Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer responding slow when on the Internet online.. [Solved]


  • This topic is locked This topic is locked

#1
dowsp

dowsp

    Member

  • Member
  • PipPipPip
  • 542 posts

Hi,

 

I recently obtained a new 2nd hand hardrive I had fitted in as a cheap deal in a Computer repair shop  for my old Dell Inspiron 510M laptop which I prefer to use being so used to it and having tried using another more modern computer found that difficult to get used to..

 

Initially the new drive worked reasonably OK...(Not ideal, but Ok for what I paid £50 to be fitted come with Windows XP)  I think I am on IE 8...as well as using google chrome browser...

 

But with about 2 months of using it...The Laptop seems to be having similar issues to what I had on my previous harddrive where that was running slower and slower until it packed in...

 

It is not so bad if just using on one or two web pages open..but if I open more it slows or almost freezes up...in particular when I am on Yahoos website and trying to click on news pages or when I log in to open certain emails..

 

I am not sure if somehow it may have a keylogger monitoring certain things....as certain email addresses I deal with at times become very slow when I reply...

 

 

I am told on one forum I visit,  that some of the likes of the FBI or National security services did at some time create certain monitoring malware that is not possible to detect by standard AV programs..

 

As I have had similar issues in my past...and gone to great lengths to attempt to solve similar issues including help from geekstogo on certain occasions...where we did improve certain things, but could not fully solve the issues...it makes me wonder..

 

I have tried running Avira and Microsoft security essentials Anti Virus..but no viruses could be found.

 

I also used Malwarebytes and that did find some spyware..but all of the same type....not varied ones...I am sure I do have other spyware on my system, (or maybe just cookies as certain things will pop up at times of websites Ive visited ) but it/they did not get detected..

 

 

I was considering trying Kaspersky free download, but I do not see any recomendnations to use it after doing a search...

 

I wonder if anyone could help or advise me..

 

Id prefer  to post certain log files privately as often otherwise I have a lot of things that I need to delete that I prefer not to show on a general forum.

 

Thank you

 

Dowsp..


  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Hi dowsp, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
Note: Please, bare in mind that I am still a trainee and my replies need to be reviewed by my teachers before I post them to you which requires time as both teachers and helpers are volunteers here. Take it as a good thing because now you have two people examining your problem. I really hope that we will be able to send you home with a smile on your face. :)

 


I am told on one forum I visit, that some of the likes of the FBI or National security services did at some time create certain monitoring malware that is not possible to detect by standard AV programs..

I do hope that they have better things to do. :D
 

we did improve certain things, but could not fully solve the issues...it makes me wonder..

Some malwares are unique and can do irreversible damage to your system. No conspiracy theory here. :)
 

Id prefer to post certain log files privately as often otherwise I have a lot of things that I need to delete that I prefer not to show on a general forum.

The logs we ask do not contain any private information which can be used against you. Unless you made your password same as your username you are good to post them in the general forum. Do note that butchered logs will make things complex and can do more harm than good. If you still have doubt about your contents, privet message me the contents and I will ask the authority.

In addition, we have detected a version of Windows XP in your system (as stated in your post). Please note that Microsoft will terminate their support of XP by this time. It is recommended that you upgrade yourself to Windows Vista or above else making yourself vulnerable against malware attacks since no Microsoft support or patch for XP will be released.

 
  • Step #1 Scan with OTL
    • Please download OldTimer's Listit from one of the following locations and save it to your Desktop.
      Download Link 1
      Download Link 2
      Downlaod LInk 3
    • Double-click to run the program;
    • Copy and Paste the following code inside the Custom Scans/Fixes box;
      netsvcs
      BASESERVICES
      %SYSTEMDRIVE%\*.exe
      dir "%systemdrive%\*" /S /A:L /C
      /md5start
      services.*
      explorer.exe
      winlogon.exe
      Userinit.exe
      svchost.exe
      /md5stop
      CREATERESTOREPOINT
    • Click the Quick Scan button;
    • After the scan two logs will be produced;
    • Copy and paste the content of the logs in your next reply
 
  • Required Log(s):
    • Oldtimer's ListIT Log(s) --
      • OTL.txt;
      • Extras.txt
Regards,
Valinorum
  • 0

#3
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 542 posts

Hi Valinorum,

 

Thank you for responding to my post and being my geektogo guide towards trying to solve my problems.

 

I will try to note what you have said and will attempt to follow your instructions....

 

I just seen something on yahoo that mentions Windows xp is coming to an end for updates...

That I am sad about..for what I have just paid for my harddrive that came with a copy of the software...I did not really want to change..

at least or the near future if possible.

 

With ref to using OTL....

 

when I look at the geektogo guide.. and compare the download.. it seems a bit different to the image shown in guide..

 

http://www.geekstogo...e_icons/otl.png

 

Do I click the same things where I can that look similar to the guide image ?

 

The Download does not show a box for " includes 64 bit scans " as in the guide image and only shows "scan all users"

 

I assume I click "scan all users " if thats shown as the only option..

 

Under file scans... it also shows file age 30 days and most boxes ticked under that section including LOP and PURITY Check.

 

Should I just select 30 days or longer...and also click all the boxes under it..

 

I will do that for this post and for posting the logs..(In the next post)

 

If its wrong I will amend on your instruction and repost later..

when I did a quick try to create a log.. there was some info that Id rather not post..and may have to take out..which may be a bit 

time consuming if I have to do this a few times...

 

Thank you

 

Dowsp

 

 

 

 

 

 

.


  • 0

#4
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts

I just seen something on yahoo that mentions Windows xp is coming to an end for updates...

That I am sad about..for what I have just paid for my harddrive that came with a copy of the software...I did not really want to change..

at least or the near future if possible.

Nothing can be done. If you choose to keep XP, you will be vulnerable to new threats.

Regarding OTL, just follow the instruction I posted. Quick Scan button will take care of the preferences. Also, stop following other guides unless stated otherwise.
 

The Download does not show a box for " includes 64 bit scans " as in the guide image and only shows "scan all users"

Because you are not using a 64-bit machine.
 

when I did a quick try to create a log.. there was some info that Id rather not post..and may have to take out..which may be a bit

time consuming if I have to do this a few times...

Butchered logs will cause problem during our fix. If you are paranoid, just attach the logs and we will delete them after your machine is clean. Also, private message me regarding the information you do not want to disclose.

Regards,
Valinorum

Edited by Valinorum, 06 April 2014 - 10:37 PM.

  • 0

#5
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 542 posts

On doing the OTL process, it appears as if it has  only produced the one log..unless I find another in my documents..
 
when I tried doing a log the other day without adding in any written content...it did produce 2 logs..
 
 
here is the one it produced..I deleted a few lines (about 10 ) that ref to documents that id produced on my computer..
-----------------------------------------------------
 
 
OTL logfile created on: 4/8/2014 3:07:31 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
510.21 Mb Total Physical Memory | 145.99 Mb Available Physical Memory | 28.61% Memory free
1.79 Gb Paging File | 1.25 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 1350 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 54.96 Gb Free Space | 73.75% Space Free | Partition Type: NTFS
 
Computer Name: NBS-30B3685D369 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\Administrator\My Documents\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll ()
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Theme\c88a9c08155e0fe13fa4675ba9eed317\Kies.Theme.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\b7e92223b1502c20e68c07be43a76c43\DummyStorePlugin.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePodcast\4d5263c496f474dc981a386267c77e2e\DevicePodcast.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceVideo\746041f530aaf98f93618712bc687cc2\DeviceVideo.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePhoto\0d0a0403f424c8903ae05bdc4157f431\DevicePhoto.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\78665ac46c0879af8aca0018d4d6367b\Kies.Common.DeviceServiceLib.FileService.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\4527b0c0e937128b049ba21752bf3a52\DeviceCommonLib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\14f90c16ce998e65806eed10c715c081\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bfdb5843d107f699462b34c2f7146e6d\Kies.Common.DeviceServiceLib.Interface.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\aec4dafd7a0a578fbf78a686de7048a8\Kies.MVVM.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.UI\c21251213ff07da13eb15e0f00036542\Kies.UI.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\27af83e8dc27ee77fd22031801f3c5f1\ASF_cSharpAPI.ni.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetPrint.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetScan.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetImage.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetPDF.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetFunc.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTSTRN.DLL ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTPCFG.DLL ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBTPP5C.DLL ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTUI5C.DLL ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTDR5C.DLL ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\dlbtcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\ConvDIB.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (dlbt_device) -- C:\WINDOWS\system32\dlbtcoms.exe (Dell)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (cerc6) --  File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (ssudmdm) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (w70n51) -- C:\WINDOWS\system32\drivers\w70n51.sys (Intel® Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (STAC97) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1993962763-492894223-1957994488-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1993962763-492894223-1957994488-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1993962763-492894223-1957994488-500\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKU\S-1-5-21-1993962763-492894223-1957994488-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-1993962763-492894223-1957994488-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Documents and Settings\Administrator\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O3 - HKU\S-1-5-21-1993962763-492894223-1957994488-500\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-4300-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1993962763-492894223-1957994488-500..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1993962763-492894223-1957994488-500..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-492894223-1957994488-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85C9E6FD-83DA-45BA-A356-DC03E982137A}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/11/27 16:07:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/08 02:40:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\geektogo
[2014/03/27 20:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2014/03/27 19:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Citrix
[2014/03/23 19:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\InstallConverter bundle uninstaller
[2014/03/14 23:40:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Printers
[2014/03/14 23:20:55 | 000,471,040 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtpmui.dll
[2014/03/14 23:20:52 | 000,385,024 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtcomm.dll
[2014/03/14 23:20:52 | 000,344,064 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtcfg.exe
[2014/03/14 23:20:52 | 000,114,688 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtpplc.dll
[2014/03/14 23:20:51 | 001,040,384 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtusb1.dll
[2014/03/14 23:20:51 | 000,495,616 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbthbn1.dll
[2014/03/14 23:20:51 | 000,450,560 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtlmpm.dll
[2014/03/14 23:20:50 | 001,048,576 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtserv.dll
[2014/03/14 23:20:50 | 000,520,192 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtcomc.dll
[2014/03/14 23:20:50 | 000,421,888 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtcoms.exe
[2014/03/14 23:20:50 | 000,126,976 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtprox.dll
[2014/03/14 23:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Photo AIO Printer 922
[2014/03/14 23:20:11 | 000,000,000 | ---D | C] -- C:\Temp
[2014/03/14 23:18:55 | 000,000,000 | ---D | C] -- C:\Dell922
[2014/03/14 11:39:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Deputyship
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/08 02:34:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/08 02:29:07 | 000,000,530 | ---- | M] () -- C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-1993962763-492894223-1957994488-500.job
[2014/04/08 02:22:42 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2014/04/08 02:22:36 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/08 02:22:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/08 01:21:06 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/04/04 02:12:58 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2014/03/30 10:06:51 | 000,445,046 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/03/30 10:06:51 | 000,071,082 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/03/27 22:33:31 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/23 19:39:25 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014/03/21 15:50:58 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar  21st 2014.bmp
[2014/03/21 15:50:29 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 23rd 2014.bmp
[2014/03/21 15:47:03 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 2014.bmp
[2014/03/20 15:16:13 | 000,009,639 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Probe uk Mar 22 to 23rd 14 schedule.rtf
[2014/03/18 08:43:23 | 000,000,362 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2014/03/16 21:58:20 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
 

[2014/03/13 04:58:47 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/03/13 04:07:36 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
 

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/03/27 22:33:31 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/27 20:01:41 | 000,000,530 | ---- | C] () -- C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-1993962763-492894223-1957994488-500.job
[2014/03/23 18:23:12 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014/03/21 15:50:57 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar  21st 2014.bmp
[2014/03/21 15:49:20 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 23rd 2014.bmp
[2014/03/21 15:45:36 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 2014.bmp
[2014/03/20 15:16:10 | 000,009,639 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Probe uk Mar 22 to 23rd 14 schedule.rtf
[2014/03/14 23:42:10 | 000,000,362 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2014/03/14 23:20:53 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\dlbtih.exe
[2014/03/14 23:20:53 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbtvs.dll
[2014/03/14 23:20:53 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\dlbt.loc
[2014/03/14 23:20:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlbtcur.dll
[2014/03/14 23:20:49 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbtcu.dll
[2014/03/14 23:20:44 | 000,557,056 | ---- | C] () -- C:\WINDOWS\System32\dlbtjswr.dll
[2014/03/14 23:20:44 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dlbtcoin.dll
[2014/03/14 23:20:44 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\dlbtsnls.dll
[2014/03/14 23:20:40 | 000,401,408 | ---- | C] () -- C:\WINDOWS\System32\dlbtutil.dll
 

[2014/02/23 01:51:58 | 000,348,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1993962763-492894223-1957994488-500-0.dat
[2014/02/11 00:11:47 | 000,080,138 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/02/08 22:30:19 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\Administrator\${LOGFILE}
[2014/01/23 19:31:12 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2014/01/23 19:31:08 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2014/01/23 19:31:08 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2014/01/23 19:31:08 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2014/01/23 19:31:08 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013/12/14 01:23:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/11/28 15:45:20 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013/11/27 16:15:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/11/27 15:58:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/11/27 15:46:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/11/27 15:44:11 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 08:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/11/29 12:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\driveridentifier
[2014/02/23 01:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Samsung
[2014/01/23 00:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\APN
[2014/02/10 23:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV - [2008/04/14 08:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 08:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 08:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 14:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 08:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 08:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 18:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/14 08:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/28 00:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/14 08:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 08:00:00 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 08:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 08:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 08:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 08:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 08:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 08:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 17:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/14 08:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 08:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 08:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 13:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/14 08:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 08:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 08:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 08:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 06:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/28 00:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/14 08:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 08:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 08:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 08:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 08:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/28 00:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/14 08:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 08:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 08:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 08:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/14 08:00:00 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 08:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 13:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/14 08:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 08:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 07:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is 6056-A069
 Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
02/14/2014  04:34 AM    <JUNCTION>     v4.0_4.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler
02/14/2014  04:24 AM    <JUNCTION>     v4.0_4.0.0.0__31bf3856ad364e35
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
               2 Dir(s)  58,999,595,008 bytes free
 
< MD5 for: EXPLORER.EXE  >
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
 
< MD5 for: SERVICES  >
[2008/04/14 08:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
 
< MD5 for: SERVICES.CFG  >
[2012/09/23 21:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/12/21 07:04:16 | 000,559,392 | ---- | M] () MD5=F9FBA73F44366AB3514BD1985707F178 -- C:\Program Files\Adobe\Reader 11.0\Reader\Services\Services.cfg
 
< MD5 for: SERVICES.EXE  >
[2009/02/06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 08:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
 
< MD5 for: SERVICES.LNK  >
[2013/11/27 16:07:17 | 000,001,602 | ---- | M] () MD5=BCB6344D4FFA4B8E321ABE2ADEDE77FE -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
 
< MD5 for: SERVICES.MSC  >
[2008/04/14 08:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
 
< MD5 for: SVCHOST.EXE  >
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
 
< End of report >
 
 
 
 
 
 
 

  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts

when I tried doing a log the other day without adding in any written content...it did produce 2 logs..

Post the other log. That log is produced when OTL is run for the first time.

I deleted a few lines (about 10 ) that ref to documents that id produced on my computer..

Private Message(PM) me those lines. I want to see.
  • 0

#7
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 542 posts

oops..

 

I did not realise that you had already responded...

 

As the guide I followed was shown on this geekstogo forum instructions ..I thought that was OK..

 

but if your saying not to click on any of the boxes I can do it again...


  • 0

#8
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Please do so and also you will notice Extras.txt in the same folder of OTL.exe unless you deleted it. Post that as well.
  • 0

#9
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 542 posts

these are the lines I took out.....they were the my documents lines.. (My Documents\D letter).I have took the letters out of just one word on each line...I doubt very much this will be relevant after having done similar to this once before and being slightly familiar...

 

I will post the other log if I can find it asap...hopefully any minute..

 

 
[2014/03/14 17:01:16 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Dell service tag no GR.bmp
[2014/03/13 17:06:54 | 000,002,944 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\D letter draft Peters reply2 Mar 12th 2014.rtf
[2014/03/13 16:25:43 | 000,010,485 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\D letter draft Peters reply Mar 12th 2014.rtf
[2014/03/13 04:58:47 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/03/13 04:07:36 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/03/12 14:51:19 | 000,015,141 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\D letter draft John.rtf
[2014/03/12 04:25:17 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Dletter 2.bmp
[2014/03/12 04:23:55 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\D letter.bmp
[2014/03/11 15:52:54 | 000,081,465 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Dcopy.pdf
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
 
 
[2014/03/14 17:01:15 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Dell service tag no GR.bmp
[2014/03/13 16:50:19 | 000,002,944 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\D letter draft Ps reply2 Mar 12th 2014.rtf
[2014/03/13 05:45:47 | 000,010,485 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\D letter draft Ps reply Mar 12th 2014.rtf

  • 0

#10
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 542 posts
This is the 2nd log from what I did a few days ago when I first tried it.....
 
______________________________________________________
 
OTL Extras logfile created on: 4/4/2014 8:21:40 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
510.21 Mb Total Physical Memory | 129.07 Mb Available Physical Memory | 25.30% Memory free
1.79 Gb Paging File | 1.32 Gb Available in Paging File | 73.57% Paging File free
Paging file location(s): C:\pagefile.sys 1350 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 54.69 Gb Free Space | 73.38% Space Free | Partition Type: NTFS
 
Computer Name: NBS-30B3685D369 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1" = DriverIdentifier 4.2.7
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B025BA0B-64A6-46DE-9D64-32965C83CCA9}" = Citrix Online Launcher
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D480 MDC V.92 Modem
"Dell Photo AIO Printer 922" = Dell Photo AIO Printer 922
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PROSet" = Intel® Network Connections Drivers
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 6.2.0.1350
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2/16/2014 7:04:25 PM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 2/19/2014 12:14:59 AM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 2/20/2014 12:45:39 AM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 2/25/2014 8:13:44 PM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application chrome.exe, version 33.0.1750.117, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 3/4/2014 3:51:12 AM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application Kies.exe, version 1.0.0.1668, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 3/13/2014 6:30:49 PM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 3/14/2014 9:30:33 AM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 3/14/2014 9:30:33 AM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 3/14/2014 9:30:33 AM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 3/15/2014 12:36:54 AM | Computer Name = NBS-30B3685D369 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
[ System Events ]
Error - 3/26/2014 9:07:45 AM | Computer Name = NBS-30B3685D369 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the ImapiService service.
 
Error - 3/26/2014 9:07:46 AM | Computer Name = NBS-30B3685D369 | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
 following error:   %%1053
 
Error - 3/28/2014 11:14:43 PM | Computer Name = NBS-30B3685D369 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Update for Microsoft Security Essentials - 4.5.216.0 (KB2949787).
 
Error - 3/29/2014 12:15:33 AM | Computer Name = NBS-30B3685D369 | Source = PSched | ID = 14103
Description = QoS [Adapter {85C9E6FD-83DA-45BA-A356-DC03E982137A}]:  The netcard driver
 failed the query for OID_GEN_LINK_SPEED.
 
Error - 3/29/2014 7:48:50 AM | Computer Name = NBS-30B3685D369 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
 address 000CF15F615A has been  denied by the DHCP server 192.168.1.1 (The DHCP Server
 sent a DHCPNACK message).
 
Error - 3/29/2014 7:50:31 AM | Computer Name = NBS-30B3685D369 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM 
Service service to connect.
 
Error - 3/29/2014 7:50:31 AM | Computer Name = NBS-30B3685D369 | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
 following error:   %%1053
 
Error - 4/1/2014 9:51:44 AM | Computer Name = NBS-30B3685D369 | Source = W32Time | ID = 39452706
Description = The time service has detected that the system time needs to be   changed
 by -78872 seconds. The time service will not change the system   time by more than
 -54000 seconds. Verify that your time and time zone   are correct, and that the time
 source time.windows.com (ntp.m|0x1|192.168.1.2:123->64.4.10.33:123) is working 
properly.
 
Error - 4/3/2014 6:39:50 AM | Computer Name = NBS-30B3685D369 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
 Service service to connect.
 
Error - 4/3/2014 6:39:53 AM | Computer Name = NBS-30B3685D369 | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due 
to the following error:   %%1053
 
 
< End of report >

  • 0

Advertisements


#11
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
You can remove the lines. But they would hardly cause security threats. I will post a fix soon.
  • 0

#12
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 542 posts

OK thank you.

 

They were more of a privacy issue...

 

I am not even sure how they showed up....as other docs I produced in last 30 days have not shown up like them....

 

No rush....but if I do not respond when you reply...It may be later that I reply again...as I was going to ZZZ after id initially posted...

 

But depending what your rely is if I see it and how long the next step may take...i may stay up a while longer..  :-)


  • 0

#13
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
You can take a nap. I submitted the fix to my teacher. It will be posted on this thread after their approval by the time you awake. :)
  • 0

#14
dowsp

dowsp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 542 posts

ok thank you,

 

speak later..

 

cheers...


  • 0

#15
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Hi dowsp, :)

After I declare you all clean add more RAM to speed things up.
  • Step #2 Fix with OTL
    • Re-run OTL by right clicking and choosing Run as administrator;
    • Under the Custom Scans/Fixes Box copy and paste the following contents inside the quote box. (Do not include the word 'quote').

      :Commands
      [createrestorepoint]

      :OTL
      IE - HKU\S-1-5-21-1993962763-492894223-1957994488-500\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
      O3 - HKU\S-1-5-21-1993962763-492894223-1957994488-500\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-4300-7A786E7484D7} - No CLSID value found.

      :Commands
      [emptytemp]

    • Click on "Run Fix" and let the program run unhindered;
    • Your PC will reboot automatically and a log will be opened;
    • Please post it in your next reply.
 
  • Step #3 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart;
    • Copy and Paste the contents of this log in your reply.
 
  • Step #4 Fix with Junkware Removal Tool
    Download Junkware Removal Tool by thisisu to your Desktop from the link below.
    Download Link 1
    Download Link 2
    • Disable your anti-virus to avoid potential conflicts. For more information please acknowledge yourself this article;
    • Run the program either by double-clicking(Windows XP) or Right-clicking and choosing Run as administrator(Windows Vista and above);
    • Please be patient as the tool cleans your system;
    • After completion of the process a log named JRT.txt will automatically open and is save to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Required Log(s):
    • OTL Fix Log;
    • AdwCleaner Log;
    • Junkware Removal Tool Log
Regards,
Valinorum
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP