Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware info from NotePad. I need help. [Solved]

Started by itsmesunny , Jun 13 2014 12:54 PM

  • This topic is locked This topic is locked

#61
itsmesunny
Posted 29 June 2014 - 06:18 PM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

ok. all that came up is OTL.txt -

 

OTL logfile created on: 6/29/2014 7:42:57 PM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\User\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1023.00 Mb Total Physical Memory | 411.65 Mb Available Physical Memory | 40.24% Memory free
2.40 Gb Paging File | 1.91 Gb Available in Paging File | 79.38% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.87 Gb Total Space | 43.23 Gb Free Space | 77.38% Space Free | Partition Type: NTFS
Drive F: | 37.26 Gb Total Space | 37.12 Gb Free Space | 99.63% Space Free | Partition Type: NTFS
 
Computer Name: USER-R6PHPMKAQL | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/26 16:40:37 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/06/26 16:33:43 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/06/23 20:23:11 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/06/13 12:25:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2014/06/12 15:47:56 | 000,262,720 | ---- | M] (Dell) -- C:\Documents and Settings\User\Local Settings\Apps\2.0\A8LMOTVO.4B3\RO0X0G3X.50N\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe
PRC - [2014/05/07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/29 19:06:48 | 002,789,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14062902\algo.dll
MOD - [2014/06/29 10:37:27 | 002,789,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14062901\algo.dll
MOD - [2014/06/26 16:33:57 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/06/23 20:22:54 | 003,852,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/06/06 14:09:13 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2014/06/05 14:52:00 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll
MOD - [2014/06/05 14:11:36 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2014/06/05 14:11:08 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll
MOD - [2014/06/05 14:07:09 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014/06/05 14:06:53 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- mbamservice.exe -- (MBAMService)
SRV - File not found [Auto | Stopped] -- mbamscheduler.exe -- (MBAMScheduler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/06/26 17:50:01 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/26 16:33:43 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/06/23 20:22:55 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\jl2005c.sys -- (JL2005C)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/06/26 16:40:07 | 000,777,488 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/06/26 16:40:06 | 000,411,680 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/06/26 16:40:06 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswrdr.sys -- (aswRdr)
DRV - [2014/06/26 16:34:01 | 000,180,632 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/06/26 16:34:01 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/06/26 16:34:00 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/06/26 16:34:00 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/06/26 16:34:00 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/06/13 11:10:22 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2014/06/06 08:17:18 | 000,042,272 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2007/04/18 08:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007/04/12 08:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 08:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 08:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 08:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 08:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 08:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 08:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 08:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007/04/10 06:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007/04/10 05:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2007/04/10 04:32:34 | 000,016,168 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pfmodnt.sys -- (PfModNT)
DRV - [2007/04/10 04:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2007/04/10 04:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2007/04/10 04:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007/04/10 04:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2007/04/10 04:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007/04/10 04:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007/04/10 04:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2007/04/10 04:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2003/10/10 17:33:22 | 000,009,597 | R--- | M] (Micro Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bpusbflt.sys -- (bpusbflt)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...p={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:2800;https=127.0.0.1:2800;
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:2800;https=127.0.0.1:2800;
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...p={searchTerms}
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-1275210071-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.startpage.com"
FF - prefs.js..extensions.enabledAddons: socialfixer%40mattkruse.com:10.1
FF - prefs.js..extensions.enabledAddons: %7B4DC70064-89E2-4a55-8FC6-E8CDEAE3618C%7D:0.7.7
FF - prefs.js..extensions.enabledAddons: %7Bd4e0dc9c-c356-438e-afbe-dca439f4399d%7D:2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/06/26 16:34:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2014/06/05 15:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2014/06/29 19:05:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\extensions
[2014/06/13 17:01:50 | 000,166,573 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\extensions\[email protected]
[2014/06/13 18:10:16 | 000,013,345 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
[2014/06/29 19:05:46 | 000,013,322 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\extensions\{d4e0dc9c-c356-438e-afbe-dca439f4399d}.xpi
[2014/06/07 20:23:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/06/23 20:23:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Yahoo! (Avast) (Enabled)
CHR - default_search_provider: search_url = https://search.yahoo...p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...={searchTerms},
CHR - homepage: https://www.yahoo.co...t&type=avastbcl
CHR - plugin: Error reading preferences file
CHR - Extension: Docs = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2002/09/03 12:34:19 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E8861423-0DAB-459E-A8D5-DB264E69E70C} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-602162358-1275210071-725345543-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [fst_us_92]  File not found
O4 - HKU\S-1-5-21-602162358-1275210071-725345543-1004..\Run: [DellSystemDetect] C:\Documents and Settings\User\Local Settings\Apps\2.0\A8LMOTVO.4B3\RO0X0G3X.50N\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe (Dell)
O4 - HKU\S-1-5-21-602162358-1275210071-725345543-1004..\Run: [SB Audigy 2 Startup Menu]  /L:ENG File not found
O4 - Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\New Folder [2013/03/26 17:31:22 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-1275210071-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-602162358-1275210071-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-602162358-1275210071-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O15 - HKU\S-1-5-21-602162358-1275210071-725345543-1004\..Trusted Domains:   ([]msn in My Computer)
O15 - HKU\S-1-5-21-602162358-1275210071-725345543-1004\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1361498489609 (WUWebControl Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.5.171.1 207.5.171.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{634B396E-E712-4557-A5CD-7BD60338E14C}: DhcpNameServer = 207.5.171.1 207.5.171.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/17 09:13:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/26 16:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\AVAST Software
[2014/06/26 16:40:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/06/26 16:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2014/06/26 16:34:13 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/06/26 16:34:12 | 000,777,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2014/06/26 16:34:12 | 000,776,976 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys.1403815204015
[2014/06/26 16:34:11 | 000,411,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2014/06/26 16:34:10 | 000,067,824 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/06/26 16:34:10 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys.1403815204015
[2014/06/26 16:34:10 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys
[2014/06/26 16:33:58 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/06/25 11:55:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/06/25 11:28:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/23 18:06:22 | 000,000,000 | ---D | C] -- C:\FRST
[2014/06/13 13:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC HealthFix
[2014/06/13 13:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\pcmax
[2014/06/13 12:25:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2014/06/12 19:10:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Dell
[2014/06/12 19:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell
[2014/06/12 19:10:12 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2014/06/12 18:51:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\Dell
[2014/06/12 15:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2014/06/12 15:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2014/06/12 15:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\PCDr
[2014/06/12 15:49:20 | 000,000,000 | ---D | C] -- C:\temp
[2014/06/09 11:46:03 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/06/09 08:06:38 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2014/06/09 08:06:38 | 000,017,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2014/06/08 19:06:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2014/06/08 19:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/06/08 18:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\TotalSystemCare
[2014/06/08 10:33:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2014/06/07 13:25:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Downloads
[2014/06/07 11:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/06/07 11:11:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2014/06/07 10:07:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/06/07 09:17:13 | 000,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2014/06/06 21:28:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\PCHealth
[2014/06/06 21:00:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\com
[2014/06/06 20:56:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Local_Weather_LLC
[2014/06/06 20:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\Weather Alerts
[2014/06/06 17:37:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\HpUpdate
[2014/06/06 17:37:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2014/06/06 13:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Apple Computer
[2014/06/06 12:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2014/06/06 12:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2014/06/06 12:30:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Apple
[2014/06/06 12:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Apple Computer
[2014/06/06 12:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\.swt
[2014/06/06 12:13:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Azureus
[2014/06/06 10:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Windows Search
[2014/06/06 10:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\ApplicationHistory
[2014/06/06 09:15:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2014/06/06 09:15:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2014/06/06 09:15:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2014/06/06 09:14:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2014/06/06 09:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2014/06/06 09:13:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2014/06/06 09:11:39 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2014/06/06 09:11:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2014/06/06 09:11:39 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2014/06/06 09:10:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2014/06/06 08:40:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2014/06/06 08:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/06/06 08:34:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\LavasoftStatistics
[2014/06/06 08:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2014/06/06 08:18:14 | 000,042,272 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014/06/06 08:17:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Common Files
[2014/06/06 08:15:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2014/06/05 20:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\SlimWare Utilities Inc
[2014/06/05 20:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\DriverUpdate
[2014/06/05 20:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers
[2014/06/05 15:40:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Mozilla
[2014/06/05 15:40:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Mozilla
[2014/06/05 15:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/06/05 15:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2014/06/05 15:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/06/05 15:05:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\IDM2
[2014/06/05 14:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Deployment
[2014/06/05 14:30:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2014/06/05 13:47:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2014/06/05 13:44:07 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2014/06/05 13:43:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014/06/05 13:43:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[2014/06/05 13:43:20 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2014/06/05 13:43:20 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2014/06/05 13:43:20 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2014/06/05 13:38:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2014/06/05 13:38:39 | 000,000,000 | ---D | C] -- C:\Users
[2014/06/05 13:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/06/05 13:37:58 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014/06/05 13:37:58 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014/06/05 13:37:49 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014/06/05 13:37:49 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014/06/05 13:37:49 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014/06/05 13:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/29 19:49:21 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/06/29 19:46:09 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/29 19:38:03 | 000,000,360 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/06/29 19:04:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/06/29 19:02:18 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/29 19:02:17 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/06/29 19:02:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/29 10:57:42 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000003-00001102-00000004-10031102}.rfx
[2014/06/29 10:00:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert 2.job
[2014/06/29 09:50:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/06/26 17:49:41 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/06/26 17:49:40 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/06/26 17:46:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\DTChk.job
[2014/06/26 17:06:27 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/26 17:00:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Warning.job
[2014/06/26 16:59:32 | 000,001,801 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/06/26 16:40:57 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/06/26 16:40:07 | 000,777,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2014/06/26 16:40:06 | 000,411,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2014/06/26 16:40:06 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys
[2014/06/26 16:34:01 | 000,776,976 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys.1403815204015
[2014/06/26 16:34:01 | 000,180,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/06/26 16:34:01 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/06/26 16:34:00 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/06/26 16:34:00 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys.1403815204015
[2014/06/26 16:34:00 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/06/26 16:34:00 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/06/26 16:33:58 | 000,271,264 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/06/26 16:33:58 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/06/26 16:14:40 | 000,526,752 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/06/26 16:14:40 | 000,096,608 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/06/26 16:13:32 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/06/26 15:00:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job
[2014/06/25 13:00:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2014/06/25 12:00:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Malware Alert.job
[2014/06/24 10:26:55 | 000,000,116 | ---- | M] () -- C:\Documents and Settings\User\My Documents\fix.bat
[2014/06/14 09:00:00 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job
[2014/06/13 15:26:31 | 000,000,714 | ---- | M] () -- C:\WINDOWS\PCHealthFix.INI
[2014/06/13 12:25:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2014/06/13 11:10:22 | 000,013,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/06/13 10:32:24 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/13 09:03:13 | 000,740,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/06/12 19:37:55 | 000,000,289 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014/06/12 18:25:09 | 000,000,520 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2014/06/09 13:21:06 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2014/06/09 13:21:06 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2014/06/09 13:06:28 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3_triggeronce.job
[2014/06/09 12:35:53 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2014/06/09 11:46:03 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/06/09 11:21:40 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\SparkTrust Update Version3_triggeronce.job
[2014/06/08 09:19:53 | 000,003,888 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000003-00001102-00000004-10031102}.rfx
[2014/06/08 09:19:53 | 000,003,888 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000003-00001102-00000004-10031102}.rfx
[2014/06/07 20:24:01 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/06/07 20:24:01 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/06/06 12:13:55 | 000,001,505 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2014/06/06 10:36:39 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/06/06 09:13:30 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2014/06/06 08:18:18 | 000,000,000 | ---- | M] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2014/06/06 08:17:18 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014/06/05 15:13:17 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/26 16:40:57 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/06/26 16:39:51 | 000,000,360 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/06/26 16:39:33 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/26 16:39:32 | 000,001,801 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/06/26 16:35:44 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/26 16:35:43 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/26 16:34:12 | 000,180,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/06/26 16:34:11 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/06/26 16:34:10 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/06/26 16:13:26 | 000,000,785 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2014/06/24 10:26:20 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\User\My Documents\fix.bat
[2014/06/13 13:18:37 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert 2.job
[2014/06/13 13:18:35 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job
[2014/06/13 13:18:33 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Malware Alert.job
[2014/06/13 13:18:31 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Warning.job
[2014/06/13 13:18:30 | 000,000,330 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job
[2014/06/13 13:18:29 | 000,000,714 | ---- | C] () -- C:\WINDOWS\PCHealthFix.INI
[2014/06/13 10:32:24 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/13 10:32:23 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Internet Explorer.lnk
[2014/06/12 18:25:09 | 000,000,520 | ---- | C] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2014/06/12 18:25:07 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2014/06/12 18:16:18 | 000,455,560 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-602162358-1275210071-725345543-1004-0.dat
[2014/06/09 13:21:06 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2014/06/09 13:21:06 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2014/06/09 13:06:26 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3_triggeronce.job
[2014/06/09 12:39:32 | 000,740,632 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/06/09 12:35:52 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2014/06/09 11:21:38 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust Update Version3_triggeronce.job
[2014/06/08 09:21:32 | 000,011,564 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000003-00001102-00000004-10031102}.rfx
[2014/06/07 20:24:01 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/06/07 20:24:01 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2014/06/07 20:24:01 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/06/06 21:01:55 | 000,417,078 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/06/06 12:13:55 | 000,001,505 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2014/06/06 12:13:43 | 000,001,809 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Vuze.lnk
[2014/06/06 09:13:30 | 000,001,803 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2014/06/06 09:13:30 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2014/06/06 08:18:18 | 000,000,000 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2014/06/05 20:17:24 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/06/05 14:47:18 | 000,000,220 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/06/05 14:47:16 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/06/05 13:38:39 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\DTChk.job
[2013/04/13 15:36:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2013/04/13 15:13:38 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2013/03/27 16:09:08 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2013/02/28 21:22:09 | 000,000,375 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2013/02/23 03:04:13 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/20 19:53:12 | 000,000,289 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/06/11 16:16:50 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/10 12:44:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\Ÿ9Ÿ9
 
========== ZeroAccess Check ==========
 
[2009/06/17 09:47:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2009/04/29 00:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/06/08 18:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2014/06/26 16:30:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/06/06 08:15:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/07/28 13:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hallmark
[2014/06/13 15:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC HealthFix
[2014/06/12 15:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2013/03/26 17:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rse
[2014/06/26 16:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVAST Software
[2014/06/08 11:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Azureus
[2013/05/21 19:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BitTorrent
[2013/03/04 18:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\egamestoolbar
[2013/02/23 03:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FoxyTunes
[2014/06/12 21:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\IDM2
[2013/03/27 20:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ilividtoolbargaw
[2011/10/18 18:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Individual Software
[2014/06/12 15:49:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PCDr
[2013/02/20 19:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PhotoParade
[2013/05/21 19:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\player
[2014/06/06 09:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2014/06/06 10:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Search
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV - [2008/04/13 20:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 20:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 20:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 09:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 20:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 20:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 13:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 20:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 20:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 20:11:54 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 20:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 20:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 20:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 20:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 20:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 20:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 20:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 20:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 20:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 20:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 01:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 20:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 20:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 20:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 20:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 20:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 20:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 20:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 20:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 20:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/05/19 01:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 20:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
No service found with a name of Wmi
SRV - [2008/04/13 20:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 20:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 02:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< c:\program files (x86)\Google\Desktop >
[2009/06/17 09:11:49 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/06/17 09:13:27 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/02/22 16:32:38 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014/06/05 13:38:39 | 000,000,260 | ---- | C] () -- C:\WINDOWS\Tasks\DTChk.job
[2014/06/05 14:47:16 | 000,000,214 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/06/05 14:47:18 | 000,000,220 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/06/09 11:21:38 | 000,000,396 | ---- | C] () -- C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job
[2014/06/09 12:35:52 | 000,000,340 | ---- | C] () -- C:\WINDOWS\Tasks\Wise Turbo Checker.job
[2014/06/09 13:06:26 | 000,000,416 | ---- | C] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job
[2014/06/12 18:25:07 | 000,000,458 | ---- | C] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2014/06/12 18:25:09 | 000,000,520 | ---- | C] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2014/06/13 13:18:30 | 000,000,330 | ---- | C] () -- C:\WINDOWS\Tasks\PC HealthFix Desktop Alert.job
[2014/06/13 13:18:31 | 000,000,334 | ---- | C] () -- C:\WINDOWS\Tasks\PC HealthFix Desktop Warning.job
[2014/06/13 13:18:33 | 000,000,334 | ---- | C] () -- C:\WINDOWS\Tasks\PC HealthFix Malware Alert.job
[2014/06/13 13:18:35 | 000,000,334 | ---- | C] () -- C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert.job
[2014/06/13 13:18:37 | 000,000,334 | ---- | C] () -- C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert 2.job
[2014/06/26 16:35:43 | 000,000,878 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014/06/26 16:35:44 | 000,000,882 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014/06/26 16:39:51 | 000,000,360 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
 
< c:\program files\Google\Desktop >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is 8433-715E
 Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
06/05/2014  14:44    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
06/05/2014  14:44    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
06/06/2014  09:55    <JUNCTION>     v4.0_4.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler
06/06/2014  10:00    <JUNCTION>     v4.0_4.0.0.0__31bf3856ad364e35
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
               4 Dir(s)  46,374,416,384 bytes free
 
< MD5 for: RPCSS.DLL  >
[2008/04/13 20:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll
[2008/04/13 20:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\WINDOWS\ServicePackFiles\i386\rpcss.dll
[2002/09/03 12:56:42 | 000,260,608 | ---- | M] (Microsoft Corporation) MD5=493FCBED180DCACF0B5D4C8C29949CA9 -- C:\WINDOWS\$NtUninstallKB826939$\rpcss.dll
[2004/08/04 03:56:44 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=5C83A4408604F737717AB96371201680 -- C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll
[2009/02/09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\dllcache\rpcss.dll
[2009/02/09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\rpcss.dll
[2003/08/25 14:53:40 | 000,260,608 | ---- | M] (Microsoft Corporation) MD5=7A6F20EEAC4B2168451878AF9054396F -- C:\WINDOWS\$NtUninstallKB902400_0$\rpcss.dll
[2009/02/09 06:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=9222562D44021B988B9F9F62207FB6F2 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[2005/07/26 00:20:40 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=C369DF215D352B6F3A0B8C3469AA34F8 -- C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[2005/07/26 00:39:49 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=CE94A2BD25E3E9F4D46A7373FF455C6D -- C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\rpcss.dll
[2005/07/26 00:39:49 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=CE94A2BD25E3E9F4D46A7373FF455C6D -- C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll

< End of report >
 


  • 0

Advertisements

#62
Essexboy
Posted 30 June 2014 - 07:07 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets tidy you up and then investigate the sound problem

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:2800;https=127.0.0.1:2800;
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:2800;https=127.0.0.1:2800;
FF - prefs.js..browser.startup.homepage: "www.startpage.com"
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
O2 - BHO: (no name) - {E8861423-0DAB-459E-A8D5-DB264E69E70C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-602162358-1275210071-725345543-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [fst_us_92]  File not found
O4 - HKU\S-1-5-21-602162358-1275210071-725345543-1004..\Run: [SB Audigy 2 Startup Menu]  /L:ENG File not found
[2014/06/13 13:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC HealthFix
[2014/06/08 18:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\TotalSystemCare
[2014/06/06 21:28:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\PCHealth
[2014/06/06 21:00:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\com
[2014/06/06 12:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2014/06/06 12:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2014/06/26 15:00:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job
[2014/06/25 13:00:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2014/06/25 12:00:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Malware Alert.job
[2014/06/14 09:00:00 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job
[2014/06/13 15:26:31 | 000,000,714 | ---- | M] () -- C:\WINDOWS\PCHealthFix.INI
[2014/06/12 18:25:09 | 000,000,520 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2014/06/06 08:17:18 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014/06/24 10:26:20 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\User\My Documents\fix.bat
[2014/06/13 13:18:37 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert 2.job
[2014/06/13 13:18:35 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job
[2014/06/13 13:18:33 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Malware Alert.job
[2014/06/13 13:18:31 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Warning.job
[2014/06/13 13:18:30 | 000,000,330 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job
[2014/06/13 13:18:29 | 000,000,714 | ---- | C] () -- C:\WINDOWS\PCHealthFix.INI
[2014/06/09 13:06:26 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3_triggeronce.job
[2014/06/09 12:35:52 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2014/06/09 11:21:38 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust Update Version3_triggeronce.job
[2014/06/05 13:38:39 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\DTChk.job
[2014/06/13 15:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC HealthFix
[2014/06/12 15:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2013/03/26 17:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rse
[2013/03/27 20:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ilividtoolbargaw
[2011/10/18 18:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Individual Software
[2014/06/12 15:49:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PCDr

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi]
"Description"="Provides systems management information to and from drivers."
"DisplayName"="Windows Management Instrumentation Driver Extensions"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"ObjectName"="LocalSystem"
"Start"=dword:00000003
"Type"=dword:00000020

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  61,00,64,00,76,00,61,00,70,00,69,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,00,\
  00
"ServiceMain"="WdmWmiServiceMain"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
  20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
  00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
  00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 1

#63
itsmesunny
Posted 30 June 2014 - 08:25 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Ok. I put all that in? Wow!

 

I have not done the "Boot Scan" yet. Should I do that first and then the OTL?

 

1.  Does the Dell need to be online to do the  BootScan?

 

1.  Does the Dell need to be online to do the OTL?

 

2.  Do I use the stuff checked exactly like it is in pic above? I don't check "LOP" and "Purity Check" like the earlier scan?

 

3.  Do I need to be present during the Boot Scan if it needs to be done?


Edited by itsmesunny, 30 June 2014 - 09:53 AM.

  • 0

#64
Essexboy
Posted 30 June 2014 - 08:55 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Ok. I put all that iin? Wow!
 
I have not done the "Boot Scan" yet. Should I do that first and then the OTL?
 
1.  Does the Dell need to be online to do the  BootScan?
 
1.  Does the Dell need to be online to do the OTL?
 
2.  Do I use the stuff checked exactly like it is in pic above? I don't check "LOP" and "Purity Check" like the earlier scan?
 
3.  Do I need to be present during the Boot Scan if it needs to be done?


1. Leave it for now
1. No
2. No
3. Possibly

Is it just sound now that needs sorting ?
  • 0

#65
itsmesunny
Posted 30 June 2014 - 09:13 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Um...

 

The "Found New Hardware Wizard" pops up and then below it reads A probem occurred during hardware installation. May not work properly. I ignore it & nothing seems to happen.

It reads that there is "Unknown" and need to find the software online?

 

And the "system 32" window comes up after it loads. Just curious. Is it supposed to?

 

O and these "DSD" windows pop up. Each time with a different number - such as - DSD_1812, DSD_1808, DSD_736. There were a couple or so others, but I did not

write them down. I just close them.


  • 0

#66
Essexboy
Posted 30 June 2014 - 09:22 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you screenshot the windows that have the DSD on please

For the hardware thingy

Go to control Panel > device manager
Is there an entry with a yellow triangle



I think that may be your sound card
In which case the driver is available here http://support.creat...ownloadId=11314
  • 0

#67
itsmesunny
Posted 30 June 2014 - 09:29 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

I forgot.

 

I cannot copy/paste into the space on the OTL when the OTL windows popsup on the desktop. I can copy but NOT paste. There is NO option to paste. It's not a URL with the options on top.I had to type it all in yesterday 3 times cuz I made mistakes

 

I could copy/paste the results of the OTL to here. I've done that but NOT from here to the OTL. So... how do I do it?

 

And just saw your new reply - I do NOT know how to do a screenshot on a PC.

Like I said. I know Macs - NOT PC's.

 

I cannot screenshot the DSD windows, cuz they are gone.

 

I went to control panel. There is NO "device manager."

 

I went to the link about the sound. I don't know where to go on that page - what category? Altough that is moot cuz my speakers are NOT 'Creative.'

They are 'Optimus.'


Edited by itsmesunny, 30 June 2014 - 09:56 AM.

  • 0

#68
Essexboy
Posted 30 June 2014 - 09:38 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Not a problem..

OTL first

Download the attached fix.txt to your desktop

Start OTL and press the Run Fix button
A window will pop up asking for the location
In the dialogue go to your desktop
locate and click the Fix.txt
Then the dialogue box will disappear
Press Run Fix again on OTL
The fix will run and the system will reboot



Screenshot next

When the DSD box pops up look for the following key on your keyboard (should be top right somewhere)

PrtScn

 

Press that then open Paint

Click the Paste icon on the top left

The screenshot will then appear

Save that to your desktop as Capture

Then attach Capture to your next post :)


  • 0

#69
itsmesunny
Posted 30 June 2014 - 10:01 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

It comes up 'Open with 'Notepad (default)' on the desktop.

 

I start OTL and 'Run Fix' and a little window pops up:

 

OTL

 

No fix has been provided. Click Ok to load it or Cancel to cancel.

 

 

It's on the desktop -   fix -3.txt - Notepad. ( 3 - cuz I've done it 3 times.

 

I don't know what to do!

 

:bashhead:

 

PS I do not have or cannot find 'Paint.'

 

PPSS -  the DSD windows are not appearing.


Edited by itsmesunny, 30 June 2014 - 10:28 AM.

  • 0

#70
Essexboy
Posted 30 June 2014 - 10:04 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is that the otl fix ?
  • 0

Advertisements

#71
Essexboy
Posted 30 June 2014 - 10:06 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Like this :)


  • 0

#72
itsmesunny
Posted 30 June 2014 - 10:52 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Ok.

 

I don't know what happened but fix.txt came up I did it and it's restarted.

 

PS a DSD did pop up after the restart. DSD_244. But it's gone. They just go away.

 

:yeah:

 

IAnyway, the fix.txt was on the desktop. I guess I paste it here - right? Here it is:

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "www.startpage.com" removed from browser.startup.homepage
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ not found.
File C:\Program Files\Updater By SweetPacks\Firefox not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8861423-0DAB-459E-A8D5-DB264E69E70C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8861423-0DAB-459E-A8D5-DB264E69E70C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-602162358-1275210071-725345543-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fst_us_92 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-602162358-1275210071-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\SB Audigy 2 Startup Menu deleted successfully.
C:\Documents and Settings\All Users\Application Data\PC HealthFix\newskins folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PC HealthFix folder moved successfully.
C:\Program Files\TotalSystemCare\Backups folder moved successfully.
C:\Program Files\TotalSystemCare folder moved successfully.
C:\Documents and Settings\User\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff folder moved successfully.
C:\Documents and Settings\User\Local Settings\Application Data\PCHealth\ErrorRep folder moved successfully.
C:\Documents and Settings\User\Local Settings\Application Data\PCHealth folder moved successfully.
C:\Documents and Settings\User\Local Settings\Application Data\com\NewPlayer.exe_Url_wmgtxqntq5fklrr4bpxvxljadclrhvq0\2.1.1.7 folder moved successfully.
C:\Documents and Settings\User\Local Settings\Application Data\com\NewPlayer.exe_Url_wmgtxqntq5fklrr4bpxvxljadclrhvq0 folder moved successfully.
C:\Documents and Settings\User\Local Settings\Application Data\com folder moved successfully.
C:\Documents and Settings\LocalService\Application Data\McAfee\sacore folder moved successfully.
C:\Documents and Settings\LocalService\Application Data\McAfee folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\SecurityScanner\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\SecurityScanner folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\SecurityScan_Inner folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\McCHSvc folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\McUICnt\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\McLightInstaller\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\McLightInstaller folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\Common\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\Common\McCHSvc folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\Common folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee folder moved successfully.
C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job moved successfully.
C:\WINDOWS\tasks\SystemToolsDailyTest.job moved successfully.
C:\WINDOWS\tasks\PC HealthFix Malware Alert.job moved successfully.
C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job moved successfully.
C:\WINDOWS\PCHealthFix.INI moved successfully.
C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job moved successfully.
C:\WINDOWS\system32\drivers\avgtpx86.sys moved successfully.
C:\Documents and Settings\User\My Documents\fix.bat moved successfully.
C:\WINDOWS\tasks\PC HealthFix Scan Results Alert 2.job moved successfully.
File C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job not found.
File C:\WINDOWS\tasks\PC HealthFix Malware Alert.job not found.
C:\WINDOWS\tasks\PC HealthFix Desktop Warning.job moved successfully.
File C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job not found.
File C:\WINDOWS\PCHealthFix.INI not found.
C:\WINDOWS\tasks\ParetoLogic Update Version3_triggeronce.job moved successfully.
C:\WINDOWS\tasks\Wise Turbo Checker.job moved successfully.
C:\WINDOWS\tasks\SparkTrust Update Version3_triggeronce.job moved successfully.
C:\WINDOWS\tasks\DTChk.job moved successfully.
Folder C:\Documents and Settings\All Users\Application Data\PC HealthFix\ not found.
C:\Documents and Settings\All Users\Application Data\PCDr\Tonopah folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\Tonopah\upload folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\Tonopah\manifest\payloads folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\Tonopah\manifest folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\Tonopah\db folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\Tonopah folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\software folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\smartdata folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\performance folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\logs folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\hardware folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\datastore folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\cache folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\AddOnDownloaderCache\zipped folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\AddOnDownloaderCache\unzipped folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\AddOnDownloaderCache folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\AddOnDownloaded folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\AddOnContent\ba005e12-3139-4327-9f7a-9f2ea6a6c841-d3dc259c-4fe5-45a6-a2aa-aaba450ab883(2) folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\AddOnContent\ba005e12-3139-4327-9f7a-9f2ea6a6c841-d3dc259c-4fe5-45a6-a2aa-aaba450ab883 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\AddOnContent\3972fea3-214c-4935-a7d1-96bf66115683-fc8a10ec-2b5d-4bc0-b0d9-134e3f728e15(2) folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\AddOnContent\3972fea3-214c-4935-a7d1-96bf66115683-fc8a10ec-2b5d-4bc0-b0d9-134e3f728e15 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426\AddOnContent folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr\6426 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PCDr folder moved successfully.
C:\Documents and Settings\All Users\Application Data\rse folder moved successfully.
C:\Documents and Settings\User\Application Data\ilividtoolbargaw folder moved successfully.
C:\Documents and Settings\User\Application Data\Individual Software\Family Tree Heritage folder moved successfully.
C:\Documents and Settings\User\Application Data\Individual Software folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\ff3bb5a1-4619-4fc2-9976-406509c41dd4\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\ff3bb5a1-4619-4fc2-9976-406509c41dd4 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\c62b31d3-0a2f-481e-8afa-e6ed5373b2b6\appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\c62b31d3-0a2f-481e-8afa-e6ed5373b2b6 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\c31ea5ce-8941-4a5b-b6f2-17369d9e6959\appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\c31ea5ce-8941-4a5b-b6f2-17369d9e6959 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\be2e1ff3-f0d6-4199-8eb1-bafc5a7c592b\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\be2e1ff3-f0d6-4199-8eb1-bafc5a7c592b folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\9f1e013e-d966-4a01-b5b4-b4dab52c8f2b\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\9f1e013e-d966-4a01-b5b4-b4dab52c8f2b folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\8b96847a-5c24-4187-8904-71554e2f1e5a\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\8b96847a-5c24-4187-8904-71554e2f1e5a folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\694c51ea-aaed-49b3-9e5e-3e14d4b97065\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\694c51ea-aaed-49b3-9e5e-3e14d4b97065 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\58248a28-60c1-459a-9b92-3e914d3feae0\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\58248a28-60c1-459a-9b92-3e914d3feae0 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\421b5756-8390-42ed-a40b-f7cc04ea7642\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\421b5756-8390-42ed-a40b-f7cc04ea7642 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\2b978283-94f8-46cf-b340-9fec29377e30\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\2b978283-94f8-46cf-b340-9fec29377e30 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\270cbca0-bc94-43e6-adce-c577f37c4810\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\270cbca0-bc94-43e6-adce-c577f37c4810 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\1a5b2aa3-3f6c-4dd7-9286-2410a7d61cb2\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\1a5b2aa3-3f6c-4dd7-9286-2410a7d61cb2 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\1844974a-9daa-49ff-bae2-ea2cbbf49838\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\1844974a-9daa-49ff-bae2-ea2cbbf49838 folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\145305f5-555c-4108-bbe8-b59d4f0bbd0c\PCDoctor_6219.34_windows_appupdaterrules_dell folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules\145305f5-555c-4108-bbe8-b59d4f0bbd0c folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Rules folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Logs folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update\Binaries folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Update folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Plugin folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Installer\Logs folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr\Installer folder moved successfully.
C:\Documents and Settings\User\Application Data\PCDr folder moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"Description"|"Provides systems management information to and from drivers." /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"DisplayName"|"Windows Management Instrumentation Driver Extensions" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"ImagePath"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"ObjectName"|"LocalSystem" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"Start"|dword:00000003 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"Type"|dword:00000020 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\Parameters\\"ServiceDll"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,61,00,64,00,76,00,61,00,70,00,69,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\Parameters\\"ServiceMain"|"WdmWmiServiceMain" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\Security\\"Security"|hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 /E : value set successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 10036370 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
 
User: User
->Temp folder emptied: 69059548 bytes
->Temporary Internet Files folder emptied: 32909067 bytes
->FireFox cache emptied: 21855182 bytes
->Google Chrome cache emptied: 8040656 bytes
->Flash cache emptied: 506 bytes
 
%systemdrive% .tmp files removed: 1048576 bytes
%systemroot% .tmp files removed: 2646358 bytes
%systemroot%\System32 .tmp files removed: 3484555 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7388298 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 132362148 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 118792 bytes
 
Total Files Cleaned = 276.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 06302014_124303

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 


Edited by itsmesunny, 30 June 2014 - 10:58 AM.

  • 0

#73
Essexboy
Posted 30 June 2014 - 11:12 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK DS is dell system detect :) and I know how to kill that

Download this fix.txt to your desktop, allow it to overwrite the current one


Then run OTL as you did for the last fix

After the reboot let me know what problems are outstanding
  • 0

#74
itsmesunny
Posted 30 June 2014 - 11:27 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Ok. Seems the same as before... Here it is:

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "www.startpage.com" removed from browser.startup.homepage
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ not found.
File C:\Program Files\Updater By SweetPacks\Firefox not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8861423-0DAB-459E-A8D5-DB264E69E70C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8861423-0DAB-459E-A8D5-DB264E69E70C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry value HKEY_USERS\S-1-5-21-602162358-1275210071-725345543-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fst_us_92 not found.
Registry value HKEY_USERS\S-1-5-21-602162358-1275210071-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\SB Audigy 2 Startup Menu not found.
Folder C:\Documents and Settings\All Users\Application Data\PC HealthFix\ not found.
Folder C:\Program Files\TotalSystemCare\ not found.
Folder C:\Documents and Settings\User\Local Settings\Application Data\PCHealth\ not found.
Folder C:\Documents and Settings\User\Local Settings\Application Data\com\ not found.
Folder C:\Documents and Settings\LocalService\Application Data\McAfee\ not found.
Folder C:\Documents and Settings\All Users\Application Data\McAfee\ not found.
File C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job not found.
File C:\WINDOWS\tasks\SystemToolsDailyTest.job not found.
File C:\WINDOWS\tasks\PC HealthFix Malware Alert.job not found.
File C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job not found.
File C:\WINDOWS\PCHealthFix.INI not found.
File C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job not found.
File C:\WINDOWS\System32\drivers\avgtpx86.sys not found.
File C:\Documents and Settings\User\My Documents\fix.bat not found.
File C:\WINDOWS\tasks\PC HealthFix Scan Results Alert 2.job not found.
File C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job not found.
File C:\WINDOWS\tasks\PC HealthFix Malware Alert.job not found.
File C:\WINDOWS\tasks\PC HealthFix Desktop Warning.job not found.
File C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job not found.
File C:\WINDOWS\PCHealthFix.INI not found.
File C:\WINDOWS\tasks\ParetoLogic Update Version3_triggeronce.job not found.
File C:\WINDOWS\tasks\Wise Turbo Checker.job not found.
File C:\WINDOWS\tasks\SparkTrust Update Version3_triggeronce.job not found.
File C:\WINDOWS\tasks\DTChk.job not found.
Folder C:\Documents and Settings\All Users\Application Data\PC HealthFix\ not found.
Folder C:\Documents and Settings\All Users\Application Data\PCDr\ not found.
Folder C:\Documents and Settings\All Users\Application Data\rse\ not found.
Folder C:\Documents and Settings\User\Application Data\ilividtoolbargaw\ not found.
Folder C:\Documents and Settings\User\Application Data\Individual Software\ not found.
Folder C:\Documents and Settings\User\Application Data\PCDr\ not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"Description"|"Provides systems management information to and from drivers." /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"DisplayName"|"Windows Management Instrumentation Driver Extensions" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"ImagePath"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"ObjectName"|"LocalSystem" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"Start"|dword:00000003 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\\"Type"|dword:00000020 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\Parameters\\"ServiceDll"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,61,00,64,00,76,00,61,00,70,00,69,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\Parameters\\"ServiceMain"|"WdmWmiServiceMain" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wmi\Security\\"Security"|hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 /E : value set successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: User
->Temp folder emptied: 780 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 32228922 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 506 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 42 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 204 bytes
 
Total Files Cleaned = 31.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 06302014_131718

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 


  • 0

#75
Essexboy
Posted 30 June 2014 - 11:47 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you download the new fix.txt ?


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP