driver problem? So I wonder if that blue screen was not just related to my series of sys. restores I mentioned. Thankfully, though, that blue screen has Not made a reappearance yet.*

Edited by moscatomg1, 23 October 2012 - 08:12 PM.

  • 0

#5
moscatomg1

moscatomg1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts
All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: little blue
->Temp folder emptied: 79 bytes
->Temporary Internet Files folder emptied: 86364867 bytes
->Java cache emptied: 22186184 bytes
->FireFox cache emptied: 111592146 bytes
->Flash cache emptied: 120884 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2817870 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 213.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10232012_090553

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#6
moscatomg1

moscatomg1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts
2012/10/23 at 10:19:22 - Boot Time Defrag Report
Analysis Report For C:

Total Files 91263
Total Directories 21528
Total Excluded 0
Total Deleted 0
Total Deleted Bytes 0 MB

Total Fragmented Files 656
Total Fragmented Directories 25
Total Fragmented Bytes 15415 MB

MFT Fragments 3
Registry Fragments 2
Pagefile Fragments 1

Fragmentation Percentage By Size 7%
Fragmentation Percentage By Count 0%

Analysis Report For C: After Defragmentation

Total Fragmented Files 2
Total Fragmented Directories 0
Total Fragmented Bytes 7044 MB

MFT Fragments 1
Registry Fragments 1
Pagefile Fragments 1

Fragmentation Percentage By Size 3%
Fragmentation Percentage By Count 0%


The following files/directories were defragmented - Top 10

Path Lcn Size in MB Fragments
C:\Windows\System32\wdi\LogFiles\BootCKCL.etl 34496038 7.89 2
C:\Program Files\VideoLAN\VLC\http\images 2030 0.0 1
C:\Windows\assembly\NativeImages_v4.0.30319_32 2038 0.4 1
C:\Users\little blue\Desktop\Tor Browser\FirefoxPortable\App\Firefox 2048 0.1 1
C:\Windows\Prefetch 2059 0.2 1
C:\Users\little blue\AppData\Local\Microsoft\Windows 2066 0.3 1
C:\Program Files\AVAST Software\Avast\defs\12102100 2074 0.1 1
C:\Users\little blue\Documents\Teach\NCC\CMTH102, Comm. Theory-Speech 2077 0.1 1
C:\System Volume Information\SPP\SppCbsHiveStore 2107 0.1 1
C:\Users\little blue\AppData\Roaming\AtomPark\Email Marketing\Projects 2113 0.0 1


The following files/directories are still fragmented - Top 10

Path Lcn Size in MB Fragments
C:\Users\little blue\Documents\Hi-def & Fav. Film & TV\The Avengers 34498054 4072.36 3
C:\Users\little blue\Documents\Hi-def & Fav. Film & TV\Scott Pilgrim Vs The World 38103700 2972.42 1
  • 0

#7
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. Let's do this scan just to make sure there is no malware.

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

#8
moscatomg1

moscatomg1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts
Hi again, maliprog, I really appreciate you trying to help with this and I don't mean to be difficult, But Kaspersky is *crawling*. It says 2-3 days (it vacillates) until finish--and of course it takes a cpu load that makes it very slow to do other things, which probably negates doing the scan anyway if online, etc., which I need to be. Also, is this scan time normal for this sys. and a 250 GB hdd? And again, nothing was found in those recent scans with Avast, Malwarebytes, or Dr. Web. . . . Anyway, with this being my only computer right now and having to teach online daily, I don't think I can have this running like that. If this is an absolute must for your assistance, then unfortunately I will need to wait some time for a break in the term. . . . Please understand that I would love your help proceeding with any other measures, and I hope this doesn't put you off trying to--but I'm anxious yet aware that it might.
  • 0

#9
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Is there any way you can do it over night?

It does take some time to finish (4h - 6h) but I just won't to make sure there is nothing hiding in there. It doesn't take 2 days it just estimated time by VRT.
  • 0

#10
moscatomg1

moscatomg1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts
Ah! Well I read your post late last night, tried Kaspersky again, and it's now morning here--and it finished! So, yep, that 2-3 day scan estimate was bogus. Again, though, it found 0 threats like all my other scans. And since there were not any threats, there was no "threats" report available. (I went ahead anyway and successfully saved the auto scan report, but it's a whopping 175 MB .txt file that my sys. has been struggling to open for the last ten minutes--so I hope you don't need that one.)

EDIT: And though it may be too early to know for sure, I think I spoke too soon after the Puran scan/fix (and/or maybe my sys. needed an extra reboot), . . . But it looks like somehow most of my issues have improved with Word, Excel, and even Media Player Classic. One thing still--and it is merely more annoying than anything else at this point--is VLC. No matter how many uninstalls, deleted preferences, & re-installs, it is no longer the same. Every single video & video type skips with it now. Could it be a weird registry issue that is not getting solved by uninstalls & re-installs?
Also, do you have any ideas about some of those concerns/potential causes mentioned in the previous post(s)?

Thank you for your patience!

Edited by moscatomg1, 24 October 2012 - 12:31 PM.

  • 0

#11
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
I really can't help you with VLC because it could be a number of things. We could try Tech guys to help us out after we clean your PC.

Also, do you have any ideas about some of those concerns/potential causes mentioned in the previous post(s)?


I don't know what concerns your are talking about. Can you repeat that question.
  • 0

#12
moscatomg1

moscatomg1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts

I really can't help you with VLC because it could be a number of things. We could try Tech guys to help us out after we clean your PC.


It's not verified clean yet after OTL, Avast, Dr. Web, Malewarebytes, Puran, & Kaspersky scans??

Also, for the tech folks/boards, do I need to start a new inquiry for this, or can this topic be moved/transfered to them--so I don't need to go through the same scans a 2nd time?

Also, do you have any ideas about some of those concerns/potential causes mentioned in the previous post(s)?


I don't know what concerns your are talking about. Can you repeat that question.

Yes, these are the concerns that I was referring to:

Therefore, I am still wracking my brain to think of potentially significant events in the past month that may have adversely affected things, so here are a few. Again, it’s difficult to recollect everything, since the computer is in active use several hours each day. (And some of these should already be apparent from the first OTL log.)

-updated mozilla/firefox browser from relatively earlier version to 15.0.1
-updated to Microsoft net framework 4.0 as required by Comic Rack software (but subsequently removed both in sys. restore)
-updated TOR browser (but subsequently removed in sys. restore, though a mostly emptied folder does still exist on desktop)
-Although the sys. has the 3D impact sensor and Puran and (previously before first post) both Toshiba hdd sdd utility and Windows hdd scans all indicate no major problems/errors, I do remember that one day I stubbed my foot on the small table that my netbook was lying on. So that could have jostled the hdd, BUT there were not any immediate red flags w/ the sys. after that happened (and it’s possible that these sys. performance issues were occurring *before* this even happened).
....
*EDIT 2: In addition to all this, I'm not sure if the bit about that "blue screen of death" was lost among all the info in that first post, . . . however, from what I've read in regards to Windows 7, it often can mean hardware failure and/or a driver problem? So I wonder if that blue screen was not just related to my series of sys. restores I mentioned. Thankfully, though, that blue screen has Not made a reappearance yet.*


  • 0

#13
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts

It's not verified clean yet after OTL, Avast, Dr. Web, Malewarebytes, Puran, & Kaspersky scans??

Also, for the tech folks/boards, do I need to start a new inquiry for this, or can this topic be moved/transfered to them--so I don't need to go through the same scans a 2nd time?


Yes it is. But I need to remove my tools before I send you to Tech guys. They don't need malware removal tools.



Therefore, I am still wracking my brain to think of potentially significant events in the past month that may have adversely affected things, so here are a few. Again, it’s difficult to recollect everything, since the computer is in active use several hours each day. (And some of these should already be apparent from the first OTL log.)

-updated mozilla/firefox browser from relatively earlier version to 15.0.1
-updated to Microsoft net framework 4.0 as required by Comic Rack software (but subsequently removed both in sys. restore)
-updated TOR browser (but subsequently removed in sys. restore, though a mostly emptied folder does still exist on desktop)
-Although the sys. has the 3D impact sensor and Puran and (previously before first post) both Toshiba hdd sdd utility and Windows hdd scans all indicate no major problems/errors, I do remember that one day I stubbed my foot on the small table that my netbook was lying on. So that could have jostled the hdd, BUT there were not any immediate red flags w/ the sys. after that happened (and it’s possible that these sys. performance issues were occurring *before* this even happened).


From what I see it could be anything. It's pointless to go back every step in last month and try to restore it in order to do repair. Usually there are two or more events that is causing this.

EDIT 2: In addition to all this, I'm not sure if the bit about that "blue screen of death" was lost among all the info in that first post, . . . however, from what I've read in regards to Windows 7, it often can mean hardware failure and/or a driver problem? So I wonder if that blue screen was not just related to my series of sys. restores I mentioned. Thankfully, though, that blue screen has Not made a reappearance yet.*


Blue screen of death can be caused by hardware or software failure. As you already sad you didn't see BSODs for some time and it's probably not hardware. We did defragment and disk check and usually this solved BSODs for good.


I hope this is answers to your questions :)


For your system problems please start new topic in Windows Vista™ and Windows 7™. There are Tech guys that will help you more them me with this. Post them link to this topic and tell them that your system is clean now.


Let's continue with cleanup process...

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [clearallrestorepoints]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
Step 2

We need to clean up your PC from programs we used.

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end.

In case that any of the software we used in this fix still remains on your system please delete it manually (Right click on it and select Delete).

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Something to read

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

2. Make Backups of Important Files

Please read this article Home Computer Data Backup.

3. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.
  • 0

#14
moscatomg1

moscatomg1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts
OK. I followed all of your instructions--and made a new post in the Windows 7 area. Thank you for your help. I sincerely appreciate your time & patience.
  • 0

#15
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP