Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can not download Bittorrent


  • Please log in to reply

#1
andrewmcdevitt

andrewmcdevitt

    New Member

  • Member
  • Pip
  • 2 posts
Hi, everyone,

I have been trying to download bittorrent and it will download the installer but will not open it and pretty much does nothing when I try.

This only happen today after I tried to download a free windows 7 program which i think was a virus.

Here is the notepad

OTL logfile created on: 28/07/2013 10:28:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1.49 Gb Total Physical Memory | 0.48 Gb Available Physical Memory | 32.09% Memory free
3.21 Gb Paging File | 2.05 Gb Available in Paging File | 63.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 66.99 Gb Total Space | 33.00 Gb Free Space | 49.26% Space Free | Partition Type: NTFS
Drive D: | 7.54 Gb Total Space | 2.41 Gb Free Space | 32.00% Space Free | Partition Type: NTFS
Drive E: | 1.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/28 10:28:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2013/07/28 10:07:21 | 002,236,080 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/07/28 10:07:20 | 001,598,128 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
PRC - [2013/07/28 10:07:19 | 000,152,240 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
PRC - [2013/07/13 04:19:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010/03/10 03:59:40 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/06 17:24:31 | 000,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0\bin\jusched.exe
PRC - [2007/07/06 16:15:02 | 001,174,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2007/07/06 15:53:39 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/01/10 21:29:52 | 000,115,816 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2007/01/10 21:29:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/01/06 13:34:10 | 000,554,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/01/05 23:49:28 | 000,047,712 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/28 10:07:21 | 002,236,080 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/07/28 10:07:21 | 000,521,392 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\log4cplusU.dll
MOD - [2013/07/28 10:07:21 | 000,145,072 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\SiteSafety.dll
MOD - [2013/07/13 04:19:44 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/13 04:19:43 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013/07/13 04:19:42 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/13 04:18:49 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2007/05/31 19:31:22 | 000,249,856 | ---- | M] () -- C:\WINDOWS\System32\igfxTMM.dll
MOD - [2007/02/17 10:10:42 | 005,521,408 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/02/17 10:10:40 | 001,466,368 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll


========== Services (SafeList) ==========

SRV - [2013/07/28 10:07:20 | 001,598,128 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe -- (vToolbarUpdater15.3.0)
SRV - [2013/07/22 18:09:59 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2007/07/06 16:15:02 | 001,174,664 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/07/06 15:53:39 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/06 03:00:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2007/01/14 22:41:06 | 000,080,504 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2007/01/13 19:10:58 | 000,049,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/10 21:29:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/01/10 21:29:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/01/10 21:29:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/01/06 13:34:10 | 002,918,008 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/01/06 13:34:10 | 000,554,616 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/01/05 23:49:28 | 000,047,712 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/07/28 10:07:22 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2008/03/03 11:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/07/06 16:16:01 | 000,115,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/05/04 23:41:32 | 002,219,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/04/30 18:30:00 | 000,852,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070430.018\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/04/30 18:30:00 | 000,077,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070430.018\NAVENG.SYS -- (NAVENG)
DRV - [2007/04/24 07:21:08 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/01/30 07:53:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/01/12 17:52:20 | 000,276,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/01/12 17:52:18 | 000,025,400 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/01/12 17:52:14 | 000,247,608 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/01/11 00:30:00 | 000,387,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/01/10 14:02:14 | 000,191,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2007/01/10 14:02:14 | 000,027,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2007/01/04 06:35:02 | 000,417,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/12/28 22:18:26 | 000,212,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys -- (IDSvix86)
DRV - [2006/12/01 03:54:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/17 21:49:30 | 000,143,872 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/02 17:00:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006/06/29 03:24:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...SARIO&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...SARIO&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {96ACF17F-A1D7-4D41-B124-16B3A5A2DA71}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{96ACF17F-A1D7-4D41-B124-16B3A5A2DA71}: "URL" = http://au.search.yah...ing}&fr=hp-pvnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {96ACF17F-A1D7-4D41-B124-16B3A5A2DA71}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{96ACF17F-A1D7-4D41-B124-16B3A5A2DA71}: "URL" = http://au.search.yah...ing}&fr=hp-pvnb
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com.au/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/19 07:11:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Reg Error: Value error.) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IS CfgWiz] c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe (Symantec Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA58A8D8-E7E5-4899-9AE5-7F50FF9686DC}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/06 16:55:15 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/12 00:48:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2010/06/09 10:55:10 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3b0830f9-1fe0-11df-ae5a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3b0830f9-1fe0-11df-ae5a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2010/06/12 13:30:59 | 000,464,248 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{3b0830f9-1fe0-11df-ae5a-806e6f6e6963}\Shell\configure\command - "" = E:\setup.exe -- [2010/06/12 13:30:59 | 000,464,248 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{3b0830f9-1fe0-11df-ae5a-806e6f6e6963}\Shell\install\command - "" = E:\setup.exe -- [2010/06/12 13:30:59 | 000,464,248 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{85fe727f-9a65-11e1-8694-001b388a9248}\Shell\AutoRun\command - "" = F:\RunClubSanDisk.exe
O33 - MountPoints2\{9af3debe-87df-11e0-86f3-001b388a9248}\Shell\AutoRun\command - "" = RunClubSanDisk.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/28 10:08:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\AVG SafeGuard toolbar
[2013/07/28 10:07:37 | 000,037,664 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/07/28 10:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/07/28 10:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2013/07/28 10:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
[2013/07/28 10:07:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/07/27 22:48:02 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/27 22:06:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Seven Zip
[2013/07/27 21:58:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Xara
[2013/07/27 21:58:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\MAGIX
[2013/07/27 21:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared
[2013/07/27 21:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2013/07/27 21:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2013/07/27 21:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2013/07/22 18:09:58 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/07/22 18:09:58 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/07/21 23:23:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Apple Computer
[2013/07/21 23:21:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Apple Computer
[2013/07/21 23:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/07/21 23:19:20 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/07/21 23:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/07/21 23:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/07/21 23:16:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Apple
[2013/07/21 23:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013/07/21 23:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/07/19 23:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/07/19 23:41:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Apps
[2013/07/19 23:41:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Deployment
[2013/07/19 17:00:55 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard

========== Files - Modified Within 30 Days ==========

[2013/07/28 10:07:22 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/07/28 10:02:13 | 000,623,342 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/28 10:02:13 | 000,108,526 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/28 09:59:07 | 000,000,150 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2013/07/28 09:57:21 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/28 09:57:21 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/28 09:57:19 | 000,469,200 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/07/28 09:57:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/28 09:56:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/28 09:56:44 | 1600,159,744 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/28 09:46:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/28 09:40:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/26 22:02:47 | 000,262,315 | ---- | M] () -- C:\Users\Owner\Desktop\muscle.lg.jpg
[2013/07/25 21:10:07 | 000,026,112 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/24 16:48:50 | 000,105,668 | ---- | M] () -- C:\Users\Owner\Desktop\RobRichesNutritionalPlannerWBFF2011_5WeeksOut.pdf
[2013/07/22 18:09:58 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/07/22 18:09:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/07/22 18:03:07 | 000,001,995 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/21 23:23:37 | 287,594,586 | ---- | M] () -- C:\Users\Owner\Desktop\1.MOV
[2013/07/21 23:23:37 | 144,563,249 | ---- | M] () -- C:\Users\Owner\Desktop\3.MOV
[2013/07/21 23:23:37 | 142,330,678 | ---- | M] () -- C:\Users\Owner\Desktop\2.MOV
[2013/07/21 23:23:37 | 072,373,200 | ---- | M] () -- C:\Users\Owner\Desktop\9.MOV
[2013/07/21 23:23:37 | 058,434,956 | ---- | M] () -- C:\Users\Owner\Desktop\8.MOV
[2013/07/21 23:23:37 | 049,871,758 | ---- | M] () -- C:\Users\Owner\Desktop\5.MOV
[2013/07/21 23:23:37 | 041,347,254 | ---- | M] () -- C:\Users\Owner\Desktop\4.MOV
[2013/07/21 23:23:37 | 022,539,685 | ---- | M] () -- C:\Users\Owner\Desktop\6.MOV
[2013/07/21 23:23:37 | 001,817,980 | ---- | M] () -- C:\Users\Owner\Desktop\7.MOV
[2013/07/21 23:19:50 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/07/19 23:44:02 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/19 23:35:23 | 000,021,118 | ---- | M] () -- C:\Users\Owner\Desktop\Zyzz.jpg
[2013/07/19 23:34:31 | 000,092,696 | ---- | M] () -- C:\Users\Owner\Desktop\Lazar.jpg
[2013/07/19 23:22:01 | 000,039,373 | ---- | M] () -- C:\Users\Owner\Desktop\Rob Riches.jpg
[2013/07/19 23:15:49 | 000,075,706 | ---- | M] () -- C:\Users\Owner\Desktop\jeff seid.jpg
[2013/07/01 11:03:22 | 001,234,762 | ---- | M] () -- C:\Users\Owner\Desktop\Andrew Mcdevitt.PNG

========== Files Created - No Company Name ==========

[2013/07/26 22:02:41 | 000,262,315 | ---- | C] () -- C:\Users\Owner\Desktop\muscle.lg.jpg
[2013/07/26 12:48:52 | 001,234,762 | ---- | C] () -- C:\Users\Owner\Desktop\Andrew Mcdevitt.PNG
[2013/07/24 16:48:39 | 000,105,668 | ---- | C] () -- C:\Users\Owner\Desktop\RobRichesNutritionalPlannerWBFF2011_5WeeksOut.pdf
[2013/07/22 18:09:59 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/21 23:19:50 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/07/21 23:16:31 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/07/21 17:21:25 | 144,563,249 | ---- | C] () -- C:\Users\Owner\Desktop\3.MOV
[2013/07/21 17:21:11 | 142,330,678 | ---- | C] () -- C:\Users\Owner\Desktop\2.MOV
[2013/07/21 17:20:42 | 287,594,586 | ---- | C] () -- C:\Users\Owner\Desktop\1.MOV
[2013/07/21 17:20:37 | 049,871,758 | ---- | C] () -- C:\Users\Owner\Desktop\5.MOV
[2013/07/21 17:20:30 | 058,434,956 | ---- | C] () -- C:\Users\Owner\Desktop\8.MOV
[2013/07/21 17:20:30 | 001,817,980 | ---- | C] () -- C:\Users\Owner\Desktop\7.MOV
[2013/07/21 17:20:27 | 022,539,685 | ---- | C] () -- C:\Users\Owner\Desktop\6.MOV
[2013/07/21 17:20:17 | 072,373,200 | ---- | C] () -- C:\Users\Owner\Desktop\9.MOV
[2013/07/21 17:20:05 | 041,347,254 | ---- | C] () -- C:\Users\Owner\Desktop\4.MOV
[2013/07/19 23:44:02 | 000,001,995 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/19 23:44:02 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/19 23:41:36 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/19 23:41:32 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/19 23:34:44 | 000,092,696 | ---- | C] () -- C:\Users\Owner\Desktop\Lazar.jpg
[2013/07/19 23:23:32 | 000,021,118 | ---- | C] () -- C:\Users\Owner\Desktop\Zyzz.jpg
[2013/07/19 23:22:18 | 000,039,373 | ---- | C] () -- C:\Users\Owner\Desktop\Rob Riches.jpg
[2013/07/19 23:16:06 | 000,075,706 | ---- | C] () -- C:\Users\Owner\Desktop\jeff seid.jpg
[2011/08/28 17:10:08 | 000,026,112 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 22:21:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/03/10 04:03:56 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/03/10 03:49:06 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 19:16:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\9.MOV:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\8.MOV:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\7.MOV:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\6.MOV:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\5.MOV:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\4.MOV:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\3.MOV:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\2.MOV:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\1.MOV:TOC.WMV
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:EE436357
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:F7862839
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:84512B49
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:CFE0B346
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:02070C72

< End of report >
  • 0

Advertisements


#2
andrewmcdevitt

andrewmcdevitt

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
OTL Extras logfile created on: 28/07/2013 10:28:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1.49 Gb Total Physical Memory | 0.48 Gb Available Physical Memory | 32.09% Memory free
3.21 Gb Paging File | 2.05 Gb Available in Paging File | 63.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 66.99 Gb Total Space | 33.00 Gb Free Space | 49.26% Space Free | Partition Type: NTFS
Drive D: | 7.54 Gb Total Space | 2.41 Gb Free Space | 32.00% Space Free | Partition Type: NTFS
Drive E: | 1.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4C205156-3F60-4478-B694-EB6BB51A707B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{724658EB-E070-41D8-BADE-D24F4008E8CE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E6F40DD-7CB4-4225-B35F-65AAF814C7F2}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{12EAD633-9D60-4567-91C0-18D274201399}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{4757A304-A278-47EA-B79A-EED66324829C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7CC58E7F-73D3-4739-A60A-3A1E2AFA4E18}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{B0D13AF7-D7B8-401E-98C2-E0C7C39D8387}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{B21CC21D-4394-4B6C-9A57-82283068C4FF}" = protocol=17 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth ™ ii\game.dat |
"{BA257715-E5C1-447F-8A7E-878BCDEF3E63}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{BCB43963-CD22-4CB6-82E3-C7DB1AEB9C3A}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{D8EBF9F6-B390-477B-8D73-BA498C02174C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{E1975593-5963-4D75-8F75-AAF8B6EDC835}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F5127E1B-60E4-4AE6-8C8A-57E26F6D08E7}" = protocol=6 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth ™ ii\game.dat |
"TCP Query User{DAA192BC-82CA-4DE6-BB37-E558FDDEDCDE}F:\halo\halo.exe" = protocol=6 | dir=in | app=f:\halo\halo.exe |
"UDP Query User{C864BD4D-D71F-4E63-9EE5-24AF45DE5DDC}F:\halo\halo.exe" = protocol=17 | dir=in | app=f:\halo\halo.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D483AE1-6AE2-478B-BB47-EB6FD9D6AABF}" = MAGIX Screenshare
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 G2
"{34DAFDEC-A4B4-488A-A5CD-C91975A6F083}" = MediaRing Talk
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.2
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{54F7A791-38DE-4439-AB3F-B3F7DDA89C75}" = ESU for Microsoft Vista
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{584B0895-8EF3-4175-8E80-1B68BFA04636}" = HP Help and Support
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66C1DD9B-02D8-4A31-B54C-FE8DC76F25D4}" = HP User Guides 0078
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{97EAB8CA-CC1D-43C6-A5F5-83F3BCB4120C}" = MAGIX Speed burnR (MSI)
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045_SprtHDzm" = HDAUDIO Soft Data Fax Modem with SmartCP
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22/07/2013 4:28:50 AM | Computer Name = Owner-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 22/07/2013 4:33:43 AM | Computer Name = Owner-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 22/07/2013 4:35:05 AM | Computer Name = Owner-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 22/07/2013 4:36:32 AM | Computer Name = Owner-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 22/07/2013 4:38:02 AM | Computer Name = Owner-PC | Source = WerSvc | ID = 5007
Description =

Error - 22/07/2013 4:40:09 AM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application InstallFlashPlayer.exe, version 11.8.800.94,
time stamp 0x51c4d890, faulting module fpb.tmp_unloaded, version 0.0.0.0, time stamp
0x51c4d665, exception code 0xc0000005, fault offset 0x6ce82f53, process id 0x7f4,
application start time 0x01ce86b70318f2c1.

Error - 22/07/2013 4:45:52 AM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application MOVIEMK.exe, version 6.0.6000.16937, time stamp
0x4ad5ca1b, faulting module QuickTime.qts, version 7.74.80.86, time stamp 0x5180f322,
exception code 0xc0000005, fault offset 0x008ce882, process id 0x109c, application
start time 0x01ce86b77b447f81.

Error - 22/07/2013 5:14:24 AM | Computer Name = Owner-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 27/07/2013 7:41:58 PM | Computer Name = Owner-PC | Source = VSS | ID = 8194
Description =

Error - 27/07/2013 8:32:12 PM | Computer Name = Owner-PC | Source = WerSvc | ID = 5007
Description =

[ System Events ]
Error - 28/08/2011 3:38:11 AM | Computer Name = Owner-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.4 for the Network Card with network address
001A73C9451B has been denied by the DHCP server 10.0.0.138 (The DHCP Server sent
a DHCPNACK message).

Error - 29/08/2011 3:00:56 AM | Computer Name = Owner-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.5 for the Network Card with network address
001A73C9451B has been denied by the DHCP server 10.0.0.138 (The DHCP Server sent
a DHCPNACK message).

Error - 30/08/2011 3:56:18 AM | Computer Name = Owner-PC | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 10.0.0.5 on the
Network Card with network address 001A73C9451B.

Error - 3/09/2011 11:12:03 AM | Computer Name = Owner-PC | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 10.0.0.2 on the
Network Card with network address 001A73C9451B.

Error - 17/09/2011 8:23:10 AM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:51:45 PM on 17/09/2011 was unexpected.

Error - 19/09/2011 3:18:10 AM | Computer Name = Owner-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.3 for the Network Card with network address
001A73C9451B has been denied by the DHCP server 10.0.0.138 (The DHCP Server sent
a DHCPNACK message).

Error - 23/09/2011 5:29:53 AM | Computer Name = Owner-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.3 for the Network Card with network address
001A73C9451B has been denied by the DHCP server 10.0.0.138 (The DHCP Server sent
a DHCPNACK message).

Error - 24/09/2011 7:08:31 AM | Computer Name = Owner-PC | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 10.0.0.3 on the
Network Card with network address 001A73C9451B.

Error - 24/09/2011 11:00:52 PM | Computer Name = Owner-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.4 for the Network Card with network address
001A73C9451B has been denied by the DHCP server 10.0.0.138 (The DHCP Server sent
a DHCPNACK message).

Error - 27/09/2011 6:43:20 AM | Computer Name = Owner-PC | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 10.0.0.4 on the
Network Card with network address 001A73C9451B.


< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP