Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Red Background Screen without written warning

Started by susmar , May 16 2011 08:42 PM

  • Please log in to reply

#1
susmar
Posted 16 May 2011 - 08:42 PM

susmar

    New Member

  • Member
  • Pip
  • 1 posts
HP Pavilion; Vista OS; Extremely slow, can not watch videos (freezes); going online to check email takes 30 minutes; downloads take hours. Also can not install windows defender; message says to try again....???? Here is a copy of my log:

OTL logfile created on: 5/16/2011 10:10:56 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\SuzyQ\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.00 Mb Total Physical Memory | 129.00 Mb Available Physical Memory | 13.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 29.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 63.61 Gb Free Space | 56.91% Space Free | Partition Type: NTFS

Computer Name: SUZYQ-PC | User Name: SuzyQ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/16 22:09:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\SuzyQ\Downloads\OTL OldTimer's list-it.exe
PRC - [2011/05/08 12:44:20 | 000,234,656 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10m_ActiveX.exe
PRC - [2010/11/30 14:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/08/10 18:03:52 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/07/30 12:34:12 | 000,566,592 | ---- | M] (Apple Inc.) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
PRC - [2007/06/07 02:50:14 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbtcoms.exe
PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe


========== Modules (SafeList) ==========

MOD - [2011/05/16 22:09:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\SuzyQ\Downloads\OTL OldTimer's list-it.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/11/16 01:10:14 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/11/11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/04/21 13:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 13:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/04/11 02:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/07 02:50:14 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbtcoms.exe -- (dlbt_device)


========== Driver Services (SafeList) ==========

DRV - [2011/05/16 15:34:11 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D1D4D4-0486-4D11-96AE-9BA5FA8D117F}\MpKsl3dd55998.sys -- (MpKsl3dd55998)
DRV - [2011/05/16 14:59:09 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D1D4D4-0486-4D11-96AE-9BA5FA8D117F}\MpKsl6ce2a1f6.sys -- (MpKsl6ce2a1f6)
DRV - [2010/11/02 09:59:57 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010/11/02 09:56:59 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010/11/02 09:56:59 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/10/24 22:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 22:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/02/25 01:03:16 | 000,014,904 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2009/06/25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/25 16:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/25 16:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/06/24 06:08:00 | 007,542,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/04/11 00:46:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/08/01 20:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/03/03 06:10:44 | 000,182,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/07/10 07:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/04/20 05:12:58 | 000,102,696 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/02/17 00:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/12/29 02:01:00 | 000,243,200 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr70.sys -- (rt70x86)
DRV - [2006/12/18 23:31:46 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2006/12/18 23:31:46 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2006/10/05 21:58:00 | 000,044,224 | R--- | M] (BVRP Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.c...plcache=2&hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E1 82 B8 DB 55 D3 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\SiteRanker\firefox\ [2010/10/03 15:10:38 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: () - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Vertro)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [DLBTCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.DLL ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [RegistryBooster] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10m_ActiveX.exe (Adobe Systems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: live.com ([login] https in Trusted sites)
O15 - HKCU\..Trusted Domains: raitanval.edu ([luminis] https in Trusted sites)
O15 - HKCU\..Trusted Domains: raritanval.edu ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: raritanval.edu ([lumserve] http in Trusted sites)
O15 - HKCU\..Trusted Domains: raritanval.edu ([webct] http in Trusted sites)
O15 - HKCU\..Trusted Domains: speedpay.com ([saml] https in Trusted sites)
O15 - HKCU\..Trusted Domains: worthpublishers.com ([bcs] http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office2010.mi...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5....DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\SuzyQ\jahcii.exe) - File not found
O24 - Desktop WallPaper: C:\Users\SuzyQ\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\SuzyQ\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/16 22:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/05/16 22:11:09 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/05/16 22:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/05/16 22:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/05/16 21:58:27 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2011/05/16 21:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/05/16 21:56:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/05/16 21:54:46 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2011/05/16 15:27:40 | 000,000,000 | ---D | C] -- C:\Users\SuzyQ\AppData\Local\ElevatedDiagnostics
[2011/05/16 14:56:16 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2011/05/16 14:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2011/05/16 14:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS
[2011/05/13 13:47:15 | 000,000,000 | ---D | C] -- C:\Users\SuzyQ\Documents\Fitness
[2011/05/11 19:00:12 | 000,000,000 | ---D | C] -- C:\Linksys Driver
[2011/05/08 12:42:48 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Media Go Install
[2007/06/07 02:50:16 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbtih.exe
[2007/06/07 02:50:14 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbtcoms.exe
[2007/06/07 02:50:12 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbtcfg.exe
[2007/01/30 15:47:52 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbtpmui.dll
[2007/01/30 15:46:00 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbtserv.dll
[2007/01/30 15:38:18 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbtcomm.dll
[2007/01/30 15:36:30 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbtlmpm.dll
[2007/01/30 15:35:00 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbtiesc.dll
[2007/01/30 15:32:06 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbtpplc.dll
[2007/01/30 15:31:08 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbtcomc.dll
[2007/01/30 15:30:30 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbtprox.dll
[2007/01/30 15:22:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbtinpa.dll
[2007/01/30 15:21:46 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbtusb1.dll
[2007/01/30 15:17:02 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbthbn3.dll

========== Files - Modified Within 30 Days ==========

[2011/05/16 22:15:21 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/05/16 21:55:05 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/05/16 21:55:05 | 000,001,854 | ---- | M] () -- C:\Users\SuzyQ\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/05/16 21:32:56 | 000,005,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 21:32:56 | 000,005,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 21:27:48 | 000,634,662 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/16 21:27:48 | 000,112,532 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/16 15:34:32 | 000,031,871 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/05/16 15:32:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/16 15:32:47 | 1005,174,784 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/16 14:56:30 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk
[2011/05/16 14:42:13 | 000,031,871 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/05/16 14:31:24 | 000,006,944 | ---- | M] () -- C:\Users\SuzyQ\AppData\Local\d3d9caps.dat
[2011/05/09 10:33:51 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/05/08 12:55:00 | 204,646,378 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/08 12:50:34 | 000,001,762 | ---- | M] () -- C:\Users\Public\Desktop\Media Go.lnk
[2011/04/22 08:41:35 | 000,375,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/20 13:06:21 | 000,005,887 | ---- | M] () -- C:\Users\SuzyQ\Documents\NJSUCCESS.htm

========== Files Created - No Company Name ==========

[2011/05/16 22:15:21 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/05/16 21:55:05 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/05/16 21:55:05 | 000,001,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2011/05/16 21:55:05 | 000,001,854 | ---- | C] () -- C:\Users\SuzyQ\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/05/16 14:56:30 | 000,000,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
[2011/05/16 14:56:30 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk
[2011/04/20 13:06:20 | 000,005,887 | ---- | C] () -- C:\Users\SuzyQ\Documents\NJSUCCESS.htm
[2010/12/15 17:52:26 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/09/25 18:32:27 | 000,017,694 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-DDXL.dat
[2010/09/12 13:52:30 | 000,131,584 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2010/08/11 12:14:48 | 000,004,096 | -H-- | C] () -- C:\Users\SuzyQ\AppData\Local\keyfile3.drm
[2010/08/04 12:55:36 | 000,139,264 | ---- | C] () -- C:\Windows\System32\vmcoinst_vc0326_hp.dll
[2010/01/08 11:53:26 | 000,005,632 | ---- | C] () -- C:\Users\SuzyQ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/17 15:06:46 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/12/17 15:06:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/12/17 01:28:21 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/12/16 21:22:31 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009/12/16 17:33:17 | 000,031,871 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/12/16 17:32:52 | 000,031,871 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/12/16 16:58:27 | 000,006,944 | ---- | C] () -- C:\Users\SuzyQ\AppData\Local\d3d9caps.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/02/19 08:20:28 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlbtinsr.dll
[2007/02/19 08:20:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlbtcur.dll
[2007/02/19 08:20:02 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlbtjswr.dll
[2007/02/19 08:17:06 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlbtinsb.dll
[2007/02/19 08:17:00 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlbtcub.dll
[2007/02/19 08:16:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlbtcu.dll
[2007/02/19 08:16:48 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlbtins.dll
[2007/02/19 08:15:34 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlbtutil.dll
[2007/02/07 18:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbtcoin.dll
[2007/01/22 08:18:28 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbtcfg.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,375,520 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,634,662 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,112,532 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 17:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2005/08/18 11:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbtvs.dll
[2005/05/25 14:07:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbtcnv4.dll

========== LOP Check ==========

[2010/03/01 11:36:36 | 000,000,000 | ---D | M] -- C:\Users\SuzyQ\AppData\Roaming\com.adobe.example.RinglingBrosDesktopTrain.7D3FCC9A35AE9C94D00DA63AFDDC25BD62B416F8.1
[2010/10/04 18:05:28 | 000,000,000 | ---D | M] -- C:\Users\SuzyQ\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/11/16 11:07:56 | 000,000,000 | ---D | M] -- C:\Users\SuzyQ\AppData\Roaming\com.Shutterfly.ExpressUploader
[2010/12/11 10:07:25 | 000,000,000 | ---D | M] -- C:\Users\SuzyQ\AppData\Roaming\Sony
[2010/09/12 13:59:56 | 000,000,000 | ---D | M] -- C:\Users\SuzyQ\AppData\Roaming\Uniblue
[2010/08/04 12:53:09 | 000,000,000 | ---D | M] -- C:\Users\SuzyQ\AppData\Roaming\WinBatch
[2011/01/06 07:40:24 | 000,000,000 | ---D | M] -- C:\Users\SuzyQ\AppData\Roaming\Windows Live Writer
[2011/05/16 15:31:35 | 000,032,524 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 5/16/2011 10:10:56 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\SuzyQ\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.00 Mb Total Physical Memory | 129.00 Mb Available Physical Memory | 13.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 29.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 63.61 Gb Free Space | 56.91% Space Free | Partition Type: NTFS

Computer Name: SUZYQ-PC | User Name: SuzyQ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08BF1A8D-459F-453F-A679-6604195FEAB7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{0B9CAD2C-80AB-4CF8-AD26-9C0C23B94B50}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0D710AB7-8221-4A4A-A44A-83B35CC6A8DD}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
"{12DBED9E-D618-4DA1-AA5D-9A37B68EAC73}" = lport=139 | protocol=6 | dir=in | app=system |
"{12F9D128-2074-4327-A4BB-06F83A0A151F}" = lport=80 | protocol=6 | dir=in | app=system |
"{179AFE08-13E3-4391-B6F0-CB97168953D5}" = rport=138 | protocol=17 | dir=out | app=system |
"{257B6C92-031A-42A4-B0DB-CE8EA8028848}" = rport=1701 | protocol=17 | dir=out | app=system |
"{3524D318-3B47-491A-9613-4FBD563C7E57}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{3B324762-E66D-4D99-8266-AEF1B3233904}" = lport=443 | protocol=6 | dir=in | app=system |
"{3E0BE944-5129-4B62-BA9E-44B3549787C6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{42423694-90BF-4A1B-BD99-0CD2ACFC8829}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |
"{4D0E1961-435D-4730-BEC7-3A4FD8A0D23C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4DF31228-432F-4F16-B7FC-A8D72AE5F60D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F8EFA0C-2B51-4C47-85E8-CD1417D7E536}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{50493A01-1F83-4741-A3A5-2900D0F2379B}" = lport=445 | protocol=6 | dir=in | app=system |
"{52710267-93F1-4C54-B626-55A8BF2EA733}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{6ACB0B1B-B6A5-4A9B-A96C-07B6B2A964A2}" = rport=139 | protocol=6 | dir=out | app=system |
"{6DCE5AB4-496A-4761-ADE1-8615A3E5E8DC}" = lport=80 | protocol=6 | dir=in | app=system |
"{6ED0C71F-5643-409B-A404-8EA13141800B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{79DA43F0-F358-43F4-9F17-80F6DD7DED22}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7E7EB90C-3BEF-4CB9-B9CE-C2983D0347E1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{7FEF4332-9F06-4BDD-8A8B-F8A21B7D3241}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{82A256F0-3D49-41DF-ABCF-F30DEB817298}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8CC2CE93-0C30-4804-898E-B4DD082AA630}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8F6543D9-4347-4EF6-B0C4-2BD52E683A7C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{96F6CF17-61A0-4F3B-8F81-0900D212CC8D}" = rport=445 | protocol=6 | dir=out | app=system |
"{9ED196B9-40FF-40AA-A657-4C5C92E590DF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AB971F28-510C-4E97-A2D4-2132A37B294F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BDAFF27D-7A43-4968-9F3D-E1A0A10C8B8D}" = lport=1723 | protocol=6 | dir=in | app=system |
"{C1A92BD3-2013-4B28-9208-47E13AE0975E}" = lport=137 | protocol=17 | dir=in | app=system |
"{C3F75E36-CD24-4D64-BAA8-2F24B564B3FF}" = rport=137 | protocol=17 | dir=out | app=system |
"{C6196BB0-4F83-469A-8ADF-9D2C2EB8D927}" = lport=445 | protocol=6 | dir=in | app=system |
"{C7A4E287-06C3-4304-80F1-E011F54635E1}" = rport=1723 | protocol=6 | dir=out | app=system |
"{C9F16B26-DA50-41CB-9C93-C01F90590438}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8428019-895C-4829-AD01-2C93877A3117}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{DA16C872-11DE-4D04-BD09-1393BF1670C3}" = lport=1701 | protocol=17 | dir=in | app=system |
"{DB946734-6508-43A3-82B6-B2C6D8CA641E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E3844B1D-3CAC-47BC-94A9-9BC7473C464A}" = lport=443 | protocol=6 | dir=in | app=system |
"{E4CAF32C-A970-4D61-B107-41E6184A0EBF}" = lport=445 | protocol=6 | dir=in | app=system |
"{E74DA3E4-2EB7-4CD8-8E58-79FC2D3B8BAC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EE7DE55C-11F9-4463-B680-BF5FC86A3807}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{EF1E2BD1-D0C5-41CA-B606-1164246101E2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F26FE2B6-F38A-48BE-A352-7EE96CCBBA88}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F52AEBDF-4848-4347-A106-F743A0EE2143}" = lport=445 | protocol=6 | dir=in | app=system |
"{FA840ED1-7D8E-447F-BE35-1521549CE35F}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0707F055-608F-40E0-BD43-4206E9B0F600}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{08D05835-0FD4-4642-ADAE-E240E07C47D2}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{0CA963EC-6CDE-4A1D-A68D-2F7C32E3AD18}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{10524909-6B88-4E08-8D3E-20DE67611C4B}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe |
"{2C69A7F6-6C4D-41DC-B440-900953398ACC}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{33700FA5-7D34-473B-AE0F-C215B9470651}" = protocol=17 | dir=in | app=c:\windows\system32\msra.exe |
"{3DF3C08F-7C9A-42A9-8E9C-B70892D2BFDC}" = protocol=6 | dir=out | app=system |
"{407F57F6-87EC-43B8-985C-A885884CA967}" = protocol=17 | dir=in | app=c:\program files\adobe\acrobat_com\acrobat_com.exe |
"{408E2FD1-7993-421F-97E0-D6D1170A085E}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{457AD89E-3BBB-4C07-A998-80920959E4B7}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{4E3B4BAE-93D5-4C0C-BBB1-3A884D08EF6C}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{5123526A-67BE-46BA-BF38-DF6C5AF0662F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{59FBA5A4-1072-402B-ADB6-95A25291C58B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5DDF4024-C6B7-4DD0-B81D-44344DB0F627}" = protocol=6 | dir=in | app=c:\program files\adobe\acrobat_com\acrobat_com.exe |
"{62D4972F-DE27-40E9-951C-8D5559F1D4FB}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{70458A34-F6E1-4F1C-92D3-0F1C94F81F87}" = protocol=6 | dir=out | app=system |
"{94459B04-FEEA-4392-8A2E-DCFA7A5BA36C}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{9721CDA1-0045-4015-8AC8-6DED71688E71}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{9D2926D9-C1D4-452C-98D4-6D1D778E1B1B}" = protocol=6 | dir=out | app=c:\windows\system32\msra.exe |
"{A77E7BD8-30FD-4908-9F5F-9BB8A85D8FE9}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{AAE85F00-1023-4C61-8841-2C70DC3661B4}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{AD4EFDAC-AEC5-415D-9496-D39B27845DB1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{BA212D27-7DF7-46C5-A4C5-13E5AC572F25}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{CEB048A1-C629-405D-840B-043F2E6C0C1F}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{D156F6FA-408A-4BC2-95A5-091397F7B230}" = protocol=17 | dir=in | app=c:\windows\system32\dlbtcoms.exe |
"{D194FF32-AC1D-467B-A8F6-FBBD3833D060}" = protocol=6 | dir=in | app=c:\windows\system32\dlbtcoms.exe |
"{D72BECBB-DD36-45BC-A4D1-1B1BC1E95141}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{DA35F091-234C-4FC9-8875-196012EB455C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DE1FF3E2-5EDB-493D-9DD7-FACC74F3B86F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{EA3F0779-7699-4E7F-91B1-CCA876C1CBC4}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe |
"{F7C1DE90-5FCF-4B5C-ADF5-E2295AB4C3CD}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"TCP Query User{70CEFDF8-4C0D-4FE5-A44D-5784D16BDEF2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{31D80B3C-BC48-4F0A-BBF7-8B6EB5FA5B81}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go
"{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1" = SiteRanker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 23
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6AC04F5-5916-4A02-BC36-AF5BC0A3CBD4}" = Media Go
"{C8192B14-5B56-2E27-6652-8AA650091D6E}" = Shutterfly Express Uploader
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF181652-D4F9-7D64-AED8-57D31E8D0410}" = Media Go Video Playback Engine 1.32.101.05130
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5D03B2E-B2D4-477F-A60D-8E1969D821FA}" = Adobe Flash Player 10 ActiveX
"{EFFADDFA-757F-43FD-BC6E-D6FBA976C583}" = HP Webcam
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"alotToolbar" = ALOT Toolbar
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader
"DDXL" = DDXL
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"PROPLUS" = Microsoft Office Professional Plus 2007
"RealPlayer 12.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Update Service" = Sony Ericsson Update Service
"WinLiveSuite" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/13/2011 8:33:42 AM | Computer Name = SuzyQ-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 39917255

Error - 5/13/2011 8:33:42 AM | Computer Name = SuzyQ-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 39917255

Error - 5/13/2011 9:54:40 AM | Computer Name = SuzyQ-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe_SysMain, version 6.0.6001.18000,
time stamp 0x47918b89, faulting module sysmain.dll, version 6.0.6002.18005, time
stamp 0x49e03808, exception code 0xc0000005, fault offset 0x00004de6, process id
0x4a4, application start time 0x01cc1171621b2f17.

Error - 5/13/2011 12:15:30 PM | Computer Name = SuzyQ-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/13/2011 12:17:20 PM | Computer Name = SuzyQ-PC | Source = Application Hang | ID = 1002
Description = The program msseces.exe version 2.0.657.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: c98 Start Time: 01cc1188dd7f0017 Termination Time: 0

Error - 5/13/2011 12:25:29 PM | Computer Name = SuzyQ-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/13/2011 1:43:26 PM | Computer Name = SuzyQ-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/16/2011 2:28:37 PM | Computer Name = SuzyQ-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/16/2011 2:42:46 PM | Computer Name = SuzyQ-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/16/2011 3:33:54 PM | Computer Name = SuzyQ-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ System Events ]
Error - 5/13/2011 9:55:03 AM | Computer Name = SuzyQ-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5/13/2011 9:55:03 AM | Computer Name = SuzyQ-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 5/13/2011 9:55:03 AM | Computer Name = SuzyQ-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5/13/2011 9:55:03 AM | Computer Name = SuzyQ-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5/13/2011 9:55:03 AM | Computer Name = SuzyQ-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5/16/2011 2:40:13 PM | Computer Name = SuzyQ-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:38:32 PM on 5/16/2011 was unexpected.

Error - 5/16/2011 2:46:52 PM | Computer Name = SuzyQ-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 5/16/2011 2:48:57 PM | Computer Name = SuzyQ-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 5/16/2011 3:01:26 PM | Computer Name = SuzyQ-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5/16/2011 10:26:17 PM | Computer Name = SuzyQ-PC | Source = DCOM | ID = 10010
Description =


< End of report >

Edited by susmar, 16 May 2011 - 08:49 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP