Jump to content

Recommended Posts

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6319

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

4/12/2011 6:33:02 PM

mbam-log-2011-04-12 (18-33-02).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)

Objects scanned: 215923

Time elapsed: 54 minute(s), 59 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 2

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Hi abbygirl,

:welcome: My name is SpySentinel and I will be helping you clean up your computer.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Link to post
Share on other sites

OTL Extras logfile created on: 4/13/2011 7:58:02 AM - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = D:\Documents and Settings\Kathleen\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 84.00% Memory free

5.00 Gb Paging File | 4.00 Gb Available in Paging File | 94.00% Paging File free

Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files

Drive C: | 1.46 Gb Total Space | 0.21 Gb Free Space | 14.09% Space Free | Partition Type: NTFS

Drive D: | 78.13 Gb Total Space | 66.10 Gb Free Space | 84.60% Space Free | Partition Type: NTFS

Drive E: | 153.28 Gb Total Space | 141.87 Gb Free Space | 92.55% Space Free | Partition Type: NTFS

Drive H: | 465.76 Gb Total Space | 465.41 Gb Free Space | 99.92% Space Free | Partition Type: NTFS

Computer Name: KATHLEEN-00DDT8 | User Name: Kathleen | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.exe [@ = exefile] -- Reg Error: Value error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"D:\Program Files\iolo\System Mechanic Professional\SysMech.exe" = D:\Program Files\iolo\System Mechanic Professional\SysMech.exe:*:Enabled:iolo System Shield

Link to post
Share on other sites

OTL logfile created on: 4/13/2011 8:54:43 AM - Run 3

OTL by OldTimer - Version 3.2.22.3 Folder = D:\Documents and Settings\Kathleen\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free

5.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free

Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files

Drive C: | 1.46 Gb Total Space | 0.21 Gb Free Space | 14.09% Space Free | Partition Type: NTFS

Drive D: | 78.13 Gb Total Space | 66.08 Gb Free Space | 84.58% Space Free | Partition Type: NTFS

Drive E: | 153.28 Gb Total Space | 141.87 Gb Free Space | 92.55% Space Free | Partition Type: NTFS

Drive H: | 465.76 Gb Total Space | 465.41 Gb Free Space | 99.92% Space Free | Partition Type: NTFS

Computer Name: KATHLEEN-00DDT8 | User Name: Kathleen | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\Documents and Settings\Kathleen\Desktop\OTL.exe (OldTimer Tools)

PRC - D:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe (iolo technologies, LLC)

PRC - D:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe ()

PRC - D:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)

PRC - D:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe (Authentium, Inc)

PRC - D:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe (Authentium, Inc)

PRC - D:\Program Files\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe ()

PRC - D:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)

PRC - D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe (Hewlett-Packard Co.)

PRC - D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe (Hewlett-Packard Co.)

PRC - D:\WINDOWS\system32\HPZipm12.exe (HP)

PRC - D:\Program Files\Exif Launcher\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)

========== Modules (SafeList) ==========

MOD - D:\Documents and Settings\Kathleen\Desktop\OTL.exe (OldTimer Tools)

MOD - D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found

SRV - (AppMgmt) -- File not found

SRV - (ioloSystemService) -- D:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)

SRV - (ioloFileInfoList) -- D:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)

SRV - (vseqrts) -- D:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe (Authentium, Inc)

SRV - (vsedsps) -- D:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe (Authentium, Inc)

SRV - (vseamps) -- D:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe (Authentium, Inc)

SRV - (McComponentHostService) -- D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)

SRV - (CEEBC40A-FDED-4C59-B354-939132350B01) -- D:\Program Files\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe ()

SRV - (Pml Driver HPZ12) -- D:\WINDOWS\system32\HPZipm12.exe (HP)

========== Driver Services (SafeList) ==========

DRV - (FileDisk) -- D:\WINDOWS\System32\drivers\filedisk.sys (iolo technologies, LLC (based on original work by Bo Brant

Link to post
Share on other sites

  • 5 weeks later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.