Jump to content

ooglefish3

Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

Reputation

0 Neutral
  1. ooglefish3
    Okay, first thank you for the reply as always. Second, this is insane, now my desktop has a problem as well. I'll get to that in a different thread after I get this laptop up and running. Anywho, here is where I am at. I went into "Safe Mode Command Prompt Only" and tried running netsh int ip reset by entering the following C:\netsh int ip reset (obviously the C:\ was already there) The response I received below was: There's no user specified settings to be reset. Now, here is the kicker. I tried to search for ComboFix by going into C:\DIR What came back was a brief listing of files (Directory of C:\) I found ComboFix, entered cd C:\ComboFix, after which I did a DIR of ComboFix which returned 0 files 2 DIR(s) I have tried going into C:\Program Files and even under that directory I find 0 files 3 DIR(s). I am assuming the majority of the files, be it Program Files, Windows, Users, etc. etc. are hidden. Problem with that is, I would need to download/install unhide.exe simply because I cannot find it. I also entered in you're suggestion of C:\users\Carrie\Downloads\ComboFix.exe and it came back with: The system cannot find the path specified. I even tried entering c:\users\Carrie\Downloads\ComboFix and what came back was: The system cannot find the path specified. BUT, it then came up with: C:\Users\Carrie I did a DIR under this and the return I received was: Volume in drive C is OS; Volume Serial Number is 1E82-9683; File Not Found. So, that is currently where I am at. I like to think every problem has a solution, which this whole debacle I am sure has without having to do anything drastic like reinstalling Windows etc. Hope the info above helps somewhat. Luckily, I enjoy working on computers....heh
  2. ooglefish3
    sorry my last reply was through my phone browser and it may not make any sense. using my wii browser now so if you need clarification on anything please ask. thanks.
  3. ooglefish3
    Ok this is where I am at and was. First, after I ran that one cfscript u had me drop into combofix, it ran it, gave me a. Txt file titled info when I went to Ken my browser, I couldn't connect all of a sudden to internet. So, I did what u asked and we t to diagnose and repair. Of course u can only do that in normal mode. So, of course that windows restore virus started up to so, I had to end that in task manager, well as you read, those issue options it gave me came up. I rebooted into safe mode with networking and again, alll my desktop icons were gone and going under the start menu, all programs that was empty again. So I tried unhide program in the search field to find it and run it but it cannot find it.. anyway, I wrote out that new script u provided in notepad, it ran it but never generated a. Txt file. I went into command mode typed in what u provided and nothing changed, still cannot connect online. So, right now, I rebooted into safe mode command line, drilled down and I am running malwarebytes in hopes it will help with something but I'm running it without updates since hence, I cannot connect to the net. Hhhhelp. ?
  4. ooglefish3
    Up until running that last script in Combo, my connection was fine.
  5. ooglefish3
    This is done wireless, I ran the unhide.exe icons are now back. I have to run it in normal mode since it will not allow me to do that in safe mode. Which means I have to go into task manager right away to end that Windows Restore virus from running. When I right click on the network icon,>diagnose and repair> The window pops-up There might be a problem with one or more network adapters on this computer. The adapter "Marvell Yukon 88E8040 PCI E Fast Ethernet Controller is experiencing driver and or hardware related issues Make sure your Internet Protocal Bindings are correct. Still having this Windows Restore Virus window open whenever I try to diagnose. I have to go into Task Manager to kill it. This Windows Restore is the root of the problem.
  6. ooglefish3
    I meant all desktop items are also hidden again.
  7. ooglefish3
    Oh, and all those desktop files that were unhidden before, and hidden again.
  8. ooglefish3
    Ok, I did what you asked and after it ran that script, it produced a log.txt in notepad. NOW, I cannot get online with it. I am on my desktop right now typing this. Basically, I now have no connection to the net.
  9. ooglefish3
    Here ya go;-) ComboFix 11-04-07.08 - Carrie 04/08/2011 9:09.2.2 - x86 NETWORK Microsoft
  10. ooglefish3
    Here goes...thanks OTL logfile created on: 4/7/2011 5:35:46 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Carrie\Downloads Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free 6.00 Gb Paging File | 6.00 Gb Available in Paging File | 94.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 220.31 Gb Total Space | 111.95 Gb Free Space | 50.82% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 3.05 Gb Free Space | 30.48% Space Free | Partition Type: NTFS Computer Name: CARRIE-LAPTOP | User Name: Carrie | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/04/07 17:35:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Carrie\Downloads\OTL.exe PRC - [2011/03/23 17:34:42 | 000,912,344 | -H-- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2006/11/02 05:45:13 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe ========== Modules (SafeList) ========== MOD - [2011/04/07 17:35:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Carrie\Downloads\OTL.exe MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/10/11 16:25:42 | 000,431,440 | -H-- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe -- (Trend Micro RUBotted Service) SRV - [2010/10/06 11:31:48 | 000,517,448 | -H-- | M] () [Disabled | Stopped] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2010/04/03 12:39:59 | 000,297,752 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2009/10/20 14:19:48 | 000,117,264 | -H-- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009/09/05 17:16:22 | 000,908,056 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc) SRV - [2009/08/24 08:47:07 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2009/06/18 23:05:15 | 000,655,624 | -H-- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/07/07 10:42:02 | 000,809,296 | -H-- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/01/18 18:36:01 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/18 11:02:41 | 000,072,704 | -H-- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service) SRV - [2007/09/28 01:56:42 | 000,102,400 | -H-- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007/09/28 01:56:38 | 000,073,728 | -H-- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters) SRV - [2007/09/11 02:45:04 | 000,124,832 | -H-- | M] () [Auto | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0) SRV - [2007/08/27 05:22:30 | 000,566,872 | -H-- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe -- (tmproxy) SRV - [2007/08/27 05:22:22 | 000,923,216 | -H-- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe -- (TmPfw) SRV - [2007/08/27 05:22:18 | 000,345,432 | -H-- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe -- (Tmntsrv) SRV - [2007/08/27 05:21:36 | 001,471,840 | -H-- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe -- (PcCtlCom) SRV - [2007/05/31 11:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007/05/31 11:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007/03/21 15:00:04 | 000,355,096 | -H-- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2007/03/19 14:44:44 | 000,070,656 | -H-- | M] () [Disabled | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) SRV - [2006/10/23 08:50:35 | 000,046,640 | RH-- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS) ========== Driver Services (SafeList) ========== DRV - [2009/10/20 14:19:44 | 000,050,704 | -H-- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009/09/05 17:17:13 | 000,335,240 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2009/09/05 17:17:13 | 000,027,784 | -H-- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2009/06/07 21:37:06 | 000,108,552 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2008/08/16 04:00:52 | 000,205,328 | -H-- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmxpflt.sys -- (tmxpflt) DRV - [2008/08/16 04:00:46 | 000,036,368 | -H-- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmpreflt.sys -- (tmpreflt) DRV - [2008/08/16 03:53:50 | 001,195,448 | -H-- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vsapint.sys -- (vsapint) DRV - [2008/01/14 06:06:32 | 000,021,632 | -H-- | M] (ManyCam LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam) DRV - [2007/09/28 02:24:16 | 007,620,704 | -H-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007/09/28 01:56:52 | 000,330,240 | -H-- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007/09/07 05:27:32 | 000,209,408 | -H-- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ianvstor.sys -- (iaNvStor) Intel® DRV - [2007/09/07 04:50:54 | 000,155,136 | -H-- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007/09/07 02:35:46 | 000,037,376 | -H-- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/09/07 02:35:44 | 000,039,936 | -H-- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007/09/07 02:35:42 | 000,042,496 | -H-- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007/08/28 01:51:44 | 000,007,424 | -H-- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx) DRV - [2007/08/28 01:51:40 | 000,235,520 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev) DRV - [2007/08/27 05:23:32 | 000,073,288 | -H-- | M] (Trend Micro Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi) DRV - [2007/08/27 05:23:28 | 000,280,392 | -H-- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TM_CFW.sys -- (tmcfw) DRV - [2007/08/13 05:44:26 | 002,226,688 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel® DRV - [2007/02/25 14:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv) DRV - [2006/11/29 18:24:57 | 000,033,588 | -H-- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2006/11/02 04:51:15 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV) DRV - [2006/11/02 03:36:43 | 002,028,032 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006/11/02 03:30:55 | 000,200,704 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel® DRV - [2006/10/05 19:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080118 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - File not found IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-167150308-33276035-3128934323-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080118 IE - HKU\S-1-5-21-167150308-33276035-3128934323-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com IE - HKU\S-1-5-21-167150308-33276035-3128934323-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-167150308-33276035-3128934323-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AOL Search" FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/aolcom/search?invocationType=tb50ffTB50CLie7&query=" FF - prefs.js..browser.search.selectedEngine: "AOL Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.aol.com" FF - prefs.js..extensions.enabledItems: {7affbfae-c4e2-4915-8c0f-00fa3ec610a1}:5.13.15.1 FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cc9e198&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010/10/28 16:48:24 | 000,000,000 | -H-D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/23 17:34:44 | 000,000,000 | -H-D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 17:34:44 | 000,000,000 | -H-D | M] [2009/07/02 23:26:57 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Carrie\AppData\Roaming\Mozilla\Extensions [2011/04/06 08:25:55 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\h3g0m6n6.default\extensions [2010/04/07 22:32:27 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\h3g0m6n6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/12/27 03:05:02 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\h3g0m6n6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009/07/10 23:40:35 | 000,000,000 | -H-D | M] (AOL Toolbar) -- C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\h3g0m6n6.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2009/07/10 23:41:07 | 000,001,725 | -H-- | M] () -- C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\h3g0m6n6.default\searchplugins\aol-search.xml [2010/11/20 23:48:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/10/28 16:48:24 | 000,000,000 | -H-D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.010.006.004" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG8\TOOLBAR\FIREFOX\AVG@IGEARED [2010/12/19 00:43:20 | 000,024,576 | -H-- | M] (My Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMySrch.dll O1 HOSTS File: ([2010/11/21 20:52:49 | 000,000,734 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (My Search BHO) - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (My Search) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (My Search Bar) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (My Search) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-167150308-33276035-3128934323-1000\..\Toolbar\WebBrowser: (My Search Bar) - {014DA6C9-189F-421A-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (My Search) O3 - HKU\S-1-5-21-167150308-33276035-3128934323-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - File not found O3 - HKU\S-1-5-21-167150308-33276035-3128934323-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - File not found O4 - HKU\S-1-5-21-167150308-33276035-3128934323-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKU\S-1-5-21-167150308-33276035-3128934323-1000..\Run: [vVTKvjYbBVaNeSx] C:\ProgramData\vVTKvjYbBVaNeSx.exe (GPA) O4 - HKLM..\RunOnce: [innoSetupRegFile.0000000001] C:\Windows\is-90E9C.exe () O4 - HKLM..\RunOnce: [innoSetupRegFile.0000000002] C:\Windows\is-N7673.exe () O4 - HKLM..\RunOnce: [innoSetupRegFile.0000000003] C:\Windows\is-I1U9O.exe () O4 - HKLM..\RunOnce: [innoSetupRegFile.0000000004] C:\Windows\is-AQ55I.exe () O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware (registration)] C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-21-167150308-33276035-3128934323-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-167150308-33276035-3128934323-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - File not found O24 - Desktop WallPaper: C:\Users\Carrie\Desktop\desktop.jpg O24 - Desktop BackupWallPaper: C:\Users\Carrie\Desktop\desktop.jpg O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/04/05 12:33:28 | 000,000,000 | -HSD | C] -- C:\found.026 [2011/04/05 11:56:48 | 000,000,000 | -H-D | C] -- C:\Users\Carrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Restore [2011/04/05 11:47:35 | 000,548,864 | -H-- | C] (GPA) -- C:\ProgramData\vVTKvjYbBVaNeSx.exe [2011/04/03 14:57:33 | 000,000,000 | -H-D | C] -- C:\Users\Carrie\AppData\Roaming\Roxio [2011/03/21 17:21:48 | 000,000,000 | ---D | C] -- C:\My Zip Files [2011/03/21 17:21:42 | 000,000,000 | -H-D | C] -- C:\Users\Carrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software [2011/03/21 17:21:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software [2011/03/21 17:21:39 | 000,000,000 | -H-D | C] -- C:\Program Files\CoffeeCup Software [2011/03/18 21:29:31 | 000,000,000 | -H-D | C] -- C:\Users\Carrie\Desktop\EVOKEN STUFF [2011/03/10 15:56:34 | 000,000,000 | -H-D | C] -- C:\Users\Carrie\Desktop\Sadie [2011/03/10 15:53:09 | 000,000,000 | -H-D | C] -- C:\Program Files\Whisper Technology [2011/03/10 15:53:09 | 000,000,000 | -H-D | C] -- C:\Users\Carrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTP Surfer [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/04/07 17:25:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/04/05 15:03:44 | 000,709,456 | ---- | M] () -- C:\Windows\is-AQ55I.exe [2011/04/05 15:03:44 | 000,010,562 | ---- | M] () -- C:\Windows\is-AQ55I.msg [2011/04/05 15:03:44 | 000,000,330 | ---- | M] () -- C:\Windows\is-AQ55I.lst [2011/04/05 14:55:43 | 000,709,456 | ---- | M] () -- C:\Windows\is-I1U9O.exe [2011/04/05 14:55:43 | 000,010,562 | ---- | M] () -- C:\Windows\is-I1U9O.msg [2011/04/05 14:55:43 | 000,000,335 | ---- | M] () -- C:\Windows\is-I1U9O.lst [2011/04/05 14:35:13 | 000,003,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/04/05 14:35:13 | 000,003,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/04/05 13:25:21 | 000,709,456 | ---- | M] () -- C:\Windows\is-N7673.exe [2011/04/05 13:25:21 | 000,010,562 | ---- | M] () -- C:\Windows\is-N7673.msg [2011/04/05 13:25:21 | 000,000,335 | ---- | M] () -- C:\Windows\is-N7673.lst [2011/04/05 13:21:21 | 000,709,456 | ---- | M] () -- C:\Windows\is-90E9C.exe [2011/04/05 13:21:21 | 000,010,562 | ---- | M] () -- C:\Windows\is-90E9C.msg [2011/04/05 13:21:21 | 000,000,332 | ---- | M] () -- C:\Windows\is-90E9C.lst [2011/04/05 13:06:34 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011/04/05 11:56:58 | 000,000,104 | -H-- | M] () -- C:\ProgramData\~26140448 [2011/04/05 11:56:56 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~26140448r [2011/04/05 11:56:48 | 000,000,583 | -H-- | M] () -- C:\Users\Carrie\Desktop\Windows Restore.lnk [2011/04/05 11:56:42 | 000,000,328 | -H-- | M] () -- C:\ProgramData\26140448 [2011/04/05 11:56:40 | 000,479,232 | -H-- | M] () -- C:\ProgramData\26140448.exe [2011/04/05 11:47:38 | 000,118,272 | -H-- | M] () -- C:\Windows\System32\drivers\160C2DA.sys [2011/04/05 11:47:33 | 000,548,864 | -H-- | M] (GPA) -- C:\ProgramData\vVTKvjYbBVaNeSx.exe [2011/04/05 09:53:51 | 074,066,968 | -H-- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2011/04/01 10:52:18 | 000,286,901 | -H-- | M] () -- C:\Users\Carrie\Documents\more-feature-2.jpg [2011/04/01 02:12:57 | 000,002,377 | -H-- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011/03/29 09:25:32 | 000,013,094 | -H-- | M] () -- C:\Users\Carrie\Desktop\hrtdivw.gif [2011/03/29 09:25:01 | 000,008,845 | -H-- | M] () -- C:\Users\Carrie\Desktop\Pics0609.gif [2011/03/29 09:22:41 | 000,066,066 | -H-- | M] () -- C:\Users\Carrie\Desktop\Header0609.jpg [2011/03/29 00:19:43 | 000,041,762 | -H-- | M] () -- C:\Users\Carrie\Desktop\trevlolz.jpg [2011/03/22 09:10:02 | 000,052,736 | -H-- | M] () -- C:\Users\Carrie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/03/21 17:21:56 | 000,000,887 | -H-- | M] () -- C:\Users\Public\Desktop\CoffeeCup Free Zip Wizard.lnk [2011/03/21 17:19:01 | 000,237,763 | -H-- | M] () -- C:\Users\Carrie\Desktop\WHN8E36.tmp.mht [2011/03/21 17:18:27 | 087,420,300 | -H-- | M] () -- C:\Users\Carrie\Desktop\312.zip [2011/03/18 21:29:23 | 000,062,739 | -H-- | M] () -- C:\Users\Carrie\AppData\Roaming\nvModes.001 [2011/03/12 21:28:14 | 000,096,702 | -H-- | M] () -- C:\Users\Carrie\Desktop\shot web.jpg [2011/03/12 14:33:53 | 000,000,524 | -H-- | M] () -- C:\Users\Carrie\Desktop\Jasc Software - Shortcut.lnk [2011/03/12 14:33:48 | 000,130,564 | -H-- | M] () -- C:\Users\Carrie\Desktop\desktop.jpg [2011/03/09 03:18:38 | 000,052,027 | -H-- | M] () -- C:\Users\Carrie\Documents\halloween.jpg [2011/03/09 01:51:07 | 000,282,188 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002557.jpg [2011/03/09 01:50:07 | 000,257,277 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002530.jpg [2011/03/09 01:46:18 | 000,187,552 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002250.jpg [2011/03/09 01:45:35 | 000,256,952 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002213.jpg [2011/03/09 01:44:47 | 000,246,945 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002137.jpg [2011/03/09 01:43:59 | 000,198,015 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002054.jpg [2011/03/09 01:43:21 | 000,266,441 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_001833.jpg [2011/03/09 01:38:07 | 000,249,079 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_001808.jpg [2011/03/09 01:37:23 | 000,298,590 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002839.jpg [2011/03/09 01:36:14 | 000,196,346 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_113010_004538.jpg [2011/03/09 01:34:20 | 000,308,973 | -H-- | M] () -- C:\Users\Carrie\Documents\WoWScrnShot_112110_211315.jpg [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/04/05 15:03:44 | 000,709,456 | ---- | C] () -- C:\Windows\is-AQ55I.exe [2011/04/05 15:03:44 | 000,010,562 | ---- | C] () -- C:\Windows\is-AQ55I.msg [2011/04/05 15:03:44 | 000,000,330 | ---- | C] () -- C:\Windows\is-AQ55I.lst [2011/04/05 14:55:43 | 000,709,456 | ---- | C] () -- C:\Windows\is-I1U9O.exe [2011/04/05 14:55:43 | 000,010,562 | ---- | C] () -- C:\Windows\is-I1U9O.msg [2011/04/05 14:55:43 | 000,000,335 | ---- | C] () -- C:\Windows\is-I1U9O.lst [2011/04/05 13:25:21 | 000,709,456 | ---- | C] () -- C:\Windows\is-N7673.exe [2011/04/05 13:25:21 | 000,010,562 | ---- | C] () -- C:\Windows\is-N7673.msg [2011/04/05 13:25:21 | 000,000,335 | ---- | C] () -- C:\Windows\is-N7673.lst [2011/04/05 13:21:21 | 000,709,456 | ---- | C] () -- C:\Windows\is-90E9C.exe [2011/04/05 13:21:21 | 000,010,562 | ---- | C] () -- C:\Windows\is-90E9C.msg [2011/04/05 13:21:21 | 000,000,332 | ---- | C] () -- C:\Windows\is-90E9C.lst [2011/04/05 11:56:56 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~26140448r [2011/04/05 11:56:56 | 000,000,104 | -H-- | C] () -- C:\ProgramData\~26140448 [2011/04/05 11:56:48 | 000,000,583 | -H-- | C] () -- C:\Users\Carrie\Desktop\Windows Restore.lnk [2011/04/05 11:56:42 | 000,000,328 | -H-- | C] () -- C:\ProgramData\26140448 [2011/04/05 11:56:40 | 000,479,232 | -H-- | C] () -- C:\ProgramData\26140448.exe [2011/04/05 11:47:38 | 000,118,272 | -H-- | C] () -- C:\Windows\System32\drivers\160C2DA.sys [2011/04/01 10:52:11 | 000,286,901 | -H-- | C] () -- C:\Users\Carrie\Documents\more-feature-2.jpg [2011/03/29 09:25:32 | 000,013,094 | -H-- | C] () -- C:\Users\Carrie\Desktop\hrtdivw.gif [2011/03/29 09:25:00 | 000,008,845 | -H-- | C] () -- C:\Users\Carrie\Desktop\Pics0609.gif [2011/03/29 09:22:41 | 000,066,066 | -H-- | C] () -- C:\Users\Carrie\Desktop\Header0609.jpg [2011/03/29 00:19:42 | 000,041,762 | -H-- | C] () -- C:\Users\Carrie\Desktop\trevlolz.jpg [2011/03/21 17:21:56 | 000,000,887 | -H-- | C] () -- C:\Users\Public\Desktop\CoffeeCup Free Zip Wizard.lnk [2011/03/21 17:19:20 | 000,237,763 | -H-- | C] () -- C:\Users\Carrie\Desktop\WHN8E36.tmp.mht [2011/03/21 16:41:49 | 087,420,300 | -H-- | C] () -- C:\Users\Carrie\Desktop\312.zip [2011/03/12 21:28:14 | 000,096,702 | -H-- | C] () -- C:\Users\Carrie\Desktop\shot web.jpg [2011/03/12 14:33:47 | 000,130,564 | -H-- | C] () -- C:\Users\Carrie\Desktop\desktop.jpg [2011/03/09 03:18:29 | 000,052,027 | -H-- | C] () -- C:\Users\Carrie\Documents\halloween.jpg [2011/03/09 01:50:48 | 000,282,188 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002557.jpg [2011/03/09 01:49:52 | 000,257,277 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002530.jpg [2011/03/09 01:46:02 | 000,187,552 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002250.jpg [2011/03/09 01:45:17 | 000,256,952 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002213.jpg [2011/03/09 01:44:29 | 000,246,945 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002137.jpg [2011/03/09 01:43:42 | 000,198,015 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002054.jpg [2011/03/09 01:43:04 | 000,266,441 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_001833.jpg [2011/03/09 01:37:49 | 000,249,079 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_001808.jpg [2011/03/09 01:37:00 | 000,298,590 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_030911_002839.jpg [2011/03/09 01:35:58 | 000,196,346 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_113010_004538.jpg [2011/03/09 01:34:00 | 000,308,973 | -H-- | C] () -- C:\Users\Carrie\Documents\WoWScrnShot_112110_211315.jpg [2010/12/19 00:43:51 | 000,000,077 | ---- | C] () -- C:\Windows\cdplayer.ini [2010/11/21 20:39:43 | 000,000,036 | -H-- | C] () -- C:\Users\Carrie\AppData\Local\housecall.guid.cache [2009/10/20 14:19:30 | 000,053,299 | -H-- | C] () -- C:\Windows\System32\pthreadVC.dll [2009/07/02 23:26:48 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat [2008/10/04 14:28:54 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2008/09/13 21:16:47 | 003,786,760 | -H-- | C] () -- C:\Windows\System32\D3DX9_37.dll [2008/05/26 00:35:54 | 000,000,680 | -H-- | C] () -- C:\Users\Carrie\AppData\Local\d3d9caps.dat [2008/02/19 23:11:51 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI [2008/01/23 19:37:33 | 000,062,739 | -H-- | C] () -- C:\Users\Carrie\AppData\Roaming\nvModes.001 [2008/01/23 19:34:06 | 000,062,739 | -H-- | C] () -- C:\Users\Carrie\AppData\Roaming\nvModes.dat [2008/01/22 21:01:12 | 000,052,736 | -H-- | C] () -- C:\Users\Carrie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/01/18 18:44:24 | 000,167,936 | -H-- | C] () -- C:\Windows\System32\nvccoin.dll [2008/01/18 18:44:23 | 000,016,480 | -H-- | C] () -- C:\Windows\System32\rixdicon.dll [2008/01/18 18:41:36 | 000,061,440 | ---- | C] () -- C:\Windows\System32\ntprint.exe [2008/01/18 18:24:10 | 003,547,136 | -H-- | C] () -- C:\Windows\System32\nvvitvs.dll [2008/01/18 18:24:09 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\nvgamesr.dll [2008/01/18 11:21:51 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2008/01/18 11:08:18 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin [2008/01/18 11:03:21 | 000,000,628 | -H-- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini [2008/01/18 11:03:18 | 000,101,376 | -H-- | C] () -- C:\Windows\System32\APOMngr.dll [2008/01/18 11:03:18 | 000,066,560 | -H-- | C] () -- C:\Windows\System32\CmdRtr.dll [2008/01/18 10:50:59 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2007/07/25 18:40:02 | 000,999,424 | -H-- | C] () -- C:\Windows\System32\WLIHVUI.dll [2006/11/10 09:26:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\atiicdxx.dat [2006/11/07 15:25:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\px.ini [2006/11/03 19:25:56 | 000,389,120 | -H-- | C] () -- C:\Windows\System32\btwhidcs.dll [2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 08:47:37 | 002,149,648 | -H-- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:34:33 | 000,038,400 | ---- | C] () -- C:\Windows\System32\dmloader.dll [2006/11/02 06:33:01 | 000,287,440 | -H-- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 06:33:01 | 000,154,646 | -H-- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 06:33:01 | 000,030,674 | -H-- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 06:33:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 06:25:44 | 000,159,744 | -H-- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 06:23:21 | 000,215,943 | -H-- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 05:03:35 | 001,029,120 | ---- | C] () -- C:\Windows\System32\d3d10.dll [2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 04:57:02 | 000,017,408 | ---- | C] () -- C:\Windows\System32\ias.dll [2006/11/02 04:52:25 | 000,016,488 | -H-- | C] () -- C:\Windows\System32\drivers\i2omgmt.sys [2006/11/02 04:51:15 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\mskssrv.sys [2006/11/02 04:47:42 | 000,044,544 | ---- | C] () -- C:\Windows\System32\deskmon.dll [2006/11/02 04:46:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\gpedit.dll [2006/11/02 04:43:42 | 000,132,096 | ---- | C] () -- C:\Windows\System32\scksp.dll [2006/11/02 04:37:47 | 000,005,632 | ---- | C] () -- C:\Windows\System32\KBDBASH.DLL [2006/11/02 04:33:44 | 000,281,088 | ---- | C] () -- C:\Windows\System32\cmipnpinstall.dll [2006/11/02 04:32:40 | 000,034,816 | ---- | C] () -- C:\Windows\System32\waitfor.exe [2006/11/02 04:19:00 | 000,000,741 | -H-- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 03:40:29 | 000,013,750 | -H-- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 03:25:31 | 000,673,088 | -H-- | C] () -- C:\Windows\System32\mlang.dat [2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2006/09/17 01:36:50 | 000,520,192 | -H-- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/09/17 01:36:50 | 000,204,800 | -H-- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2001/11/14 14:56:00 | 001,802,240 | -H-- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2011/01/20 12:45:32 | 000,000,000 | -H-D | M] -- C:\Users\Carrie\AppData\Roaming\acccore [2010/09/20 20:47:02 | 000,000,000 | -H-D | M] -- C:\Users\Carrie\AppData\Roaming\Canon [2011/03/04 13:01:54 | 000,000,000 | -H-D | M] -- C:\Users\Carrie\AppData\Roaming\Jasc [2010/04/03 22:59:44 | 000,000,000 | -H-D | M] -- C:\Users\Carrie\AppData\Roaming\ManyCam [2009/08/03 17:10:30 | 000,000,000 | -H-D | M] -- C:\Users\Carrie\AppData\Roaming\NCH Swift Sound [2009/06/08 01:15:02 | 000,000,000 | -H-D | M] -- C:\Users\Carrie\AppData\Roaming\Pogo Games [2009/06/08 01:15:13 | 000,000,000 | -H-D | M] -- C:\Users\Carrie\AppData\Roaming\ScanSoft [2011/04/05 13:06:33 | 000,032,596 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:588B60C7 < End of report > OTL Extras logfile created on: 4/7/2011 5:35:46 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Carrie\Downloads Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free 6.00 Gb Paging File | 6.00 Gb Available in Paging File | 94.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 220.31 Gb Total Space | 111.95 Gb Free Space | 50.82% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 3.05 Gb Free Space | 30.48% Space Free | Partition Type: NTFS Computer Name: CARRIE-LAPTOP | User Name: Carrie | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-167150308-33276035-3128934323-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3211B9E8-9591-4BBE-934B-D28A42314CCC}" = rport=137 | protocol=17 | dir=out | app=system | "{3B6671F2-1DEB-4C1D-90EC-162B67675961}" = lport=445 | protocol=6 | dir=in | app=system | "{6CD888EA-C040-42AF-8613-58B3982C26A2}" = rport=139 | protocol=6 | dir=out | app=system | "{7332B232-5209-42DD-8AD5-9E7C43BA3563}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{82F02F00-5E12-401D-9064-5A62614A67E2}" = rport=445 | protocol=6 | dir=out | app=system | "{AD96B137-513D-4B28-9B23-1B46284AED33}" = lport=137 | protocol=17 | dir=in | app=system | "{B4695CEA-CD54-4A65-834D-B66E6FC82CF6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{BE5EAA09-34CD-471A-A473-8353B190C37D}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{E0608016-2DB1-42BE-8B73-6F67B8B05331}" = lport=138 | protocol=17 | dir=in | app=system | "{E3FB7E2D-8501-43FD-9C00-57B9A6E679FC}" = rport=138 | protocol=17 | dir=out | app=system | "{F5F9F209-6B73-4505-A5BA-701EF1A8B626}" = lport=139 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{005A21F4-093E-4F86-9196-1CA9DAC2976D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | "{0A1285A8-3388-481A-830E-4B9555F53B74}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe | "{0B001ADD-CA27-451E-8DC2-D4108A528C12}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{0BC31D58-D37F-47D4-BCC9-4808E941BBB6}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | "{0FB87337-AC2B-49E1-A702-7E42D271FFA5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{178D2A24-EC81-42F4-8D5B-25D41A1DC46F}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe | "{18C53331-8ED2-44DC-B70D-358A83101962}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe | "{1CE414D2-39B5-46EE-A46E-7712A307838E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | "{1DFCD60B-97B5-4CF1-BCD9-664FFEE2786D}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe | "{1FB3E420-79F9-4754-AA30-D931B0A9D2EF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{24C77E8E-D37F-406E-B46D-5E029EDF0294}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe | "{2CFC0D0D-D6CD-4849-ACB4-8B4331E950C9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{35D2DA1A-1D5D-4FAA-95C0-B5F4B779E28A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3A5B7528-6ABA-4A43-9E72-94D78C2D6346}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{3E94EF14-7CAA-4E1C-AC91-308CA8E85C87}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "{4D18B123-3E7F-4625-B302-2A9AF81DB086}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe | "{4EDE9B45-E2EE-4B7A-A532-A4247336CD35}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{50A4BBDA-8C9C-4B73-B216-9A2AD1F48E4D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | "{540D911F-4AE1-439D-A1DE-67A25271E7B4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{552C05A7-CA3C-415D-B362-6C1BF002FD22}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{560C457B-1309-451C-A10B-54FE221866B6}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1247105899\ee\aolsoftware.exe | "{564107DF-8ECA-4FC4-9292-615AC70145AC}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe | "{57E96C8D-4D82-4A0F-AF84-F0945DA3ACE7}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{58EEC94C-CB90-4768-BB2B-2035BB0E0081}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe | "{5A9AEA89-9953-4E0D-A907-80F99C0802D2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{61CC8921-F5AA-4BF7-893C-C2E7F0BAFAF3}" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe | "{638BD641-2A41-4C12-9ED0-2CCCDC974DE0}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{6ACDF1EF-DA9A-4AEC-BE91-939D1891D9A1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{6C23B96E-A2C8-42CC-8792-5B94509B0C6E}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "{6CE0341C-64E1-4B8B-934A-67B2A15944FF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6FA5E969-2E99-4A2A-AE21-AED4D4893BFE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{75749C0B-EF29-4CE4-8802-6FF17BDC2FD8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{81451725-2A4A-4FD5-B319-0F4CD2942F15}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{8424EE59-943D-4841-ABE4-4450347259C4}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{858366E3-183C-4B00-82A8-B8716C72734D}" = protocol=6 | dir=in | app=c:\windows\temp\~os163c.tmp\rlvknlg.exe | "{8616CEB5-60E8-45C6-80DE-D0463792753C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | "{862A13A9-2A9D-4659-9992-69D569E7CBA9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{86F8FB64-AED5-4110-A705-792855442375}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe | "{87002E23-58F3-4BB3-A423-278CB77CBDC5}" = protocol=6 | dir=in | app=c:\windows\temp\~os5080.tmp\rlvknlg.exe | "{8B0A246E-699B-47BE-B734-1667E1F48A4F}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{92AEC2C3-B5E3-4B4B-A050-3150BC07A896}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | "{98BBFADB-91A5-4E42-B623-5F1A610A507D}" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe | "{990E9E1D-9772-4981-A5B5-8CC94CDA9E26}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{9E8F0760-5737-4996-9DB9-104E7F1462E4}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | "{AFDD0D0D-E8B6-456F-9DF8-1DBE4A238116}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B1DEFA83-9260-4F17-8BAB-5BE3C7D7C64F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{B610D7E4-0B3D-46AD-B0A5-D7547F8427A6}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe | "{B795D09B-DB99-4564-864B-B5CE3B1EEE55}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{B94F8A27-F14D-4A64-9F99-990C3C701FE9}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe | "{B9D54D9D-8E9E-4A4D-BE59-D174BE39D254}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BB3CFE6A-C748-4656-81A3-AFE1D2D39101}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1247105899\ee\aolsoftware.exe | "{BD1E9638-5A3B-4905-ADFD-6240FE8467A4}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{C150DEA6-1144-4BBF-AEC7-9D6AF45024E9}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{C3BD8A88-E2F4-4E3D-8178-CDA3A15A4FF3}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{C5D09265-6CC7-4B24-8E7A-0C96CB57623C}" = protocol=6 | dir=in | app=c:\windows\temp\~os8d79.tmp\rlvknlg.exe | "{CC54BD02-69B8-4D66-B6D5-B2B5D79D0E69}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{CF2466E7-923B-4459-873C-1E3331BAF934}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D8865C8F-9B97-418E-ADCD-B0E382CF1A5D}" = protocol=6 | dir=in | app=c:\users\carrie\appdata\local\temp\~os90cc.tmp\rlvknlg.exe | "{D9EC9317-D9E5-46ED-842A-773D0C562045}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{DAF274FE-B8E8-4A8F-8549-0DB205C282D3}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | "{DDED0141-E36F-48F8-A59E-856A4FFF811B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EA21032E-6829-4406-ABCC-DFB0B65676B5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F4CACEDD-E4CD-446C-B648-B74CAF2E2FD3}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe | "{F4D07CEF-1D66-4E35-B5AC-CFFFC73018F2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F851FDE4-4242-4F46-83B1-E57B2135574C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F868543C-AD32-4569-B8F0-8E3304F4E8D7}" = protocol=6 | dir=in | app=c:\windows\temp\~os6558.tmp\rlvknlg.exe | "{FC8ACDB8-6696-4D81-8C35-57F55FA87A7E}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0 "{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install "{2BA09774-34F7-4A06-8C7E-B69E44CB9EB0}" = DriverBoost "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6 "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0 "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2 "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online "{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.1 "{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB "{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1" = Trend Micro RUBotted 2.0 Beta "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides "{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin "{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp "{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer "{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100 "{A2289997-10A3-48F2-AA03-99180D761661}" = Fingerprint Reader Suite 5.6 "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0 "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries "{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE "{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 "{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher "{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4 "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E518C80C-C549-40E1-844C-669ED64195D3}" = FTP Surfer "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype
  11. ooglefish3
    Any help would be appreciated
  12. ooglefish3
    During this last session online, this "Windows Restore" window popped-up, running a scan. I stopped it before it went further BUT, it is tossing up all kinds of error msgs about IDE, Hard drive not found, memory errors you name it. My desktop has given way to a black background, all desktop items are not showing, except a couple of your basic desktop items. Cannot access my Task Manager. I am currently running in Safe Mode w networking. When I downloaded Malwarebytes, it downloaded but, would not install giving me a Access Denied. Even attempted to change the Malware file name with no success. This is Windows vista, on a Dell XPS Laptop M1530 any help would be HUGE!!!! By the way, here in safe mode, none of my desktop items come up, only a Windows Help and Support window and a Microsoft visual C++ Runtime error saying it has asked runtime to terminate in an unusual way. Thanks C
  13. ooglefish3
    Those instructions are useless. As stated, I can download the Malware program It will NOT install, with a window Access Denied. I have renamed the file to see if this worked but, to no avail.
  14. ooglefish3
    During this last session online, this "Windows Restore" window popped-up, running a scan. I stopped it before it went further BUT, it is tossing up all kinds of error msgs about IDE, Hard drive not found, memory errors you name it. My desktop has given way to a black background, all desktop items are not showing, except a couple of your basic desktop items. Cannot access my Task Manager. I am currently running in Safe Mode w networking. When I downloaded Malwarebytes, it downloaded but, would not install giving me a Access Denied. This is Windows vista, on a Dell XPS Laptop M1530 any help would be HUGE!!!! By the way, here in safe mode, none of my desktop items come up, only a Windows Help and Support window and a Microsoft visual C++ Runtime error saying it has asked runtime to terminate in an unusual way. Thanks C
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.