Jump to content

clucky

Members
 View Profile  See their activity

  • Posts

    52

  • Joined

  • Last visited

About clucky

  • Birthday 09/26/1965

Tech Info

  • Experience
    some_experience
  • System: windows_xp

clucky's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. clucky
    Can you give us the make and model of your PC so as to assertain if it has a Sata or Ide HDD. This may also help other posters here that may have another idea. Dell Dimension 3100 Other details that could help: Was the computer making clicking noises in recent weeks or months? Dont think so Has the computer been dropped or received a hard bang prior to the problem? No Do you have a licenced copy of your operating system (Disk) No it was already installed. Is there a small sticker somewhere on the casing that gives a microsoft product code. Yes there is a sticker. The product key will be made up of 25 characters, in groups of 5. John I've edited your post John, to make things clearer.
  2. clucky
    We have a Dell PC which we use for surfing the web. The other day it went to a blue screen saving fatal hard drive error. I thought it might just be a virus of some sort, but when i try to boot the machione up i just get the cursor flashing on the top left hand corner. I have tried all the usual re-boot methods F8 etc but all with the same result. First of all do you think it is hard drive failure and if so would it be easy to change
  3. clucky
    ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 19/07/2010 15:13:28 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 19/07/2010 15:13:35 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 19/07/2010 15:13:42 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 19/07/2010 15:13:47 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 19/07/2010 16:34:51 | Computer Name = JENNIFER | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established Error - 19/07/2010 16:34:52 | Computer Name = JENNIFER | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 22/07/2010 15:42:46 | Computer Name = JENNIFER | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established Error - 22/07/2010 15:42:47 | Computer Name = JENNIFER | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error - 22/07/2010 20:13:55 | Computer Name = JENNIFER | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established Error - 22/07/2010 20:13:55 | Computer Name = JENNIFER | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. [ System Events ] Error - 23/07/2010 15:17:11 | Computer Name = JENNIFER | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064} Error - 23/07/2010 15:26:54 | Computer Name = JENNIFER | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 24/07/2010 02:36:58 | Computer Name = JENNIFER | Source = Ftdisk | ID = 262189 Description = The system could not sucessfully load the crash dump driver. Error - 24/07/2010 02:36:58 | Computer Name = JENNIFER | Source = Ftdisk | ID = 262193 Description = Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. Error - 24/07/2010 02:38:20 | Computer Name = JENNIFER | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: Fips intelppm SASDIFSV SASKUTIL Error - 24/07/2010 02:38:59 | Computer Name = JENNIFER | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 24/07/2010 02:44:23 | Computer Name = JENNIFER | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 24/07/2010 02:46:52 | Computer Name = JENNIFER | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064} Error - 24/07/2010 02:54:05 | Computer Name = JENNIFER | Source = SRService | ID = 104 Description = The System Restore initialization process failed. Error - 24/07/2010 02:54:05 | Computer Name = JENNIFER | Source = Service Control Manager | ID = 7023 Description = The System Restore Service service terminated with the following error: %%2 < End of report >
  4. clucky
    I did not work with the add new post either
  5. clucky
    Error - 19/07/2010 15:13:42 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 19/07/2010 15:13:47 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
  6. clucky
    Error - 19/07/2010 15:13:42 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 19/07/2010 15:13:47 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
  7. clucky
    ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 19/07/2010 15:13:28 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 19/07/2010 15:13:35 | Computer Name = JENNIFER | Source = Application Hang | ID = 1002 Description = Hanging application SUPERAntiSpyware.exe, version 4.26.0.1004, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
  8. clucky
    I have tried to post the second part of the Extras log file, but when I use quick reply, Internet explorer comes up as unable to display page?
  9. clucky
    Please click one of the Quick Reply icons in the posts above to activate Quick Reply.
  10. clucky
    OTL Extras logfile created on: 24/07/2010 07:53:46 - Run 1 OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Administrator.JENNIFER.000\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free Paging file location(s): C:\pagefile.sys 372 744 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71.46 Gb Total Space | 45.89 Gb Free Space | 64.22% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JENNIFER Current User Name: Administrator Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found "C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found "C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found "C:\Documents and Settings\Jennifer Hayden\My Documents\CAM PiKS =D x\LimeWire\LimeWire.exe" = C:\Documents and Settings\Jennifer Hayden\My Documents\CAM PiKS =D x\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found "C:\Program Files\Kontiki\KService.exe" = C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service -- (Kontiki Inc.) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3 "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA "{162D2FB8-60A3-4871-B6A1-5C744CD34FF5}" = 725plc32 "{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X "{1A36CF15-DF66-4756-9482-A9ABF3DDACE6}_is1" = Driver Robot "{1D3C662A-F6C6-4767-A788-7AA43A9A1317}" = ARTEuro "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11 "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource "{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English "{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool "{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module "{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections "{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{9C8732C3-32DE-4569-9E90-30040D76DABC}" = Navman NavDesk 2008 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio "{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update "{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1 "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C41F4616-44B6-4E8D-BFC7-4267862A2CE1}" = CinepPlayer 30 Update "{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic "{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU "{D944236D-7992-41D6-8257-930B5832F1CC}" = Creative Zen Micro "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E7F56612-69F7-4F85-AD0B-B04B1C5BC3BD}" = Creative ZEN V Series (R2) "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3 "AudibleManager" = AudibleManager "AutoCAD 2008 - English" = AutoCAD 2008 - English "CCleaner" = CCleaner "Creative Jukebox Driver" = Creative Jukebox Driver "Creative Removable Disk Manager" = Creative Removable Disk Manager "Creative Software AutoUpdate" = Creative Software AutoUpdate "Dell Color Printer 725" = Dell Color Printer 725 "EsetOnlineScanner" = ESET Online Scanner "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MP3 Player Recovery Tool_is1" = MP3 Player Recovery Tool "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "PROSet" = Intel® PRO Network Connections Drivers "RealPlayer 6.0" = RealPlayer Basic "SysInfo" = Creative System Information "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Yahoo! Companion" = Yahoo! Toolbar "YInstHelper" = Yahoo! Install Manager "ZENcast Organizer" = ZENcast Organizer ========== Last 10 Event Log Errors ==========
  11. clucky
    OTL logfile created on: 24/07/2010 07:53:46 - Run 1 OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Administrator.JENNIFER.000\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free Paging file location(s): C:\pagefile.sys 372 744 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71.46 Gb Total Space | 45.89 Gb Free Space | 64.22% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JENNIFER Current User Name: Administrator Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Administrator.JENNIFER.000\Desktop\OTL.scr (OldTimer Tools) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Administrator.JENNIFER.000\Desktop\OTL.scr (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (KService) -- C:\Program Files\Kontiki\KService.exe (Kontiki Inc.) SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe () SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (dlcf_device) -- C:\WINDOWS\System32\dlcfcoms.exe ( ) ========== Driver Services (SafeList) ========== DRV - (ZDPSp50) -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys File not found DRV - (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS) -- C:\WINDOWS\System32\DRIVERS\zd1211Bu.sys File not found DRV - (WN4501HLFZZ(Technology Corporation)) 802.11g Wireless USB Adapter(Technology Corporation) -- C:\WINDOWS\System32\DRIVERS\O4501U.sys File not found DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found DRV - (SABProcEnum) -- C:\Program Files\Internet Explorer\SABProcEnum.sys File not found DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (dsunidrv) -- C:\WINDOWS\system32\drivers\dsunidrv.sys (Gteko Ltd.) DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.) DRV - (se59obex) -- C:\WINDOWS\system32\drivers\se59obex.sys (MCCI) DRV - (se59mgmt) Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\se59mgmt.sys (MCCI) DRV - (se59mdm) -- C:\WINDOWS\system32\drivers\se59mdm.sys (MCCI) DRV - (se59mdfl) -- C:\WINDOWS\system32\drivers\se59mdfl.sys (MCCI) DRV - (se59bus) Sony Ericsson Device 089 driver (WDM) -- C:\WINDOWS\system32\drivers\se59bus.sys (MCCI) DRV - (se59nd5) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS) -- C:\WINDOWS\system32\drivers\se59nd5.sys (MCCI) DRV - (se59unic) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM) -- C:\WINDOWS\system32\drivers\se59unic.sys (MCCI) DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider) DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (SuperAdBlocker, Inc.) DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions) DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions) DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions) DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions) DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions) DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions) DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions) DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions) DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions) DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions) DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Sonic Solutions) DRV - (ATHFMWDL) -- C:\WINDOWS\system32\drivers\Athfmwdl.sys (Windows ® 2000 DDK provider) DRV - (A5AGU) -- C:\WINDOWS\system32\drivers\A5AGU.sys (D-Link Corporation) DRV - (Jukebox3) -- C:\WINDOWS\system32\drivers\ctpdusb.sys (Creative Technology Ltd.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (Camdrv30) -- C:\WINDOWS\system32\drivers\camdrv30.sys (Microsoft Corporation) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = Laptops, PCs, Desktop Computers, Monitors, Printers & PC Accessories | Dell UK IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Laptops, PCs, Desktop Computers, Monitors, Printers & PC Accessories | Dell UK IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [DLCFCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.DLL () O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe () O4 - HKLM..\Run: [iSUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [iSUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.) O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [{30689C70-3B29-5DD6-2DB0-B2931B8E5205}] C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Qaohf\uliri.exe (Uszil Uxzngel Krqunp) O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jennifer Hayden\Start Menu\Programs\IMVU\Run IMVU.lnk File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/files/BeboUploader.5.1.4.cab (Bebo Uploader Control) O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewido.net/ewidoOnlineScan.cab (ewidoOnlineScan Control) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class) O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1005.cab (MySpace Uploader Control) O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab (ZoneIntro Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} Java Plug-in Technology (Java Plug-in 1.4.2_03) O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 Unable to start service SrService! ========== Files/Folders - Created Within 30 Days ========== [2010/07/24 07:44:30 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator.JENNIFER.000\Desktop\OTL.scr [2010/07/22 20:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\SUPERAntiSpyware.com [2010/07/20 19:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Ekxyo [2010/07/20 05:45:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Qaohf [2010/07/19 21:35:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Malwarebytes [2010/07/19 21:26:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Macromedia [2010/07/19 21:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Adobe [2010/07/19 21:21:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Microsoft [2010/07/19 21:21:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data [2010/07/19 21:21:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Favorites [2010/07/19 21:21:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Cookies [2010/07/19 21:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\You've Got Pictures Screensaver [2010/07/19 21:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Sun [2010/07/19 21:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Identities [2010/07/19 21:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Local Settings\Application Data\Google [2010/07/19 21:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Desktop [2010/07/19 21:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Corel [2010/07/19 21:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Local Settings\Application Data\ApplicationHistory [2010/07/19 21:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\AOL [2010/07/19 21:21:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\SendTo [2010/07/19 21:21:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Recent [2010/07/19 21:21:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Start Menu [2010/07/19 21:21:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\My Documents\My Pictures [2010/07/19 21:21:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\My Documents\My Music [2010/07/19 21:21:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\My Documents [2010/07/19 21:21:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Templates [2010/07/19 21:21:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\PrintHood [2010/07/19 21:21:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\NetHood [2010/07/19 21:21:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Local Settings [2010/07/19 21:21:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Local Settings\Application Data\Microsoft [2010/07/19 21:21:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.JENNIFER.000\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030} [2010/07/19 20:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\atbbpfdcu [2010/07/19 20:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun [2010/07/19 20:27:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2010/07/17 15:48:08 | 000,000,000 | ---D | C] -- C:\Config.Msi [2010/07/17 07:13:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2010/07/14 06:39:02 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2006/03/22 11:35:20 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfserv.dll [2006/03/22 11:35:20 | 001,134,592 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfusb1.dll [2006/03/22 11:35:20 | 000,770,048 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfhbn3.dll [2006/03/22 11:35:20 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcomc.dll [2006/03/22 11:35:20 | 000,638,976 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfpmui.dll [2006/03/22 11:35:20 | 000,483,328 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcflmpm.dll [2006/03/22 11:35:20 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcomm.dll [2006/03/22 11:35:20 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfprox.dll [2006/03/22 11:35:20 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfpplc.dll [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/07/24 07:50:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.JENNIFER.000\Desktop\OTL.scr [2010/07/24 07:50:18 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Administrator.JENNIFER.000\NTUSER.DAT [2010/07/24 07:42:18 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\Administrator.JENNIFER.000\Desktop\exeHelper.url [2010/07/24 07:36:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/07/23 20:26:55 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator.JENNIFER.000\ntuser.ini [2010/07/23 20:26:53 | 003,712,656 | -H-- | M] () -- C:\Documents and Settings\Administrator.JENNIFER.000\Local Settings\Application Data\IconCache.db [2010/07/23 05:49:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/07/22 20:49:38 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/07/22 19:37:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/07/19 21:34:55 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/07/19 20:25:33 | 000,000,173 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI [2010/07/07 13:38:22 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/06/27 08:54:39 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job [2010/06/27 03:38:48 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Robot.lnk [2010/06/24 20:04:25 | 000,507,308 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/06/24 20:04:25 | 000,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/06/24 20:04:25 | 000,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/07/24 07:42:18 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\Desktop\exeHelper.url [2010/07/19 21:24:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/07/19 21:21:54 | 000,001,881 | ---- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\Desktop\Spyware Protection from AOL.lnk [2010/07/19 21:21:54 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Corel Paint Shop Pro X.lnk [2010/07/19 21:21:54 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk [2010/07/19 21:21:54 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/07/19 21:21:54 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.0.lnk [2010/07/19 21:21:54 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf [2010/07/19 21:21:51 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\ntuser.ini [2010/07/19 21:21:50 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\NTUSER.DAT [2010/07/19 21:21:50 | 000,278,528 | -H-- | C] () -- C:\Documents and Settings\Administrator.JENNIFER.000\ntuser.dat.LOG [2010/07/19 20:25:33 | 000,000,173 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2008/02/11 10:39:26 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll [2008/02/11 10:39:18 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll [2008/02/08 14:53:46 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll [2008/01/14 18:24:37 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2007/07/27 15:49:02 | 000,225,355 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll [2007/07/27 15:49:02 | 000,196,683 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll [2007/04/05 14:06:09 | 000,000,071 | ---- | C] () -- C:\WINDOWS\pex.INI [2007/04/05 13:55:58 | 000,000,151 | ---- | C] () -- C:\WINDOWS\Ulead32.ini [2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2006/10/16 21:30:21 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PdeSrvps.dll [2006/03/28 20:14:41 | 000,006,372 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2006/03/28 20:14:41 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\BB605B101D.sys [2006/03/22 12:07:08 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/03/22 12:02:48 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006/03/22 11:55:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/03/22 11:35:20 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlcfutil.dll [2006/03/22 11:35:20 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\dlcfinsb.dll [2006/03/22 11:35:20 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcfins.dll [2006/03/22 11:35:20 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlcfjswr.dll [2006/03/22 11:35:20 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcfinsr.dll [2006/03/22 11:35:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcfcub.dll [2006/03/22 11:35:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcfcu.dll [2006/03/22 11:35:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcfcfg.dll [2006/03/22 11:35:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcfvs.dll [2006/03/22 11:35:20 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcfcur.dll [2006/03/22 11:35:00 | 000,000,475 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005/12/05 20:25:22 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll [2005/12/05 13:37:10 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll [2005/11/10 09:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/08/31 13:11:14 | 000,000,442 | ---- | C] () -- C:\WINDOWS\System32\dlcfplc.ini [2005/07/12 15:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL [2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2004/08/10 13:51:35 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll [2004/08/10 13:51:35 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll [2004/08/10 13:51:35 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll [2004/08/10 13:51:35 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll [2004/08/10 13:51:35 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll [2004/03/23 17:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll [2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== LOP Check ========== [2010/07/22 20:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Ekxyo [2010/07/20 05:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.JENNIFER.000\Application Data\Qaohf [2009/12/02 15:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk [2008/08/26 20:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Channel4 [2009/01/18 18:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo [2006/10/08 14:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin [2010/07/23 05:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki [2009/01/03 16:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier [2006/12/23 18:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst [2006/10/07 23:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games [2006/12/24 15:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2007/04/05 13:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems [2008/12/31 20:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2010/05/13 20:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/08/23 15:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2010/06/27 08:54:39 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys [2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2009/01/07 16:23:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2009/01/07 16:23:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS [2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys < MD5 for: ATAPI.SYS > [2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys [2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2009/01/07 16:23:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2009/01/07 16:23:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys < MD5 for: EVENTLOG.DLL > [2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004/08/04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll [2004/08/04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: IASTOR.SYS > [2005/04/25 14:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\dell\MEDIAEXE\RepFiles\iastor.sys < MD5 for: NETLOGON.DLL > [2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll [2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll [2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2004/08/04 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll [2004/08/04 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2010/05/04 18:20:32 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll [2010/05/04 18:20:33 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll [4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B99FE60 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:375A40C3 @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D10517E < End of report >
  12. clucky
    exeHelper by Raktor Build 20100414 Run at 07:40:59 on 07/24/10 Now searching... Checking for numerical processes... Checking for sysguard processes... Checking for bad processes... Checking for bad files... Checking for bad registry entries... Resetting filetype association for .exe Resetting filetype association for .com Resetting userinit and shell values... Resetting policies... --Finished-- I will run OIL now
  13. clucky
    I dont think I have anything with real time scanning. I just run malwarebyte and superantispyware every now and again. I think it used to have avg free on it.
  14. clucky
    Hi Seedy102, I ran malwarebytes and superantispyware in safe mode with system restore off. They picked up some malware, but when I return to normal mode, I am still blocked from windows explorer (even though I can access this in safe mode). Any other suggestions?
  15. clucky
    Just found were to turn system restore on and off. will run the malwarebytes and see what happens
×
×
  • Create New...