Teatimer corrupt file / Windows 7
-
Teatimer corrupt file / Windows 7
Hi there!
For the past couple weeks or so, I've been experiencing a regular 're-booting' problem each time I get back online after the system has been idle for a while. And this happens when I get on Firefox/Opera. I figure the problem would essentially be the same if I went straight to Windows instead. Basically, each time, a blue screen containing 15 to 20 lines text appears for about half a second, and then my system turns off and reboots itself. I usually can get back online following the usual procedure (typing password, etc.) within 30 seconds or so, but the system, while it is working, appears to be a bit unstable (in other words, I expect it to have to reboot at anytime without me doing anything special to create such a situation). Yesterday, for the first time, bottom right hand corner, I got the message that a/the(?) Teatimer file (teatimer.exe) was corrupt.... Which would make sense I think, as far as my specific re-booting problem is concerned.
I have attached the latest HijackThis file and would very much appreciate it if you could have a look at it, and tell me if it enlightens you as to the solution to my problem.
Many thanks.
[HJT log removed - Broni]
Last edited by broni; 05-11-2010 at 11:13 PM.
-
Here: http://www.d-a-l.com/help/spyware-ad...y-re-post.html, you left in the middle of cleaning process.
If it'll happen again, you won't be able to receive any more help in malware forum.
Now...
Please, read HERE and post required logs.
-
I don't understand your reply. Are you saying that my Test Bug Id thread and this one are related. And secondly, you mentioned at the time that everything on my computer was found to be clean and, in fact, that specific problem has not re-occurred since.
In the present case, there is no mention of the Test Bug ID whatsoever. However there was a teatimer file corruption notice which appeared once, bottom right hand corner. I had posted a HijackThis log above and asked you if you could have a look at it and determine if fixing the Teatimer file would take care of my present problem. I have to leave now but will read the instructions more closely upon my return and get back to you to let you know how it turned out.
Thank you.
-
I have to apologize. I had to click on a wrong topic. Now, I can see what happen in your other topic.
I'm sorry.
Please, proceed with malware removal steps.
-
MBAM:
Malwarebytes' Anti-Malware 1.46
Malwarebytes
Database version: 5066
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
07/11/2010 1:45:42 PM
mbam-log-2010-11-07 (13-45-42).txt
Scan type: Quick scan
Objects scanned: 136536
Time elapsed: 2 minute(s), 20 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER:
Couldn't find the log in my computer but got the
GMER hasn't found any system modification
once the scan was completed
MBRCheck:
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: ECS
BIOS Manufacturer: Phoenix Technologies, LTD
System Manufacturer: HP-Pavilion
System Product Name: GX769AA-A2L a6318f
Logical Drives Mask: 0x000001ec
Kernel Drivers (total 155):
0x02805000 \SystemRoot\system32\ntoskrnl.exe
0x02DE1000 \SystemRoot\system32\hal.dll
0x00BD4000 \SystemRoot\system32\kdcom.dll
0x00CD7000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x00CE4000 \SystemRoot\system32\PSHED.dll
0x00CF8000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00D56000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00CC0000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EC6000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00F1D000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00F26000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00F30000 \SystemRoot\system32\DRIVERS\pci.sys
0x00F63000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00F70000 \SystemRoot\System32\drivers\partmgr.sys
0x00F85000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00F9A000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FF6000 \SystemRoot\system32\DRIVERS\pciide.sys
0x00E00000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00E10000 \SystemRoot\System32\drivers\mountmgr.sys
0x00E2A000 \SystemRoot\system32\DRIVERS\atapi.sys
0x00E33000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x00E5D000 \SystemRoot\system32\DRIVERS\nvstor.sys
0x0100C000 \SystemRoot\system32\DRIVERS\storport.sys
0x0106E000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01079000 \SystemRoot\system32\drivers\fltmgr.sys
0x010C5000 \SystemRoot\system32\drivers\fileinfo.sys
0x010D9000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x01245000 \SystemRoot\System32\Drivers\Ntfs.sys
0x010EE000 \SystemRoot\System32\Drivers\msrpc.sys
0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0114C000 \SystemRoot\System32\Drivers\cng.sys
0x0121A000 \SystemRoot\System32\drivers\pcw.sys
0x0122B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01487000 \SystemRoot\system32\drivers\ndis.sys
0x01579000 \SystemRoot\system32\drivers\NETIO.SYS
0x01400000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01603000 \SystemRoot\System32\drivers\tcpip.sys
0x0142B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01848000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01894000 \SystemRoot\System32\Drivers\spldr.sys
0x0189C000 \SystemRoot\System32\drivers\rdyboost.sys
0x018D6000 \SystemRoot\System32\Drivers\mup.sys
0x018E8000 \SystemRoot\System32\drivers\hwpolicy.sys
0x018F1000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0192B000 \SystemRoot\system32\DRIVERS\disk.sys
0x01941000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0197F000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x019A9000 \SystemRoot\System32\Drivers\Null.SYS
0x019B2000 \SystemRoot\System32\Drivers\Beep.SYS
0x019B9000 \??\C:\Windows\system32\drivers\SBREdrv.sys
0x019C8000 \SystemRoot\System32\drivers\vga.sys
0x019D6000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01800000 \SystemRoot\System32\drivers\watchdog.sys
0x01810000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01819000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01822000 \SystemRoot\system32\drivers\rdprefmp.sys
0x0182B000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01836000 \SystemRoot\System32\Drivers\Npfs.SYS
0x015D9000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01971000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01475000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x03CC9000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03D0E000 \SystemRoot\system32\drivers\afd.sys
0x03D98000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x03DA2000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03DAB000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03DD1000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03DE0000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03C00000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03C14000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03C65000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03C71000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03C7C000 \SystemRoot\System32\drivers\discache.sys
0x03C8B000 \SystemRoot\System32\Drivers\dfsc.sys
0x03CA9000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x011BF000 \SystemRoot\System32\Drivers\aswSP.SYS
0x00E88000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x013E8000 \SystemRoot\system32\DRIVERS\amdk8.sys
0x011E2000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x03CBA000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x01235000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x01000000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x03EF1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x03F47000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03F58000 \SystemRoot\system32\DRIVERS\VSTBS26.SYS
0x03E00000 \SystemRoot\system32\DRIVERS\ks.sys
0x0407F000 \SystemRoot\system32\DRIVERS\VSTDPV6.SYS
0x042F0000 \SystemRoot\system32\DRIVERS\VSTCNXT6.SYS
0x043BB000 \SystemRoot\system32\drivers\modem.sys
0x04200000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x0423E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04262000 \SystemRoot\system32\DRIVERS\nvm62x64.sys
0x04817000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0563A000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0572E000 \SystemRoot\System32\drivers\dxgmms1.sys
0x05774000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x05784000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x0579A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x057BE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x057CA000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x05600000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0531F000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0561B000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x05635000 \SystemRoot\system32\DRIVERS\swenum.sys
0x05340000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05352000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x053AC000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x04000000 \SystemRoot\system32\drivers\HdAudio.sys
0x03E43000 \SystemRoot\system32\drivers\portcls.sys
0x053CC000 \SystemRoot\system32\drivers\drmk.sys
0x057F9000 \SystemRoot\system32\drivers\ksthunk.sys
0x053EE000 \SystemRoot\system32\drivers\LVUSBS64.sys
0x05637000 \SystemRoot\system32\drivers\USBD.SYS
0x05A29000 \SystemRoot\system32\DRIVERS\LV561V64.SYS
0x05AC4000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05AE1000 \SystemRoot\system32\DRIVERS\usbscan.sys
0x00070000 \SystemRoot\System32\win32k.sys
0x05AF2000 \SystemRoot\System32\drivers\Dxapi.sys
0x05AFE000 \SystemRoot\system32\DRIVERS\usbprint.sys
0x05B25000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x05B33000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05B4C000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x05B55000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x05B63000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x05B70000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x05B8B000 \SystemRoot\system32\DRIVERS\monitor.sys
0x005D0000 \SystemRoot\System32\TSDDD.dll
0x006F0000 \SystemRoot\System32\cdd.dll
0x05B99000 \SystemRoot\system32\drivers\luafv.sys
0x05BBC000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x05BF6000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x05A00000 \SystemRoot\system32\drivers\WudfPf.sys
0x05B0A000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x042C6000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0782D000 \SystemRoot\system32\drivers\HTTP.sys
0x078F5000 \SystemRoot\system32\DRIVERS\bowser.sys
0x07913000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0792B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x07958000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x079A6000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07E77000 \SystemRoot\system32\drivers\peauth.sys
0x07F1D000 \SystemRoot\System32\Drivers\secdrv.SYS
0x07F28000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07F55000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07F67000 \SystemRoot\System32\DRIVERS\srv2.sys
0x08466000 \SystemRoot\System32\DRIVERS\srv.sys
0x084FC000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x0852D000 \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
0x085A5000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x085B2000 \SystemRoot\System32\Drivers\crashdmp.sys
0x08534000 \SystemRoot\system32\drivers\spsys.sys
0x77800000 \Windows\System32\ntdll.dll
0x47EB0000 \Windows\System32\smss.exe
0xFFB20000 \Windows\System32\apisetschema.dll
Processes (total 63):
0 System Idle Process
4 System
272 C:\Windows\System32\smss.exe
364 csrss.exe
420 C:\Windows\System32\wininit.exe
440 csrss.exe
496 C:\Windows\System32\winlogon.exe
512 C:\Windows\System32\services.exe
528 C:\Windows\System32\lsass.exe
536 C:\Windows\System32\lsm.exe
660 C:\Windows\System32\svchost.exe
752 C:\Windows\System32\svchost.exe
800 C:\Windows\System32\svchost.exe
884 C:\Windows\System32\svchost.exe
932 C:\Windows\System32\svchost.exe
380 C:\Windows\System32\svchost.exe
112 C:\Windows\System32\svchost.exe
1072 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1108 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
1372 C:\Windows\System32\spoolsv.exe
1404 C:\Windows\System32\svchost.exe
1508 C:\Windows\System32\svchost.exe
1560 C:\Windows\System32\lxcycoms.exe
1608 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1696 C:\Windows\System32\svchost.exe
1760 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1824 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
1884 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
1968 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2040 unsecapp.exe
2052 WmiPrvSE.exe
2340 C:\Windows\System32\svchost.exe
2528 WUDFHost.exe
2792 C:\Windows\System32\taskhost.exe
2848 C:\Windows\System32\dwm.exe
2876 C:\Windows\explorer.exe
3044 C:\Program Files (x86)\Lexmark 3400 Series\lxcymon.exe
3052 C:\Program Files (x86)\Lexmark 3400 Series\ezprint.exe
1956 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
2592 C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
2648 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
2696 C:\Program Files (x86)\ClearAllHistory\cah.exe
2740 C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
1220 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1304 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2024 WmiPrvSE.exe
3284 C:\Windows\System32\svchost.exe
3448 C:\Windows\System32\SearchIndexer.exe
3920 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
1356 C:\Windows\System32\svchost.exe
2724 C:\Program Files\Windows Media Player\wmpnetwk.exe
4492 C:\Program Files (x86)\Internet Explorer\iexplore.exe
1084 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
4408 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Ac tiveX.exe
4308 C:\Program Files (x86)\Internet Explorer\iexplore.exe
1668 C:\Program Files (x86)\Internet Explorer\iexplore.exe
5048 C:\Program Files (x86)\Internet Explorer\iexplore.exe
3464 C:\Windows\System32\sppsvc.exe
2768 C:\Windows\servicing\TrustedInstaller.exe
3980 C:\Windows\System32\audiodg.exe
4484 C:\Users\mg\AppData\Local\Microsoft\Windows\Tempor ary Internet Files\Content.IE5\ANU4K388\MBRCheck[1].exe
3524 C:\Windows\System32\conhost.exe
548 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
PhysicalDrive0 Model Number: WDC WD3200AAKS-00L9A, Rev: 01.0
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
DDS:
DDS (Ver_10-11-05.01) - NTFS_AMD64
Run by mg at 14:03:00.35 on 07/11/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.2.1033.18.4094.2896 [GMT -5:00]
SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\lxcycoms.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Lexmark 3400 Series\lxcymon.exe
C:\Program Files (x86)\Lexmark 3400 Series\ezprint.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\ClearAllHistory\cah.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Ac tiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\mg\AppData\Local\Microsoft\Windows\Tempor ary Internet Files\Content.IE5\U5XW6242\dds[1].scr
C:\Windows\system32\conhost.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.ca/
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files\Lexmark Toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files\Lexmark Toolbar\toolband.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.e xe" -quiet
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [ClearAllHistory] C:\Program Files (x86)\ClearAllHistory\cah.exe
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
TB-X64: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
mRun-x64: [lxcymon.exe] "C:\Program Files (x86)\Lexmark 3400 Series\lxcymon.exe"
mRun-x64: [EzPrint] "C:\Program Files (x86)\Lexmark 3400 Series\ezprint.exe"
mRun-x64: [LXCYCATS] rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCYtime.d ll,RunDLLEntry
================= FIREFOX ===================
FF - ProfilePath - C:\Users\mg\AppData\Roaming\Mozilla\Firefox\Profil es\loi5bjyu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - component: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\components\rfproxy_31.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.d ll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Opera\program\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2010-7-5 69152]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-7-15 121936]
R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2010-5-27 49752]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswF sBlk.sys [2010-7-15 20048]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\as wMonFlt.sys [2010-7-15 61008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-9-8 40384]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-7-12 1375992]
R2 lxcy_device;lxcy_device;C:\Windows\system32\lxcyco ms.exe -service --> C:\Windows\system32\lxcycoms.exe -service [?]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-3-19 1153368]
R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-9-8 40384]
R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-9-8 40384]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2010-8-12 17440]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-10-12 50072]
R3 VST64_DPV;VST64_DPV;C:\Windows\System32\drivers\VS TDPV6.SYS [2009-7-13 1485312]
R3 VST64HWBS2;VST64HWBS2;C:\Windows\System32\drivers\ VSTBS26.SYS [2009-7-13 411136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-27 135664]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-25 1255736]
=============== Created Last 30 ================
2010-11-05 09:28:31 8006480 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{00111717-A97E-441A-9A44-3DA98F610C42}\mpengine.dll
2010-10-28 07:07:12 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2010-10-28 07:07:12 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2010-10-28 07:07:12 552960 ----a-w- C:\Windows\System32\msdri.dll
2010-10-28 07:07:12 288256 ----a-w- C:\Windows\System32\MSNP.ax
2010-10-28 07:07:12 258560 ----a-w- C:\Windows\System32\mpg2splt.ax
2010-10-28 07:07:12 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
2010-10-28 07:07:12 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2010-10-27 10:47:10 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2010-10-20 23:57:16 -------- d-----w- C:\Users\mg\AppData\Roaming\Windows Live Writer
2010-10-20 23:57:16 -------- d-----w- C:\Users\mg\AppData\Local\Windows Live Writer
2010-10-20 23:37:33 -------- d-----w- C:\Windows\en
2010-10-20 23:34:16 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2010-10-20 23:34:16 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2010-10-20 23:34:15 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2010-10-20 23:34:15 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2010-10-20 11:06:02 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c77218201cb70462d\InstallManager_WLE_W LE.exe
2010-10-20 11:05:33 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b6c54ba01cb704622\MeshBetaRemover.exe
2010-10-20 11:05:08 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a7a1b7301cb70461a\DSETUP.dll
2010-10-20 11:05:08 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a7a1b7301cb70461a\DXSETUP.exe
2010-10-20 11:05:08 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a7a1b7301cb70461a\dsetup32.dll
2010-10-20 11:05:06 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a5b2df801cb704619\DSETUP.dll
2010-10-20 11:05:06 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a5b2df801cb704619\DXSETUP.exe
2010-10-20 11:05:06 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a5b2df801cb704619\dsetup32.dll
2010-10-20 10:59:45 -------- d-----w- C:\Users\mg\AppData\Local\Windows Live
2010-10-20 10:58:26 206848 ----a-w- C:\Windows\System32\mfps.dll
2010-10-20 10:58:25 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2010-10-20 10:58:24 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2010-10-20 10:58:24 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2010-10-20 10:58:24 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2010-10-20 10:58:21 4068864 ----a-w- C:\Windows\System32\mf.dll
2010-10-20 10:58:20 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
==================== Find3M ====================
2010-11-05 11:10:59 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2010-10-19 15:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-09-23 04:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-09-23 04:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-09-21 18:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 18:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
2010-09-15 08:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-07 15:12:17 38848 ----a-w- C:\Windows\avastSS.scr
2010-09-07 14:47:33 61008 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll
2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll
2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll
2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe
2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll
2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
============= FINISH: 14:03:25.80 ===============
Attach:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-11-05.01)
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/03/2010 7:00:25 PM
System Uptime: 11/07/2010 11:08:50 AM (2859 hours ago)
Motherboard: ECS | | Nettle2
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ | Socket M2 | 2600/201mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 298 GiB total, 269.74 GiB free.
D: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
==== Disabled Device Manager Items =============
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_043D&PID_00F6&MI_02\6&A401C23&0&0002
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_043D&PID_00F6&MI_02\6&A401C23&0&0002
Service: USBSTOR
==== System Restore Points ===================
RP112: 25/10/2010 10:42:28 AM - Removed Opera 10.63.
RP113: 25/10/2010 10:46:32 AM - Installed Opera 10.63.
RP114: 26/10/2010 4:45:45 AM - Windows Update
RP115: 28/10/2010 3:00:40 AM - Windows Update
RP116: 29/10/2010 3:00:37 AM - Windows Update
RP117: 29/10/2010 9:09:47 AM - Windows Update
RP118: 01/11/2010 10:02:14 PM - Installed Java(TM) 6 Update 22
RP119: 02/11/2010 6:12:25 AM - Windows Update
RP120: 04/11/2010 5:59:25 AM - Windows Update
RP121: 05/11/2010 5:28:11 AM - Windows Update
==== Installed Programs ======================
Acrobat.com
Ad-Aware
Ad-Aware Email Scanner for Outlook
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0
Adobe Shockwave Player 11.5
AI RoboForm (All Users)
avast! Free Antivirus
CCleaner
ClearAllHistory
D3DX10
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
Lexmark Toolbar
Malwarebytes' Anti-Malware
Microsoft Office Word Viewer 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.7)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Opera 10.63
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Speccy
Spybot - Search & Destroy
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ 8.0 Runtime Setup Package (x64)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinUtilities 9.86 Free Edition
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
==== Event Viewer Messages From Past Week ========
07/11/2010 11:08:59 AM, Error: volmgr [46] - Crash dump initialization failed!
06/11/2010 9:52:19 AM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
06/11/2010 9:52:19 AM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
06/11/2010 9:52:19 AM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
06/11/2010 9:52:19 AM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
06/11/2010 9:52:19 AM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
06/11/2010 9:52:19 AM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
06/11/2010 9:52:19 AM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
06/11/2010 9:52:19 AM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
06/11/2010 9:52:19 AM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
06/11/2010 4:08:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
06/11/2010 4:08:02 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
06/11/2010 4:05:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Lavasoft Ad-Aware Service service to connect.
06/11/2010 4:05:51 PM, Error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
06/11/2010 1:39:20 AM, Error: Service Control Manager [7001] - The Workstation service depends on the SMB 2.0 MiniRedirector service which failed to start because of the following error: The dependency service or group failed to start.
06/11/2010 1:39:20 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
06/11/2010 1:39:20 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
06/11/2010 1:39:20 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
06/11/2010 1:39:20 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.
06/11/2010 1:39:20 AM, Error: Service Control Manager [7000] - The Redirected Buffering Sub Sysytem service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
06/11/2010 1:39:15 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: rdbss
06/11/2010 1:39:12 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
05/11/2010 5:48:14 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
05/11/2010 5:48:14 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
05/11/2010 5:24:54 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
05/11/2010 5:24:26 AM, Error: Application Popup [1060] - \??\C:\Windows\system32\drivers\SBREdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
04/11/2010 5:54:14 AM, Error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
03/11/2010 6:04:49 AM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
02/11/2010 4:44:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
02/11/2010 11
09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
01/11/2010 9:10:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
==== End Of File ===========================
If you need additional info, please let me know.
Thank you
-
Start with uninstalling RegistryBooster, if you don't want to cause more problems.
Registry tools are not recommended and here is why: miekiemoes' Blog: Registry Cleaners and System Tweaking Tools
I'd also uninstall Spybot and Ad-aware, as those are tools of the past.
So far, all looks clean.
Download OTL to your Desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Under the Custom Scan box paste this in:
netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
-
OTL logfile created on: 07/11/2010 4:06:36 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\mg\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297.99 Gb Total Space | 270.36 Gb Free Space | 90.73% Space Free | Partition Type: NTFS
Computer Name: MG-PC | User Name: mg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/11/07 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\mg\Desktop\OTL.exe
PRC - [2010/10/23 19:29:53 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Ac tiveX.exe
PRC - [2010/10/17 21:11:56 | 000,160,328 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2010/09/07 10:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 10:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/06/15 16:27:16 | 000,300,544 | ---- | M] (MoRUN.net) -- C:\Program Files (x86)\ClearAllHistory\cah.exe
PRC - [2010/02/17 01:30:48 | 005,244,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2009/05/01 12:54:46 | 000,082,600 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 3400 Series\ezprint.exe
PRC - [2009/05/01 12:54:44 | 000,291,496 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3400 Series\lxcymon.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (SafeList) ==========
MOD - [2010/11/07 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\mg\Desktop\OTL.exe
MOD - [2010/08/21 0032 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420f e3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/09/07 10:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 10:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 10:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2006/11/29 11:57:36 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxcycoms.exe -- (lxcy_device)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/11/29 11:57:20 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxcycoms.exe -- (lxcy_device)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/11/05 06:10:59 | 000,049,752 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2010/09/07 09:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (VST64_DPV)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (winachsf)
DRV:64bit: - [2009/06/10 16:01:11 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTBS26.SYS -- (VST64HWBS2)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/10/12 01:00:22 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/10/12 00
34 | 000,582,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV561V64.sys -- (PID_0928) Logitech QuickCam Express(PID_0928)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Canada - The home of world-class services such as Hotmail, Windows Live Messenger, and News, Sports, Financial and Entertainment
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 9B 2E 64 40 C2 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: {2A1D5949-B519-4924-BF62-8522FE0D5274}:0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.10.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - HKLM\software\mozilla\Firefox\Extensions\\{2211994 4-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2010/06/17 14:28:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 13:30:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/29 13:30:25 | 000,000,000 | ---D | M]
[2010/03/19 20:09:32 | 000,000,000 | ---D | M] -- C:\Users\mg\AppData\Roaming\Mozilla\Extensions
[2010/11/06 17:08:21 | 000,000,000 | ---D | M] -- C:\Users\mg\AppData\Roaming\Mozilla\Firefox\Profil es\loi5bjyu.default\extensions
[2010/03/19 20:33:30 | 000,000,000 | ---D | M] (PDFescape Extension) -- C:\Users\mg\AppData\Roaming\Mozilla\Firefox\Profil es\loi5bjyu.default\extensions\{2A1D5949-B519-4924-BF62-8522FE0D5274}
[2010/11/01 21:03:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/06/01 20:03:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/26 05:44:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/01 21:03:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [LXCYCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCYtime. DLL (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [lxcymon.exe] C:\Program Files (x86)\Lexmark 3400 Series\lxcymon.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [ClearAllHistory] C:\Program Files (x86)\ClearAllHistory\cah.exe (MoRUN.net)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe File not found
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.I420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/11/07 16:05:03 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\mg\Desktop\OTL.exe
[2010/10/20 18:57:16 | 000,000,000 | ---D | C] -- C:\Users\mg\AppData\Roaming\Windows Live Writer
[2010/10/20 18:57:16 | 000,000,000 | ---D | C] -- C:\Users\mg\AppData\Local\Windows Live Writer
[2010/10/20 18:37:33 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/10/20 18:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/10/20 05:59:45 | 000,000,000 | ---D | C] -- C:\Users\mg\AppData\Local\Windows Live
[2010/04/16 14:39:22 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcyinpa.dll
[2010/04/16 14:39:22 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcyiesc.dll
[2010/04/16 14:39:21 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcyserv.dll
[2010/04/16 14:39:21 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcyusb1.dll
[2010/04/16 14:39:21 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcyhbn3.dll
[2010/04/16 14:39:21 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcycomc.dll
[2010/04/16 14:39:21 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcypmui.dll
[2010/04/16 14:39:21 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcylmpm.dll
[2010/04/16 14:39:21 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcycomm.dll
[2010/04/16 14:39:21 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcyprox.dll
[2010/04/16 14:39:21 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcypplc.dll
========== Files - Modified Within 30 Days ==========
[2010/11/07 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\mg\Desktop\OTL.exe
[2010/11/07 16:04:44 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/07 16:04:44 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/07 16:03:32 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/07 16:03:32 | 000,628,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/07 16:03:32 | 000,110,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/07 15:58:11 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/11/07 15:57:42 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/07 15:57:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/07 15:55:33 | 3220,025,344 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/07 15:48:24 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/07 06:38:06 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\Defraggler Volume C Task.job
[2010/11/06 15:05:51 | 000,634,528 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2010_11_06_1 6_05_51.dmp
[2010/11/06 01:19:38 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/11/05 06:10:59 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010/10/25 09:46:44 | 000,000,857 | ---- | M] () -- C:\Users\mg\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/10/25 09:46:44 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/10/19 12:03:36 | 000,000,047 | ---- | M] () -- C:\Windows\SysWow64\_WKERNEL.FRE
[2010/10/19 12:00:00 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\WinUtilities.lnk
[2010/10/19 11:55:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/10/15 02:31:45 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/10 20:27:39 | 000,001,724 | ---- | M] () -- C:\Users\mg\Desktop\Defraggler.lnk
========== Files Created - No Company Name ==========
[2010/11/06 15:05:51 | 000,634,528 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2010_11_06_1 6_05_51.dmp
[2010/11/05 06:16:52 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/10/25 09:46:44 | 000,000,857 | ---- | C] () -- C:\Users\mg\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/10/25 09:46:44 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/04/16 14:39:22 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxcycomx.dll
[2010/04/16 14:39:22 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxcyinst.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2010/07/27 20:11:34 | 000,000,000 | ---D | M] -- C:\Users\mg\AppData\Roaming\IObit
[2010/06/14 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\mg\AppData\Roaming\Opera
[2010/10/20 18:57:16 | 000,000,000 | ---D | M] -- C:\Users\mg\AppData\Roaming\Windows Live Writer
[2010/11/07 15:58:11 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010/11/07 06:38:06 | 000,000,288 | ---- | M] () -- C:\Windows\Tasks\Defraggler Volume C Task.job
[2010/05/07 21:55:48 | 000,000,100 | ---- | M] () -- C:\Windows\Tasks\MemOptimizer-02BB2F56CB964deb8996194DE7EB5275.job
[2010/11/06 20:53:36 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2010/11/07 15:55:32 | 000,020,604 | ---- | M] () -- C:\aaw7boot.log
[2010/11/07 15:55:33 | 3220,025,344 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/07 15:55:32 | 4293,369,856 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\Fonts\*.com >
[2009/07/14 00:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 00:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 00:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 00:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 15:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2010/09/07 10:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/09/22 23:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/13 23:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/03/12 19:01:41 | 000,000,221 | -HS- | M] () -- C:\Users\mg\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2010/11/07 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\mg\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
[2009/06/10 16:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/08/03 05:03:36 | 000,000,402 | -HS- | M] () -- C:\Users\mg\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
< %SYSTEMROOT%\Installer\*.exe >
< %systemroot%\system32\config\*.bak2 >
< %systemroot%\system32\Computers\*.* >
< %SystemRoot%\system32\Sound\*.* >
< %SystemRoot%\system32\SpecialImg\*.* >
< %SystemRoot%\system32\code\*.* >
< %SystemRoot%\system32\draft\*.* >
< %SystemRoot%\system32\MSSSys\*.* >
< %ProgramFiles%\Javascript\*.* >
< %systemroot%\pchealth\helpctr\System\*.exe /s >
< %systemroot%\Web\*.exe >
< %systemroot%\system32\msn\*.* >
< %systemroot%\system32\*.tro >
< %AppData%\Microsoft\Installer\msupdates\*.* >
< %ProgramFiles%\Messenger\*.* >
< %systemroot%\system32\systhem32\*.* >
< %systemroot%\system\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< >
< End of report >
OTL Extras logfile created on: 07/11/2010 4:06:36 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\mg\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297.99 Gb Total Space | 270.36 Gb Free Space | 90.73% Space Free | Partition Type: NTFS
Computer Name: MG-PC | User Name: mg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Defraggler" = Defraggler
"Lexmark 3400 Series" = Lexmark 3400 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{2E190C8E-682A-409D-9329-539E24C9D1C1}" = Opera 10.63
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{620797B0-A022-4B57-A95E-DD7DD0327036}" = ClearAllHistory
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FC274982-5AAD-4C20-848D-4424A5043010}_is1" = WinUtilities 9.86 Free Edition
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AI RoboForm" = AI RoboForm (All Users)
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B3204 85DF8CE.1" = Acrobat.com
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)
"Speccy" = Speccy
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03/11/2010 6:37:51 AM | Computer Name = mg-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 04/11/2010 5:54:14 AM | Computer Name = mg-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 05/11/2010 5:49:30 AM | Computer Name = mg-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BU ILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 05/11/2010 5:49:41 AM | Computer Name = mg-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 06/11/2010 9:52:17 AM | Computer Name = mg-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: sysmain.dll, version: 6.1.7600.16385,
time stamp: 0x4a5be07e Exception code: 0xc0000005 Fault offset: 0x0000000000037a98
Faulting
process id: 0x378 Faulting application start time: 0x01cb7d74ea13ce60 Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: c:\windows\system32\sysmain.dll
Report
Id: 108ffc90-e9ad-11df-aae1-001e90083de9
Error - 06/11/2010 4:05:51 PM | Computer Name = mg-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 06/11/2010 4:06:02 PM | Computer Name = mg-PC | Source = Application Error | ID = 1000
Description = Faulting application name: cah.exe, version: 6.1.0.0, time stamp:
0x4b75ac21 Faulting module name: ntdll.dll, version: 6.1.7600.16559, time stamp:
0x4ba9b29c Exception code: 0xc0000005 Fault offset: 0x0001e9cb Faulting process id:
0xa70 Faulting application start time: 0x01cb7dee08965730 Faulting application path:
C:\Program Files (x86)\ClearAllHistory\cah.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report
Id: 4714c0a0-e9e1-11df-9bc5-001e90083de9
Error - 06/11/2010 4:06:02 PM | Computer Name = mg-PC | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleUpdate.exe, version: 1.2.183.9, time
stamp: 0x4ad50798 Faulting module name: ntdll.dll, version: 6.1.7600.16559, time
stamp: 0x4ba9b29c Exception code: 0xc0000005 Fault offset: 0x0001e9cb Faulting process
id: 0x648 Faulting application start time: 0x01cb7dee074b4160 Faulting application
path: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 47149990-e9e1-11df-9bc5-001e90083de9
Error - 06/11/2010 4:06:26 PM | Computer Name = mg-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4ccf15cc Faulting module name: ntdll.dll, version: 6.1.7600.16559, time stamp:
0x4ba9b29c Exception code: 0xc0000005 Fault offset: 0x0001e9cb Faulting process id:
0xf2c Faulting application start time: 0x01cb7dee10e3e3d0 Faulting application path:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 559955f0-e9e1-11df-9bc5-001e90083de9
Error - 06/11/2010 4:08:01 PM | Computer Name = mg-PC | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleUpdate.exe, version: 1.2.183.9, time
stamp: 0x4ad50798 Faulting module name: ntdll.dll, version: 6.1.7600.16559, time
stamp: 0x4ba9b29c Exception code: 0xc0000005 Fault offset: 0x0001e9cb Faulting process
id: 0xfc8 Faulting application start time: 0x01cb7dee507c1a30 Faulting application
path: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 8e2ea820-e9e1-11df-9bc5-001e90083de9
[ Media Center Events ]
Error - 09/06/2010 9:29:33 PM | Computer Name = mg-PC | Source = MCUpdate | ID = 0
Description = 9:29:28 PM - Failed to retrieve SportsSchedule (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 18/07/2010 9:06:54 AM | Computer Name = mg-PC | Source = MCUpdate | ID = 0
Description = 9:06:54 AM - Failed to retrieve Directory (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
[ System Events ]
Error - 07/11/2010 7:53:53 AM | Computer Name = mg-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:39:29 AM on ?07/?11/?2010 was unexpected.
Error - 07/11/2010 7:51:52 AM | Computer Name = mg-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 07/11/2010 12:08:56 PM | Computer Name = mg-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 07/11/2010 12:08:59 PM | Computer Name = mg-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 07/11/2010 3:43:32 PM | Computer Name = mg-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 07/11/2010 3:45:36 PM | Computer Name = mg-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:35:42 PM on ?07/?11/?2010 was unexpected.
Error - 07/11/2010 3:45:34 PM | Computer Name = mg-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 07/11/2010 4:55:30 PM | Computer Name = mg-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 07/11/2010 4:57:34 PM | Computer Name = mg-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:13:32 PM on ?07/?11/?2010 was unexpected.
Error - 07/11/2010 4:57:33 PM | Computer Name = mg-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
< End of report >
The only task I was unable to perform was deleting the Registry Booster because I couldn't find it. Could you please point me in the right direction? Thank you for your help.
-
We'll remove leftovers manually.
What about Spybot?
I still can see it running.
-
Odd because I did delete it and it doesn't show in my active programs. Maybe it's because I rebooted afterwards and final clean-up of Spybot occurred then.
-
That's fine. Let me go through your OTL log.
Valued Member
