Jump to content

Java 6 Update 21 Installation Failed


LuckyCat

Recommended Posts

  • Replies 66
  • Created
  • Last Reply

STEP 01

Okay we're going to take a shotgun approach to this and see if it fixes it so MAKE SURE you run Step 01 to backup your Registry in case we do want to put it bacck.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from here
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • Use the default install settings but say NO to the portion that asks you to add ERUNT to the Start-Up folder. You can enable this option later if you wish.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected.

    [*]Click on OK

    [*]Then click on YES to create the folder.

Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

STEP 02

Delete the copy fo combofix.exe you have and download a new one.

Then temporarily DISABLE your Anti-Virus guard on Avira to run this.

Using your mouse, Highlight and then Right-click | Copy the entire contents of the Code box below, including blank lines

RegLockDel::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216010FF}]
[HKEY_CURRENT_USER\Software\JavaSoft]
[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft]

Registry::
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"=hex(7):73,63,65,63,6c,69,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

Open a new Notepad session (Do not use a Word Processor or WordPad). Click "Format" and be certain that Word Wrap is not enabled. Right-click | Paste the Code box contents from above into Notepad. Click File, Save as..., and set the location to your Desktop, and enter (including quotation marks) as the filename: "CFscript.txt" .

Using your mouse, drag the new file CFscript.txt and drop it on the Combo-Fix.exe icon as shown:

CFScript.gif

  • Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
  • Disable your Antivirus software. If it has Script Blocking features, please disable these as well.
  • A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.
    When the scan completes Notepad will open with with your results log open. Do a File, Exit.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

Post back the Combofix log on your next reply.

STEP 03

You should already have CCLEANER installed so now just right click over your Recycle Bin and select to Run CCleaner.

STEP 04

Please visit this site and restore Firefox back to the factory default settings.

Restore Firefox Default Settings Without Uninstalling It

STEP 05

  • Download the latest version of Java Runtime Environment (JRE) 21 and save it to your desktop.
  • Scroll down to where it says JDK 6 Update 21 (JDK or JRE)
  • Click the Download JRE button to the right
  • Select the Windows platform from the dropdown menu.
  • Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6u21 with JavaFX 1 License Agreement". Click on Continue. The page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Click to launch the installer for Java

Post back your results please.

Link to post
Share on other sites

Here we go:

DDS (Ver_10-03-17.01) - NTFSx86

Run by Owner at 9:08:56.94 on Sat 09/04/2010

Internet Explorer: 6.0.2900.5512

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.242 [GMT -4:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\WINDOWS\system32\npkcmsvc.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\explorer.exe

C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank

BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [updateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [blackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background

mRun: [soundMan] SOUNDMAN.EXE

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

Notify: AtiExtEvent - Ati2evxx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\ddqu81zm.default\

FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr

ef", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2004-6-1 6016]

R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [2004-5-12 97408]

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-8-27 11608]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-8-27 135336]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-8-27 267432]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-8-27 60936]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

=============== Created Last 30 ================

2010-09-01 21:20:03 221184 ----a-w- c:\windows\system32\wmpns.dll

2010-09-01 21:12:59 32866 ------w- c:\windows\slrundll.exe

2010-09-01 21:12:59 0 d-----w- c:\windows\system32\scripting

2010-09-01 21:12:58 0 d-----w- c:\windows\l2schemas

2010-09-01 21:12:57 0 d-----w- c:\windows\system32\en

2010-09-01 21:12:57 0 d-----w- c:\windows\system32\bits

2010-09-01 21:10:27 0 d-----w- c:\windows\ServicePackFiles

2010-09-01 21:10:03 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe

2010-09-01 21:04:15 19569 ----a-w- c:\windows\002621_.tmp

2010-09-01 21:03:59 26488 ----a-w- c:\windows\system32\spupdsvc.exe

2010-09-01 21:01:00 0 d-----w- c:\windows\EHome

2010-08-29 16:14:41 0 d-sha-r- C:\cmdcons

2010-08-29 16:12:23 98816 ----a-w- c:\windows\sed.exe

2010-08-29 16:12:23 77312 ----a-w- c:\windows\MBR.exe

2010-08-29 16:12:23 256512 ----a-w- c:\windows\PEV.exe

2010-08-29 16:12:23 161792 ----a-w- c:\windows\SWREG.exe

2010-08-28 01:55:51 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-08-28 01:55:50 0 d-----w- c:\program files\Avira

2010-08-28 01:55:50 0 d-----w- c:\docume~1\alluse~1\applic~1\Avira

2010-08-27 20:36:37 0 d-----w- C:\_OTM

2010-08-26 19:02:33 0 d-----w- c:\program files\ESET

2010-08-24 23:51:27 0 d-----w- c:\windows\pss

2010-08-20 00:21:00 0 d--h--w- c:\windows\PIF

2010-08-17 04:57:26 0 d-----w- c:\windows\system32\?

Attach.zip

Link to post
Share on other sites

Please run the following.

  1. Download the Event Viewer Tool by Vino Rosso VEW and save it to your Desktop:
  2. Double-click VEW.exe
  3. Under 'Select log to query', select:
    • Application
    • System

[*]Under 'Select type to list', select:

  • Error

[*] Click the radio button for 'Number of events'

[*]Type 10 in the 1 to 20 box

[*]Then click the Run button.

[*]Notepad will open with the output log.

Please post the Output log in your next reply

Link to post
Share on other sites

here we go :blink:

Vino's Event Viewer v01c run on Windows XP in English

Report run at 06/09/2010 11:04:16 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 29/08/2010 11:24:29 AM

Type: error Category: 0

Event: 0 Source: pctsSvc.exe

The event description cannot be found.

Log: 'Application' Date/Time: 25/08/2010 8:34:42 PM

Type: error Category: 0

Event: 1 Source: JavaQuickStarterService

The event description cannot be found.

Log: 'Application' Date/Time: 25/08/2010 8:26:46 PM

Type: error Category: 0

Event: 1 Source: JavaQuickStarterService

The event description cannot be found.

Log: 'Application' Date/Time: 25/08/2010 8:22:01 PM

Type: error Category: 0

Event: 1 Source: JavaQuickStarterService

The event description cannot be found.

Log: 'Application' Date/Time: 25/08/2010 8:12:22 PM

Type: error Category: 0

Event: 1 Source: JavaQuickStarterService

The event description cannot be found.

Log: 'Application' Date/Time: 25/08/2010 5:06:08 PM

Type: error Category: 0

Event: 1 Source: JavaQuickStarterService

The event description cannot be found.

Log: 'Application' Date/Time: 25/08/2010 4:50:57 PM

Type: error Category: 0

Event: 1 Source: JavaQuickStarterService

The event description cannot be found.

Log: 'Application' Date/Time: 25/08/2010 4:44:55 PM

Type: error Category: 0

Event: 1 Source: JavaQuickStarterService

The event description cannot be found.

Log: 'Application' Date/Time: 25/08/2010 2:48:18 PM

Type: error Category: 0

Event: 1 Source: JavaQuickStarterService

The event description cannot be found.

Log: 'Application' Date/Time: 25/08/2010 2:30:50 PM

Type: error Category: 0

Event: 1 Source: JavaQuickStarterService

The event description cannot be found.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 03/09/2010 11:48:15 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 03/09/2010 11:48:15 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 03/09/2010 11:48:15 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 03/09/2010 11:48:15 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 03/09/2010 11:48:15 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 03/09/2010 11:48:15 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 03/09/2010 11:48:15 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 03/09/2010 11:48:14 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 03/09/2010 11:48:14 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 03/09/2010 11:48:14 AM

Type: error Category: 0

Event: 7023 Source: Service Control Manager

The Application Management service terminated with the following error: The specified module could not be found.

Link to post
Share on other sites

Well the one is an installer and the other is just the updater log. Please try to manually run the installer again and watch and see if you can find the log.

From the command line you can run something like this to force the creation of an install log file: C:\TEMP\ jre-6u21-windows-i586.exe /L C:\java_setup.log

Link to post
Share on other sites

Please see if this folder exists and delete it. C:\Windows\Installer\{26A24AE4-039D-4CA4-87B4-2F83216016FF} it will probably contain a file named sp1033.MST just delete that folder and file.

Then search for 26A24AE4-039D-4CA4-87B4-2F83216016FF in the registry and remove it.

Then try the installer again with the logging enabled.

Link to post
Share on other sites

Strange as the log show that it finds it and won't proceed because it too is unable to really locate it. So it appears to have some other reference to that location that is confusing it.

I'll have to keep looking to see what I can find. You might be able to obtain support from Sun about it. http://www.java.com/en/download/support.jsp

Link to post
Share on other sites

try exporting as a hive your HKLM and HKU branches in the Registry. Then zip them up and upload them to like Rapidshare. Do not post the link here, just send me a PM with the link and I'll take a look at it further.

Also run the following program and post back the log.

download this program OTL.exe to your desktop.


  • Close all applications and windows so that you have nothing open and are at your Desktop

  • Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.

  • Place a checkmark in the
    "Scan All Users"
    checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)

  • Click the Run Scan button

  • NOTE:
    Please be patient and let the scan run without using the computer

  • When the scan is complete, a text file (
    OTListIt.Txt
    ) will open in Notepad (if not, it can be found on your Desktop)

  • In Notepad, click
    Edit
    ,
    Select all
    then
    Edit
    ,
    Copy

  • Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.

  • Submit your reply and close the Notepad window with
    OTList.txt

  • Also OTListIt's
    Extras.txt
    log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window

  • In Notepad, click
    Edit
    ,
    Select all
    then
    Edit
    ,
    Copy

  • Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.

  • NOTE:
    If the files (
    OTListIt.txt, Extras.txt
    ) do not appear in your taskbar, just open the files in notepad from your desktop.


Link to post
Share on other sites

Hey, when I tried exporting those sections as hives it did not work, it gave me this error: Cannot export "file name/location": Error writing the file. There may be a disk or file system error. Though it lets me save seperate entries as hives. I was able to save the sections you requested as .reg files though. Do you still want me to upload them as .reg files or am I doing it wrong? Anyway here are my logs :P

OTL logfile created on: 9/13/2010 1:28:03 AM - Run 1

OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Owner\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 223.00 Mb Available Physical Memory | 44.00% Memory free

1.00 Gb Paging File | 1.00 Gb Available in Paging File | 77.00% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149.05 Gb Total Space | 51.93 Gb Free Space | 34.84% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: OWNER

Current User Name: Owner

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/13 01:18:14 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe

PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009/08/31 12:25:16 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/08/11 01:49:07 | 000,061,523 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\system32\npkcmsvc.exe

PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe

========== Modules (SafeList) ==========

MOD - [2010/09/13 01:18:14 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe

MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010/02/25 13:09:00 | 003,416,060 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)

SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2007/08/11 01:49:07 | 000,061,523 | ---- | M] (INCA Internet Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\npkcmsvc.exe -- (npkcmsvc)

SRV - [2004/03/31 17:55:00 | 000,172,544 | ---- | M] (INCA Internet Co., Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\npkcsvc.exe -- (npkcsvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\scsk4.sys -- (scsk4)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\neokdss.sys -- (neokdss)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)

DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)

DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2007/07/11 16:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)

DRV - [2007/07/11 11:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)

DRV - [2007/07/11 11:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)

DRV - [2006/12/12 11:07:44 | 000,025,409 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npkcrypt.sys -- (npkcrypt)

DRV - [2005/03/22 23:00:57 | 001,034,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2004/08/04 08:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)

DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)

DRV - [2004/07/21 17:45:25 | 000,009,856 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)

DRV - [2004/06/08 18:13:49 | 000,003,968 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)

DRV - [2004/06/01 05:02:00 | 000,006,016 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atiide.sys -- (atiide)

DRV - [2004/05/12 02:01:18 | 000,097,408 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys -- (SI3112r)

DRV - [2004/03/25 04:04:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)

DRV - [2004/03/25 04:04:00 | 000,098,650 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)

DRV - [2004/03/25 04:04:00 | 000,085,978 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)

DRV - [2004/03/25 04:04:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)

DRV - [2004/03/25 04:04:00 | 000,025,691 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)

DRV - [2004/03/25 04:04:00 | 000,014,235 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)

DRV - [2004/03/25 04:04:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)

DRV - [2004/03/25 04:04:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)

DRV - [2004/03/25 04:04:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)

DRV - [2004/02/27 05:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)

DRV - [2004/02/13 06:21:00 | 000,086,160 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)

DRV - [2004/01/14 22:18:16 | 000,005,621 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)

DRV - [2004/01/14 22:18:04 | 000,023,219 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)

DRV - [2003/10/27 16:59:00 | 000,013,842 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atisgkaf.sys -- (caboagp)

DRV - [2003/10/14 23:28:16 | 000,010,240 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)

DRV - [2003/09/19 04:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)

DRV - [2002/12/17 14:41:36 | 000,042,368 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://sys.us.shuttle.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://sys.us.shuttle.com

IE - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/27 17:12:23 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/27 17:12:22 | 000,000,000 | ---D | M]

[2008/10/25 00:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions

[2008/10/25 00:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ddqu81zm.default\extensions

[2010/08/16 19:09:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/08/31 13:45:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)

O3 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [blackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [updateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-2337399782-1729757903-2279869524-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\PrxerNsp.dll ( )

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/02/22 16:18:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/13 01:18:06 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe

[2010/09/07 01:47:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sun

[2010/09/07 01:42:51 | 000,000,000 | ---D | C] -- C:\Temp

[2010/09/04 02:00:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent

[2010/09/04 02:00:01 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/09/04 01:58:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2010/09/01 17:19:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2010/09/01 17:13:28 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll

[2010/09/01 17:13:28 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll

[2010/09/01 17:13:21 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm

[2010/09/01 17:13:10 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll

[2010/09/01 17:13:09 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll

[2010/09/01 17:13:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll

[2010/09/01 17:13:08 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll

[2010/09/01 17:13:08 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll

[2010/09/01 17:13:08 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll

[2010/09/01 17:13:08 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll

[2010/09/01 17:13:08 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll

[2010/09/01 17:13:08 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll

[2010/09/01 17:13:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll

[2010/09/01 17:13:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll

[2010/09/01 17:13:08 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll

[2010/09/01 17:13:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll

[2010/09/01 17:13:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll

[2010/09/01 17:13:08 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll

[2010/09/01 17:13:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll

[2010/09/01 17:13:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll

[2010/09/01 17:13:07 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll

[2010/09/01 17:13:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll

[2010/09/01 17:13:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll

[2010/09/01 17:13:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll

[2010/09/01 17:13:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll

[2010/09/01 17:13:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll

[2010/09/01 17:13:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll

[2010/09/01 17:13:04 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll

[2010/09/01 17:13:04 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll

[2010/09/01 17:13:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe

[2010/09/01 17:13:04 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll

[2010/09/01 17:13:04 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll

[2010/09/01 17:13:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll

[2010/09/01 17:13:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe

[2010/09/01 17:13:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll

[2010/09/01 17:13:03 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll

[2010/09/01 17:13:03 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll

[2010/09/01 17:13:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll

[2010/09/01 17:13:03 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll

[2010/09/01 17:13:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll

[2010/09/01 17:13:03 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll

[2010/09/01 17:13:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll

[2010/09/01 17:13:02 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll

[2010/09/01 17:13:02 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe

[2010/09/01 17:13:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe

[2010/09/01 17:13:01 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll

[2010/09/01 17:13:01 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll

[2010/09/01 17:13:01 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll

[2010/09/01 17:13:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll

[2010/09/01 17:13:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax

[2010/09/01 17:12:59 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll

[2010/09/01 17:12:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting

[2010/09/01 17:12:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us

[2010/09/01 17:12:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas

[2010/09/01 17:12:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en

[2010/09/01 17:12:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits

[2010/09/01 17:10:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles

[2010/09/01 17:10:03 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe

[2010/09/01 17:07:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic

[2010/09/01 17:07:22 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys

[2010/09/01 17:07:20 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys

[2010/09/01 17:07:19 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys

[2010/09/01 17:07:18 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys

[2010/09/01 17:03:59 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe

[2010/09/01 17:01:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$

[2010/09/01 17:01:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome

[2010/09/01 16:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Dial-a-fix-v0.60.0.24

[2010/09/01 12:18:41 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT

[2010/08/31 21:00:39 | 331,805,736 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe

[2010/08/31 20:02:39 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe

[2010/08/31 20:02:26 | 001,185,128 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Owner\Desktop\ccsetup235_slim.exe

[2010/08/31 13:51:16 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HijackThis.exe

[2010/08/30 13:59:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Avira

[2010/08/29 23:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Aug 29

[2010/08/29 12:14:41 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010/08/29 12:12:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/08/29 12:12:23 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/08/29 12:12:23 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/08/29 12:12:23 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/08/29 12:11:43 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/08/27 21:55:52 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2010/08/27 21:55:51 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2010/08/27 21:55:51 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2010/08/27 21:55:51 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys

[2010/08/27 21:55:51 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

[2010/08/27 21:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

[2010/08/27 21:55:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira

[2010/08/27 19:30:13 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW.exe

[2010/08/27 19:29:14 | 000,703,352 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\autoruns.exe

[2010/08/27 16:36:37 | 000,000,000 | ---D | C] -- C:\_OTM

[2010/08/27 16:35:26 | 000,520,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTM.exe

[2010/08/26 18:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\JavaRa

[2010/08/26 15:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2010/08/25 20:48:37 | 000,000,000 | ---D | C] -- C:\ERDNT

[2010/08/25 20:47:16 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Owner\Desktop\WinsockxpFix.exe

[2010/08/25 14:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\new tools

[2010/08/24 19:51:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2010/08/24 19:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Threat Expert

[2010/08/22 17:15:44 | 073,891,792 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\setup_9.0.0.722_22.08.2010_19-47.exe

[2010/08/22 17:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Virus Removal Tool1

[2010/08/22 17:06:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Virus Removal Tool

[2010/08/19 20:21:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF

[2010/08/19 20:12:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/08/17 00:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010/08/17 00:06:48 | 000,000,000 | ---D | C] -- C:\ClamWinPortable

[2010/08/16 19:05:37 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymDS.sys

[2010/08/16 19:05:37 | 000,172,592 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymEFA.sys

[2010/08/16 19:05:37 | 000,116,272 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\Ironx86.sys

[2010/08/16 19:05:35 | 000,501,888 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\cchpx86.sys

[2010/08/16 19:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar

[2010/08/16 19:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton

[2010/08/16 19:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller

[2010/08/16 13:52:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes

[2010/08/16 13:52:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/08/16 13:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/08/16 13:52:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/08/16 13:52:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/08/16 00:28:07 | 036,598,544 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Owner\Desktop\sdsetup 3.exe

[2010/08/16 00:16:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.