|
Windows Vista Problem solving for the Windows Vista Operating System. Please remember to state which edition of Vista you are using - Home Basic, Home Premium, Business, Ultimate etc. and whether you are using the 32-bit or 64-bit version if you know. |
|
Topic Tools |
#1
|
|||
|
|||
Strange lock-up issue
I got all new parts for my computer about 4 months ago.
Windows Vista 64 Home Edition Core i7 920 -new 6GB Corsair DDR3 ram (triple channel) -new Asus P6T Motherboard -new Nvidia GeForce GTX 280 -new, bought in June 2009 - updated drivers* Razor Copperhead Mouse Logitech G11 Keyboard Also have a new 500 GB hard drive but forget what it is exactly. When i bought the processor, RAM, and motherboard the store ran a test to make sure things worked. Brought home new computer parts and installed Windows Vista. Ever since i have had this problem where randomly my computer will lose internet connection and then lock up moments later. My mouse will start to skip across the screen as a warning this is about to occur, so i normally restart my computer before it happens, But sometimes it happens faster than other times. I hope its not a hardware issue and if it is, then i would hope it was the RAM. Anyone that can help me, im not computer illiterate but not a whizz either. I would like to learn a few things on how i can test and fix this kinda stuff. Any help would be greatly appreciated. Last edited by Ding$Chavez; July 28th, 2009 at 10:45 PM. |
#2
|
|||
|
|||
dang, no one can help?
|
#3
|
||||
|
||||
Do you still need help Ding$Chavez? I cant help if the problem is hardware related however I can help troubleshoot software issues.
How do you connect and have you installed all Service Packs and updates? |
#4
|
|||
|
|||
yes i do!!
i understand that you can only help if it is software. I have connected in the past though a line directly to a router (Linksys) I also have a wireless card for my computer which i have re-installed now. i am Currently on service pack 2 windows update has not notified me of anything for a day now, although i keep getting windows defender updates daily it seems. |
#5
|
||||
|
||||
Ok, it might help if I can see what is running on your computer. Go here and download OTL.exe to your Desktop and doubleclick on it to open it. Scroll down to Extra Registry and click on "Use Safelist" Next click on "Run Scan" When the scan has finished, two logs will open. Copy and paste both reports in this topic. The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.
|
#6
|
|||
|
|||
OTL logfile created on: 7/31/2009 2:10:48 PM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Users\Terry\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18813) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465.76 Gb Total Space | 325.84 Gb Free Space | 69.96% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TERRY-PC4 Current User Name: Terry Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe PRC - [2009/06/11 21:24:48 | 00,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2009/07/20 21:09:42 | 00,189,184 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009/05/21 11:34:07 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe PRC - [2009/07/23 01:19:46 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2009/07/31 14:10:12 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Terry\Desktop\OTL.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running]) SRV:64bit: - [2008/01/20 21:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2009/03/29 23:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2009/03/29 23:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) SRV - [2008/01/20 21:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped]) SRV - [2008/01/20 21:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped]) SRV - [2006/11/02 10:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped]) SRV - [2009/02/18 13:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2009/02/18 13:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped]) SRV - [2006/11/02 04:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Running]) SRV - [2006/11/02 08:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped]) SRV - [2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped]) SRV - [2009/06/11 21:24:48 | 00,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe -- (PnkBstrA [Auto | Running]) SRV - [2009/07/20 21:09:42 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe -- (PnkBstrB [Auto | Running]) SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Auto | Running]) SRV - [2009/07/01 18:03:23 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Stopped]) SRV - [2006/11/02 01:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped]) SRV - [2006/11/02 01:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped]) ========== Driver Services (SafeList) ========== DRV:64bit: - [2006/10/06 21:13:22 | 00,550,912 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XV [On_Demand | Stopped]) DRV:64bit: - [2007/03/12 09:59:00 | 00,640,512 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\DRIVERS\WMP54GSx64.sys -- (BCM43XX [On_Demand | Running]) DRV:64bit: - [2006/05/24 11:51:14 | 00,013,824 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) -- C:\Windows\SysNative\drivers\copperhd.sys -- (copperhd [On_Demand | Running]) DRV:64bit: - [2009/03/27 01:23:54 | 00,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132 [On_Demand | Stopped]) DRV:64bit: - [2009/03/19 16:34:18 | 00,029,544 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV:64bit: - [2009/04/11 00:39:51 | 00,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running]) DRV:64bit: - [2005/03/29 01:30:38 | 00,008,192 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running]) DRV:64bit: - [2007/11/06 15:23:14 | 00,040,464 | ---- | M] (CACE Technologies) -- C:\Windows\SysNative\drivers\npf.sys -- (NPF [On_Demand | Stopped]) DRV:64bit: - [2009/05/25 06:51:00 | 00,207,872 | ---- | M] (Realtek ) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169 [On_Demand | Stopped]) DRV - [2006/09/18 16:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running]) DRV - [2006/09/18 16:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 67 4F A5 CC 11 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0 |
#7
|
|||
|
|||
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (en)" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.msn.com/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1 FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.0 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.12 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{20a8264 5-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 09:01:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/07/31 05:47:02 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/07/31 05:47:02 | 00,000,000 | ---D | M] [2009/07/18 23:21:12 | 00,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\mozilla\Extensions [2009/06/01 19:31:45 | 00,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\mozilla\Extensions\ {ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/07/18 23:21:12 | 00,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\mozilla\Extensions\ mozswing@mozswing.org [2009/07/30 20:18:45 | 00,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\mozilla\Firefox\Pro files\en2p2dq1.default\extensions [2009/06/24 13:56:19 | 00,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\mozilla\Firefox\Pro files\en2p2dq1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/07/13 14:17:42 | 00,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\mozilla\Firefox\Pro files\en2p2dq1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009/06/01 19:33:11 | 00,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\mozilla\Firefox\Pro files\en2p2dq1.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2009/07/16 09:36:40 | 00,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\mozilla\Firefox\Pro files\en2p2dq1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2009/07/25 18:00:01 | 00,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\mozilla\Firefox\Pro files\en2p2dq1.default\extensions\anycolor.pavlos2 56@gmail.com [2009/07/30 20:18:45 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009/07/23 01:19:47 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/07/18 23:20:21 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009/07/19 15:06:30 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [2009/07/23 01:19:46 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll [2009/07/23 01:19:46 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll [2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2009/05/21 11:33:58 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009/07/23 01:19:46 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009/06/12 10:37:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2009/06/12 10:37:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2009/06/12 10:37:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2009/06/12 10:37:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2009/06/12 10:37:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2009/06/12 10:37:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2009/06/12 10:37:25 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2009/06/02 18:18:22 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml [2009/06/02 18:18:22 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml [2009/06/02 18:18:22 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009/06/02 18:18:22 | 00,002,343 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml [2009/06/02 18:18:22 | 00,001,706 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2009/06/02 18:18:22 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml [2009/06/02 18:18:22 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (307184 bytes) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 10575 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: BindDirectlyToPropertySetStorage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15:64bit: - ..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...nt/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134 O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found |
#8
|
|||
|
|||
========== Files/Folders - Created Within 30 Days ==========
[2009/07/31 14:10:09 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Terry\Desktop\OTL.exe [2009/07/31 05:46:55 | 00,897,920 | ---- | C] (Microsoft Corporation) -- C:\Users\Terry\Desktop\WGAPluginInstall.exe [2009/07/31 05:37:13 | 65,778,0793 | ---- | C] () -- C:\Windows\MEMORY.DMP [2009/07/28 16:43:50 | 00,000,813 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2009/07/28 16:43:44 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2009/07/28 15:27:46 | 00,031,871 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009/07/28 15:27:46 | 00,031,871 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009/07/28 13:00:30 | 00,847,776 | ---- | C] (AVG Technologies) -- C:\Users\Terry\Desktop\avg_avwt_stb_all_8_30.exe [2009/07/28 12:30:48 | 09,233,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll [2009/07/28 12:30:48 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll [2009/07/28 12:30:47 | 11,067,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll [2009/07/28 12:30:46 | 12,458,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll [2009/07/28 12:30:45 | 02,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2009/07/28 12:30:45 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll [2009/07/28 12:30:45 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll [2009/07/28 12:30:44 | 01,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2009/07/28 12:30:44 | 01,484,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll [2009/07/28 12:30:44 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2009/07/28 12:30:44 | 01,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2009/07/28 12:30:44 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2009/07/28 12:30:44 | 00,700,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2009/07/28 12:30:44 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2009/07/28 12:30:44 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll [2009/07/28 12:30:44 | 00,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll [2009/07/28 12:30:44 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2009/07/28 12:30:44 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2009/07/28 12:30:44 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2009/07/28 12:30:43 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb [2009/07/28 12:30:43 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.tlb [2009/07/28 12:30:43 | 00,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2009/07/28 12:30:43 | 00,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2009/07/28 12:30:43 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2009/07/28 12:30:43 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2009/07/28 12:30:43 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2009/07/28 12:30:43 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2009/07/28 12:30:43 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2009/07/28 12:30:43 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2009/07/28 12:30:43 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2009/07/28 12:30:43 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2009/07/28 12:30:43 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2009/07/28 12:30:43 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll [2009/07/28 12:30:43 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2009/07/28 12:30:43 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2009/07/28 12:30:43 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll [2009/07/28 12:30:43 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2009/07/28 12:30:43 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll [2009/07/28 12:30:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2009/07/28 12:30:43 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2009/07/28 12:30:42 | 00,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2009/07/28 12:30:42 | 00,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2009/07/26 17:45:45 | 00,004,608 | ---- | C] () -- C:\Users\Terry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/07/19 15:06:29 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2009/07/19 15:06:29 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2009/07/19 15:06:29 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2009/07/18 23:21:18 | 00,000,000 | ---D | C] -- C:\Users\Terry\Documents\LimeWire [2009/07/18 23:20:54 | 00,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\LimeWire [2009/07/18 23:20:20 | 00,410,984 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll [2009/07/18 23:20:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2009/07/18 23:19:56 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\LimeWire [2009/07/14 14:17:55 | 00,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2009/07/14 14:17:55 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2009/07/14 14:17:55 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2009/07/14 14:17:55 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2009/07/14 14:17:55 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2009/07/14 14:17:55 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2009/07/14 14:17:55 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll [2009/07/14 14:17:54 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll [2009/07/14 09:31:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView [2009/07/08 04:29:00 | 14,285,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2009/07/08 04:29:00 | 11,632,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvlddmkm.sys [2009/07/08 04:29:00 | 10,379,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2009/07/08 04:29:00 | 07,611,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2009/07/08 04:29:00 | 04,352,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2009/07/08 04:29:00 | 03,148,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2009/07/08 04:29:00 | 02,304,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2009/07/08 04:29:00 | 01,704,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2009/07/08 04:29:00 | 01,317,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2009/07/08 04:29:00 | 00,989,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2009/07/08 04:29:00 | 00,733,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2009/07/08 04:29:00 | 00,678,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2009/07/08 04:29:00 | 00,539,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvudisp.exe [2009/07/08 04:29:00 | 00,167,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod157.dll [2009/07/08 04:29:00 | 00,167,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll [2009/07/08 04:29:00 | 00,011,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2009/07/08 04:29:00 | 00,010,156 | ---- | C] () -- C:\Windows\SysNative\nvdisp.nvu [2009/07/07 20:15:15 | 02,352,875 | -H-- | C] () -- C:\Users\Terry\AppData\Local\IconCache.db [2009/07/07 17:25:14 | 02,589,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcplui.exe [2009/07/07 17:25:14 | 01,627,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvs.dll [2009/07/07 17:25:14 | 00,410,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.cpl [2009/07/07 17:25:02 | 05,114,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgames.dll [2009/07/07 17:25:02 | 04,571,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvvitvs.dll [2009/07/07 17:25:02 | 03,679,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwss.dll [2009/07/07 17:25:02 | 01,640,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmobls.dll [2009/07/07 17:25:02 | 00,289,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmccss.dll [2009/07/07 17:25:00 | 04,417,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdisps.dll [2009/07/07 17:25:00 | 00,871,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2009/07/07 17:25:00 | 00,382,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvvsvc.exe [2009/07/07 17:25:00 | 00,235,357 | ---- | C] () -- C:\Windows\SysNative\NvApps.xml [2009/07/07 17:25:00 | 00,064,777 | ---- | C] () -- C:\Windows\SysNative\NvwsApps.xml [2009/07/07 17:24:58 | 16,315,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2009/07/07 17:24:58 | 00,238,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2009/07/07 17:24:58 | 00,082,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2009/07/07 12:30:29 | 21,369,93791 | -HS- | C] () -- C:\hiberfil.sys [2009/07/06 01:17:10 | 00,000,000 | ---D | C] -- C:\HammerAutosave [2009/07/05 00:17:29 | 00,000,000 | ---D | C] -- C:\ProgramData\Steam [2009/07/05 00:17:17 | 00,000,000 | ---D | C] -- C:\ProgramData\PopCap Games [2009/06/03 19:34:33 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009/06/03 19:33:56 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/01 19:17:25 | 00,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini [2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008/01/20 21:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2007/11/06 15:19:28 | 00,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2006/11/02 07:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini [2006/11/02 07:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini [2004/04/29 02:06:00 | 00,004,254 | ---- | C] () -- C:\Windows\SysWow64\WLAN.INI |
#9
|
|||
|
|||
========== Files - Modified Within 30 Days ==========
[2009/07/31 14:10:12 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Terry\Desktop\OTL.exe [2009/07/31 14:10:00 | 00,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5F912159-4A6C-45C9-A5E3-3723EB48834D}.job [2009/07/31 13:06:03 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/07/31 12:58:39 | 00,004,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/07/31 12:58:39 | 00,004,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/07/31 10:43:48 | 00,690,578 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2009/07/31 10:43:48 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2009/07/31 10:43:48 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2009/07/31 10:36:59 | 00,031,871 | ---- | M] () -- C:\ProgramData\nvModes.dat [2009/07/31 10:36:57 | 00,031,871 | ---- | M] () -- C:\ProgramData\nvModes.001 [2009/07/31 10:36:32 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/07/31 10:36:25 | 21,369,93791 | -HS- | M] () -- C:\hiberfil.sys [2009/07/31 06:03:38 | 02,352,875 | -H-- | M] () -- C:\Users\Terry\AppData\Local\IconCache.db [2009/07/31 05:46:57 | 00,897,920 | ---- | M] (Microsoft Corporation) -- C:\Users\Terry\Desktop\WGAPluginInstall.exe [2009/07/31 05:37:13 | 65,778,0793 | ---- | M] () -- C:\Windows\MEMORY.DMP [2009/07/28 16:43:50 | 00,000,813 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2009/07/28 13:00:33 | 00,847,776 | ---- | M] (AVG Technologies) -- C:\Users\Terry\Desktop\avg_avwt_stb_all_8_30.exe [2009/07/28 12:58:50 | 00,286,208 | ---- | M] () -- C:\Users\Terry\Desktop\gmer.exe [2009/07/26 17:46:04 | 00,004,608 | ---- | M] () -- C:\Users\Terry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/07/21 17:11:15 | 01,146,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2009/07/21 17:11:04 | 01,484,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll [2009/07/21 17:09:54 | 00,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2009/07/21 17:07:37 | 09,233,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll [2009/07/21 17:07:34 | 00,700,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2009/07/21 17:07:34 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll [2009/07/21 17:06:56 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2009/07/21 17:06:48 | 01,538,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2009/07/21 17:06:31 | 02,334,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2009/07/21 17:06:31 | 00,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2009/07/21 17:06:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2009/07/21 17:06:31 | 00,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2009/07/21 17:06:30 | 12,458,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll [2009/07/21 17:06:30 | 00,252,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2009/07/21 17:06:30 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2009/07/21 17:06:27 | 00,458,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll [2009/07/21 16:52:28 | 00,915,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2009/07/21 16:52:13 | 01,208,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll [2009/07/21 16:50:46 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2009/07/21 16:48:31 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll [2009/07/21 16:48:27 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2009/07/21 16:48:27 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll [2009/07/21 16:47:47 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll [2009/07/21 16:47:41 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2009/07/21 16:47:28 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2009/07/21 16:47:28 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2009/07/21 16:47:27 | 01,985,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll [2009/07/21 16:47:27 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2009/07/21 16:47:26 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll [2009/07/21 16:47:26 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2009/07/21 16:47:26 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2009/07/21 16:47:21 | 00,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll [2009/07/21 15:34:53 | 00,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2009/07/21 15:34:41 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2009/07/21 15:34:12 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2009/07/21 15:34:00 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.tlb [2009/07/21 15:13:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2009/07/21 15:13:51 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2009/07/21 15:13:15 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2009/07/21 15:12:49 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb [2009/07/21 14:09:32 | 00,057,667 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2009/07/21 13:31:43 | 00,057,667 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2009/07/20 21:09:42 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2009/07/20 21:09:42 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2009/07/14 14:42:05 | 00,229,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2009/07/08 04:29:00 | 14,285,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2009/07/08 04:29:00 | 11,632,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvlddmkm.sys [2009/07/08 04:29:00 | 10,379,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2009/07/08 04:29:00 | 09,466,880 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2009/07/08 04:29:00 | 07,611,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2009/07/08 04:29:00 | 04,352,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2009/07/08 04:29:00 | 03,148,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2009/07/08 04:29:00 | 02,304,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2009/07/08 04:29:00 | 01,704,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2009/07/08 04:29:00 | 01,317,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2009/07/08 04:29:00 | 01,227,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2009/07/08 04:29:00 | 00,989,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2009/07/08 04:29:00 | 00,733,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2009/07/08 04:29:00 | 00,678,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2009/07/08 04:29:00 | 00,539,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuninst.exe [2009/07/08 04:29:00 | 00,539,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvudisp.exe [2009/07/08 04:29:00 | 00,167,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod157.dll [2009/07/08 04:29:00 | 00,167,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll [2009/07/08 04:29:00 | 00,011,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2009/07/08 04:29:00 | 00,010,156 | ---- | M] () -- C:\Windows\SysNative\nvdisp.nvu [2009/07/07 17:25:14 | 02,589,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcplui.exe [2009/07/07 17:25:14 | 01,627,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvs.dll [2009/07/07 17:25:14 | 00,410,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.cpl [2009/07/07 17:25:02 | 05,114,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgames.dll [2009/07/07 17:25:02 | 04,571,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvvitvs.dll [2009/07/07 17:25:02 | 03,679,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwss.dll [2009/07/07 17:25:02 | 01,640,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmobls.dll [2009/07/07 17:25:02 | 00,289,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmccss.dll [2009/07/07 17:25:00 | 04,417,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdisps.dll [2009/07/07 17:25:00 | 00,871,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2009/07/07 17:25:00 | 00,382,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvvsvc.exe [2009/07/07 17:25:00 | 00,235,357 | ---- | M] () -- C:\Windows\SysNative\NvApps.xml [2009/07/07 17:25:00 | 00,064,777 | ---- | M] () -- C:\Windows\SysNative\NvwsApps.xml [2009/07/07 17:24:58 | 16,315,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2009/07/07 17:24:58 | 00,238,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2009/07/07 17:24:58 | 00,082,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2009/07/07 10:43:31 | 26,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe < End of report > |
#10
|
|||
|
|||
OTL Extras logfile created on: 7/31/2009 2:10:48 PM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Users\Terry\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18813) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465.76 Gb Total Space | 325.84 Gb Free Space | 69.96% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TERRY-PC4 Current User Name: Terry Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation) .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = 12 2F 9A 5A AE E4 C9 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1341053185-2746281881-2469104704-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile] "EnableFirewall" = 1 "DisableNotifications" = 0 |
#11
|
|||
|
|||
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules] "{3480597A-ADB0-4F91-95B3-87FDCCD9A20C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{3B85A6C9-6B26-4B66-BEFB-A198D9705F6E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{4083E20F-5820-4F62-825F-1E88E3DA97C5}" = lport=137 | protocol=17 | dir=in | app=system | "{4955DC5C-B908-4ED2-89EE-72B943356DC1}" = lport=138 | protocol=17 | dir=in | app=system | "{4B752552-C09A-486E-832B-9BBF0359094D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{51BBBC66-AA99-48CC-8C0F-11B2A83E91F1}" = rport=139 | protocol=6 | dir=out | app=system | "{5744C035-646F-4625-947A-D30A7E4836AB}" = rport=445 | protocol=6 | dir=out | app=system | "{5776C552-69EA-4D38-90DE-6FCB9109A534}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{77524A70-3D7A-4189-BDE1-1F8B50B8C129}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{77B4858D-449E-4F07-B53B-2FEAFF68EBE7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7E67AC75-38C7-4AB6-99DF-099DE93E7F36}" = lport=445 | protocol=6 | dir=in | app=system | "{9359C4E5-61CD-4575-9803-77DCA12538F3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AEDB0934-BD90-4423-B8D4-6662817B5B06}" = lport=139 | protocol=6 | dir=in | app=system | "{B8CDC0F3-A073-424A-9B61-A820C09AC114}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{C3CACF8D-786D-48E9-8140-FB9DACE979FC}" = rport=138 | protocol=17 | dir=out | app=system | "{CDFC7751-A1CE-4D0E-959F-6076B648BF63}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D940E7BE-851A-4412-8D75-6AC3CD40BA99}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E11C87CE-E0D8-4CB8-AC1F-AA32B34A6434}" = rport=137 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules] "{08626B93-5DFF-4965-8A5E-0B4502E45EBC}" = protocol=17 | dir=in | app=c:\program files (x86)\gamespy arcade\aphex.exe | "{0A8335C3-CA83-4995-9677-0E3486C2A544}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{0B8FCAFE-85CA-4544-882C-8F1AA33E81E5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{0D1A25D4-4D2D-44C8-8CF8-A4DEB8ED98D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe | "{162FC8E8-033B-45B6-92F6-D9D495AB5AF1}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{169800E7-ABDA-46D4-89A3-6B693E797C2F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe | "{17E7BCC3-2EF8-43AF-B453-B2E35F81A7FA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{1DC2BF49-0729-4347-BCA3-EF841F871D8F}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | "{2876546B-B235-44D3-82F5-6AF9A7D1A08D}" = protocol=17 | dir=in | app=c:\program files (x86)\curse\curseclient.exe | "{34C7E508-AAA4-4641-B4A2-9D85CF431785}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{359BA4B3-5726-4299-9463-F5AF489752CD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{3DF9E768-00B7-476C-8C37-B7DDE9A5F4CB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{3F405913-71D9-44B9-A122-BF13674EA021}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | "{40709C4D-4AA1-41B8-88AD-290E95D0E291}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe | "{41A93999-8766-463E-A54B-7BDA420A756C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{42E909CA-D942-4A46-A43D-CD097B3EB698}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{44077A8B-D1FB-4385-B0BF-A442CCFAA37B}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | "{5954E2F3-55C4-445F-9F96-40414FE063EC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{6A5F1EE3-D598-4997-8E8E-3040D292ECD0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{71ED5556-D09C-4BD8-B582-0B659CD91200}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | "{7EA2F665-8CAD-40B1-A775-A5408EA8B5CF}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | "{7F0E66D5-A164-496C-8F01-8BE5FFC3E962}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{80D7CC79-F412-4412-B7C5-4E7EDDF0870A}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | "{88EDEDEA-4635-40C4-B838-31D7E3BAAC91}" = protocol=6 | dir=in | app=c:\program files (x86)\curse\curseclient.exe | "{8AB00160-7402-403E-9B8A-C4F8F2A8ADCF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe | "{929A3EC6-AD97-414B-B238-BEB509CA2809}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe | "{96CC7AD3-25EA-4B62-B12C-DEE7E609BC95}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{A41D783D-06A7-49D8-85EE-9FABFE4D0652}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{AA32110C-6DB4-4203-A085-6BA931FA5FAE}" = protocol=6 | dir=in | app=c:\program files (x86)\gamespy arcade\aphex.exe | "{B5D57852-746F-445F-B76A-790288761521}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{BA89963F-1803-49AF-9361-BC5CEFFE65C9}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | "{BF27DCD2-AB38-499E-A6F6-E826C793CF89}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe | "{C335CA7F-07F7-4F8D-8AE1-9C9893FFCA61}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{C6843961-EB2D-40A4-8444-B615FC896A04}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C73BADD0-9984-4289-A41D-097E3BBEDA4A}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | "{D6CDE0A6-8BAC-4EB2-808E-EA4134F2ADFF}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | "{DAD88C81-9250-43E5-AD6D-85491671BFB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe | "{DD7E9F74-8083-44C8-BA90-88583930EDF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe | "{EC74D477-E57D-450A-B6A8-2CA5538165A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe | "{F200FD57-CBB2-4E85-9C76-BA175BE99493}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | "{FCF72FCE-40D0-4F92-A4DE-5A7786373F3A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe | "TCP Query User{06A740A3-35F8-43DC-B1B0-EC84917DE391}C:\program files (x86)\steam\steamapps\misstermagoo\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\misstermagoo\counter-strike source\hl2.exe | "TCP Query User{1F28244D-FB5F-481F-85A1-4F8868C654ED}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "TCP Query User{892ED570-D8D1-4B8E-83BC-AEBFEEF3E1CE}C:\program files (x86)\steam\steamapps\misstermagoo\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\misstermagoo\team fortress 2\hl2.exe | "TCP Query User{A02F020B-1FE9-4C40-A5CB-18A478F78E45}C:\program files (x86)\steam\steamapps\misstermagoo\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\misstermagoo\counter-strike source\hl2.exe | "TCP Query User{C81EC9D7-4E66-4A0C-8B62-7E595A912A68}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | "TCP Query User{E36EB043-F818-4446-9DAC-B89E46B22453}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | "UDP Query User{3D5EC977-946D-4607-AD56-0E7FE64FB559}C:\program files (x86)\steam\steamapps\misstermagoo\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\misstermagoo\team fortress 2\hl2.exe | "UDP Query User{7E2A47D8-D1AB-4F85-9EF5-0D51F881796D}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "UDP Query User{8A8CA1CE-2A67-485F-A4D5-2C475A2AFCC2}C:\program files (x86)\steam\steamapps\misstermagoo\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\misstermagoo\counter-strike source\hl2.exe | "UDP Query User{90F6EDBD-0D72-40EA-8E00-CC88003656AA}C:\program files (x86)\steam\steamapps\misstermagoo\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\misstermagoo\counter-strike source\hl2.exe | "UDP Query User{CB19E189-8BD4-4217-9CAF-5512AAAD8AC5}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | "UDP Query User{F78F76ED-2879-47D2-9956-C0439717B900}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | |
#12
|
|||
|
|||
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall] "{0E6C415F-7708-4A8F-9509-11C98988BDCA}" = Apple Mobile Device Support "{5AB0C6D3-E546-44C2-8B63-C9044FCC9AC0}" = iTunes "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour "{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64 "CPUID CPU-Z_is1" = CPUID CPU-Z 1.52.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 14 "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Processor ID Utility "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX "{EAE4A00B-D290-4B65-8287-B82A80FC0619}" = Linksys Wireless-G PCI Network Adapter with SpeedBooster "{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "CCleaner" = CCleaner (remove only) "CurseClient" = Curse Client "GameSpy Arcade" = GameSpy Arcade "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "IrfanView" = IrfanView (remove only) "LimeWire" = LimeWire 5.1.4 "Mozilla Firefox (3.0.12)" = Mozilla Firefox (3.0.12) "PunkBusterSvc" = PunkBuster Services "Steam App 240" = Counter-Strike: Source "Steam App 3592" = Plants Vs Zombies Demo "Steam App 440" = Team Fortress 2 "Steam App 500" = Left 4 Dead "Steam App 513" = Left 4 Dead Authoring Tools "Warcraft III" = Warcraft III "WinPcapInst" = WinPcap 4.0.2 "World of Warcraft" = World of Warcraft |
#13
|
|||
|
|||
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall] "Warcraft III" = Warcraft III: All Products ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 7/7/2009 12:43:32 PM | Computer Name = Terry-PC4 | Source = WinMgmt | ID = 10 Description = Error - 7/7/2009 1:06:49 PM | Computer Name = Terry-PC4 | Source = WinMgmt | ID = 10 Description = Error - 7/7/2009 1:25:24 PM | Computer Name = Terry-PC4 | Source = EventSystem | ID = 4609 Description = Error - 7/7/2009 1:26:19 PM | Computer Name = Terry-PC4 | Source = WinMgmt | ID = 10 Description = Error - 7/7/2009 1:33:47 PM | Computer Name = Terry-PC4 | Source = MSDTC | ID = 4157 Description = Error - 7/7/2009 1:42:11 PM | Computer Name = Terry-PC4 | Source = MSDTC | ID = 4160 Description = Error - 7/16/2009 8:56:06 PM | Computer Name = Terry-PC4 | Source = Application Error | ID = 1000 Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334, faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x47e2d72b, exception code 0xc0000005, fault offset 0x021d553e, process id 0x28c, application start time 0x01ca066d1130b243. Error - 7/19/2009 4:05:51 PM | Computer Name = Terry-PC4 | Source = Windows Search Service | ID = 3013 Description = Error - 7/19/2009 7:45:38 PM | Computer Name = Terry-PC4 | Source = Application Error | ID = 1000 Description = Faulting application CoDWaWmp.exe, version 1.5.1220.0, time stamp 0x4a5241f6, faulting module CoDWaWmp.exe, version 1.5.1220.0, time stamp 0x4a5241f6, exception code 0xc0000005, fault offset 0x0014acfa, process id 0xb74, application start time 0x01ca08c80c865f3c. Error - 7/28/2009 1:56:04 PM | Computer Name = Terry-PC4 | Source = Windows Search Service | ID = 3013 Description = [ System Events ] Error - 7/20/2009 3:09:15 PM | Computer Name = Terry-PC4 | Source = EventLog | ID = 6008 Description = The previous system shutdown at 2:07:17 PM on 7/20/2009 was unexpected. Error - 7/21/2009 3:07:53 PM | Computer Name = Terry-PC4 | Source = nvlddmkm | ID = 11141134 Description = Error - 7/21/2009 3:07:58 PM | Computer Name = Terry-PC4 | Source = nvlddmkm | ID = 11141134 Description = Error - 7/21/2009 3:09:18 PM | Computer Name = Terry-PC4 | Source = nvlddmkm | ID = 11141134 Description = Error - 7/21/2009 3:14:24 PM | Computer Name = Terry-PC4 | Source = EventLog | ID = 6008 Description = The previous system shutdown at 2:09:39 PM on 7/21/2009 was unexpected. Error - 7/23/2009 10:09:18 PM | Computer Name = Terry-PC4 | Source = EventLog | ID = 6008 Description = The previous system shutdown at 9:06:08 PM on 7/23/2009 was unexpected. Error - 7/24/2009 4:46:34 PM | Computer Name = Terry-PC4 | Source = EventLog | ID = 6008 Description = The previous system shutdown at 3:44:34 PM on 7/24/2009 was unexpected. Error - 7/26/2009 2:58:48 PM | Computer Name = Terry-PC4 | Source = EventLog | ID = 6008 Description = The previous system shutdown at 1:56:13 PM on 7/26/2009 was unexpected. Error - 7/27/2009 2:58:58 AM | Computer Name = Terry-PC4 | Source = EventLog | ID = 6008 Description = The previous system shutdown at 1:56:50 AM on 7/27/2009 was unexpected. Error - 7/28/2009 1:31:49 PM | Computer Name = Terry-PC4 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = < End of report > |
#14
|
|||
|
|||
thats all of it.
Thanks for taking the time to help me out. |
#15
|
|||
|
|||
Looks like you are infected, at least your host file has been hijacked...still pretty new on ready 64 bit logs but that hosts file has gotta be fixed, I am sure there are probably other problems with malware too. Annmarie will have to take it from here...
Last edited by usaf_gunner; July 31st, 2009 at 08:49 PM. |
Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Strange browser issue | Tobygo | Internet / Browsers | 3 | November 21st, 2010 07:04 AM |
strange mobo issue...i think | THE MENACE | The Anything Else Board | 1 | July 23rd, 2008 06:27 PM |
Strange Lock-Up and Pop Up Installer | kingandrew1 | Windows Vista | 5 | March 12th, 2008 12:32 AM |
Strange lock up on Compaq with ME | bcdevick | Windows ME | 1 | April 13th, 2006 03:22 PM |
Strange Security Lock Out | Tirnan | Hardware | 6 | September 18th, 2003 03:50 AM |
All times are GMT +1. The time now is 05:23 AM.