Jump to content

A very strange problem

shnos
 Share

Recommended Posts

shnos Newbie

shnos

Posted
Posted
I uninstalled windows live messenger as it was not working. I tried to download it again and keep getting message that I already have it on my pc. I have deleted everything i could find that was connected to it but still no joy. I was using an old messenger which was fine but cannot download that again either. does anyone have any ideas
  • Replies 46
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

shnos Newbie

shnos

Posted
  • Author
Posted
Did you try this?

yes I ran that it is still saying when I try to download that it is already on the computer. Just cannot find it anywhere

shnos Newbie

shnos

Posted
  • Author
Posted
hi I have tried all the suggestions and still cannot download it. continues to say it already exists on my pc.
RandyL Newbie

RandyL

Posted
Posted

I've had that problem in the past. What I did was locate the Messenger folder and delete it. Look in C:\Program Files (x86)\Windows Live

 

Yours may not be that exact file path name but you get the idea. Just don't delete the entire Windows Live folder. Just delete the Messenger folder there.

We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.

Get help with computer problems. Join Free PC Help here

 

Donations are welcome. Read Here

shnos Newbie

shnos

Posted
  • Author
Posted
I've had that problem in the past. What I did was locate the Messenger folder and delete it. Look in C:\Program Files (x86)\Windows Live

 

Yours may not be that exact file path name but you get the idea. Just don't delete the entire Windows Live folder. Just delete the Messenger folder there.

Just looked in there and the only messenger files I could find were for 6.1 no others too be seen.
Plastic Nev Newbie

Plastic Nev

Posted
Posted

If those are definitely Messenger files then those are the files to remove, even though they are for an older version they are what is stopping the new download.

Nev.

 

Need help with your computer problems? Then why not join Free PC Help. Register

here

 

If Free PC Help has helped you then please consider a donation. Click here

 

We are all members helping other members.

Please return here where you may be able to help someone else.

After all, no one knows everything and you may have the answer that someone needs.

 

 

 

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? :D

http://i7.photobucket.com/albums/y282/plasticpig/Nev2.gif

shnos Newbie

shnos

Posted
  • Author
Posted
They have been deleted still not able to download. it continues to say that windows live is already on the pc. unless they have brought out an invisible version I am sure it isn't
Plastic Nev Newbie

Plastic Nev

Posted
Posted

Hi again, have you tried a system search, including hidden files for Windows Live? just that on it's own, do not include the word Messenger?

See what turns up if anything, and let us know.

Nev.

 

Need help with your computer problems? Then why not join Free PC Help. Register

here

 

If Free PC Help has helped you then please consider a donation. Click here

 

We are all members helping other members.

Please return here where you may be able to help someone else.

After all, no one knows everything and you may have the answer that someone needs.

 

 

 

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? :D

http://i7.photobucket.com/albums/y282/plasticpig/Nev2.gif

Plastic Nev Newbie

Plastic Nev

Posted
Posted

Have you deleted that one? we need to finish up with absolutely no trace that it has ever been on the computer.

Just as a matter of interest do you have a full copy of Windows XP to hand, not a recovery disk.

If you have one, using it to perform a system repair will put Messenger back, maybe in an older version, but at least that can then be updated.

Nev.

 

Need help with your computer problems? Then why not join Free PC Help. Register

here

 

If Free PC Help has helped you then please consider a donation. Click here

 

We are all members helping other members.

Please return here where you may be able to help someone else.

After all, no one knows everything and you may have the answer that someone needs.

 

 

 

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? :D

http://i7.photobucket.com/albums/y282/plasticpig/Nev2.gif

Plastic Nev Newbie

Plastic Nev

Posted
Posted

Do have or can you borrow an XP disk?

 

Nev.

 

Need help with your computer problems? Then why not join Free PC Help. Register

here

 

If Free PC Help has helped you then please consider a donation. Click here

 

We are all members helping other members.

Please return here where you may be able to help someone else.

After all, no one knows everything and you may have the answer that someone needs.

 

 

 

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? :D

http://i7.photobucket.com/albums/y282/plasticpig/Nev2.gif

Plastic Nev Newbie

Plastic Nev

Posted
Posted

Hum, running short of idea's here, Ken may have something when he returns, please be patient.

Nev.

 

Need help with your computer problems? Then why not join Free PC Help. Register

here

 

If Free PC Help has helped you then please consider a donation. Click here

 

We are all members helping other members.

Please return here where you may be able to help someone else.

After all, no one knows everything and you may have the answer that someone needs.

 

 

 

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? :D

http://i7.photobucket.com/albums/y282/plasticpig/Nev2.gif

Plastic Nev Newbie

Plastic Nev

Posted
Posted

Just one thing left that might work, go to system restore, and hopefully there may be a restore point far enough back in time to before Messenger stopped working correctly. You won't lose any files or folders, but any programs installed since that restore point will have to be re-installed.

Nev.

 

Need help with your computer problems? Then why not join Free PC Help. Register

here

 

If Free PC Help has helped you then please consider a donation. Click here

 

We are all members helping other members.

Please return here where you may be able to help someone else.

After all, no one knows everything and you may have the answer that someone needs.

 

 

 

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? :D

http://i7.photobucket.com/albums/y282/plasticpig/Nev2.gif

Plastic Nev Newbie

Plastic Nev

Posted
Posted

Hum, if restore points aren't working that suggests a messed up system overall. That could be due to a variety of reasons, but malware being one of them, I suggest first a scan with Malwarebytes.

 

If you already have it, update and run a scan, if not download Malwarebytes free from here=

 

http://www.malwarebytes.org/

 

Once downloaded and installed, send it off for updates as the download is sometimes a few days out of date.

Then run a quick scan.

Once it has done, it opens a document with the results, copy and paste those results here please.

Nev.

 

Need help with your computer problems? Then why not join Free PC Help. Register

here

 

If Free PC Help has helped you then please consider a donation. Click here

 

We are all members helping other members.

Please return here where you may be able to help someone else.

After all, no one knows everything and you may have the answer that someone needs.

 

 

 

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? :D

http://i7.photobucket.com/albums/y282/plasticpig/Nev2.gif

shnos Newbie

shnos

Posted
  • Author
Posted

Malwarebytes' Anti-Malware 1.51.1.1800

http://www.malwarebytes.org

 

Database version: 7694

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

11/09/2011 07:53:19

mbam-log-2011-09-11 (07-53-19).txt

 

Scan type: Quick scan

Objects scanned: 183013

Time elapsed: 17 minute(s), 46 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

(No malicious items detected)

 

Registry Keys Infected:

(No malicious items detected)

 

Registry Values Infected:

(No malicious items detected)

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

c:\documents and settings\compaq_owner\my documents\downloads\setuppoker.exe_7bc10.exe (PUP.Casino) -> Quarantined and deleted successfully.

etavares Newbie

etavares

Posted
Posted (edited)

HI shnos, let's get a couple of logs to look at.

 

First, when you tried the system restore and it failed, was there an error message? If so, what was the exact message?

 

Next, we need to create an OTL report,

  • Please download OTL from this link.
  • (If that link doesn't work, try this alternate link
  • Save it to your desktop.
  • Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/OTL/otlDesktopIcon.png icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Select "Use Safelist" under "Extra Registry"
  • Under the Custom Scan box paste this in:

    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.sys /90
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\*
    %USERPROFILE%\..|smtmp;true;true;true /FP
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT
     
     
  • Click the Quick Scan button.
  • The scan should take a few minutes.
  • Please copy and paste both logs in your reply. If they are too big to paste in one reply, please split them into separate posts.

 

FInally, we need a rootkit scan.:

Please download aswMBR ( 511KB ) to your desktop.

  • Double click the aswMBR.exe icon to run it
  • It gives you the option to add the latest Avast definitions and recommends you do so. Ignore it and click No as it may crash your system or hang up and we don't need that info.
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

 

Note: aswMBR will save MBR.dat to your desktop. Do NOT delete it until I tell you your computer is clean. It is a backup of your MBR that we may need later.

Edited by etavares

 

 

shnos Newbie

shnos

Posted
  • Author
Posted

OTL logfile created on: 11/09/2011 14:17:52 - Run 1

OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

 

958.48 Mb Total Physical Memory | 388.00 Mb Available Physical Memory | 40.48% Memory free

2.26 Gb Paging File | 1.70 Gb Available in Paging File | 75.35% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 68.90 Gb Total Space | 32.10 Gb Free Space | 46.58% Space Free | Partition Type: NTFS

Drive D: | 5.61 Gb Total Space | 0.58 Gb Free Space | 10.36% Space Free | Partition Type: FAT32

 

Computer Name: YOUR-C94F920E24 | User Name: Compaq_Owner | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/09/11 14:03:35 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL (1).exe

PRC - [2011/08/09 16:56:40 | 000,417,112 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe

PRC - [2011/08/09 16:40:34 | 000,763,224 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe

PRC - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2011/05/12 08:57:06 | 000,821,080 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

PRC - [2011/05/06 20:50:10 | 001,010,232 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

PRC - [2011/04/27 15:39:26 | 000,228,520 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe

PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

PRC - [2010/09/02 09:22:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe

PRC - [2010/09/02 09:21:04 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

PRC - [2010/07/07 21:50:42 | 000,176,408 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe

PRC - [2009/03/31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe

PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/10/12 09:33:38 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\TalkTalk\bin\sprtsvc.exe

PRC - [2007/08/02 14:42:14 | 000,148,768 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe

PRC - [2006/10/23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe

PRC - [2006/02/25 02:47:02 | 000,114,784 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe

PRC - [2006/02/25 02:47:00 | 000,266,338 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe

PRC - [2006/02/25 02:46:20 | 001,073,152 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2011/08/01 20:16:22 | 003,542,616 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll

MOD - [2011/05/06 20:50:09 | 000,327,224 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\ppgooglenaclpluginchrome.dll

MOD - [2011/05/06 20:50:07 | 004,125,752 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\pdf.dll

MOD - [2011/05/06 20:49:01 | 000,294,968 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\Locales\en-GB.dll

MOD - [2011/05/06 20:48:35 | 000,102,472 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avutil-50.dll

MOD - [2011/05/06 20:48:34 | 000,194,632 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avformat-52.dll

MOD - [2011/05/06 20:48:32 | 001,823,304 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\avcodec-52.dll

MOD - [2011/05/06 17:45:30 | 006,111,904 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\11.0.696.65\gcswf32.dll

MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2006/02/25 02:47:12 | 000,225,384 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapEngine.dll

MOD - [2006/02/25 02:47:12 | 000,065,634 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSchMgr.dll

MOD - [2006/02/25 02:47:12 | 000,032,768 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvcps.dll

MOD - [2006/02/25 02:47:02 | 000,114,784 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe

MOD - [2006/02/25 02:47:00 | 000,266,338 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe

 

 

========== Win32 Services (SafeList) ==========

shnos Newbie

shnos

Posted
  • Author
Posted

SRV - File not found [On_Demand | Stopped] -- -- (WLSetupSvc)

SRV - File not found [On_Demand | Stopped] -- -- (fsssvc)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)

SRV - [2011/08/01 20:16:22 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)

SRV - [2011/05/12 08:57:06 | 000,821,080 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)

SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

SRV - [2011/03/14 15:03:05 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)

SRV - [2010/09/02 09:22:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)

SRV - [2010/07/07 21:50:42 | 000,176,408 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)

SRV - [2010/03/22 19:36:47 | 000,069,120 | ---- | M] (BOONTY) [Disabled | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)

SRV - [2009/03/31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)

SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

SRV - [2008/09/19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Stopped] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)

SRV - [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2007/10/12 09:33:38 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\TalkTalk\bin\sprtsvc.exe -- (sprtsvc_TalkTalk) SupportSoft Sprocket Service (TalkTalk)

SRV - [2007/08/02 14:42:14 | 000,148,768 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe -- (tgsrvc_TalkTalk) SupportSoft Repair Service (TalkTalk)

SRV - [2006/10/23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)

SRV - [2006/02/25 02:47:02 | 000,114,784 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)

SRV - [2006/02/25 02:47:00 | 000,266,338 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)

SRV - [2006/02/25 02:46:20 | 001,073,152 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/09/11 14:13:28 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F2F6AE0C-6020-402E-A721-22C393D491E3}\MpKslc758737b.sys -- (MpKslc758737b)

DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2011/04/27 19:18:34 | 000,239,472 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)

DRV - [2011/03/23 01:00:08 | 000,016,080 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)

DRV - [2011/03/23 01:00:06 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)

DRV - [2011/03/16 19:00:46 | 000,140,848 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files\IObit\Protected Folder\pffilter.sys -- (PfFilter)

DRV - [2011/01/13 16:26:17 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)

DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)

DRV - [2009/12/07 12:50:48 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)

DRV - [2009/12/07 12:50:46 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)

DRV - [2009/03/31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2009/03/20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)

DRV - [2009/03/20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)

DRV - [2009/03/20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)

DRV - [2008/12/26 17:27:26 | 004,968,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008/03/31 10:20:18 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2007/10/12 14:07:10 | 000,055,808 | ---- | M] (The SHVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0801.sys -- (tap0801)

DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2007/03/27 19:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)

DRV - [2006/03/24 17:53:07 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)

DRV - [2006/03/03 22:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2006/03/03 22:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2005/12/29 11:22:00 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)

DRV - [2005/04/07 17:18:34 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)

DRV - [2005/03/09 22:53:00 | 000,036,352 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)

DRV - [2003/01/10 22:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=730afec6000000000000001731ea9af1&tlver=1.4.19.19&affID=17161

IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Reg Error: Key error. File not found

 

 

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=63&bd=PRESARIO&pf=desktop

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-2226935652-1042370167-1948720806-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Yahoo"

FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://uk.search.yahoo.com/search?fr=ffsp1&p="

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-type: "${8}"

FF - prefs.js..browser.search.selectedEngine: "Yahoo"

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3

FF - prefs.js..extensions.enabledItems: {7BA9F755-DCD4-4B60-8AE8-EE3662C7C733}:1.0

FF - prefs.js..extensions.enabledItems: {98e34367-8df7-42b4-837b-20b892ff0849}:1.6

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655

FF - prefs.js..extensions.enabledItems: {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {27E679CC-6AAB-4B2A-BB87-096FE4178464}:1.0

FF - prefs.js..extensions.enabledItems: {91da5e8a-3318-4f8c-b67e-5964de3ab546}:2.6.0.15

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.240.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {32b29df0-2237-4370-9a29-37cebb730e9b}:2.7.1.3

FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3

FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p="

FF - prefs.js..network.proxy.ftp: ":"

FF - prefs.js..network.proxy.gopher: ":"

FF - prefs.js..network.proxy.http: ":"

FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: ":"

FF - prefs.js..network.proxy.ssl: ":"

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: File not found

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@entriq.com/Download Manager Plugin Version Chk,version=3.8.2.9: File not found

FF - HKLM\Software\MozillaPlugins\@entriq.com/Download Manager Plugin,version=3.8.2.9: File not found

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...