Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Disk Space Disappearing on Hard Disk on Windows Server


  • Please log in to reply

#1
movingpost

movingpost

    New Member

  • Member
  • Pip
  • 1 posts

the space on my Hdd running windows server 2003 is slowly being eaten up. It got to a point where there was zero space left. I have tried deleting a few files but within minutes its all gone again. I am running out of things to delete. I have run ccleaner but it didnt help at all.

 

I run OTL and below is the generated report.

 

OTL logfile created on: 6/19/2014 4:42:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator.EZZYBID.001\Desktop
64bit-Windows Server 2003 Enterprise Edition Service Pack 2 (Version = 5.2.3790) - Type = NTServer
Internet Explorer (Version = 6.0.3790.1830)
Locale: 00000409 | Country:  | Language:  | Date Format: 
 
2.00 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 77.59% Memory free
2.00 Gb Paging File | 1.55 Gb Available in Paging File | 77.59% Paging File free
Paging file location(s):  [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 0.16 Gb Free Space | 0.16% Space Free | Partition Type: NTFS
 
Computer Name: EZZYBID | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/19 01:37:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.EZZYBID.001\Desktop\OTL.exe
PRC - [2010/10/19 17:26:20 | 001,839,104 | ---- | M] (Parallels, Inc) -- C:\Parallels\Plesk\admin\bin\plesksrv.exe
PRC - [2010/10/19 17:25:20 | 000,647,168 | ---- | M] (Parallels, Inc) -- C:\Parallels\Plesk\admin\bin\traymonitor.exe
PRC - [2010/10/19 17:24:08 | 000,753,664 | ---- | M] (Parallels, Inc) -- C:\Parallels\Plesk\admin\bin\PleskControlPanel.exe
PRC - [2010/10/19 17:18:32 | 000,634,880 | ---- | M] (Parallels, Inc) -- C:\Parallels\Plesk\admin\bin\PopPassD.exe
PRC - [2010/09/07 00:31:44 | 001,761,792 | ---- | M] (MailEnable Pty Ltd) -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEIMAPS.EXE
PRC - [2010/07/14 16:00:10 | 000,331,776 | ---- | M] () -- C:\Parallels\Plesk\dns\bin\named.exe
PRC - [2007/03/26 08:19:55 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\inetsrv\w3wp.exe
PRC - [2005/07/16 06:00:00 | 000,651,264 | ---- | M] (Seifert) -- C:\Program Files (x86)\WinDirStat\windirstat.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010/10/19 17:42:40 | 000,348,160 | ---- | M] () -- C:\Parallels\Plesk\admin\modules\eAccelerator.dll
MOD - [2010/10/19 17:11:08 | 000,027,648 | ---- | M] () -- C:\WINDOWS\SysWOW64\IIS7ClassLibProxy.dll
MOD - [2010/09/07 00:35:26 | 000,025,600 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIAM.dll
MOD - [2010/09/07 00:35:24 | 000,027,648 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIAMTD.dll
MOD - [2010/09/07 00:35:20 | 000,109,056 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIAU.dll
MOD - [2010/09/07 00:35:16 | 000,035,328 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIAUTD.dll
MOD - [2010/09/07 00:34:10 | 000,036,864 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAINFY.DLL
MOD - [2010/09/07 00:33:56 | 000,041,472 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIPO.dll
MOD - [2010/09/07 00:33:54 | 000,549,888 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISP.dll
MOD - [2010/09/07 00:33:54 | 000,052,224 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAIPOTD.dll
MOD - [2010/09/07 00:33:40 | 000,035,328 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISMTD.dll
MOD - [2010/09/07 00:33:28 | 000,040,960 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISM.dll
MOD - [2010/09/07 00:33:20 | 000,121,856 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISO.dll
MOD - [2010/09/07 00:33:18 | 000,011,776 | ---- | M] () -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEAISOTD.dll
MOD - [2010/07/14 16:00:10 | 000,331,776 | ---- | M] () -- C:\Parallels\Plesk\dns\bin\named.exe
MOD - [2010/07/14 15:58:30 | 000,053,248 | ---- | M] () -- C:\Parallels\Plesk\dns\bin\libbind9.dll
MOD - [2010/07/14 15:58:12 | 000,034,304 | ---- | M] () -- C:\Parallels\Plesk\dns\bin\liblwres.dll
MOD - [2010/07/14 15:58:02 | 000,022,528 | ---- | M] () -- C:\Parallels\Plesk\dns\bin\libisccc.dll
MOD - [2010/07/14 15:57:48 | 000,069,632 | ---- | M] () -- C:\Parallels\Plesk\dns\bin\libisccfg.dll
MOD - [2010/07/14 15:57:44 | 001,101,824 | ---- | M] () -- C:\Parallels\Plesk\dns\bin\libdns.dll
MOD - [2010/07/14 15:56:22 | 000,233,472 | ---- | M] () -- C:\Parallels\Plesk\dns\bin\libisc.dll
MOD - [2009/07/02 18:20:38 | 000,975,872 | ---- | M] () -- C:\Parallels\Plesk\dns\bin\libxml2.dll
MOD - [2008/10/31 05:26:42 | 001,384,448 | ---- | M] () -- C:\WINDOWS\SysWOW64\libxml2.dll
MOD - [2008/10/31 05:26:42 | 000,188,416 | ---- | M] () -- C:\WINDOWS\SysWOW64\libcurl.dll
MOD - [2007/03/26 08:19:55 | 000,355,112 | ---- | M] () -- C:\WINDOWS\SysWOW64\msjetoledb40.dll
MOD - [2007/02/07 12:19:00 | 001,470,464 | ---- | M] () -- C:\WINDOWS\SysWOW64\libmySQL.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2010/10/19 17:26:20 | 001,839,104 | ---- | M] (Parallels, Inc) [Auto | Running] -- C:\Parallels\Plesk\admin\bin\plesksrv.exe -- (plesksrv)
SRV - [2010/10/19 17:24:08 | 000,753,664 | ---- | M] (Parallels, Inc) [Auto | Running] -- C:\Parallels\Plesk\admin\bin\PleskControlPanel.exe -- (PleskControlPanel)
SRV - [2010/10/19 17:18:32 | 000,634,880 | ---- | M] (Parallels, Inc) [Auto | Running] -- C:\Parallels\Plesk\admin\bin\PopPassD.exe -- (PopPassD)
SRV - [2010/10/11 16:36:04 | 000,020,992 | ---- | M] () [Auto | Running] -- C:\EzzyBid Service\EzzyBid.WindowsService.exe -- (ProductRelister)
SRV - [2010/10/11 16:36:04 | 000,020,992 | ---- | M] () [Auto | Running] -- C:\EzzyBid Service\EzzyBid.WindowsService.exe -- (NotificationSender)
SRV - [2010/09/07 00:42:56 | 000,131,584 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MELSC.exe -- (MELCS)
SRV - [2010/09/07 00:42:28 | 000,270,336 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEPOPS.exe -- (MEPOPS)
SRV - [2010/09/07 00:42:28 | 000,137,728 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEMTA.exe -- (MEMTAS)
SRV - [2010/09/07 00:41:18 | 000,561,664 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MEPOC.exe -- (MEPOCS)
SRV - [2010/09/07 00:40:46 | 000,628,736 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin64\MESMTPC.exe -- (MESMTPCS)
SRV - [2010/09/07 00:31:44 | 001,761,792 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Parallels\Plesk\Mail Servers\Mail Enable\Bin\MEIMAPS.EXE -- (MEIMAPS)
SRV - [2010/08/18 02:31:42 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/07/14 16:00:10 | 000,331,776 | ---- | M] () [Auto | Running] -- C:\Parallels\Plesk\dns\bin\named.exe -- (named)
SRV - [2008/07/25 12:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/07/06 02:14:02 | 005,730,304 | ---- | M] () [Disabled | Stopped] -- C:\Parallels\Plesk\Databases\MySQL\bin\mysqld-nt.exe -- (MySQL)
SRV - [2007/03/29 06:28:42 | 000,264,192 | ---- | M] (Doctor Web Ltd.) [On_Demand | Stopped] -- C:\Parallels\Plesk\DrWeb\DrWebCom.exe -- (DrWebCom)
SRV - [2007/03/26 08:19:55 | 000,792,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\ntfrs.exe -- (NtFrs)
SRV - [2007/03/26 08:19:55 | 000,216,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2007/03/26 08:19:55 | 000,164,864 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysWOW64\dfssvc.exe -- (Dfs)
SRV - [2007/03/26 08:19:55 | 000,094,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysWOW64\llssrv.exe -- (LicenseService)
SRV - [2007/03/26 08:19:55 | 000,067,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\rsopprov.exe -- (RSoPProv)
SRV - [2007/03/26 08:19:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysWOW64\trksvr.dll -- (TrkSvr)
SRV - [2007/03/26 08:19:55 | 000,040,448 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\SysWOW64\ismserv.exe -- (IsmServ)
SRV - [2007/03/26 08:19:55 | 000,039,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\wdfmgr.exe -- (UMWdf)
SRV - [2007/03/26 08:19:53 | 000,077,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2006/11/06 05:24:36 | 003,604,480 | ---- | M] () [Disabled | Stopped] -- C:\Parallels\Plesk\MySQL\bin\mysqld-nt.exe -- (PleskSQLServer)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2007/03/26 08:19:55 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)
DRV - [2007/03/26 08:19:55 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\SysWow64\winsock.dll -- (Winsock)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/softAdmin.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/softAdmin.htm
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.3: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.3: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
 
 
 
Hosts file not found
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-21-336520284-1195417156-2615357356-1009..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Plesk Services Monitor.lnk = C:\Parallels\Plesk\admin\bin\traymonitor.exe (Parallels, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableWindowsUpdateAccess = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-336520284-1195417156-2615357356-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7A7FA1E-5D44-4119-B553-26614AA93905}: NameServer = 98.130.1.253,98.130.2.252
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -  File not found
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) -  File not found
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (userinit) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) -  File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) -  File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) -  File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) -  File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) -  File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) -  File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) -  File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) -  File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) -  File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) -  File not found
O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %SystemRoot%\system32\webcheck.dll File not found
O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/03/26 08:19:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/19 04:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/06/19 03:28:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Recent
[2014/06/19 03:26:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\My Documents
[2014/06/19 03:16:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\NetHood
[2014/06/19 03:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2014/06/19 03:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/06/19 02:28:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinDirStat
[2014/06/19 02:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Start Menu\Programs\WinDirStat
[2014/06/19 01:37:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator.EZZYBID.001\Desktop\OTL.exe
[2014/06/18 06:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Application Data
[2014/06/18 06:18:10 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Cookies
[2014/06/18 06:18:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Favorites
[2014/06/18 06:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Start Menu\Programs\Startup
[2014/06/18 06:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Start Menu
[2014/06/18 06:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Local Settings\Application Data\Microsoft
[2014/06/18 06:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Desktop
[2014/06/18 06:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.EZZYBID.001\Local Settings
[2014/06/18 05:17:05 | 000,000,000 | ---D | C] -- C:\Links
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/19 03:47:02 | 000,000,897 | ---- | M] () -- C:\WINDOWS\tasks\Plesk Scheduler Task #{712D7996-58AA-4a36-B64D-1809F3794A21}.job
[2014/06/19 03:26:47 | 000,527,574 | ---- | M] () -- C:\Documents and Settings\Administrator.EZZYBID.001\My Documents\cc_20140619_032631.reg
[2014/06/19 03:15:04 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/06/19 02:28:28 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\Administrator.EZZYBID.001\Desktop\WinDirStat.lnk
[2014/06/19 02:12:05 | 000,000,897 | ---- | M] () -- C:\WINDOWS\tasks\Plesk Scheduler Task #{0C235029-C1F5-4916-AB08-1C6FEA9CE9EA}.job
[2014/06/19 01:37:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.EZZYBID.001\Desktop\OTL.exe
[2014/06/18 06:04:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/15 00:43:03 | 000,000,901 | ---- | M] () -- C:\WINDOWS\tasks\Plesk Scheduler Task #{99254CDC-8EA7-49ee-8A49-FC2A169843B7}.job
[2014/06/15 00:09:00 | 000,005,649 | ---- | M] () -- C:\Documents and Settings\Administrator.EZZYBID.001\Desktop\team.html
[2014/06/01 03:10:04 | 000,000,905 | ---- | M] () -- C:\WINDOWS\tasks\Plesk Scheduler Task #{7F9CD2FC-8C81-4f3c-AE0B-BB8C9BA560A7}.job
[2014/05/26 12:22:23 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Automatic update of license keys.job
[2014/05/26 12:22:22 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Automatic update of license keys on server start.job
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/19 03:26:34 | 000,527,574 | ---- | C] () -- C:\Documents and Settings\Administrator.EZZYBID.001\My Documents\cc_20140619_032631.reg
[2014/06/19 03:15:04 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/06/19 02:28:28 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\Administrator.EZZYBID.001\Desktop\WinDirStat.lnk
[2014/06/15 00:09:00 | 000,005,649 | ---- | C] () -- C:\Documents and Settings\Administrator.EZZYBID.001\Desktop\team.html
 
========== ZeroAccess Check ==========
 
[2007/01/09 13:19:58 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = %SystemRoot%\system32\shdocvw.dll
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\SysWOW64\shdocvw.dll -- [2013/10/25 07:29:02 | 001,520,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\fastprox.dll
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\SysWOW64\wbem\fastprox.dll -- [2009/03/19 20:51:22 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\wbemess.dll
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/06/19 04:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
 
========== Purity Check ==========
 
 
 
< End of report >
 
I am really desperate for a solution to this. Will appreciate any help i can get.
 
Thank you
 

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP