Jump to content

janec

Members
 View Profile  See their activity

  • Posts

    31

  • Joined

  • Last visited

Tech Info

  • System: windows_xp

janec's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. janec
    Thanks a lot, I'll give it a try. Jane
  2. janec
    Hi, My laptop is on a real go slow. When I look at what "processes" are running, something called svchost.exe is using 99 cpu. Is this the problem and how can I fix it? Many thanks Jane
  3. janec
    Hi Starbuck, All done. If I'm ever diagnosed with low blood pressure and I need something to raise it, then I may use Norton again. Until then, it's in the bin. I just don't have the time to sit and look at a frozen screen for 10 minutes at a time :mad: What a pile of [insert expletive of choice]! Thanks again for your help. Kind regards Jane
  4. janec
    Hi Starbuck, I'm now running MS Security Essentials and have removed Norton. WOW! It's like having broadband after using dial up (you're probably too young to remember dial up). Everything is running much faster and I can now have more than one thing running at a time including several different web pages without it stopping altogether. Thanks very much for yours and KenB's help. Very much appreciated. Kind regards Jane
  5. janec
    Hi Starbuck, I have run the OTL thingy and the report follows at the end of the post. I've also removed and re-loaded the latest Java. I think I would like to try something other than Norton. It was Norton (albeit an older version than what I have now) that caused all the problems a few months ago and I'm getting fed up with it. Could you please suggest a free alternative (MS Essentials as KenB suggested or whichever you think would be best) and post a link as I'm never sure that what I've found on Google is the correct thing. Do I remove Norton first or load the free programme first. I'm also running the free version of Mailwasher as the up to date Norton will not filter spam with my version of Microsoft Outlook (for some reason I'm still using the 2000 version). I don't suppose there is a free security programme that will also filter spam? Many thanks for your help Jane OTL report: All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mywebsearch.com/Plugin\ deleted successfully. File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON Stylus C86 Series deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeUpdater deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{692bd095-bd9e-11da-957a-806d6172696f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{692bd095-bd9e-11da-957a-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{692bd095-bd9e-11da-957a-806d6172696f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{692bd095-bd9e-11da-957a-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{692bd095-bd9e-11da-957a-806d6172696f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{692bd095-bd9e-11da-957a-806d6172696f}\ not found. File D:\winshell110.exe not found. ADS C:\Documents and Settings\All Users\Application Data\TEMP:02C1CB6D deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:69E17801 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:10B7A752 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:57B4E612 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:7A266313 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:5711EF65 deleted successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Documents and Settings\Jane Cureton\Desktop\cmd.bat deleted successfully. C:\Documents and Settings\Jane Cureton\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP]
  6. janec
    Hi Starbuck, I've run the OTL scan. OTL reports as follows: OTL logfile created on: 17/01/2012 18:12:02 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Jane Cureton\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 895.36 Mb Total Physical Memory | 435.70 Mb Available Physical Memory | 48.66% Memory free 2.11 Gb Paging File | 1.56 Gb Available in Paging File | 73.87% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.50 Gb Total Space | 14.70 Gb Free Space | 45.23% Space Free | Partition Type: NTFS Drive E: | 149.05 Gb Total Space | 145.33 Gb Free Space | 97.50% Space Free | Partition Type: NTFS Computer Name: JCMOSAICS | User Name: Jane Cureton | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Jane Cureton\Desktop\OTL.scr (OldTimer Tools) PRC - c:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe (Symantec Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe (Ralink Technology, Corp.) PRC - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.) PRC - C:\Program Files\Nikon\NkView6\NkvMon.exe (Nikon Corporation) ========== Modules (No Company Name) ========== MOD - C:\WINDOWS\system32\quartz.dll () MOD - C:\WINDOWS\system32\sbe.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\system32\devenum.dll () ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- File not found SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe (Symantec Corporation) ========== Driver Services (SafeList) ========== DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120116.035\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120116.035\NAVENG.SYS (Symantec Corporation) DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111223.001\BHDrvx86.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120114.005\IDSXpx86.sys (Symantec Corporation) DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMEFA.SYS (Symantec Corporation) DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\ccSetx86.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SRTSP.SYS (Symantec Corporation) DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SRTSPX.SYS (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS (Symantec Corporation) DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\SYMDS.SYS (Symantec Corporation) DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1302000.00A\Ironx86.SYS (Symantec Corporation) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation ) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (RT2500) -- C:\WINDOWS\system32\drivers\RT2500.sys (Ralink Technology Inc.) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Roxio) DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Roxio) DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.) DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) DRV - (crlscsi) -- C:\WINDOWS\System32\drivers\crlscsi.sys (Corel Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com/" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2011/11/05 18:32:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2012/01/14 17:22:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/06 17:53:21 | 000,000,000 | ---D | M] [2011/07/29 23:14:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jane Cureton\Application Data\Mozilla\Firefox\Profiles\077fyhc8.default\extensions [2011/10/14 21:15:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2007/02/20 15:15:00 | 002,115,816 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll ========== Chrome ========== O1 HOSTS File: ([2004/08/10 19:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [CardReaderReset] C:\Program Files\Realtek Semiconductor Corp\Card Reader Software\Reset.exe () O4 - HKLM..\Run: [EPSON Stylus C86 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0R2.EXE /P23 "EPSON Stylus C86 Series" /O5 "LPT1:" /M "Stylus C86" File not found O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" File not found O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe (Nikon Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe (Ralink Technology, Corp.) O4 - Startup: C:\Documents and Settings\Jane Cureton\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O4 - Startup: C:\Documents and Settings\Jane Cureton\Start Menu\Programs\Startup\Met Office Desktop Widget.lnk = C:\Program Files\Met Office Desktop Widget\Met Office Desktop Widget.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab (EPUImageControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1320519932125 (MUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://msnuk.oberon-media.com/online2/MSN_INTL_UK/chainz_2/mjolauncher.cab (MJLauncherCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cab (ZoneIntro Class) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://sympatico.zone.msn.com/bingame/popcaploader_v10.cab (PopCapLoader Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C36A7A38-96C7-4290-A25B-E6073651D588}: DhcpNameServer = 192.168.1.254 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Jane Cureton\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jane Cureton\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/09/16 19:44:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{692bd095-bd9e-11da-957a-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{692bd095-bd9e-11da-957a-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{692bd095-bd9e-11da-957a-806d6172696f}\Shell\AutoRun\command - "" = D:\winshell110.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: SoundMan - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: swg - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: TkBellExe - hkey= - key= - Reg Error: Value error. File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/01/17 18:01:33 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jane Cureton\Desktop\OTL.scr [2005/09/16 21:54:14 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll ========== Files - Modified Within 30 Days ========== [2012/01/17 18:13:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/01/17 18:11:56 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1750105772-1827593217-929180627-1006.job [2012/01/17 18:11:56 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1750105772-1827593217-929180627-1006.job [2012/01/17 18:01:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jane Cureton\Desktop\OTL.scr [2012/01/17 16:14:18 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\Jane Cureton\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word (2).lnk [2012/01/15 22:13:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/01/14 17:23:26 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\Jane Cureton\Start Menu\Programs\Startup\Met Office Desktop Widget.lnk [2012/01/14 17:19:59 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/01/14 17:19:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/01/14 17:18:59 | 938,921,984 | -HS- | M] () -- C:\hiberfil.sys [2012/01/13 16:16:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/01/11 16:46:59 | 000,443,248 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/01/11 16:46:58 | 000,072,514 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/01/10 13:32:16 | 000,002,489 | ---- | M] () -- C:\Documents and Settings\Jane Cureton\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel (2).lnk [2012/01/09 16:16:25 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/01/04 21:41:13 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/02 18:55:29 | 000,410,031 | ---- | M] () -- C:\Documents and Settings\Jane Cureton\My Documents\donkey 3.jpg [2011/12/27 21:56:58 | 000,002,437 | ---- | M] () -- C:\Documents and Settings\Jane Cureton\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Publisher (2).lnk [2011/12/20 16:47:33 | 000,121,463 | ---- | M] () -- C:\Documents and Settings\Jane Cureton\My Documents\wrens nest in wasps nest.jpg ========== Files Created - No Company Name ========== [2012/01/04 21:41:13 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/02 18:56:09 | 000,410,031 | ---- | C] () -- C:\Documents and Settings\Jane Cureton\My Documents\donkey 3.jpg [2011/12/28 13:56:36 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1750105772-1827593217-929180627-1006.job [2011/12/20 16:47:33 | 000,121,463 | ---- | C] () -- C:\Documents and Settings\Jane Cureton\My Documents\wrens nest in wasps nest.jpg [2011/11/07 20:59:19 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/11/13 17:40:41 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2008/03/11 17:26:46 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2008/03/11 17:26:45 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2008/03/11 17:26:45 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2008/03/11 17:26:45 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2008/03/11 17:26:45 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2008/03/11 17:26:45 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2008/03/11 17:26:45 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2008/03/11 17:26:45 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2008/03/11 17:26:45 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2008/03/11 17:26:45 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2008/03/11 17:26:45 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2008/03/11 17:26:45 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2008/03/11 17:26:45 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2008/03/11 17:26:45 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2008/03/11 17:26:45 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2008/03/11 17:26:45 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2008/03/11 17:26:45 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2008/03/11 17:26:45 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2008/03/11 17:26:45 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2008/03/11 17:19:06 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDED92Euro.ini [2007/06/08 22:30:22 | 000,001,156 | ---- | C] () -- C:\WINDOWS\mozver.dat [2007/06/08 22:27:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2007/01/01 13:54:24 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT [2007/01/01 13:29:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDESC86PEEuro.ini [2006/12/27 14:30:52 | 000,002,887 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2006/09/03 15:41:53 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Jane Cureton\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/07/18 19:02:41 | 000,000,340 | ---- | C] () -- C:\WINDOWS\QTW.INI [2006/07/18 19:02:37 | 000,000,144 | ---- | C] () -- C:\WINDOWS\INDEO.INI [2006/07/01 10:04:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Jcmkr32.INI [2006/06/05 16:26:35 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2006/05/20 14:02:20 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\qttask.exe [2006/05/20 14:01:31 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PMK_setup.ini [2006/05/17 10:47:50 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Jane Cureton\Local Settings\Application Data\fusioncache.dat [2006/05/15 15:47:47 | 000,000,797 | ---- | C] () -- C:\WINDOWS\SGREP32.INI [2006/05/15 15:42:53 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\sg50Ps32.dll [2006/05/15 15:42:51 | 000,256,512 | ---- | C] () -- C:\WINDOWS\System32\SGOPopDg.dll [2006/05/15 14:43:44 | 000,000,083 | ---- | C] () -- C:\WINDOWS\REPENG.INI [2006/05/15 14:14:48 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\BurnData.bin [2006/05/15 13:41:45 | 000,019,932 | ---- | C] () -- C:\WINDOWS\SAGE.INI [2006/05/14 21:33:06 | 000,001,006 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/05/14 19:41:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jane Cureton\Application Data\wklnhst.dat [2006/03/27 14:39:39 | 000,000,516 | ---- | C] () -- C:\WINDOWS\dialer.ini [2006/02/28 05:07:15 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\ntiembed.dll [2006/02/28 05:05:53 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll [2006/02/28 05:05:53 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll [2006/02/28 04:41:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006/02/28 04:41:50 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006/02/28 04:41:50 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006/02/28 04:41:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006/02/28 04:41:49 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006/02/28 04:41:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006/02/27 21:13:19 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT [2006/02/27 20:35:38 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006/02/27 20:35:06 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006/02/27 20:35:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006/02/27 20:34:57 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006/02/27 20:34:45 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006/02/27 20:34:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2006/02/27 20:33:28 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006/02/27 20:33:26 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006/02/27 20:32:28 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006/02/27 20:30:47 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2006/02/27 13:16:47 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe [2006/02/27 13:16:47 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\installrt2500qa.dll [2006/02/27 13:16:47 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\WRLSetup.exe [2006/02/27 13:05:44 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini [2006/02/27 12:41:44 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2006/02/27 12:41:44 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2006/02/27 12:39:05 | 000,095,617 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2006/01/24 12:37:36 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SageEventHandler.exe [2006/01/24 12:36:20 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\SGCtrlEx.dll [2006/01/24 12:36:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SageFolderBrowser.dll [2006/01/24 12:36:10 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\SGTBAR32.DLL [2006/01/24 12:36:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGSTAT32.DLL [2006/01/24 12:36:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGLOGO32.DLL [2006/01/24 12:36:02 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\SGJPEG32.dll [2006/01/24 12:35:58 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\SGCDLG32.DLL [2006/01/24 12:35:48 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\SGLIST32.DLL [2006/01/24 12:35:38 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\SGTOOL32.DLL [2006/01/24 12:35:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\SGINTL32.DLL [2006/01/24 12:35:32 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\SGDT32.DLL [2006/01/24 12:35:30 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SGHELP32.DLL [2006/01/24 12:35:28 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SGAPPBAR.DLL [2006/01/24 12:35:24 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SG3D32.DLL [2006/01/24 12:35:10 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\SGSchemeXP.dll [2006/01/24 12:35:06 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\SGSchemeDefault.dll [2006/01/24 12:34:58 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SGSchemeManager.dll [2006/01/24 12:34:48 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SGCOM32.DLL [2006/01/24 12:33:42 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\SGWebBrowser.dll [2006/01/13 10:43:50 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\SGSchemeXml.dll [2005/11/30 12:49:32 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\REPDES32.EXE [2005/11/30 12:49:30 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\SGLCH32.DLL [2005/11/30 12:49:20 | 001,712,128 | ---- | C] () -- C:\WINDOWS\System32\SGREP32.DLL [2005/09/19 16:54:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/09/16 19:47:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2005/09/16 19:40:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005/09/16 19:28:26 | 000,001,452 | R--- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005/09/16 19:27:13 | 000,443,248 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2005/09/16 19:27:13 | 000,072,514 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2005/09/16 12:35:23 | 000,005,997 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005/09/16 12:34:32 | 000,313,656 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2005/09/01 23:39:24 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2005/09/01 23:39:24 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll [2005/09/01 23:39:00 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2005/08/05 21:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005/07/11 13:33:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\SDOApp.dll [2004/06/09 10:57:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\Install.exe [2002/04/16 11:27:54 | 000,000,005 | -HS- | C] () -- C:\WINDOWS\System32\CdI5T.drv [2001/12/26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll [2001/09/03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll [2001/07/30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll [2001/07/23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll [1999/01/23 02:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/03/26 01:12:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SgHmZLib.dll [1997/06/14 00:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll ========== LOP Check ========== [2010/09/27 20:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON [2008/07/11 14:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo [2010/09/05 22:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster [2006/09/04 12:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap [2006/05/14 21:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT [2007/12/08 18:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2008/03/11 17:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL [2009/09/01 21:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom [2008/03/24 17:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jane Cureton\Application Data\EPSON [2007/06/24 12:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jane Cureton\Application Data\InterVideo [2011/10/31 12:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jane Cureton\Application Data\JGoodies [2012/01/17 16:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jane Cureton\Application Data\MailWasherFree [2006/05/22 18:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jane Cureton\Application Data\Nikon [2005/09/16 22:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jane Cureton\Application Data\SampleView [2006/05/14 21:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jane Cureton\Application Data\Template ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006/07/30 22:30:19 | 000,000,000 | ---- | M] () -- C:\AILog.txt [2005/09/16 19:44:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2006/02/28 06:20:58 | 000,000,032 | ---- | M] () -- C:\BIOSINFO.INI [2006/02/28 06:20:58 | 000,000,091 | ---- | M] () -- C:\BIOSVIEW.INI [2006/05/14 19:06:17 | 000,000,209 | RHS- | M] () -- C:\boot.ini [2005/09/16 19:44:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2012/01/14 17:18:59 | 938,921,984 | -HS- | M] () -- C:\hiberfil.sys [2010/09/27 21:22:37 | 000,002,096 | ---- | M] () -- C:\InstallHelper.log [2005/09/16 19:44:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2005/09/19 16:39:15 | 000,000,021 | ---- | M] () -- C:\LOCAL [2005/09/19 16:39:15 | 000,000,021 | ---- | M] () -- C:\MINI [2005/09/16 19:44:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/10 19:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2011/02/01 20:28:38 | 000,250,048 | RHS- | M] () -- C:\ntldr [2012/01/14 17:18:57 | 1409,286,144 | -HS- | M] () -- C:\pagefile.sys < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > [2008/07/06 12:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\System32\config\*.sav > [2005/09/16 12:33:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2005/09/16 12:33:51 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2005/09/16 12:33:50 | 000,876,544 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %PROGRAMFILES%\* > < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 11:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 11:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 11:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 11:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 11:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 11:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) ========== Alternate Data Streams ========== @Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:02C1CB6D @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:69E17801 @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10B7A752 @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57B4E612 @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7A266313 @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5711EF65 < End of report > OTL Extras logfile created on: 17/01/2012 18:12:02 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Jane Cureton\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 895.36 Mb Total Physical Memory | 435.70 Mb Available Physical Memory | 48.66% Memory free 2.11 Gb Paging File | 1.56 Gb Available in Paging File | 73.87% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.50 Gb Total Space | 14.70 Gb Free Space | 45.23% Space Free | Partition Type: NTFS Drive E: | 149.05 Gb Total Space | 145.33 Gb Free Space | 97.50% Space Free | Partition Type: NTFS Computer Name: JCMOSAICS | User Name: Jane Cureton | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) "C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE:*:Disabled:SAgent4 "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium "{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2 "{0A7124DF-F8A4-405B-904F-CFD3D3DFB5AE}" = PIF DESIGNER2.1 "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1CABB679-3958-44AA-BFFF-4E68A2684255}" = ArcSoft Panorama Maker 3.0 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1 "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 29 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2A5C7EED-1A45-C2B6-2E39-E58BD6955E1D}" = Met Office Desktop Widget "{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}" = Cypress USB Mass Storage Driver Installation "{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3 "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2 "{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Roxio Burn Engine "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAA66A0D-E610-40B8-9D51-C1854285773A}" = RT2500 Wireless LAN Card "{AAB84E83-C8DF-4752-9DFC-2E2A48EE5E9F}" = Nikon View 6 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver "{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}" = MSN Music Mediabar "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D32D4182-DE6C-457E-838C-8D7B9CE332BA}" = InterVideo WinRip "{DC24971E-1946-445D-8A82-CE685433FA7D}" = "{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb "{ECA2B21B-A180-4775-B93F-6E404E36A8CC}" = MSRuntime Libraries "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Agere Systems Soft Modem" = Agere Systems AC'97 Modem v2157D "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "Corel Applications" = Corel Applications "ERUNT_is1" = ERUNT 1.1j "ESC86 Reference Guide" = ESC86 Reference Guide "ESC86 Software Guide" = ESC86 Software Guide "ESET Online Scanner" = ESET Online Scanner v3 "ie8" = Windows Internet Explorer 8 "InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3 "InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker Gold "IrfanView" = IrfanView (remove only) "JDiskReport 1.3.2" = JGoodies JDiskReport 1.3.2 "MailWasher Free_is1" = MailWasher Free 6.5.4 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NIS" = Norton Internet Security "OcaHistoryUpd" = OCA Client history tool install "RealPlayer 12.0" = RealPlayer "Sage Instant Accounting 6.0" = Sage Instant Accounting 6.0 "SM1FX_AT" = USB Storage Adapter FX (SM1) "SynTPDeinstKey" = Synaptics Pointing Device Driver "uk.gov.meto.pws.air" = Met Office Desktop Widget "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "Wise Disk Cleaner_is1" = Wise Disk Cleaner 5.93 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 04/01/2012 11:08:30 | Computer Name = JCMOSAICS | Source = Application Error | ID = 1000 Description = Faulting application excel.exe, version 9.0.0.2719, faulting module excel.exe, version 9.0.0.2719, fault address 0x002cefbf. Error - 04/01/2012 14:26:39 | Computer Name = JCMOSAICS | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 04/01/2012 15:02:49 | Computer Name = JCMOSAICS | Source = Application Hang | ID = 1002 Description = Hanging application EXCEL.EXE, version 9.0.0.2719, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 04/01/2012 15:03:26 | Computer Name = JCMOSAICS | Source = Application Hang | ID = 1002 Description = Hanging application EXCEL.EXE, version 9.0.0.2719, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 12/01/2012 11:52:08 | Computer Name = JCMOSAICS | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 12/01/2012 14:27:57 | Computer Name = JCMOSAICS | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19170, fault address 0x00067978. Error - 13/01/2012 19:55:02 | Computer Name = JCMOSAICS | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 15/01/2012 12:50:06 | Computer Name = JCMOSAICS | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 15/01/2012 17:59:13 | Computer Name = JCMOSAICS | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19170, fault address 0x00067978. Error - 16/01/2012 10:23:43 | Computer Name = JCMOSAICS | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19170, fault address 0x00067978. [ System Events ] Error - 05/01/2012 16:59:48 | Computer Name = JCMOSAICS | Source = Service Control Manager | ID = 7011 Description = Timeout (30000 milliseconds) waiting for a transaction response from the NIS service. Error - 10/01/2012 16:59:57 | Computer Name = JCMOSAICS | Source = Service Control Manager | ID = 7011 Description = Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. Error - 11/01/2012 12:14:35 | Computer Name = JCMOSAICS | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Google Software Updater service to connect. Error - 11/01/2012 12:14:36 | Computer Name = JCMOSAICS | Source = DCOM | ID = 10005 Description = DCOM got error "%1053" attempting to start the service gusvc with arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8} Error - 11/01/2012 12:16:03 | Computer Name = JCMOSAICS | Source = DCOM | ID = 10010 Description = The server {ABC01078-F197-4B0B-ADBC-CFE684B39C82} did not register with DCOM within the required timeout. Error - 12/01/2012 11:45:09 | Computer Name = JCMOSAICS | Source = Service Control Manager | ID = 7011 Description = Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. Error - 16/01/2012 06:34:34 | Computer Name = JCMOSAICS | Source = Service Control Manager | ID = 7011 Description = Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. Error - 16/01/2012 09:51:38 | Computer Name = JCMOSAICS | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Google Software Updater service to connect. Error - 16/01/2012 09:51:38 | Computer Name = JCMOSAICS | Source = DCOM | ID = 10005 Description = DCOM got error "%1053" attempting to start the service gusvc with arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8} Error - 17/01/2012 09:43:01 | Computer Name = JCMOSAICS | Source = Service Control Manager | ID = 7011 Description = Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. < End of report > Many thanks Jane
  7. janec
    Hi, It usually occurs when my laptop is first started up. It can last for an hour or more and re-occur later but not for so long. Norton was updating once when this happened but half an hour after Norton said it had finished I was still getting the problem. I had a major problem a few months back when all my disk space disappeared which was kindly sorted by yourselves and after that my laptop ran like a dream. It's only the last couple of weeks this has started to happen.
  8. janec
    Thanks for that. I've done as you've suggested and apparently there is 896 MB of RAM.
  9. janec
    The sticker on my laptop says: 1024 MB DDR-Ram. Is this what you mean? Sorry to be so clueless.
  10. janec
    Thanks for your reply. Yes, I have Norton 2012 installed. I have just checked and the ccsvchst.exe isn't using any CPU's now. I'm confused.
  11. janec
    Hi, I'm having trouble mainly when I'm online with pages not loading or everything going really slowly or everything stopping altogether and freezing up. I've had a look at Windows Task Manager and the ccsvchst.exe is using anything between 40 to 100% CPU. What is this and can I fix it? Many thanks Jane
  12. janec
    Thanks Ken, I'll give it a go. Many thanks Jane
  13. janec
    Hi, Can anyone recommend a good FREE anti spam programme for e-mails. The only one I know of is Mailwasher. Is this OK or does anyone know of a better one? Many thanks Jane
  14. janec
    Hi, I recently had a big problem which was very kindly solved for me by etavares and others on this site. Part of the solution was upgrading my security to Norton 2011. However I've hit a slight problem. With my old version of Norton it filtered out most of my spam e-mails and had a "this is spam" button on Microsoft Outlook for any remaining spam. The "this is spam" has vanished and when I checked the new Norton it only provides spam support for various versions of Outlook. Understandibly it doesn't work with my version of Outlook. For some reason I'm still using Outlook 2000. I did look at buying a newer version of Outlook but I don't understand what all the different versions do and they all seem to be over £100 which I don't have. Should I download a free spam filter and if so, could anybody recommend one? Many thanks Jane
  15. janec
    Hello etavares, I have followed all of your instructions and have also updated everything and installed the anti-malware programme. Norton comes with a firewall and I've checked and this is running. I'm afraid the Calender of Updates is beyond me, I had a look and it might as well be quantum physics. I also couldn't download Hostman but the new Norton seems to be checking all the websites I visit. My computer is running a lot faster and I have a huge amount of space (by my lowly standards) of 16.8 GB (don't laugh). I'll keep an eye on this and if it drops radically I'll be bothering you again. MANY MANY THANKS TO YOU ALL. I really appreciate all the time you've taken to sort this out for me. Kind regards Jane
×
×
  • Create New...