Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop very very slow+ OTL log included+ taskeng.exe and wmplayer.exe

Started by rp07 , Mar 24 2012 01:33 AM

  • Please log in to reply

#1
rp07
Posted 24 March 2012 - 01:33 AM

rp07

    Member

  • Member
  • PipPip
  • 19 posts
Hi

My laptop seems to slow down as minutes pass by after booting up. The task manager is always clocking up 100% and taskeng.exe and wmplayer.exe seem to be the culprits.

I dont even use the windows media player, so I am unsure why it shows up on the task manager. I have checked up Tasks scheduled and nothing shows up in sync settings. :upset:

Malware bytes and avast virus scans were all clean.

Not quite sure whats going on?/ Please :help:

OTL log of my machine is as follows:-

OTL logfile created on: 3/24/2012 10:19:21 AM - Run 2
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Users\Yashesh Paliwal\Downloads
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.66 Gb Available Physical Memory | 76.13% Memory free
7.18 Gb Paging File | 6.49 Gb Available in Paging File | 90.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.51 Gb Total Space | 183.69 Gb Free Space | 64.34% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.40 Gb Free Space | 54.01% Space Free | Partition Type: NTFS

Computer Name: YASHESHPALIW-PC | User Name: Yashesh Paliwal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/12 17:11:26 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Yashesh Paliwal\Downloads\OTL.exe
PRC - [2012/01/20 11:05:36 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011/11/28 23:31:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/03/14 20:57:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011/03/14 20:57:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/09/26 13:05:44 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/08/04 14:22:32 | 001,965,112 | ---- | M] (WiQuest Communications, Inc.) -- C:\Program Files\Dell\Dell WUSB\WQ_Tray2.exe
PRC - [2007/05/10 11:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/04/27 04:04:18 | 001,123,872 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/12/06 12:22:46 | 000,499,712 | ---- | M] (Gyration, Inc.) -- C:\DELL\Utilities\Dell Premium Remote Control\WMPControllerService.exe
PRC - [2006/12/06 12:21:18 | 000,184,320 | ---- | M] (Gyration, Inc.) -- C:\DELL\Utilities\Dell Premium Remote Control\WMPControllerServer.exe


========== Modules (No Company Name) ==========

MOD - [2007/08/04 14:27:12 | 000,008,248 | ---- | M] () -- C:\Program Files\Dell\Dell WUSB\WQ_Cust.dll
MOD - [2007/04/27 04:04:24 | 000,103,968 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (HWDeviceService.exe)
SRV - File not found [Disabled | Stopped] -- -- (gupdatem) Google Update Service (gupdatem)
SRV - File not found [Disabled | Stopped] -- -- (gupdate) Google Update Service (gupdate)
SRV - [2011/11/28 23:31:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/12/14 13:01:26 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/08/13 18:34:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/01/19 13:08:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/10 11:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2006/12/06 12:22:46 | 000,499,712 | ---- | M] (Gyration, Inc.) [Auto | Running] -- C:\DELL\Utilities\Dell Premium Remote Control\WMPControllerService.exe -- (WMPControllerService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - [2012/03/07 09:02:15 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012/03/07 09:02:15 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012/03/07 09:02:15 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012/03/07 09:02:15 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2011/11/28 23:23:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 23:23:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 23:22:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 23:22:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 23:22:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/11/28 23:21:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/02/26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/06/16 14:59:00 | 009,768,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/09/26 06:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/05/10 06:54:38 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/05/06 20:30:00 | 000,234,560 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM04Vid.sys -- (OEM04Vid)
DRV - [2007/03/05 14:15:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM04Vfx.sys -- (OEM04Vfx)
DRV - [2007/02/13 22:59:04 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2007/02/13 22:59:04 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2006/11/14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADRA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Yashesh Paliwal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Yashesh Paliwal\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Yashesh Paliwal\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Yashesh Paliwal\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Yashesh Paliwal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Yashesh Paliwal\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Yashesh Paliwal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Yashesh Paliwal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Gmail = C:\Users\Yashesh Paliwal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/19 03:11:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [MotiveReportAgent] C:\Program Files\Common Files\Motive\McciBootStrapper.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A255223-C29F-470D-97F2-DE9B2DE4FDEF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{347F65F0-276B-4EB4-A535-FE261BA5680C}: NameServer = 4.2.2.2 121.242.190.180
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Yashesh Paliwal\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Yashesh Paliwal\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 03:13:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{06809580-ecce-11df-ae3e-0023ae0719fb}\Shell - "" = AutoRun
O33 - MountPoints2\{1effcd77-1e49-11e1-803a-0023ae0719fb}\Shell - "" = AutoRun
O33 - MountPoints2\{1effcd77-1e49-11e1-803a-0023ae0719fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1effcd83-1e49-11e1-803a-0023ae0719fb}\Shell - "" = AutoRun
O33 - MountPoints2\{1effcd83-1e49-11e1-803a-0023ae0719fb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6ecb4121-6806-11e1-9d74-feee810a3bb7}\Shell - "" = AutoRun
O33 - MountPoints2\{6ecb412b-6806-11e1-9d74-feee810a3bb7}\Shell - "" = AutoRun
O33 - MountPoints2\{6ecb412b-6806-11e1-9d74-feee810a3bb7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{adae9e78-68c7-11e1-bcc1-9b63e336c233}\Shell - "" = AutoRun
O33 - MountPoints2\{adae9e78-68c7-11e1-bcc1-9b63e336c233}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{afe3a0c1-52f1-11e1-a52b-ea301d8edaba}\Shell - "" = AutoRun
O33 - MountPoints2\{afe3a0c1-52f1-11e1-a52b-ea301d8edaba}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ff062527-6804-11e1-801f-b5e5bd2298c4}\Shell - "" = AutoRun
O33 - MountPoints2\{ff062527-6804-11e1-801f-b5e5bd2298c4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/20 05:14:16 | 000,000,000 | ---D | C] -- C:\Users\Yashesh Paliwal\AppData\Roaming\Mozilla
[2012/03/18 11:54:49 | 000,000,000 | ---D | C] -- C:\Users\Yashesh Paliwal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
[2012/03/18 11:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
[2012/03/18 11:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2012/03/09 15:49:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012/03/07 09:02:56 | 000,235,392 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2012/03/07 09:02:56 | 000,194,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012/03/07 09:02:56 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2012/03/07 09:02:56 | 000,090,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2012/03/07 09:02:56 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2012/03/07 09:02:56 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2012/03/07 09:02:56 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2012/03/07 09:02:56 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2012/03/07 09:02:56 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2012/03/07 09:02:56 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012/03/07 09:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Tata Photon Max
[2012/03/07 08:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mobile Partner
[2012/03/07 08:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\OnlineUpdate
[2012/03/07 08:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\log
[2012/03/06 23:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\Tata Photon Max(30)
[2012/03/03 18:06:18 | 000,000,000 | R--D | C] -- C:\Users\Yashesh Paliwal\Documents\Scanned Documents
[2012/03/03 18:06:07 | 000,000,000 | ---D | C] -- C:\Users\Yashesh Paliwal\Documents\Fax
[2012/02/24 19:43:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

========== Files - Modified Within 30 Days ==========

[2012/03/24 11:42:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/24 11:08:24 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1850299269-1658867251-1818800014-1000UA.job
[2012/03/24 10:07:32 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/24 10:07:32 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/24 10:07:31 | 000,108,285 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/03/24 10:07:31 | 000,108,285 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/03/24 10:07:31 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/03/24 10:07:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/24 10:07:18 | 3756,044,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/24 00:12:15 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/03/23 19:41:10 | 000,002,503 | ---- | M] () -- C:\Users\Yashesh Paliwal\Desktop\HiJackThis.lnk
[2012/03/23 18:08:11 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1850299269-1658867251-1818800014-1000Core.job
[2012/03/21 08:26:57 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/21 08:26:57 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/18 11:54:49 | 000,000,802 | ---- | M] () -- C:\Users\Yashesh Paliwal\Desktop\Free Window Registry Repair.lnk
[2012/03/07 09:03:52 | 000,000,874 | ---- | M] () -- C:\Users\Yashesh Paliwal\Application Data\Microsoft\Internet Explorer\Quick Launch\Tata Photon Max.lnk
[2012/03/07 09:03:52 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Tata Photon Max.lnk
[2012/03/07 09:02:15 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2012/03/07 09:02:15 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2012/03/07 09:02:15 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2012/03/07 09:02:15 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012/03/07 09:02:15 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2012/03/07 09:02:15 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2012/03/07 09:02:15 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2012/03/07 09:02:15 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2012/03/07 09:02:15 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2012/03/07 09:02:15 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2012/03/07 09:02:15 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2012/03/07 09:02:15 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012/03/07 09:02:04 | 000,012,997 | ---- | M] () -- C:\Windows\System32\drivers\mod7700.inf
[2012/03/06 13:05:44 | 000,001,356 | ---- | M] () -- C:\Users\Yashesh Paliwal\AppData\Local\d3d9caps.dat
[2012/02/24 19:45:00 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk

========== Files Created - No Company Name ==========

[2012/03/18 11:54:49 | 000,000,802 | ---- | C] () -- C:\Users\Yashesh Paliwal\Desktop\Free Window Registry Repair.lnk
[2012/03/07 09:03:52 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Tata Photon Max.lnk
[2012/03/07 09:02:56 | 000,012,997 | ---- | C] () -- C:\Windows\System32\drivers\mod7700.inf
[2012/03/06 13:38:48 | 3756,044,288 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/24 19:44:12 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2012/02/24 19:44:12 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2012/02/23 19:19:00 | 002,344,498 | ---- | C] () -- C:\Users\Yashesh Paliwal\Documents\eng.pdf
[2012/02/23 19:18:00 | 000,156,241 | ---- | C] () -- C:\Users\Yashesh Paliwal\Documents\Guidelines_for_Diagnosis2010.pdf
[2012/02/23 19:17:49 | 000,346,127 | ---- | C] () -- C:\Users\Yashesh Paliwal\Documents\D.pdf
[2012/02/23 19:17:43 | 000,170,047 | ---- | C] () -- C:\Users\Yashesh Paliwal\Documents\s0749070409000384.pdf
[2012/02/09 16:59:10 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/02/09 16:59:10 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/07/21 10:10:25 | 000,000,000 | ---- | C] () -- C:\Users\Yashesh Paliwal\AppData\Local\{6516798E-BB99-4DF2-BA94-234AA3446796}
[2010/12/16 12:42:02 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2010/12/14 13:43:00 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010/11/13 11:47:30 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/11/05 13:41:28 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/10/29 14:08:46 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010/10/29 14:08:31 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2010/10/18 22:37:39 | 000,044,544 | ---- | C] () -- C:\Users\Yashesh Paliwal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/14 08:16:37 | 000,000,552 | ---- | C] () -- C:\Users\Yashesh Paliwal\AppData\Local\d3d8caps.dat
[2010/09/26 15:24:17 | 000,108,285 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/09/26 15:24:17 | 000,108,285 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/09/13 14:13:06 | 000,028,285 | ---- | C] () -- C:\Users\Yashesh Paliwal\AppData\Roaming\nvModes.001
[2010/09/13 14:12:54 | 000,028,285 | ---- | C] () -- C:\Users\Yashesh Paliwal\AppData\Roaming\nvModes.dat
[2010/09/11 18:27:13 | 000,001,356 | ---- | C] () -- C:\Users\Yashesh Paliwal\AppData\Local\d3d9caps.dat

< End of report>

Thanks in advance!

Cheers

Edited by rp07, 24 March 2012 - 01:34 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP