Carl
Members-
Posts
5 -
Joined
-
Last visited
Tech Info
-
Experience
beginner
- System: windows_vista_home_2
Carl's Achievements
Newbie (1/14)
0
Reputation
-
Ken B Hi Ken The hard drive © is 67.7GB with 18.3GB free but there is also a drive showing as data (d) which is also 67.7GB and is empty. There is 1GB RAM Thanks Carl
-
OTL file: OTL logfile created on: 13/11/2011 13:30:46 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Carl & Ruth\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 894.77 Mb Total Physical Memory | 409.86 Mb Available Physical Memory | 45.81% Memory free 2.01 Gb Paging File | 0.86 Gb Available in Paging File | 42.77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69.77 Gb Total Space | 18.91 Gb Free Space | 27.10% Space Free | Partition Type: NTFS Drive D: | 69.52 Gb Total Space | 69.25 Gb Free Space | 99.62% Space Free | Partition Type: NTFS Computer Name: CARLRUTHHOME-PC | User Name: Carl & Ruth | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Carl & Ruth\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.) PRC - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.) PRC - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe (Acer Inc.) PRC - C:\Acer\Empowering Technology\SysMonitor.exe () PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) PRC - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT) PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST) PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe () PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_FATICDE.EXE (SEIKO EPSON CORPORATION) PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8645de531003807d00822e03986a075d\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6d2f689baff5da3df134fdec0742a13c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll () MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Acer\Empowering Technology\SysMonitor.exe () MOD - C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll () MOD - C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll () MOD - C:\Windows\System32\BatchCrypto.dll () MOD - C:\Windows\System32\ShowErrMsg.dll () MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll () MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll () MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll () MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll () MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll () MOD - C:\Acer\Empowering Technology\MemCheck.Interface.dll () MOD - C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll () ========== Win32 Services (SafeList) ========== SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.) SRV - (LMIGuardianSvc) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.) SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe (Symantec Corporation) SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) SRV - (Symantec RemoteAssist) -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink) SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT) SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe () ========== Driver Services (SafeList) ========== DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20111027.001\BHDrvx86.sys (Symantec Corporation) DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.) DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20111111.030\IDSvix86.sys (Symantec Corporation) DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1109000.00C\SYMTDIV.SYS (Symantec Corporation) DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1109000.00C\SYMEFA.SYS (Symantec Corporation) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20111112.009\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20111112.009\NAVENG.SYS (Symantec Corporation) DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1109000.00C\ccHPx86.sys (Symantec Corporation) DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.) DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.) DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1109000.00C\Ironx86.SYS (Symantec Corporation) DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1109000.00C\SRTSP.SYS (Symantec Corporation) DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1109000.00C\SRTSPX.SYS (Symantec Corporation) DRV - (RsFx0150) -- C:\Windows\System32\drivers\RsFx0150.sys (Microsoft Corporation) DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1109000.00C\SYMDS.SYS (Symantec Corporation) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (Windows ® Codename Longhorn DDK provider) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.uk.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Carl & Ruth\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Carl & Ruth\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2011/07/22 15:30:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2011/11/13 08:19:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/01 14:59:37 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Yahoo! Search (Enabled) CHR - default_search_provider: search_url = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Google Update (Enabled) = C:\Users\Carl & Ruth\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ipsbho.dll (Symantec Corporation) O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\WebBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe () O4 - HKLM..\Run: [Acer Tour] File not found O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.) O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd File not found O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [setresolution] C:\ACERSW\config\1440x900.cmd File not found O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.) O4 - HKCU..\Run: [EPSON Stylus DX7400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE (SEIKO EPSON CORPORATION) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EAE3A4F-8D3E-43DA-A24F-2FA26F090668}: DhcpNameServer = 192.168.1.254 O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Carl & Ruth\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Carl & Ruth\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/11/13 13:15:01 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\Desktop\malewarebyte log [2011/11/03 20:22:52 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\Documents\Vuze Downloads [2011/11/03 20:07:51 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\AppData\Roaming\WinRAR [2011/11/03 20:07:50 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011/11/03 20:07:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011/11/03 20:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2011/11/03 20:03:14 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\.swt [2011/11/01 14:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2007/12/22 23:46:30 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe [2007/08/15 23:14:02 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll ========== Files - Modified Within 30 Days ========== [2011/11/13 12:48:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2287012915-254848662-4266273031-1000UA.job [2011/11/13 12:17:58 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/11/13 12:17:58 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/11/13 08:16:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/11/13 08:16:00 | 938,991,616 | -HS- | M] () -- C:\hiberfil.sys [2011/11/12 17:10:01 | 000,002,627 | ---- | M] () -- C:\Users\Carl & Ruth\Desktop\Microsoft Office Word 2007.lnk [2011/11/11 20:20:37 | 000,000,676 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Carl & Ruth.job [2011/11/11 16:47:02 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2287012915-254848662-4266273031-1000Core.job [2011/11/04 14:02:41 | 000,674,072 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/11/04 14:02:40 | 000,132,078 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/11/03 22:12:09 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/11/03 20:55:19 | 000,022,016 | ---- | M] () -- C:\Users\Carl & Ruth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/03 20:02:41 | 000,001,637 | ---- | M] () -- C:\Users\Carl & Ruth\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2011/11/03 20:02:40 | 000,001,637 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk [2011/11/01 15:00:01 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\Free Offers.lnk [2011/11/01 15:00:00 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2011/11/01 14:59:17 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2011/11/01 14:58:54 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2011/11/01 14:58:54 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2011/11/01 14:58:47 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll ========== Files Created - No Company Name ========== [2011/11/03 22:12:09 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/11/03 20:02:41 | 000,001,637 | ---- | C] () -- C:\Users\Carl & Ruth\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2011/11/03 20:02:40 | 000,001,637 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk [2011/11/03 20:02:37 | 000,001,637 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk [2011/11/01 15:00:00 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\Free Offers.lnk [2011/11/01 15:00:00 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2011/08/07 21:53:49 | 000,000,333 | ---- | C] () -- C:\Windows\WININIT.INI [2011/08/07 20:08:52 | 000,002,108 | ---- | C] () -- C:\Users\Carl & Ruth\AppData\Local\rx_audio.Cache [2009/11/19 18:19:32 | 000,000,031 | -H-- | C] () -- C:\Windows\UKCpInfo.sys [2009/09/16 15:54:52 | 000,027,136 | ---- | C] () -- C:\Windows\System32\QTUninst.dll [2009/09/16 15:52:20 | 000,000,142 | ---- | C] () -- C:\Windows\PPI.INI [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009/08/01 08:48:36 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/01 08:48:36 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2008/11/01 21:16:59 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/09/28 17:09:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2008/09/28 16:22:37 | 000,022,016 | ---- | C] () -- C:\Users\Carl & Ruth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/09/26 20:50:44 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2008/09/26 20:50:44 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2008/09/26 20:50:44 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2008/09/26 20:50:44 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2008/09/26 20:50:44 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2008/09/26 20:50:44 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2008/09/26 20:50:44 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2008/09/26 20:50:44 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2008/09/26 20:50:44 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2008/09/26 20:50:44 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2008/09/26 20:50:44 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2008/09/26 20:50:44 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2008/09/26 20:50:44 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2008/09/26 20:50:44 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2008/09/26 20:50:44 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2008/09/26 20:50:44 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2008/09/26 20:50:44 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2008/09/26 20:50:44 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2008/09/26 20:50:44 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2008/09/26 20:46:06 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX7400DEFGIPS.ini [2008/08/14 17:40:42 | 000,176,214 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008/03/05 23:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2007/12/22 23:48:25 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini [2007/12/22 23:48:25 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini [2007/12/22 23:46:30 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe [2007/08/16 00:11:33 | 000,001,024 | ---- | C] () -- C:\Windows\System32\NTIBUN4.dll [2007/08/15 23:14:00 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2007/08/15 22:03:27 | 000,000,734 | ---- | C] () -- C:\Windows\generic.ini [2007/08/15 22:03:27 | 000,000,109 | ---- | C] () -- C:\Windows\Alaunch.ini [2007/08/15 22:02:17 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2007/08/15 22:02:17 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007/04/25 23:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll [2007/04/25 23:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll [2007/04/25 23:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll [2007/04/25 23:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll [2007/04/25 23:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll [2007/04/25 23:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll [2006/12/25 22:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll [2006/11/13 12:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin [2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 12:47:37 | 000,295,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 10:33:01 | 000,674,072 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 10:33:01 | 000,132,078 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2004/01/30 14:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\System32\unicows.dll [2001/12/26 23:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001/09/04 06:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001/07/30 23:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001/07/24 05:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2009/09/16 16:29:55 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\Ace [2011/11/07 15:14:32 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\Azureus [2008/09/26 21:15:46 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\EPSON [2008/09/28 14:25:46 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\eSobi [2011/03/16 21:10:20 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\FileZilla [2011/08/07 17:49:27 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\Simple Star [2011/10/18 16:47:19 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\Spotify [2011/11/12 19:31:18 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2007/08/15 23:14:41 | 000,003,380 | ---- | M] () -- C:\-20070815.log [2008/09/28 17:14:50 | 000,001,024 | ---- | M] () -- C:\.rnd [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 06:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2007/08/15 22:04:32 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006/09/18 21:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2011/11/13 08:16:00 | 938,991,616 | -HS- | M] () -- C:\hiberfil.sys [2009/09/16 15:51:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006/11/29 15:35:20 | 000,000,512 | ---- | M] () -- C:\MDR.iss [2009/09/16 15:51:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/11/13 08:15:58 | 1252,802,560 | -HS- | M] () -- C:\pagefile.sys [2007/08/15 23:10:11 | 000,000,644 | ---- | M] () -- C:\RHDSetup.log [2007/08/15 23:32:58 | 000,000,032 | ---- | M] () -- C:\setup.log < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > [2006/11/02 12:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll [2011/10/06 12:21:50 | 000,052,096 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\system32\Spool\prtprocs\w32x86\LMIproc.dll [2006/10/27 02:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\msonpppr.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\System32\config\*.sav > [2007/08/15 22:04:19 | 006,602,752 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2007/08/15 22:04:17 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2007/08/15 22:04:20 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2007/08/15 22:04:29 | 015,556,608 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2007/08/15 22:04:30 | 006,012,928 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %PROGRAMFILES%\* > [2008/10/27 22:28:58 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 14:55:45 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/26 14:55:45 | 000,748,336 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 14:55:45 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/26 14:55:45 | 000,748,336 | ---- | M] (Microsoft Corporation) < End of report >
-
Thanks for your continued help. Extras file: OTL Extras logfile created on: 13/11/2011 13:30:46 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Carl & Ruth\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 894.77 Mb Total Physical Memory | 409.86 Mb Available Physical Memory | 45.81% Memory free 2.01 Gb Paging File | 0.86 Gb Available in Paging File | 42.77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69.77 Gb Total Space | 18.91 Gb Free Space | 27.10% Space Free | Partition Type: NTFS Drive D: | 69.52 Gb Total Space | 69.25 Gb Free Space | 99.62% Space Free | Partition Type: NTFS Computer Name: CARLRUTHHOME-PC | User Name: Carl & Ruth | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 "InternetSettingsDisableNotify" = 1 "AutoUpdateDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1BCAAF0D-E6BE-4CF7-BBDC-D3BF67A72725}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe | "{64C7B1E2-4F18-4070-A2B8-A7E0074C5796}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe | "{6B9693AA-F737-4C07-AD65-67C46A6AC963}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe | "{757FAE47-740C-4C64-BB0F-3F7330A6FDC4}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe | "{801F094F-A3A4-411A-926F-69DD95D6D054}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe | "{AED93CBC-54E0-49E7-8B51-4714948842AB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{B22D5A3B-6C22-4989-8BA0-11513C242A71}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe | "{D5ABD75B-9A14-4F0F-83A7-4EE767E54B96}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{F1956F76-D701-4364-B0C3-90EB238DE3F3}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe | "{F7C85AA6-1E67-4D84-ADD8-244ED2F7EDD5}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{001FC252-5D30-956C-D6E3-405B9651B698}" = CCC Help Korean "{0145ABB1-8F13-D85C-EFA7-16AAFD415F07}" = Catalyst Control Center Localization Chinese Standard "{020617D7-2F72-4D02-BF59-A5CBC1761177}" = SQL Server 2008 R2 Management Studio "{046755CA-F677-4B7F-AF9A-6AB295A02A30}" = Microsoft SQL Server 2008 R2 Native Client "{08091134-5478-4F0E-5A1A-470BE72647ED}" = CCC Help Thai "{121475F5-2598-4574-8801-8F6B3D6A99BB}" = SQL Server 2008 R2 Management Studio "{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7 "{18F72BF6-D1B1-04AF-BBB2-EA2BA6F50EDB}" = CCC Help English "{1E6F7CFD-5BEB-0828-B1B1-645FA4F292DB}" = Catalyst Control Center Localization Korean "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls "{27005EDF-E80A-7059-81A3-692051625488}" = Catalyst Control Center Localization French "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2D4A265B-8CE4-EF70-0C2A-1271119AA5B3}" = Catalyst Control Center Localization Turkish "{2EA65C2D-0C11-3D8B-46AE-B9092EE7D64C}" = CCC Help Norwegian "{2EB3629F-C98A-F5A3-25C2-D47B0EDF2A7C}" = CCC Help Greek "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{2FA6AE84-DFE1-9651-7AEB-2E8C78E5B97D}" = CCC Help Swedish "{37EBDFAC-5900-A0AD-CCE9-9A0DDA5682F9}" = Catalyst Control Center Localization Portuguese "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print "{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD "{45576B9A-D9A9-CCE2-488F-E74A96FA550B}" = CCC Help Turkish "{472BC165-1990-1963-7AAD-BD4DAA3F293E}" = CCC Help Finnish "{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer "{4B4C56E5-819C-E1EB-B682-2F3EB3C32D88}" = CCC Help Hungarian "{4C0F2181-4765-D5C5-B665-52E7722C1D18}" = Catalyst Control Center Localization Japanese "{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared "{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{526B988C-393C-181A-0536-257C6AE70D18}" = CCC Help Portuguese "{5792B5D9-645A-3309-C848-9BB7A68F1667}" = CCC Help Russian "{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services "{593AF68A-BEDA-BC04-D278-7E020F2E6A6E}" = Catalyst Control Center Localization Dutch "{5D112C61-C8D0-4718-8DD7-B9115EB9AF90}" = LogMeIn "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{687C95B4-4670-DEF1-4585-E11CE3AB7C26}" = CCC Help German "{6D4DC170-69D1-7CE8-EF98-6DCDC887FA1C}" = Catalyst Control Center Localization Spanish "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{75D803F3-2CCA-F91B-F269-1EA77BA56688}" = Catalyst Control Center Localization Chinese Traditional "{76866BE3-B2C7-40BB-B267-927792AED0C3}" = Microsoft SQL Server 2008 R2 Setup (English) "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver "{7CE727EA-498F-B17F-53B6-C695E134C83C}" = Catalyst Control Center Localization Greek "{7E70195B-0530-EED3-E8FE-237EC86F989E}" = Catalyst Control Center Localization Polish "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673}" = Treasures of the Deep "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497}" = Mystery Case Files - Prime Suspects "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11146090}" = Big Kahuna Reef 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = MCF Ravenhearst "{85967580-EBC2-11D4-AEA3-0050046A88ED}" = LEGO Island 2 "{886607CA-3144-493D-1134-EEAAC8D5AAFD}" = CCC Help French "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A5AEB5F-C533-FD3B-9D35-6FF8BEB91A7E}" = CCC Help Dutch "{8CB7C96F-22D5-5911-3507-4639ED218CE6}" = CCC Help Polish "{8FF37D01-3105-690A-C481-06EBED787498}" = Catalyst Control Center Localization Swedish "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program "{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite "{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{97D4EB44-3BD8-F35A-14AE-73FB3B491396}" = Catalyst Control Center Localization Italian "{999E1B83-866A-F0A5-321C-B3438BC246B1}" = ATI Catalyst Install Manager "{99AF8AED-2960-B47B-CAA0-1558B5E78D48}" = CCC Help Danish "{A78024C0-8C20-27CB-2B7B-6A60445B61AF}" = Catalyst Control Center Localization Russian "{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management "{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine "{B231A9E2-9E9C-9226-E483-DD2D725D1BFE}" = Catalyst Control Center Localization Thai "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services "{B7CBEC53-C913-87E2-D70F-3BABEFB0A080}" = Catalyst Control Center Localization Finnish "{B94C6815-7BCC-4124-AC39-9208A06FFFA7}" = Disney-Pixar Ratatouille "{BD2BA0B1-5448-987E-9562-6C665252714A}" = Catalyst Control Center Localization Norwegian "{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser "{C03A4F4C-09A2-ADA3-0DE9-F830F636DD4B}" = CCC Help Spanish "{C6660342-B863-AD6B-3D74-C5466AAF1A5F}" = CCC Help Italian "{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}" = Microsoft SQL Server 2008 R2 Policies "{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files "{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management "{D475C441-82E7-4694-8717-EA8896D6D37A}" = CCC Help Japanese "{D51FFF33-0F42-72C1-0DFD-220E3B3E4F97}" = CCC Help Chinese Traditional "{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU "{DE247139-8107-31A7-E580-6AFAE183A95F}" = Catalyst Control Center Localization German "{DEB38E1A-F4E5-4DF0-96F4-4050567A9D09}" = AV Input Selection "{E256842C-AD14-4BDC-87B2-B3A4A7037837}" = LogMeIn "{E7DA2552-8808-7F25-1A85-AAFDE834CA14}" = CCC Help Czech "{EB0A38F9-6698-B5D5-949E-E042BBEE763B}" = Catalyst Control Center Localization Hungarian "{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page "{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician "{F748B133-D25C-14C2-0178-D90703042FDE}" = CCC Help Chinese Standard "{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician "{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver "2EFF310ED3BF3BFB24E6CC25AEB5491813E56803" = Windows Driver Package - ITE Tech.Inc. (itecir) HIDClass (06/20/2007 5.0.0004.2) "8461-7759-5462-8226" = Vuze "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Barbie Jewelry Designer" = Barbie® Jewelry Designer "Coupon Printer2.0" = Coupon Printer "EPSON Printer and Utilities" = EPSON Printer Software "EPSON Scanner" = EPSON Scan "EPSON Stylus CX7300_CX8300_DX7400_DX8400 User’s Guide" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manual "FileZilla Client" = FileZilla Client 3.3.5.1 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 "NIS" = Norton Internet Security "QuickTime 3.0" = QuickTime 3.0 "RealPlayer 12.0" = RealPlayer "Spotify" = Spotify "WinRAR archiver" = WinRAR 4.01 (32-bit) "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Toolbar" = Yahoo! Toolbar ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "7b4e12b4e844396f" = CarlsCalendar "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 13/10/2011 15:27:52 | Computer Name = CarlRuthHome-PC | Source = EventSystem | ID = 4621 Description = Error - 19/10/2011 06:55:13 | Computer Name = CarlRuthHome-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll". Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 19/10/2011 07:01:16 | Computer Name = CarlRuthHome-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll". Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 27/10/2011 07:01:14 | Computer Name = CarlRuthHome-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll". Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 27/10/2011 07:01:23 | Computer Name = CarlRuthHome-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll". Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 30/10/2011 07:06:34 | Computer Name = CarlRuthHome-PC | Source = EventSystem | ID = 4621 Description = Error - 03/11/2011 18:33:52 | Computer Name = CarlRuthHome-PC | Source = Windows Search Service | ID = 3013 Description = Error - 03/11/2011 18:33:52 | Computer Name = CarlRuthHome-PC | Source = Windows Search Service | ID = 3013 Description = Error - 04/11/2011 10:05:40 | Computer Name = CarlRuthHome-PC | Source = Application Hang | ID = 1002 Description = The program WinMail.exe version 6.0.6001.18000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 14f4 Start Time: 01cc9af96569afb0 Termination Time: 275 Error - 07/11/2011 11:15:33 | Computer Name = CarlRuthHome-PC | Source = EventSystem | ID = 4621 Description = [ System Events ] Error - 11/11/2011 15:53:50 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7022 Description = Error - 11/11/2011 15:57:07 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7022 Description = Error - 11/11/2011 15:57:33 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011 Description = Error - 11/11/2011 15:57:33 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011 Description = Error - 12/11/2011 13:00:09 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011 Description = Error - 12/11/2011 13:36:42 | Computer Name = CarlRuthHome-PC | Source = DCOM | ID = 10010 Description = Error - 13/11/2011 04:19:35 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011 Description = Error - 13/11/2011 04:20:54 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011 Description = Error - 13/11/2011 04:20:54 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011 Description = Error - 13/11/2011 04:22:57 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011 Description = < End of report >
-
Malware log. Hi Sorry for the slow response. Please find attached MBAM, other log to follow: Malwarebytes' Anti-Malware 1.51.2.1300 http://www.malwarebytes.org Database version: 8151 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 13/11/2011 10:33:21 mbam-log-2011-11-13 (10-33-19).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 312174 Time elapsed: 2 hour(s), 9 minute(s), 22 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
-
I run windows vista on my computer and just recently it has started running incredibly slow. Could this be due to malware? I only have very basic computer knowledge so please keep your suggestions as simple as possible. Any help would be greatly appreciated. Carl