Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus/malware causing Symantec malfunction ("File System Auto-Prot

Started by xlissmore , Jun 22 2011 07:45 PM

  • Please log in to reply

#1
xlissmore
Posted 22 June 2011 - 07:45 PM

xlissmore

    New Member

  • Member
  • Pip
  • 2 posts
Some sort of malware/virus has gotten into my system, probably when I downloaded a V-Share plug in. The most obvious symptoms are:

--home page for my browsers (Chrome, Firefox, Explorer) has been redirected to a site called “startsear.ch”

--my Symantec antivirus is not working correctly. The error message says "File System Auto-Protect is malfunctioning. File System Auto-Protect is not functioning correctly. Your protection definitions may be damaged or your product installation may be corrupt." A few days after the problem started,

I ran Malware Bytes and Spybot with no effect. The Symantec antivirus was initially working so I did a scan using it and again it had no effect. I also tried system restore to a point about ~5 days before the problem started with no effect.

A few days after the problem appeared and after a few reboots, Symantec antivirus showed that it was working properly and was up to date. However, when I rebooted in Safe Mode, the Symantec icon indicated it was not working correctly and I got the same error message. Reboot into normal mode again showed Symantec working normally.

I appreciate any help you can offer. Many thanks.

OTL Extras logfile created on: 6/22/2011 9:35:40 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\family\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 32.86% Memory free
3.98 Gb Paging File | 2.56 Gb Available in Paging File | 64.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.49 Gb Total Space | 41.33 Gb Free Space | 30.28% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.37 Gb Free Space | 53.69% Space Free | Partition Type: NTFS
Drive E: | 7.54 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: FAMILY-PC | User Name: family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{78DCD9F2-AFE2-4B0E-BCC8-916F324119A0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10EA9C18-457B-4DA0-9728-B9E6E57543FB}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{1687751B-3F7B-4DF6-A9DA-1D395E623031}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2065D9EC-A63D-4805-887A-D453E3702588}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{22E1204E-6E71-40FE-8123-7660B04B40FF}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{25652088-8A27-4988-99E0-2B70674A0B5F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{302BA052-090E-432F-8C24-E833817BE1AA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{37D8A4A8-E0F9-4B65-9483-E67721D1ABB0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3F0DE7BF-3CD4-40E0-95CF-18B15F7704EB}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{44C07DC8-3DDF-47A0-921D-02DDB2CD6858}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4A135ED4-9FA5-4ED6-8C5E-6B4BBA766E4A}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
"{5F38A844-6EBF-47EB-B321-9296B5854CB6}" = protocol=17 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{66172F15-E0F2-41D1-B11E-41C36151DFCC}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{6E49EFFA-DA54-4D49-8053-81A6FAB1BD9B}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe |
"{79DDC08B-EA86-41B6-B46D-73D6AF3EB862}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{85068480-07A6-4541-A3E8-A0FB8347FA5C}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{8D1AF1A4-CA65-417E-BCE3-443499531934}" = protocol=17 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe |
"{8DFC2CAF-8A51-4901-B227-60EA170D24FC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{93F2340E-AFA7-43E4-8D2F-29949420890B}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe |
"{9D329B15-64BE-4CB5-AD13-58627B307932}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe |
"{A87957BE-5536-486D-B55D-97CA5064CEEB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C5C06E32-388D-430C-8748-905B7DBEE77C}" = protocol=6 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{DFF53139-F809-4118-B057-FAE51F7AF1C5}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe |
"{F542A27F-CC92-4C3D-9A31-6CE93AFA977A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FDB9AF8D-DC72-4371-854F-71B8E3EB8906}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{FE61B5E8-7E80-4DD0-ACA9-B3B555327864}" = protocol=6 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{037CD593-D760-4A00-B030-7BBAFA1123FE}" = HP Officejet 6500 E710a-f Help
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}" = Cisco Systems VPN Client 5.0.01.0600
"{16FCDD97-AE09-476B-88CD-261D852BD34C}" = Marketsplash Shortcuts
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1FBE067B-EDA5-C4DC-1CAE-0A97869668F5}" = CCC Help English
"{233A09B2-5DDD-1D47-41F3-283243CD6E58}" = Catalyst Control Center Localization Finnish
"{26521EB6-D0C1-9AA9-EC73-743A75F5E390}" = CCC Help German
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 24
"{28166874-4E4D-AA06-22D5-3FFF80D9DF71}" = CCC Help Norwegian
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D736E48-0BFE-1E36-C3CC-D40027C8D779}" = CCC Help Chinese Traditional
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA54B99-76EA-54D7-E821-3A6D4C58B485}" = Catalyst Control Center Localization Korean
"{474A7BA6-A657-4152-8FB5-244D178D7174}" = HP Officejet 6500 E710a-f Product Improvement Study
"{4902AA2F-558B-709F-2EC4-ABCCA5817DE2}" = Catalyst Control Center Localization Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE661B2-2CA3-689C-7B07-633946D93DBA}" = Catalyst Control Center Localization Spanish
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4BCDF14A-0140-DAA1-197D-2A0714C304EB}" = CCC Help Dutch
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4F5A53E6-3CBE-44D7-91AD-2E535348484F}" = ccc-Branding
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5985DC34-0F90-473E-4B11-79BDD38129EA}" = CCC Help Italian
"{5B5B4253-B83B-970A-BF2A-BE76EB105C17}" = Catalyst Control Center Core Implementation
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5F818EFF-7F69-3E9A-EA3D-78F7C3A6FD61}" = Catalyst Control Center Graphics Light
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{623B8278-8CAD-45C1-B844-58B687C07805}" = Bing Bar Platform
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{670A25D9-1029-4D4E-93FF-66B3C07769D6}" = HP Officejet 6500 E710a-f Basic Device Software
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69D4EE67-EE0D-9CC4-1FDF-189B136EE1E5}" = ccc-utility
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB8F02-9EA7-5893-93E9-17C473D919EA}" = CCC Help Portuguese
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{801A52D3-2855-BF00-0F13-8CFE6F79047D}" = Catalyst Control Center Localization Portuguese
"{80A50951-628C-2476-095F-57BABB5B23B6}" = CCC Help Spanish
"{80F05497-9244-9323-44D2-A919DDD7E4CC}" = Catalyst Control Center Localization Dutch
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A46C2AE-E88F-191E-5EA6-8BDBC37726F9}" = Catalyst Control Center Localization Norwegian
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{916DA72C-457F-E1F6-E121-B15E38F79C0D}" = CCC Help Japanese
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{9306D753-8B36-06D4-0C39-9E6D58441C6C}" = Catalyst Control Center Localization Japanese
"{99713F20-B2FA-5B9F-0775-46378377F905}" = Catalyst Control Center Localization Chinese Traditional
"{9BCA646B-4EDE-5178-9755-4B3860F57111}" = Catalyst Control Center Localization Italian
"{9BD418EE-31DE-1A67-5D3B-C83B0FAEAFBE}" = ccc-core-static
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C573DB4-847C-44E2-D7EE-CC6640441A27}" = Catalyst Control Center Localization French
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5B6B6E2-3460-567B-D269-38E0C99B455B}" = CCC Help Russian
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AFDFC350-C142-4790-BE12-8357AECD028F}" = SyncToy 2.0 (x86)
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B0BC58D2-3B22-6E43-E755-97569B788832}" = Catalyst Control Center Localization German
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4F4B5A5-9B6E-15DC-BB9B-7AF45168F1DE}" = Catalyst Control Center Graphics Full Existing
"{BB4CC91D-63C5-85F6-D7DE-2FECD29639F6}" = CCC Help Danish
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C2CBDFC6-D4E0-5747-5EBE-7579611CC562}" = Catalyst Control Center Graphics Full New
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C45901E9-F9B0-5F5A-C40E-BA45B115D76B}" = Catalyst Control Center Localization Russian
"{C61664A1-6832-57B6-6189-0CD3F4E25E2F}" = CCC Help French
"{C8AF8F27-F6D1-9193-9F1A-8CFFE2B2A9E6}" = CCC Help Finnish
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB1C5826-5A8A-1856-BB92-29704009E56F}" = Catalyst Control Center Localization Swedish
"{CC187DB7-98D2-5485-4084-A092F9BB1F84}" = CCC Help Korean
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D65FB87A-566D-2457-4775-899C220E048E}" = CCC Help Chinese Standard
"{D689B418-235A-4290-A0A5-A75E490E0351}" = Symantec Endpoint Protection
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD43D652-6932-A54F-D7A5-D6448379E8F9}" = CCC Help Swedish
"{E17047A0-167D-1BA3-983E-CEE6ED87A890}" = Skins
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F99AFBD3-0276-AF23-C1CC-FBF6A5F2865C}" = Catalyst Control Center Localization Danish
"{FC66E05E-8D39-47A6-8D07-759F33727EB0}" = Opera 10.00
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALTACPHOME_is1" = Net Nanny Parental Controls 6.0
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Free Window Registry Repair" = Free Window Registry Repair
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"Picasa 3" = Picasa 3
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SynTPDeinstKey" = Dell Touchpad
"Veetle TV" = Veetle TV 0.9.18
"vShare" = vShare Plugin
"vShare.tv plugin" = vShare.tv plugin 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/10/2011 10:20:09 PM | Computer Name = family-PC | Source = Windows Search Service | ID = 3007
Description =

Error - 5/11/2011 8:23:14 PM | Computer Name = family-PC | Source = Application Error | ID = 1000
Description = Faulting application HP-DQEX5.exe, version 0.0.0.0, time stamp 0x4ce364d7,
faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436, exception
code 0xc0000005, fault offset 0x00039437, process id 0xf74, application start time
0x01cc103538be9150.

Error - 5/12/2011 9:37:57 AM | Computer Name = family-PC | Source = Chrome | ID = 1
Description =

Error - 5/19/2011 8:27:06 AM | Computer Name = family-PC | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 0.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 754 Start Time: 01cc161fb4971820 Termination Time: 20

Error - 5/21/2011 11:33:06 PM | Computer Name = family-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 2.0.0.4094 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 15c0 Start Time: 01cc181601c72020 Termination Time: 429

Error - 5/22/2011 7:03:39 PM | Computer Name = family-PC | Source = Chrome | ID = 1
Description =

Error - 5/22/2011 8:05:15 PM | Computer Name = family-PC | Source = Chrome | ID = 1
Description =

Error - 5/22/2011 8:48:23 PM | Computer Name = family-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 2.0.0.4094 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: f74 Start Time: 01cc18e256fd1d70 Termination Time: 31

Error - 5/23/2011 6:36:05 PM | Computer Name = family-PC | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 6.0.6000.16386, time stamp
0x4549b0e1, faulting module HTTPHandler.dll, version 2.8.1.1, time stamp 0x4b8c0717,
exception code 0xc0000005, fault offset 0x000122cd, process id 0x7d0, application
start time 0x01cc19507c81e760.

Error - 5/23/2011 10:20:59 PM | Computer Name = family-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 9.0.8112.16421, time stamp
0x4d76255d, faulting module cwalsp.dll, version 2.8.1.2, time stamp 0x4b8c057e,
exception code 0xc0000005, fault offset 0x0001866a, process id 0x1548, application
start time 0x01cc19b328299014.

[ System Events ]
Error - 6/22/2011 9:03:06 PM | Computer Name = family-PC | Source = DCOM | ID = 10005
Description =

Error - 6/22/2011 9:03:13 PM | Computer Name = family-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 6/22/2011 9:03:13 PM | Computer Name = family-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/22/2011 9:03:13 PM | Computer Name = family-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 6/22/2011 9:03:16 PM | Computer Name = family-PC | Source = DCOM | ID = 10005
Description =

Error - 6/22/2011 9:03:39 PM | Computer Name = family-PC | Source = DCOM | ID = 10005
Description =

Error - 6/22/2011 9:08:14 PM | Computer Name = family-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/22/2011 9:08:15 PM | Computer Name = family-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/22/2011 9:09:15 PM | Computer Name = family-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/22/2011 9:09:15 PM | Computer Name = family-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP