Jump to content

Jellybeans27

Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

About Jellybeans27

  • Birthday 01/27/1990

Tech Info

  • Experience
    some_experience
  • System: windows_7_home_premium

Jellybeans27's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. Jellybeans27
    I do have a cable, I haven't tried it yet so I'll try it in a minute! I'm pretty sure it will work as my card is read by my other half's laptop. I've only had the computer brand new from Dell in Sep 2009 and I bought a 3 year home service extended warranty with it so I'll get on the blower to them tomorrow...I tried using their support centre program on my computer but it's rubbish! I'll keep you posted :D Thanks Will.
  2. Jellybeans27
    Hi Nev, Firstly thank you for the response, much appreciated! I have checked the device manager yes, and there are no warnings/errors/signs, and it says that the drive is fully working. I also uninstalled the drive so that the drivers would automatically reinstall on reboot and that did nothing to help either. I haven't tried this for 'portable devices' though so I shall do this now. I also tried system restore (slim chance I know but worth a try), and this did nothing to help either. I was going to have a look at the wiring but the green LED shows on the drive when I insert the SD card so I'm guessing the wiring is OK? Not sure how to go from here and it's quite frustrating because it should be something I should be able to fix easily - am I missing something? Thanks for your help, Will.
  3. Jellybeans27
    Hi all, I have a Dell Inspiron 545 with Windows 7 Home Premium that I bought last July, never had any problems with it until yesterday. For some reason my SD cards have stopped being recognised, even though I use them all the time to transfer photo's from my DSLR. When I insert any SD card Windows does not recognise it (no sound, no autoplay), and the drive does not pop in My Computer anymore. I checked Device Manager and there are no warning signs/errors etc, it says it's working fine. I tried the thing to stop hiding empty drives but that doesn't work either - when I click one it just says there is nothing to read from. I've also uninstalled the drivers so they automatically reinstall, and checked that they are up to date - this hasn't worked either. I've searched it on Google quite a lot now and can't seem to solve the problem.... Any idea what it could be? Any help will be greatly appreciated, Will.
  4. Jellybeans27
    Hi all, Two weeks ago I booted up my computer, logged on fine etc etc. However when I try and open any programs like firefox, itunes, or even disk cleanup I get this: http://img528.imageshack.us/i/img00011201010310036.jpg/ImageShack: Host and Share your Photos and Videos - img00011201010310036.jpg ImageShack: Host and Share your Photos and Videos - img00008201010302127.jpg ImageShack: Host and Share your Photos and Videos - img00007201010302121.jpg ImageShack: Host and Share your Photos and Videos - img00006201010302112.jpg ImageShack: Host and Share your Photos and Videos - img00001201010302105.jpg So I booted up in safe mode, had a fiddle with other boot modes, and managed to use CCleaner to get rid of loads of temporary files. I then installed Malwarebytes Anti-Malware, however the application file would not run, the computer would just do nothing (not even show an error). I then uninstalled quite a few applications that I haven't used in years. Then all of a sudden, the computer seemed fine and back to normal again - I could surf the net, load (some) applications, etc. However, none of my programs would update, I tried updating McAfee and it wouldn't, it would just come up with a 'this page cannot be displayed', and nor would any other programs. 5 minutes later, it all came back and I have not been able to put it right since. The frustrating thing is that once I can get applications running, I should be able to sort it out with antivirus etc. Any idea what this could be? A McAfee scan showed no threats at all. Here are the computer specs for reference: Windows XP Home SP3, AMD Athlon XP 2400+, 2.0gb RAM. Will.
  5. Jellybeans27
    Ok thanks. So what do the reports show that I replied with above?
  6. Jellybeans27
    Starbuck, I will indeed upgrade to 2GB RAM, I would go higher but I think this laptop has a max. of 2GB. Completed Step 1. However, for Step 2, I could not find a file named 'ysqgq.sys' in the folder you specified, or anywhere else, so could not do a scan. Step 3: All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} C:\Windows\Downloaded Program Files\erma.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\AVG8_TRAY\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Becki ->Temp folder emptied: 34102 bytes ->Temporary Internet Files folder emptied: 201583 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 34968805 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 595 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Guest User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4096 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 34.00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYFLASH] User: All Users User: Becki ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Guest User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.11.0 log created on 09142010_215812 Files\Folders moved on Reboot... C:\Users\Becki\AppData\Local\Temp\ehmsas.txt moved successfully. File\Folder C:\Windows\temp\mcmsc_cfMcc7SashjaXAu not found! File\Folder C:\Windows\temp\mcmsc_UIuUaZKHktqL1pI not found! File\Folder C:\Windows\temp\sqlite_4bs0gbsJcp1st43 not found! File\Folder C:\Windows\temp\sqlite_5QQYlQYcpoAehB9 not found! C:\Windows\temp\sqlite_9hKbwm7PLfgT0M3 moved successfully. File\Folder C:\Windows\temp\sqlite_aX06bkz6C0IHbwO not found! File\Folder C:\Windows\temp\sqlite_cklrc5HTMa7pGz3 not found! C:\Windows\temp\sqlite_NF0IqFtpyoAGUsO moved successfully. C:\Windows\temp\sqlite_QDBGHDsdacUVRAa moved successfully. Registry entries deleted on Reboot... Step 4: ComboFix 10-09-14.01 - Becki 14/09/2010 22:17:25.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1022.257 [GMT 1:00] Running from: c:\users\Becki\Downloads\Combo100.exe SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((( Files Created from 2010-08-14 to 2010-09-14 ))))))))))))))))))))))))))))))) . 2010-09-14 21:31 . 2010-09-14 21:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-09-12 19:10 . 2010-09-12 19:10 -------- d-----w- c:\program files\Windows Portable Devices 2010-09-12 18:46 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2010-09-12 18:46 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2010-09-12 18:46 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2010-09-12 18:44 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2010-09-12 18:41 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2010-09-12 18:41 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2010-09-12 18:41 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2010-09-11 10:20 . 2010-09-11 10:22 -------- d-----w- c:\windows\system32\ca-ES 2010-09-11 10:20 . 2010-09-11 10:21 -------- d-----w- c:\windows\system32\eu-ES 2010-09-11 10:20 . 2010-09-11 10:21 -------- d-----w- c:\windows\system32\vi-VN 2010-09-11 08:50 . 2010-09-11 08:50 -------- d-----w- c:\windows\system32\EventProviders 2010-09-11 08:44 . 2009-04-11 06:28 1077248 ----a-w- c:\windows\system32\vssapi.dll 2010-09-11 08:43 . 2009-04-11 06:28 107008 ----a-w- c:\windows\system32\regsvc.dll 2010-09-11 08:42 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll 2010-09-11 08:42 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll 2010-09-11 08:42 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll 2010-09-11 08:42 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll 2010-09-11 08:42 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll 2010-09-11 08:42 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll 2010-09-11 08:42 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll 2010-09-11 08:42 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll 2010-09-11 08:42 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2010-09-11 08:42 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2010-09-11 08:42 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2010-09-11 07:55 . 2010-09-11 07:55 -------- d-----w- c:\windows\system32\URTTEMP 2010-09-08 19:48 . 2010-09-08 19:48 -------- d-----w- C:\_OTL 2010-09-08 15:09 . 2010-09-08 15:09 -------- d-----w- c:\users\Becki\AppData\Roaming\Malwarebytes 2010-09-08 15:08 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-08 15:08 . 2010-09-08 15:08 -------- d-----w- c:\programdata\Malwarebytes 2010-09-08 15:08 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-08 15:08 . 2010-09-08 15:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-08 09:22 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-09-06 21:47 . 2010-09-06 21:47 -------- d-----w- c:\users\Becki\AppData\Local\VS Revo Group 2010-09-06 21:46 . 2009-12-30 11:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2010-09-06 21:46 . 2010-09-06 21:46 -------- d-----w- c:\program files\VS Revo Group 2010-09-06 16:15 . 2010-09-06 16:58 -------- d-----w- C:\Temp 2010-09-06 14:22 . 2010-09-06 14:22 -------- d-----w- c:\programdata\SiteAdvisor 2010-09-06 14:18 . 2010-02-17 15:52 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys 2010-09-06 14:18 . 2010-02-17 15:52 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-09-06 14:18 . 2010-02-17 15:52 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-09-06 14:18 . 2010-07-15 14:18 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys 2010-09-06 14:17 . 2010-09-06 14:18 -------- d-----w- c:\program files\Common Files\McAfee 2010-09-06 14:17 . 2010-09-06 14:17 -------- d-----w- c:\program files\McAfee.com 2010-09-06 14:16 . 2010-09-14 19:45 -------- d-----w- c:\program files\McAfee 2010-09-06 14:11 . 2010-02-17 15:52 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys 2010-09-06 13:54 . 2010-09-06 17:19 -------- d-----w- c:\programdata\McAfee 2010-09-06 12:18 . 2010-09-06 12:18 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-09-06 12:02 . 2010-09-06 12:02 -------- d-----w- c:\programdata\Hitman Pro 2010-09-06 12:02 . 2010-09-06 12:02 -------- d-----w- c:\program files\Hitman Pro 3.5 2010-09-06 08:52 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2010-09-06 08:46 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-09-06 08:46 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-09-06 08:46 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-09-06 08:46 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-09-06 08:46 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-09-06 08:40 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll 2010-09-06 08:36 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll 2010-09-06 08:36 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll 2010-09-06 08:36 . 2010-06-18 15:04 302080 ----a-w- c:\windows\system32\drivers\srv.sys 2010-09-06 08:36 . 2010-06-18 15:04 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-09-06 07:49 . 2010-09-06 07:49 -------- d-----w- c:\program files\iPod 2010-09-06 07:49 . 2010-09-06 07:50 -------- d-----w- c:\program files\iTunes 2010-08-31 18:52 . 2010-08-31 18:53 -------- d-----w- c:\program files\QuickTime 2010-08-21 15:23 . 2010-08-21 15:23 -------- d-----w- C:\PerfLogs 2010-08-21 14:15 . 2010-08-31 18:49 -------- d-----w- c:\programdata\DivX . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-14 21:00 . 2007-09-30 05:12 12 ----a-w- c:\windows\bthservsdp.dat 2010-09-14 20:13 . 2007-08-18 19:23 -------- d-----w- c:\program files\Java 2010-09-14 20:13 . 2007-08-18 19:23 -------- d-----w- c:\program files\Common Files\Java 2010-09-12 19:10 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2010-09-12 19:10 . 2010-09-12 19:10 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2010-09-12 19:09 . 2010-09-12 19:09 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2010-09-12 18:34 . 2009-02-10 19:37 -------- d-----w- c:\program files\Microsoft.NET 2010-09-12 17:45 . 2009-05-14 09:08 -------- d-----w- c:\programdata\NVIDIA 2010-09-11 10:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2010-09-11 10:22 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-09-11 10:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2010-09-11 10:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2010-09-11 10:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2010-09-11 10:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2010-09-11 10:22 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2010-09-11 10:15 . 2010-09-11 10:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2010-09-08 17:14 . 2007-08-18 18:34 -------- d-----w- c:\program files\MSN Messenger 2010-09-06 22:03 . 2008-12-28 16:35 -------- d-----w- c:\program files\AVG 2010-09-06 12:43 . 2008-02-06 11:39 -------- d-----w- c:\program files\Common Files\Adobe 2010-09-06 07:49 . 2007-12-25 12:04 -------- d-----w- c:\program files\Common Files\Apple 2010-09-06 07:39 . 2010-09-06 07:39 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 10.0.0.68\SetupAdmin.exe 2010-08-31 19:16 . 2007-12-26 09:51 27335 ----a-w- c:\users\Becki\AppData\Roaming\nvModes.dat 2010-08-31 19:02 . 2010-08-21 14:24 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-08-31 18:49 . 2010-08-31 18:49 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-08-31 18:49 . 2009-10-16 21:00 -------- d-----w- c:\program files\DivX 2010-08-31 18:49 . 2010-08-31 18:49 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe 2010-08-31 18:49 . 2010-08-31 18:49 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe 2010-08-31 18:49 . 2010-08-31 18:49 57691 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe 2010-08-31 18:48 . 2010-08-31 18:48 84063 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe 2010-08-31 18:48 . 2010-08-31 18:48 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe 2010-08-31 18:43 . 2010-08-31 18:49 185640 ----a-w- c:\programdata\DivX\Setup\finishPlugin.dll 2010-08-31 18:43 . 2010-08-31 18:43 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-08-31 18:43 . 2010-08-21 14:24 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll 2010-08-31 18:43 . 2010-08-21 14:24 850200 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe 2010-08-25 19:00 . 2010-08-25 19:00 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2010-08-21 14:57 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2010-08-21 14:56 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2010-08-21 14:23 . 2009-10-16 21:00 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-08-21 14:23 . 2009-10-16 21:01 -------- d-----w- c:\users\Becki\AppData\Roaming\DivX 2010-08-21 14:21 . 2009-06-10 14:46 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2010-08-21 14:21 . 2010-08-21 14:21 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe 2010-08-21 14:21 . 2010-08-21 14:21 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe 2010-08-21 14:21 . 2010-08-21 14:21 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe 2010-08-21 14:21 . 2010-08-21 14:21 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-08-21 14:21 . 2010-08-21 14:21 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe 2010-08-21 14:21 . 2010-08-21 14:21 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe 2010-08-21 14:21 . 2010-08-21 14:21 54644 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe 2010-08-21 14:20 . 2010-08-21 14:20 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe 2010-08-21 14:20 . 2010-08-21 14:20 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe 2010-08-21 14:20 . 2010-08-21 14:20 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-08-21 14:20 . 2010-08-21 14:20 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe 2010-08-21 14:20 . 2010-08-21 14:20 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe 2010-08-15 07:31 . 2007-08-18 18:39 -------- d-----w- c:\programdata\Microsoft Help 2010-08-14 14:17 . 2007-12-25 10:50 -------- d-----w- c:\users\Becki\AppData\Roaming\Hewlett-Packard 2010-08-14 13:13 . 2007-08-18 17:56 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-08-14 13:13 . 2009-06-11 20:36 -------- d-----w- c:\program files\Electronic Arts 2010-08-14 13:11 . 2010-08-14 13:11 0 --sha-r- c:\windows\system32\drivers\103C_HP_cNB_Pavilion dv9500 Notebook PC_Y5335KV_0U_QCNF7394K53_E445841-033_4A_I30DA_SQuanta_V85.26_F.32_T090303_WV3-0_L409_M1023_J160_7AMD_8F81_91.90_#071225_N10DE0450;14E44328_(GQ237EA#ABU)_XMOBILE_CN10_Z.MRK 2010-08-14 13:09 . 2007-08-18 17:53 -------- d-----w- c:\program files\Hewlett-Packard 2010-08-14 12:58 . 2010-08-14 12:58 -------- d-----w- c:\programdata\LightScribe 2010-08-14 12:55 . 2007-12-25 13:13 -------- d-----w- c:\program files\CCleaner 2010-07-17 04:00 . 2010-08-15 07:36 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-06-26 06:05 . 2010-09-06 09:01 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-26 06:02 . 2010-09-06 09:01 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-06-26 06:02 . 2010-09-06 09:01 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-06-26 04:25 . 2010-09-06 09:01 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-06-21 13:37 . 2010-09-06 08:37 2037760 ----a-w- c:\windows\system32\win32k.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 1021224] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-24 176128] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-16 47392] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-10 1218008] "McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-07 1176808] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-19 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-19 8497696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-19 81920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Users^Becki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk] path=c:\users\Becki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk backup=c:\windows\pss\BBC iPlayer Desktop.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate] 2008-09-19 14:06 615696 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-08-20 19:45 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray] 2008-08-26 11:23 236016 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-04-19 20:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder 2010-06-02 c:\windows\Tasks\HPCeeScheduleForBecki.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-08-18 21:23] 2010-09-06 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2010-09-06 11:22] 2010-09-06 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2010-09-06 11:22] 2010-09-07 c:\windows\Tasks\User_Feed_Synchronization-{8B8CB6F0-4EA1-45EE-A456-92E6B5ABB9E5}.job - c:\windows\system32\msfeedssync.exe [2010-09-06 04:24] . . ------- Supplementary Scan ------- . uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=Pavilion&pf=laptop mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=Pavilion&pf=laptop uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm FF - ProfilePath - c:\users\Becki\AppData\Roaming\Mozilla\Firefox\Profiles\lg6qn2ro.default\ FF - prefs.js: browser.startup.homepage - Google FF - prefs.js: keyword.URL - hxxp://uk.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_uk&p= FF - prefs.js: network.proxy.type - 4 FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHANS REMOVED - - - - HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-14 22:31 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(5768) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\windows\system32\btmmhook.dll . Completion time: 2010-09-14 22:39:18 ComboFix-quarantined-files.txt 2010-09-14 21:39 Pre-Run: 85,866,262,528 bytes free Post-Run: 85,489,692,672 bytes free - - End Of File - - 26B45CFD6135EAEAA7C96F5F22A3D051
  7. Jellybeans27
    Extras.txt OTL Extras logfile created on: 08/09/2010 18:18:44 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Becki\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18943) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1,022.00 Mb Total Physical Memory | 238.00 Mb Available Physical Memory | 23.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 141.30 Gb Total Space | 67.05 Gb Free Space | 47.46% Space Free | Partition Type: NTFS Drive D: | 7.75 Gb Total Space | 5.31 Gb Free Space | 68.47% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BECKI Current User Name: Becki Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02B33B60-5BC3-4347-83C1-1D89AC4539A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{04B0274E-7DFB-4770-935F-9E6E7372094B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{06DC3B2D-3C24-481B-B7FC-5CBF87B79316}" = lport=137 | protocol=17 | dir=in | app=system | "{1A5C9FD3-9FD8-4B7E-829E-F22F737D6370}" = lport=2869 | protocol=6 | dir=in | app=system | "{256AF1AC-A720-46BD-8708-B07E4F88D7C3}" = lport=10244 | protocol=6 | dir=in | app=system | "{2CA97E12-D260-47F6-95EA-A087A753ED5D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{33B333AC-8ABB-4164-8C36-E7D3B828519D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{38307167-7D1D-4637-BAAC-DE619FD85137}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{394139A9-057D-4398-BCD0-547AC1B60DC4}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | "{3CD1A8F9-9649-4AE3-A952-806275679A6D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{4C194B1A-98D7-40A4-B4B8-9782DBB35E1D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{4F515DB3-F3C2-4B3B-89D1-6A1B6680AF26}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{593DDFD2-DB77-4A50-A024-DB5328E11D79}" = rport=139 | protocol=6 | dir=out | app=system | "{60FB2ACE-14F2-42BD-B097-C7704FAA8906}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{64BA58D5-EBB1-4410-8692-EABC218F8BCC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{758503C4-8341-40F5-A398-1CAD3BE2ED3D}" = rport=445 | protocol=6 | dir=out | app=system | "{7E706499-2F40-440F-B9CA-1C5C80A2EF62}" = rport=137 | protocol=17 | dir=out | app=system | "{8629DCC6-9A96-4FE9-8B4D-84976293E6FB}" = lport=2869 | protocol=6 | dir=in | app=system | "{8CB81E7C-0837-4DF9-8F8D-35111E153DCC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{9D35247D-15BE-43C5-84FD-94389BA47927}" = lport=2869 | protocol=6 | dir=in | app=system | "{9E47EE8C-1E09-4D19-B70E-ABE3A51E2ECA}" = lport=2869 | protocol=6 | dir=in | app=system | "{A7DBC4AB-F81E-437D-A16D-B6417D2AAF18}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | "{AAA1DDBC-1416-4D33-A8B3-1843BC005991}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{B12775B4-7ED4-4952-906F-CF275CD35D8E}" = rport=138 | protocol=17 | dir=out | app=system | "{B3D67CFD-E15A-4BBF-BD7E-DD8874312DD2}" = lport=2869 | protocol=6 | dir=in | app=system | "{B5119340-3B76-4564-9A09-39B23139D3B8}" = lport=3390 | protocol=6 | dir=in | app=system | "{C2D5219B-3D86-4CB1-936D-399F8F966D7B}" = rport=10244 | protocol=6 | dir=out | app=system | "{C33B7D36-E283-411E-9FF0-8866CCB2827C}" = lport=139 | protocol=6 | dir=in | app=system | "{C3A49EDA-E10B-41EE-99DA-7B8BAFEC9235}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{C53510F6-5AA3-413D-93ED-B7745557C797}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{CABB8E8D-5C75-4E3D-82E9-CD06050CCA09}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{CB842B0F-15D2-461D-BEEE-6C934FAA1445}" = lport=2869 | protocol=6 | dir=in | app=system | "{D69CC9D5-82DF-4A1C-BF8A-DE8BF307926D}" = lport=138 | protocol=17 | dir=in | app=system | "{D7AF8924-82DC-4965-9FC9-E87D6B344958}" = lport=2869 | protocol=6 | dir=in | app=system | "{E0635F78-4750-4D53-81BD-53C76315D4DD}" = lport=2869 | protocol=6 | dir=in | app=system | "{E75218A0-230E-471B-9585-B0F21E878FB2}" = lport=445 | protocol=6 | dir=in | app=system | "{FD86C274-F465-464C-9275-E9C86C01D356}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06E9FF61-79E9-4B23-8615-6BF39E87B2E5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{18B87A82-DB1E-433A-812E-3B63F0664D14}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{1BECF5B2-3A6A-480E-B743-8715865BC13A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{2A4C139A-E6F8-4098-9B22-F4D682C9990A}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | "{3ED02C98-05D5-42EB-A18B-DE239DBA4E77}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{3FD74E8E-9A7B-4ECD-8CAC-3CA2832ABDD9}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{40973AE6-3AA7-4CFE-8718-4747C04CC111}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{41FFC188-FA9F-4E5D-BA7F-1CD3F5A57686}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{489B7160-0D8C-4FC8-8C5F-2E3D38FBD728}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{556A25D0-BDFB-4F3A-856C-E026710DBAB9}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{629377DC-D7BD-4754-B462-4C4ADF8415E9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{64D39CA0-A62B-4593-AB3B-3333655B1EFE}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | "{65F960AD-F650-4905-99E3-6B8E07876FA4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{698ECC8F-B149-4AB2-9F48-FC00AE0DC083}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{6C34D256-141E-4D83-BE37-3FD9FE334550}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{6C825DBF-8153-4227-A9BE-8E9016BAC6DF}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | "{6E29F356-D745-481F-A6EC-8B07C70FB376}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{78E0DA89-EEC6-4F51-8F5A-0F9995B11D22}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{86B6B116-E31D-4004-B591-7193DDA53F37}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{882A3AAE-9D8D-459A-AD0D-0B58CC7CD7B5}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{8E1D94D7-DE21-408E-8166-5593497E6C39}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{8E6820D7-CD0B-469E-9046-4B618ECAD328}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{8ED69574-CE17-4509-AE4D-54C17712DEDF}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | "{A1BCBF1F-5C8B-4B5A-8F0A-AB1B42A9E37F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A4BC2DD3-8889-4F95-B25C-5BC1A3320540}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{A88D3AE4-734B-4DCE-83F4-C9DDA1587FD0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{B393D83C-8667-4D36-95C2-1879F9F01A3B}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{B398ECB8-1833-4D51-BE3D-0E53948B3A8D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{BDF898C7-3469-4D61-8976-B3130AB9E363}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{C64D8098-35FA-46D4-B315-56ECE6D599CE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{C9F777AB-6767-4FD9-A14B-536A796AD831}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{DD0A2198-5971-4F24-A138-FB75FA6C3D74}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{E0B153FB-23E6-4DC7-8358-894E87C829DC}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{EAC7E041-442C-4729-A272-D01ACA6ED23E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{ECEF5437-3AD7-49BE-A2B2-189634CC56BE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{F6D0F8B5-9922-4105-8F23-1A9FADF8DC5A}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{FD23CFF9-CC2E-404A-82FD-0A5699D33121}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | "TCP Query User{001766AF-1488-47B8-9881-91D54FC1C4A1}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "TCP Query User{3E60296F-AAC3-4FF4-B5DA-208BDA07A41C}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "TCP Query User{4290467F-D8F0-41F1-924D-F6CEA84518BA}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{CF32E611-314D-4923-894E-4346117BDCF9}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{6A2A33FA-FAFC-44D9-9EB8-F2EFBCFDD123}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "UDP Query User{717B0B30-9D49-4858-89B2-23E6E2C3EA7C}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "UDP Query User{E6E89160-A854-4609-8C02-3A9CBAF58397}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{EFD23686-4ED0-46B5-8795-F5212BA38369}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.4900 "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 21 "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1 "{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel "{5AB56552-6938-4686-9F87-DB0ED8D1E06B}" = HP User Guides 0056 "{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.4.1 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9833D727-8FF5-40AE-A193-525747555FF1}" = BlackBerry Desktop Software 4.7 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements "{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3 "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{AC93F461-132C-4A10-983D-7DAFE2917D67}" = Roxio Media Manager "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B720A76D-1274-4DBB-AA24-853DDDBEB9E1}" = ESU for Microsoft Vista "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9 "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant "{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1 "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation) "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime "{F6970FBD-809A-4C51-BAB3-D94A04C6C8E7}" = Garmin Communicator Plugin "{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista "{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "BlackBerry_{9833D727-8FF5-40AE-A193-525747555FF1}" = BlackBerry Desktop Software 4.7 "CCleaner" = CCleaner "CNXT_HDAUDIO" = Conexant HD Audio "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = HDAUDIO Soft Data Fax Modem with SmartCP "DivX Setup.divx.com" = DivX Setup "HitmanPro35" = Hitman Pro 3.5 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "MSC" = McAfee SecurityCenter "NVIDIA Drivers" = NVIDIA Drivers "SmartAudio" = SmartAudio "SynTPDeinstKey" = Synaptics Pointing Device Driver ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 06/09/2010 17:52:50 | Computer Name = Becki-PC | Source = VSS | ID = 8194 Description = Error - 06/09/2010 18:15:57 | Computer Name = Becki-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 07/09/2010 05:03:29 | Computer Name = Becki-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 07/09/2010 05:43:15 | Computer Name = Becki-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 08/09/2010 07:04:22 | Computer Name = Becki | Source = Windows Search Service | ID = 3013 Description = Error - 08/09/2010 07:04:22 | Computer Name = Becki | Source = Windows Search Service | ID = 3013 Description = Error - 08/09/2010 11:13:10 | Computer Name = Becki | Source = Windows Search Service | ID = 3013 Description = Error - 08/09/2010 11:13:10 | Computer Name = Becki | Source = Windows Search Service | ID = 3013 Description = Error - 08/09/2010 11:15:41 | Computer Name = Becki | Source = Windows Search Service | ID = 3013 Description = Error - 08/09/2010 11:15:41 | Computer Name = Becki | Source = Windows Search Service | ID = 3013 Description = [ Media Center Events ] Error - 26/05/2008 07:22:25 | Computer Name = Becki-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight. [ System Events ] Error - 08/09/2010 10:35:14 | Computer Name = Becki | Source = Service Control Manager | ID = 7009 Description = Error - 08/09/2010 10:36:23 | Computer Name = Becki | Source = Service Control Manager | ID = 7022 Description = Error - 08/09/2010 10:36:23 | Computer Name = Becki | Source = Service Control Manager | ID = 7001 Description = Error - 08/09/2010 10:56:08 | Computer Name = Becki | Source = Service Control Manager | ID = 7031 Description = Error - 08/09/2010 10:59:23 | Computer Name = Becki | Source = HTTP | ID = 15016 Description = Error - 08/09/2010 10:59:23 | Computer Name = Becki | Source = Microsoft-Windows-TaskScheduler | ID = 412 Description = Error - 08/09/2010 11:00:37 | Computer Name = Becki | Source = Service Control Manager | ID = 7000 Description = Error - 08/09/2010 11:00:37 | Computer Name = Becki | Source = Service Control Manager | ID = 7009 Description = Error - 08/09/2010 11:01:28 | Computer Name = Becki | Source = Service Control Manager | ID = 7022 Description = Error - 08/09/2010 11:01:29 | Computer Name = Becki | Source = Service Control Manager | ID = 7001 Description = < End of report >
  8. Jellybeans27
    Starbuck, thanks very much for the help. As you will see, some trojans were found. My startup time is now 3-4 mins which still seems quite slow, considering my friend's laptop is the same spec and has loads of games installed and boots up much quicker. Please find the reports as follows: Malwarebytes' Anti-Malware 1.46 Malwarebytes Database version: 4571 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18943 08/09/2010 18:14:08 mbam-log-2010-09-08 (18-14-08).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 275231 Time elapsed: 2 hour(s), 1 minute(s), 18 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 18 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MSN Messenger\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. ------------------------------------------------------------------------------------------------------------------------------ OTL.txt OTL logfile created on: 08/09/2010 18:18:44 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Becki\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18943) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1,022.00 Mb Total Physical Memory | 238.00 Mb Available Physical Memory | 23.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 141.30 Gb Total Space | 67.05 Gb Free Space | 47.46% Space Free | Partition Type: NTFS Drive D: | 7.75 Gb Total Space | 5.31 Gb Free Space | 68.47% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BECKI Current User Name: Becki Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Becki\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\MPF\MpfSrv.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\MSK\msksrver.exe (McAfee, Inc.) PRC - c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.) PRC - c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe () PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) ========== Modules (SafeList) ========== MOD - C:\Users\Becki\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Program Files\McAfee\SiteAdvisor\sahook.dll () MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (mcmscsvc) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV - (McShield) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.) SRV - (McSysmon) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.) SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (McProxy) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.) SRV - (McNASvc) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.) SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe () SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Roxio UPnP Renderer 9) -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\Digital Home 9\RoxioUPnPRenderer9.exe (Sonic Solutions) SRV - (Roxio Upnp Server 9) -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\Digital Home 9\RoxioUpnpService9.exe (Sonic Solutions) SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe () SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe () SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.) ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.) DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group) DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.) DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.) DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corp.) DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corp.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.) DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.) DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.) DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = myAOL | HP IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = myAOL | HP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = myAOL | HP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = myAOL | HP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search" FF - prefs.js..browser.startup.homepage: "www.google.co.uk" FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8 FF - prefs.js..keyword.URL: "http://uk.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_uk&p=" FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/09/08 10:01:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/31 19:53:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/06 13:44:05 | 000,000,000 | ---D | M] [2008/08/31 08:58:58 | 000,000,000 | ---D | M] -- C:\Users\Becki\AppData\Roaming\Mozilla\Extensions [2010/09/08 15:41:34 | 000,000,000 | ---D | M] -- C:\Users\Becki\AppData\Roaming\Mozilla\Firefox\Profiles\lg6qn2ro.default\extensions [2009/09/04 22:04:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Becki\AppData\Roaming\Mozilla\Firefox\Profiles\lg6qn2ro.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/01/02 17:28:28 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Becki\AppData\Roaming\Mozilla\Firefox\Profiles\lg6qn2ro.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010/08/15 08:36:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/08/15 08:36:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/08/25 18:56:11 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2010/08/25 18:56:12 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2010/08/25 18:56:12 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2010/08/25 18:56:12 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll () O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Becki\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Becki\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/08/18 19:59:11 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^Users^Becki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk - C:\PROGRA~1\BBCIPL~1\BBCIPL~1.EXE - File not found MsConfig - StartUpReg: AVG8_TRAY - hkey= - key= - C:\PROGRA~1\AVG\AVG8\avgtray.exe File not found MsConfig - StartUpReg: BlackBerryAutoUpdate - hkey= - key= - C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited) MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () MsConfig - StartUpReg: RoxWatchTray - hkey= - key= - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2010/09/08 16:09:04 | 000,000,000 | ---D | C] -- C:\Users\Becki\AppData\Roaming\Malwarebytes [2010/09/08 16:08:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/09/08 16:08:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/09/08 16:08:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/09/08 16:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/09/08 10:22:54 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010/09/08 10:22:51 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010/09/06 22:47:08 | 000,000,000 | ---D | C] -- C:\Users\Becki\AppData\Local\VS Revo Group [2010/09/06 22:46:42 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys [2010/09/06 22:46:40 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2010/09/06 17:15:43 | 000,000,000 | ---D | C] -- C:\Temp [2010/09/06 15:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SiteAdvisor [2010/09/06 15:18:17 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys [2010/09/06 15:18:16 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys [2010/09/06 15:18:16 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys [2010/09/06 15:18:08 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys [2010/09/06 15:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee [2010/09/06 15:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com [2010/09/06 15:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee [2010/09/06 15:11:09 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys [2010/09/06 14:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2010/09/06 13:40:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010/09/06 13:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro [2010/09/06 13:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5 [2010/09/06 10:01:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/09/06 10:01:53 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/09/06 10:01:52 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/09/06 10:01:52 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/09/06 10:01:52 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/09/06 10:01:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/09/06 10:01:51 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/09/06 10:01:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/09/06 10:01:49 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/09/06 10:01:48 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/09/06 10:01:48 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/09/06 10:01:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/09/06 10:01:47 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/09/06 10:01:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/09/06 10:01:46 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/09/06 09:59:31 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2010/09/06 09:59:31 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010/09/06 09:59:31 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2010/09/06 09:59:30 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010/09/06 09:59:30 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2010/09/06 09:59:30 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2010/09/06 09:59:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2010/09/06 09:59:29 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010/09/06 09:59:29 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010/09/06 09:59:29 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2010/09/06 09:59:29 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2010/09/06 09:59:29 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010/09/06 09:59:28 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe [2010/09/06 09:59:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010/09/06 09:59:28 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2010/09/06 09:59:28 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2010/09/06 09:59:27 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010/09/06 09:59:27 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2010/09/06 09:59:26 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/09/06 09:59:26 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2010/09/06 09:59:25 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2010/09/06 09:59:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe [2010/09/06 09:59:25 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2010/09/06 09:59:25 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2010/09/06 09:59:25 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe [2010/09/06 09:52:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll [2010/09/06 09:52:53 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll [2010/09/06 09:52:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010/09/06 09:52:49 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll [2010/09/06 09:52:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll [2010/09/06 09:52:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll [2010/09/06 09:52:49 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll [2010/09/06 09:52:48 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll [2010/09/06 09:52:48 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll [2010/09/06 09:52:48 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll [2010/09/06 09:52:47 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll [2010/09/06 09:52:47 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll [2010/09/06 09:52:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2010/09/06 09:52:47 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll [2010/09/06 09:52:47 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll [2010/09/06 09:52:47 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll [2010/09/06 09:52:47 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll [2010/09/06 09:52:46 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll [2010/09/06 09:52:45 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll [2010/09/06 09:52:45 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2010/09/06 09:52:45 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2010/09/06 09:52:45 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2010/09/06 09:52:44 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2010/09/06 09:52:44 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2010/09/06 09:48:44 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2010/09/06 09:48:44 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2010/09/06 09:48:36 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2010/09/06 09:48:34 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2010/09/06 09:48:34 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2010/09/06 09:46:37 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010/09/06 09:46:36 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010/09/06 09:46:36 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010/09/06 09:40:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/09/06 09:40:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll [2010/09/06 09:37:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010/09/06 09:37:50 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010/09/06 09:37:43 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/09/06 09:37:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/09/06 09:37:31 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010/09/06 09:37:30 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010/09/06 09:37:13 | 002,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/09/06 09:37:04 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll [2010/09/06 09:37:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010/09/06 09:36:55 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll [2010/09/06 09:36:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2010/09/06 09:36:43 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010/09/06 09:36:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010/09/06 09:34:18 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2010/09/06 09:33:09 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll [2010/09/06 09:33:09 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx [2010/09/06 09:33:09 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe [2010/09/06 08:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010/09/06 08:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/08/31 19:52:33 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/08/21 16:23:30 | 000,000,000 | ---D | C] -- C:\PerfLogs [2010/08/21 15:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010/08/15 08:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010/08/15 08:36:32 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010/08/15 08:36:32 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010/08/15 08:36:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010/08/15 08:36:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010/08/14 13:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe [2010/08/10 05:15:58 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx [2010/08/10 05:15:58 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts ========== Files - Modified Within 30 Days ========== [2010/09/08 18:26:02 | 003,407,872 | -HS- | M] () -- C:\Users\Becki\ntuser.dat [2010/09/08 18:15:33 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\ysqgq.sys [2010/09/08 17:59:25 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/09/08 17:59:25 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/09/08 16:50:28 | 000,027,335 | ---- | M] () -- C:\Users\Becki\AppData\Roaming\nvModes.001 [2010/09/08 16:08:53 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/09/08 16:06:01 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/09/08 16:06:01 | 000,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/09/08 16:06:01 | 000,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/09/08 16:02:37 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010/09/08 16:02:19 | 000,008,988 | ---- | M] () -- C:\Windows\System32\Config.MPF [2010/09/08 15:59:23 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/09/08 15:59:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/09/08 15:58:53 | 1072,615,424 | -HS- | M] () -- C:\hiberfil.sys [2010/09/08 15:57:49 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/09/08 15:57:21 | 000,524,288 | -HS- | M] () -- C:\Users\Becki\ntuser.dat{5c0671e5-7d93-11dd-8479-001a6bf34e72}.TMContainer00000000000000000001.regtrans-ms [2010/09/08 15:57:21 | 000,065,536 | -HS- | M] () -- C:\Users\Becki\ntuser.dat{5c0671e5-7d93-11dd-8479-001a6bf34e72}.TM.blf [2010/09/08 12:04:36 | 001,887,318 | -H-- | M] () -- C:\Users\Becki\AppData\Local\IconCache.db [2010/09/08 11:43:04 | 000,009,651 | ---- | M] () -- C:\Users\Becki\Documents\Calls and Texts.xlsx [2010/09/07 10:47:54 | 000,001,388 | ---- | M] () -- C:\Users\Becki\Desktop\WILL-PC.lnk [2010/09/07 10:02:03 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8B8CB6F0-4EA1-45EE-A456-92E6B5ABB9E5}.job [2010/09/06 23:12:23 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job [2010/09/06 23:12:23 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\McQcTask.job [2010/09/06 22:46:49 | 000,000,961 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2010/09/06 15:22:39 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2010/09/06 15:21:49 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\McAfee EasyNetwork.lnk [2010/09/06 14:08:32 | 000,304,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/09/06 13:55:08 | 000,010,164 | ---- | M] () -- C:\Users\Becki\Documents\McAfee Serial Number.docx [2010/09/06 13:44:07 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk [2010/09/06 13:18:20 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys [2010/09/06 13:05:11 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk [2010/09/06 08:51:03 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/08/31 20:16:11 | 000,027,335 | ---- | M] () -- C:\Users\Becki\AppData\Roaming\nvModes.dat [2010/08/31 19:53:00 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010/08/31 19:49:44 | 000,001,394 | ---- | M] () -- C:\Users\Becki\Desktop\DivX Movies.lnk [2010/08/31 19:49:11 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010/08/25 20:00:37 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2010/08/24 22:53:35 | 000,010,367 | ---- | M] () -- C:\Users\Becki\Documents\Camping Weekend.xlsx [2010/08/21 16:46:36 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest [2010/08/21 15:57:10 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll [2010/08/21 15:56:57 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll [2010/08/21 15:24:26 | 000,059,904 | ---- | M] () -- C:\Users\Becki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/21 15:21:16 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2010/08/21 15:15:02 | 000,001,597 | ---- | M] () -- C:\Users\Becki\Desktop\Bluetooth File Transfer Wizard.lnk [2010/08/14 19:30:22 | 003,261,762 | ---- | M] () -- C:\Users\Becki\Documents\System Info.nfo [2010/08/14 14:16:29 | 003,902,766 | ---- | M] () -- C:\Users\Becki\Documents\HP Guie.pdf [2010/08/14 14:11:36 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv9500 Notebook PC_Y5335KV_0U_QCNF7394K53_E445841-033_4A_I30DA_SQuanta_V85.26_F.32_T090303_WV3-0_L409_M1023_J160_7AMD_8F81_91.90_#071225_N10DE0450;14E44328_(GQ237EA#ABU)_XMOBILE_CN10_Z.MRK [2010/08/14 13:55:23 | 000,000,804 | ---- | M] () -- C:\Users\Becki\Desktop\CCleaner.lnk [2010/08/10 05:15:58 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx [2010/08/10 05:15:58 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts ========== Files Created - No Company Name ========== [2010/09/08 18:15:33 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\ysqgq.sys [2010/09/08 16:08:53 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/09/08 11:43:02 | 000,009,651 | ---- | C] () -- C:\Users\Becki\Documents\Calls and Texts.xlsx [2010/09/07 10:47:54 | 000,001,388 | ---- | C] () -- C:\Users\Becki\Desktop\WILL-PC.lnk [2010/09/06 22:46:49 | 000,000,961 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2010/09/06 17:00:23 | 000,008,988 | ---- | C] () -- C:\Windows\System32\Config.MPF [2010/09/06 15:22:39 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2010/09/06 15:21:49 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\McAfee EasyNetwork.lnk [2010/09/06 15:17:38 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\McDefragTask.job [2010/09/06 15:17:35 | 000,000,318 | ---- | C] () -- C:\Windows\tasks\McQcTask.job [2010/09/06 13:55:03 | 000,010,164 | ---- | C] () -- C:\Users\Becki\Documents\McAfee Serial Number.docx [2010/09/06 13:44:07 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk [2010/09/06 13:18:20 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys [2010/09/06 13:02:32 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk [2010/09/06 10:01:48 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2010/09/06 09:52:54 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010/09/06 09:52:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010/09/06 09:52:47 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex [2010/09/06 09:37:06 | 000,003,374 | ---- | C] () -- C:\Windows\System32\RacUR.xml [2010/09/06 08:51:03 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/08/31 19:53:00 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010/08/31 19:49:11 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010/08/25 20:00:37 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2010/08/24 22:53:32 | 000,010,367 | ---- | C] () -- C:\Users\Becki\Documents\Camping Weekend.xlsx [2010/08/21 15:23:59 | 000,001,394 | ---- | C] () -- C:\Users\Becki\Desktop\DivX Movies.lnk [2010/08/21 15:21:16 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2010/08/21 15:15:02 | 000,001,597 | ---- | C] () -- C:\Users\Becki\Desktop\Bluetooth File Transfer Wizard.lnk [2010/08/14 19:30:13 | 003,261,762 | ---- | C] () -- C:\Users\Becki\Documents\System Info.nfo [2010/08/14 14:16:24 | 003,902,766 | ---- | C] () -- C:\Users\Becki\Documents\HP Guie.pdf [2010/08/14 14:11:36 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv9500 Notebook PC_Y5335KV_0U_QCNF7394K53_E445841-033_4A_I30DA_SQuanta_V85.26_F.32_T090303_WV3-0_L409_M1023_J160_7AMD_8F81_91.90_#071225_N10DE0450;14E44328_(GQ237EA#ABU)_XMOBILE_CN10_Z.MRK [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2008/12/28 16:53:06 | 000,007,237 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini [2008/01/21 12:18:07 | 000,021,871 | ---- | C] () -- C:\Users\Becki\AppData\Roaming\UserTile.png [2007/12/26 10:51:38 | 000,027,335 | ---- | C] () -- C:\Users\Becki\AppData\Roaming\nvModes.001 [2007/12/26 10:51:36 | 000,027,335 | ---- | C] () -- C:\Users\Becki\AppData\Roaming\nvModes.dat [2007/12/25 19:23:08 | 000,059,904 | ---- | C] () -- C:\Users\Becki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/12/25 12:23:36 | 000,000,680 | ---- | C] () -- C:\Users\Becki\AppData\Local\d3d9caps.dat [2007/12/25 12:09:30 | 000,000,000 | ---- | C] () -- C:\Users\Becki\AppData\Local\QSwitch.txt [2007/12/25 12:09:30 | 000,000,000 | ---- | C] () -- C:\Users\Becki\AppData\Local\DSwitch.txt [2007/12/25 12:09:30 | 000,000,000 | ---- | C] () -- C:\Users\Becki\AppData\Local\AtStart.txt [2007/08/18 19:52:21 | 000,001,321 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2007/03/29 13:42:38 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2007/02/27 21:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/12/14 07:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/12/14 07:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/10 01:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2005/05/07 13:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2009/11/27 22:02:40 | 000,000,000 | ---D | M] -- C:\Users\Becki\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1 [2008/12/25 22:31:43 | 000,000,000 | ---D | M] -- C:\Users\Becki\AppData\Roaming\GARMIN [2009/06/10 15:49:38 | 000,000,000 | ---D | M] -- C:\Users\Becki\AppData\Roaming\LimeWire [2008/01/21 12:18:06 | 000,000,000 | ---D | M] -- C:\Users\Becki\AppData\Roaming\PeerNetworking [2009/06/10 16:13:13 | 000,000,000 | ---D | M] -- C:\Users\Becki\AppData\Roaming\Research In Motion [2010/09/06 23:12:23 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job [2010/09/06 23:12:23 | 000,000,318 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job [2010/09/08 15:57:45 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/09/07 10:02:03 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{8B8CB6F0-4EA1-45EE-A456-92E6B5ABB9E5}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2007/08/18 20:06:20 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys [2007/08/18 20:06:21 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys [2007/08/18 20:06:21 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008/02/13 09:59:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2008/02/13 09:59:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2008/02/13 09:59:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTORV.SYS > [2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll [2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll [2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/03/08 12:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009/03/08 12:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2008/01/19 08:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2008/01/19 08:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < End of report > ------------------------------------------------------------------------------------------------------------------------------
  9. Jellybeans27
    Hi all, I made this thread earlier today, and have been referred to you guys for some help : http://extremetechsupport.com/forum/windows-vista/10427-slow-laptop-do-need-more-ram.html With re to the thread, I have been using CCleaner for registry fixing, but have backed up the registry every single time. Any help will be appreciated.
  10. Jellybeans27
    That's what I thought - the main lag is after putting in the Windows password,, it then stays on a black screen for quite a while. Sorry I didn't mention anti-virus etc. I only use AVG Free at the moment, I do one scheduled scan every week. I also use CCleaner but obviously that's unrelated to anti-virus. What do you recommend I do? Thanks for the help.
  11. Jellybeans27
    Hi all, I have a HP Pavillion dv9000 laptop with the following specs: Windows Vista Home Premium SP1 AMD Turion 64 X2 TL-58 1.0GB RAM Nvidia Geforce 8400M GS. I've bought the laptop brand new in December 2007, and have maintained it well. Never had any problems or overloaded it...only had a few games installed and thats it. However, over the last 12 months or so, it's been EXTREMELY slow on startup, sometimes taking 6 or 7 mins to startup from when I press the power button. I thought it might have been the startup programs, so cleaned them up, and also uninstalled all of my games and any software that takes up a lot of space on the HDD. I've also defragmented a lot. None of this has made a difference. The thing I don't understand is why it suddenly got slower and it hasn't done it before? Is this a RAM issue, i.e. do I need to upgrade to 2gb? Would it make much difference and solve my problem? I would like to go higher but I believe it can only take a max. of 2gb. Any help will be appreciated. Thanks Will.
  12. Jellybeans27
    Thanks Dalo, tried that already but no luck :(
  13. Jellybeans27
    Hi, I have a problem with both of my dvd drives. They're not recognised in my computer and aren't listed in device manager. I have tried to registry change but nothing is different :( The drives dont seem to be showing any power at all and I can't open the disc trays. Also, when they were working about a month ago I couldn't burn anything off of iTunes because the burn rate was so slow that it cancelled the disc burn. I dont understand how they have got to this stage....PLEASE HELP!!
×
×
  • Create New...