Security Center disables automatically/Redirected on search engines

P

phillywells

New member
Hello. A few days ago, I started having a problem with my security center and later afterwards, Ive noticed that whenever I click on a link in a search engine such as google, I get redirected to a different site.

Whenever I try to enable the security center from Services.msc, about 30 seconds later it gets disabled by itself and a red X appears on the action center flag with a message saying to turn it back on. When I do turn it on from the action center, I get a message saying "The Windows Security Center service cant be started." Ive checked the dependencies for the security center which are DCOM Server Process Launcher, Remote Procedure Call (RPC), and Windows Management Instrumentation and they are all started and automatic.

I figure that there is malware causing this. I had Microsoft Security Essentials installed when this happened, but since the problem started, it wouldnt start up for some reason so I uninstalled it and installed Avira, Malwarebytes' Anti-malware, and Spybot Search & Destroy. I did a full system scan with those and I removed some things that were found that appeared "unknown" but I note that Spybot is the only one that does however find "Microsoft.WindowsSecurityCenter_disabled" and under that was

"(SBI $2E20C9A9) Settings HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start (is not) W=2".

So I fixed that and tried to enable it again but the problem still remains. Any ideas? Im lost at what to do here :confused:
 

My Computer

Computer Manufacturer/Model Number
(Laptop) Dell Inc./PP23LA
OS
MS Windows 7 Home Premium 32-bit SP1
CPU
AMD Turion 64 X2 Mobile TL-50
Motherboard
Dell Inc. (Socket M2/S1G1)
Memory
1.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Graphics Card(s)
ATI Radeon Xpress Series (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic Pnp Monitor
Screen Resolution
1280x800 pixels
Hard Drives
59GB TOSHIBA TOSHIBA MK6034GSX ATA Device (SATA)
3.85GB Ricoh SD/MMC Disk Device (IDE)
Keyboard
Standard PS/2 Keyboard
Mouse
PS/2 Compatible Mouse
Internet Speed
54 Mbps
Other Info
Optical Drives:
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632D ATA Device

Wifi Adapter:
Broadcom 802.11g Network Adapter
Hello phillywells and welcome to the forums :party:

Can you do the following for me please:

CKScanner

Please download CKScanner from here to your Desktop.

Make sure that CKScanner.exe is on the your Desktop before running the application!

Double-click on CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved
Attach the log CKFiles.txt that has been created on your desktop with your next post

aswMBR

Please close any open work because sometimes this will cause a BSOD
Download aswMBR from here and save it to your desktop
Right click on it and select run as administrator
When it opens, click on the Scan button
When the scan completes, click on the Save log button and attach the log with your next post
If you do encounter a BSOD then try again - if the BSODs are persistant then let me know

OTL

Download OTL to your desktop.
Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.


Once OTL has completed its first scan it will save notepad copies of the scans in the folder that OTL was started from. Unless set to produce an Extras log it will only produce OTL.txt in subsequent scans.

A copy of an OTL fix log is saved in a text file at

:\_OTL\MovedFiles
in most cases this will be C:\_OTL\MovedFiles

Malwarebytes Anti-Malware

Download and install MBAM from here
Run a full scan and attach the log with your next post for me to analyse

Tom
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Build #1
OS
Windows 8.1 Pro x64
CPU
Intel i7 3770K @4.5GHz
Motherboard
ASUS P8Z77-V PRO
Memory
Corsair Vengeance 2x4GB DDR3 1600MHz Low Profile (White)
Graphics Card(s)
Gigabyte Radeon HD 7850 (2GB GDDR5)
Sound Card
Integrated on motherboard
Monitor(s) Displays
23" LG LCD/LED IPS
Screen Resolution
1920*1080
Hard Drives
Samsung EVO 128GB SSD
Seagate Barracuda 2GB 7200rpm
2x Seagate FreeAgent [500gb]
PSU
Corsair TX650W V2 (80+ Bronze)
Case
NZXT Phantom 410 White
Cooling
Corsair H100 Water Cooler
Keyboard
Microsoft Desktop 2000 Wireless Keyboard
Mouse
Microsoft Desktop 2000 Wireless Mouse
Internet Speed
95 Mb/s Download 70 Mb/s Upload
Antivirus
MSE + MBAM Pro
Browser
Firefox
phillywells said:
Hello. A few days ago, I started having a problem with my security center and later afterwards, Ive noticed that whenever I click on a link in a search engine such as google, I get redirected to a different site.

Whenever I try to enable the security center from Services.msc, about 30 seconds later it gets disabled by itself and a red X appears on the action center flag with a message saying to turn it back on. When I do turn it on from the action center, I get a message saying "The Windows Security Center service cant be started." Ive checked the dependencies for the security center which are DCOM Server Process Launcher, Remote Procedure Call (RPC), and Windows Management Instrumentation and they are all started and automatic.

I figure that there is malware causing this. I had Microsoft Security Essentials installed when this happened, but since the problem started, it wouldnt start up for some reason so I uninstalled it and installed Avira, Malwarebytes' Anti-malware, and Spybot Search & Destroy. I did a full system scan with those and I removed some things that were found that appeared "unknown" but I note that Spybot is the only one that does however find "Microsoft.WindowsSecurityCenter_disabled" and under that was

"(SBI $2E20C9A9) Settings HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start (is not) W=2".

So I fixed that and tried to enable it again but the problem still remains. Any ideas? Im lost at what to do here :confused:
Click to expand...

Welcome to SevenForums. Wish the circumstances were a little more pleasant.

Download, install and run MalwareBytes (link in my sig).

Let me know the results. Thanks.
 

My Computer

Computer Manufacturer/Model Number
Toshiba Satellite S875D-S7239 laptop
OS
MS Windows 7 Ultimate SP1 64-bit
CPU
AMD A10-4600M
Motherboard
AMD Pumori (Socket FT1)
Memory
6.00 GB Dual-Channel DDR3 @ 798MHz (11-11-12-28)
Graphics Card(s)
AMD Radeon HD 7660G
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1600x900@60Hz)
Screen Resolution
1600x900@60Hz
Hard Drives
SSD 119GB Corsair CSSD-V128GB2 ATA Device
Keyboard
Standard PS/2 Keyboard
Mouse
HP Wireless Optical Mobile Mouse Model FHA-3410
Internet Speed
What the local pub, local coffee shop offers.
Other Info
Optical Drive:MATSHITA BD-CMB UJ160B ATA Device


Also have an Asus ha1002xp netbook with Win 7 Ultimate installed.

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Sony Vaio VPCEB47GM Laptop
OS
Win 7 Pro 64-bit
CPU
Intel i5 2.4 Ghz
Memory
8GB DDR3
Graphics Card(s)
Intel HD 3000
Sound Card
IDT High Definition
Monitor(s) Displays
15.6 WGXA Anti-Glare LED
Screen Resolution
1280x800
Hard Drives
640Gb 7200rpm
Antivirus
MSE
Browser
Opera (primary) with IE9 backup
Thanks for mentioning the sweeper. I had only mentioned MalwareBytes.

Let's hope that one of them comes up something.
 

My Computer

Computer Manufacturer/Model Number
Toshiba Satellite S875D-S7239 laptop
OS
MS Windows 7 Ultimate SP1 64-bit
CPU
AMD A10-4600M
Motherboard
AMD Pumori (Socket FT1)
Memory
6.00 GB Dual-Channel DDR3 @ 798MHz (11-11-12-28)
Graphics Card(s)
AMD Radeon HD 7660G
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1600x900@60Hz)
Screen Resolution
1600x900@60Hz
Hard Drives
SSD 119GB Corsair CSSD-V128GB2 ATA Device
Keyboard
Standard PS/2 Keyboard
Mouse
HP Wireless Optical Mobile Mouse Model FHA-3410
Internet Speed
What the local pub, local coffee shop offers.
Other Info
Optical Drive:MATSHITA BD-CMB UJ160B ATA Device


Also have an Asus ha1002xp netbook with Win 7 Ultimate installed.
Code: 
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\bestgameever\audiosurf\engine\channels\crypt.dll
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar.kfm
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar.nif
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_ac_down_atk.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_attack.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_critical.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_damage.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_die.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_normal_atk.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_normal_wide.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_run.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_stand.kf
c:\program files\outspark\fiesta\reschar\b_crackerhumar\b_crackerhumar_root_walk.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcarb_crackbip01_skill5.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcrab_crackbip01_skill1.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcrab_crackbip01_skill2.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcrab_crackbip01_skill3.kf
c:\program files\outspark\fiesta\reschar\kingcrab\emperorcrab_crackbip01_skill3_cast.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_attack.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_critical.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_damage.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_die.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_run.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_stand.kf
c:\program files\outspark\fiesta\reschar\kingcrab\kingcrab_crackbip01_walk.kf
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_ac_down_atk.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_attack.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_attack_op.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_die.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_normal_atk.nif
c:\program files\outspark\fiesta\reseffect\b_crackerhumar_normal_wide.nif
c:\program files\outspark\fiesta\reseffect\b_crackerlooter_curse_wide.nif
c:\program files\outspark\fiesta\reseffect\firecracker01.nif
c:\program files\outspark\fiesta\reseffect\firecracker02.nif
c:\program files\outspark\fiesta\reseffect\hfirecracker00.nif
c:\program files\outspark\fiesta\reseffect\sta_crackeracdownloof.nif
c:\program files\outspark\fiesta\reseffect\sta_crackerdiseaseloof.nif
c:\program files\outspark\fiesta\resmap\field\b_cracker\b_cracker.conf
c:\program files\outspark\fiesta\resmap\field\b_cracker\b_cracker.nif
c:\program files\outspark\fiesta\resmap\field\b_cracker\b_cracker.shbd
c:\program files\outspark\fiesta\resmap\field\b_cracker\b_cracker.shmd
c:\program files\outspark\fiesta\resmap\field\b_cracker\darkcave_water.nif
c:\program files\outspark\fiesta\resmenu\minimap\b_cracker.dds
c:\program files\outspark\fiesta\ressystem\action\b_crackerhumar.dat
c:\users\phill\music\itunes\itunes media\music\tchaikovsky\unknown album\the nutcracker (soft).m4a
c:\users\phill\music\itunes\itunes media\music\tchaikovsky\unknown album\the nutcracker.m4a
scanner sequence 3.ZZ.11.LVAPCD
----- EOF ----- 
 
aswMBR version 0.9.7.777 Copyright(c) 2011 AVAST Software
Run date: 2011-07-18 13:30:59
-----------------------------
13:30:59.241 OS Version: Windows 6.1.7601 Service Pack 1
13:30:59.241 Number of processors: 2 586 0x4802
13:30:59.241 ComputerName: PHILL-PC UserName: Phill
13:31:15.756 Initialize success
13:31:39.089 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-0
13:31:39.105 Disk 0 Vendor: TOSHIBA_MK6034GSX AH101D Size: 57231MB BusType: 3
13:31:39.105 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000078
13:31:39.105 Disk 1 Vendor: RICOH 01 Size: 3759MB BusType: 0
13:31:39.121 Disk 0 MBR read successfully
13:31:39.121 Disk 0 MBR scan
13:31:39.136 Disk 0 Windows 7 default MBR code
13:31:39.136 Disk 0 scanning sectors +117207040
13:31:39.230 Disk 0 scanning C:\Windows\system32\drivers
13:31:48.996 Service scanning
13:31:51.464 Disk 0 trace - called modules:
13:31:51.496 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll atiide.sys PCIIDEX.SYS atapi.sys 
13:31:51.511 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a97a78]
13:31:51.511 3 CLASSPNP.SYS[877a259e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-0[0x859b8908]
13:31:52.027 Scan finished successfully
13:32:05.449 Disk 0 MBR has been saved successfully to "C:\Users\Phill\Desktop\MBR.dat"
13:32:05.464 The log file has been saved successfully to "C:\Users\Phill\Desktop\aswMBR.txt"
 
OTL logfile created on: 7/18/2011 1:46:15 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Phill\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
894.05 Mb Total Physical Memory | 226.96 Mb Available Physical Memory | 25.39% Memory free
1.87 Gb Paging File | 1.09 Gb Available in Paging File | 58.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55.72 Gb Total Space | 5.45 Gb Free Space | 9.79% Space Free | Partition Type: NTFS
Drive D: | 2.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 3.66 Gb Total Space | 0.19 Gb Free Space | 5.23% Space Free | Partition Type: FAT32
Drive G: | 7.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 5.67 Gb Total Space | 0.23 Gb Free Space | 4.11% Space Free | Partition Type: FAT32
 
Computer Name: PHILL-PC | User Name: Phill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Phill\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Phill\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lxebcoms.exe ( )
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\WiFiConnector\NintendoWFCReg.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Phill\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AdvancedSystemCareService) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (rpcnet) Remote Procedure Call (RPC) -- C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (lxeb_device) -- C:\Windows\System32\lxebcoms.exe ( )
SRV - (lxebCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (67329092) -- C:\Windows\system32\DRIVERS\67329092.sys (Kaspersky Lab ZAO)
DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Program Files\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (SmartDefragDriver) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys ()
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WINUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (RT25USBAP) -- C:\Windows\System32\drivers\RT25USBAP.SYS (Ralink Technology Inc.)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (atiide) -- C:\Windows\system32\DRIVERS\atiide.sys (ATI Technologies Inc.)
DRV - (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM) -- C:\Windows\System32\drivers\sscdserd.sys (MCCI)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL="http://go.microsoft.com/fwlink/?LinkId=69157"]MSN.com[/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL="http://go.microsoft.com/fwlink/?LinkId=54896"]Bing[/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [URL="http://go.microsoft.com/fwlink/?LinkId=54896"]Bing[/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [URL="http://go.microsoft.com/fwlink/?LinkId=69157"]MSN.com[/URL]
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL="http://www.yahoo.com/?fr=fp-yie9"]Yahoo![/URL]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [URL="http://go.microsoft.com/fwlink/?LinkId=54896"]Bing[/URL]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [URL="http://www.facebook.com/"]Welcome to Facebook - Log In, Sign Up or Learn More[/URL]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [URL="http://www.msn.com/"]MSN.com[/URL]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.WeatherBlink.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Phill\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Phill\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
 
 
[2011/06/21 17:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phill\AppData\Roaming\Mozilla\Extensions
[2011/06/22 13:21:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phill\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/01/30 20:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phill\AppData\Roaming\Mozilla\Extensions\[email protected]
 
O1 HOSTS File: ([2011/07/16 20:00:36 | 000,000,084 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 [URL="http://www.example.com/"]www.example.com[/URL]
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Google Update] C:\Users\Phill\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SmartRAM] C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe (IObit)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} [URL]http://support.euro.dell.com/systemprofiler/SysProExe.CAB[/URL] (WMI Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [URL]http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab[/URL] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [URL]http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab[/URL] (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [URL]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/URL] (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} [URL]http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab[/URL] (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/07/14 04:26:40 | 000,000,043 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010/05/24 18:34:11 | 000,000,046 | RH-- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{11e68bdd-92eb-11e0-9938-000d0bc45ef3}\Shell - "" = AutoRun
O33 - MountPoints2\{11e68bdd-92eb-11e0-9938-000d0bc45ef3}\Shell\AutoRun\command - "" = G:\Installer.exe -- [2010/05/24 18:34:11 | 002,505,256 | R--- | M] ()
O33 - MountPoints2\{8900f934-12cf-11e0-ad04-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8900f934-12cf-11e0-ad04-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2009/07/14 04:26:40 | 000,111,880 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SmartDefragBootTime.exe) - C:\Windows\System32\SmartDefragBootTime.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/07/18 13:40:12 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Phill\Desktop\OTL.exe
[2011/07/18 13:19:39 | 001,913,344 | ---- | C] (AVAST Software) -- C:\Users\Phill\Desktop\aswMBR.exe
[2011/07/17 20:07:15 | 000,000,000 | ---D | C] -- C:\Users\Phill\Incomplete
[2011/07/17 05:02:38 | 000,190,032 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011/07/17 05:02:38 | 000,056,400 | ---- | C] (trend_company_name) -- C:\Windows\System32\drivers\tmrkb.sys
[2011/07/17 03:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/07/17 03:53:16 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\67329092.sys
[2011/07/17 03:33:19 | 003,412,856 | ---- | C] (Sysinternals - [URL="http://www.sysinternals.com/"]www.sysinternals.com[/URL]) -- C:\procexp.exe
[2011/07/17 03:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/07/17 02:29:15 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Local\NPE
[2011/07/17 02:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/07/16 19:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2011/07/15 20:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/07/15 12:50:36 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\AVG10
[2011/07/15 12:48:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/07/15 12:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/07/15 12:31:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/07/15 11:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/07/15 10:44:17 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Local\Apple Computer
[2011/07/15 08:33:32 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\Malwarebytes
[2011/07/15 08:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/12 21:34:16 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011/07/12 21:34:16 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/12 21:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/07/12 21:33:43 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/07/12 21:33:43 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/07/12 21:33:42 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/12 21:32:47 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/11 08:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/07/02 13:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nintendo Wi-Fi USB Connector
[2011/07/02 13:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\WiFiConnector
[2011/07/02 08:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/07/02 08:11:59 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/07/02 08:11:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/07/02 08:11:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/06/29 14:35:11 | 000,028,672 | ---- | C] (Axis) -- C:\Windows\System32\PCWinSoftPBar.ocx
[2011/06/29 14:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1AVCapture
[2011/06/29 14:35:09 | 000,630,784 | ---- | C] (Axis) -- C:\Windows\System32\AxisToolBar.ocx
[2011/06/29 14:35:09 | 000,438,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSHFLXGD.OCX
[2011/06/29 14:35:09 | 000,264,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DS32.AX
[2011/06/29 14:35:09 | 000,188,416 | ---- | C] (Unreal Streaming Technologies Group.) -- C:\Windows\System32\UScreenCapture.ax
[2011/06/29 14:35:09 | 000,126,976 | ---- | C] (Ariel Systems) -- C:\Windows\System32\ArielColorCtrl.ocx
[2011/06/29 14:35:09 | 000,073,728 | ---- | C] (PCWinSoft Systems Ltd) -- C:\Windows\System32\TOverlay.ax
[2011/06/29 14:35:09 | 000,053,248 | ---- | C] (DeskShare) -- C:\Windows\System32\DSTimeStamp.ax
[2011/06/29 14:35:09 | 000,036,864 | ---- | C] (Axis) -- C:\Windows\System32\Sof2FFTPrj.ocx
[2011/06/29 14:35:09 | 000,028,672 | ---- | C] (Axis) -- C:\Windows\System32\SpecBarPrj.ocx
[2011/06/29 14:34:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\1AVCapture
[2011/06/29 14:34:59 | 000,000,000 | ---D | C] -- C:\Program Files\1AVCapture
[2011/06/28 21:26:22 | 000,000,000 | ---D | C] -- C:\Taz Wanted
[2011/06/28 20:21:35 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/06/28 20:21:35 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/06/28 20:21:34 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/06/28 20:21:34 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/06/28 20:21:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/06/28 20:21:33 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/06/26 12:14:31 | 000,000,000 | ---D | C] -- C:\Users\Phill\FrostWire
[2011/06/26 12:14:15 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\FrostWire
[2011/06/26 12:14:05 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire
[2011/06/26 12:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2011/06/22 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\Phill\Documents\StarCraft II
[2011/06/22 13:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/06/22 13:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2011/06/22 13:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2011/06/22 10:50:19 | 000,000,000 | -H-D | C] -- C:\Windows\System32\explorer
[2011/06/21 14:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/06/21 04:29:05 | 000,000,000 | ---D | C] -- C:\Users\Phill\Desktop\Starcraft_II_Wings_Of_Liberty_Proper-Razor1911
[2011/06/20 23:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft
[2011/06/20 23:26:51 | 000,000,000 | ---D | C] -- C:\StarCraft
[2011/06/20 22:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft Shareware(ED)
[2011/06/20 22:29:34 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Starcraft Shareware(ED)
[2011/06/20 22:29:33 | 000,068,608 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScEdUnin.exe
[2011/06/20 22:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft Shareware(ED)
[2011/06/19 12:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/19 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Phill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/03/11 19:01:23 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxebcomm.dll
[2010/04/14 20:56:04 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\lxebih.exe
[2010/04/14 20:56:02 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\lxebcoms.exe
[2010/04/14 20:56:00 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\lxebcfg.exe
[2010/04/13 20:41:34 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\lxebcoin.dll
[2009/12/09 20:47:50 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxebpmui.dll
[2009/12/09 20:43:14 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxebserv.dll
[2009/12/09 20:41:22 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxebhbn3.dll
[2009/12/09 20:40:12 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxebusb1.dll
[2009/12/09 20:37:32 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxebhcp.dll
[2009/12/09 20:36:32 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxeblmpm.dll
[2009/12/09 20:35:50 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxebiesc.dll
[2009/12/09 20:35:44 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxebcomc.dll
[2009/12/09 20:35:30 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxebinpa.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/07/18 13:40:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Phill\Desktop\OTL.exe
[2011/07/18 13:32:05 | 000,000,512 | ---- | M] () -- C:\Users\Phill\Desktop\MBR.dat
[2011/07/18 13:31:32 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/18 13:31:32 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/18 13:24:29 | 000,000,437 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011/07/18 13:24:11 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2011/07/18 13:24:11 | 000,000,312 | -HS- | M] () -- C:\Windows\tasks\ITAX.job
[2011/07/18 13:24:09 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2011/07/18 13:24:07 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/07/18 13:24:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/18 13:23:53 | 703,107,072 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/18 13:19:59 | 001,913,344 | ---- | M] (AVAST Software) -- C:\Users\Phill\Desktop\aswMBR.exe
[2011/07/18 13:17:17 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2992413630-1469070986-2887152357-1001UA.job
[2011/07/18 13:10:42 | 000,459,264 | ---- | M] () -- C:\Users\Phill\Desktop\CKScanner.exe
[2011/07/18 12:00:04 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2011/07/18 01:17:03 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2992413630-1469070986-2887152357-1001Core.job
[2011/07/17 17:00:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/07/17 11:16:26 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\67329092.sys
[2011/07/17 05:02:56 | 000,190,032 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011/07/17 05:02:56 | 000,056,400 | ---- | M] (trend_company_name) -- C:\Windows\System32\drivers\tmrkb.sys
[2011/07/17 03:29:14 | 013,405,541 | ---- | M] () -- C:\Users\Phill\AppData\Roaming\SMRBackup200.dat
[2011/07/17 03:08:59 | 000,002,198 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/07/17 03:07:34 | 000,652,490 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/17 03:07:34 | 000,113,900 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/17 02:39:18 | 000,001,568 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/07/16 20:00:36 | 000,000,084 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/07/16 17:19:30 | 000,007,613 | ---- | M] () -- C:\Users\Phill\AppData\Local\resmon.resmoncfg
[2011/07/15 18:37:37 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/07/15 18:37:37 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/07/15 03:19:43 | 000,064,000 | RHS- | M] () -- C:\Windows\System32\dhcpsapi4.dll
[2011/07/13 18:23:01 | 001,747,101 | ---- | M] () -- C:\Users\Phill\Desktop\Sonic 2 Music Emerald Hill Zone 2-player.mp3
[2011/07/13 18:22:06 | 003,145,303 | ---- | M] () -- C:\Users\Phill\Desktop\Nte The Great - Emerald Hill Zone 2-Player Version Nte The Great Remix.mp3
[2011/07/13 00:12:14 | 000,259,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/12 22:45:09 | 004,023,725 | ---- | M] () -- C:\Users\Phill\Desktop\Pokemon Orchestral Arrangement National Park.mp3
[2011/07/12 21:34:16 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011/07/12 21:34:16 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/12 21:33:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/07/12 21:33:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/07/12 21:33:43 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/07/12 21:33:43 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/12 21:33:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/12 21:33:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/12 21:33:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/12 21:32:47 | 002,334,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/11 15:11:00 | 000,134,308 | ---- | M] () -- C:\Users\Phill\Documents\fim.Mosko.Mobi.CAB
[2011/07/02 13:03:20 | 000,001,092 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Run Registration Tool.lnk
[2011/06/26 12:14:05 | 000,001,201 | ---- | M] () -- C:\Users\Phill\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.8.lnk
[2011/06/26 12:14:05 | 000,001,177 | ---- | M] () -- C:\Users\Phill\Desktop\FrostWire 4.21.8.lnk
[2011/06/26 10:49:58 | 000,073,728 | ---- | M] (PCWinSoft Systems Ltd) -- C:\Windows\System32\TOverlay.ax
[2011/06/25 22:09:34 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/06/22 23:02:39 | 000,001,509 | ---- | M] () -- C:\Users\Phill\Desktop\StarCraft II.lnk
[2011/06/20 23:38:03 | 000,000,945 | ---- | M] () -- C:\Users\Phill\Desktop\StarCraft.lnk
[2011/06/20 22:29:37 | 000,007,306 | ---- | M] () -- C:\Windows\scedunin.dat
[2011/06/20 22:29:34 | 000,000,967 | ---- | M] () -- C:\Windows\ScEdUnin.pif
[2011/06/20 22:29:33 | 000,068,608 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScEdUnin.exe
[2011/06/19 19:32:26 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/07/18 13:32:05 | 000,000,512 | ---- | C] () -- C:\Users\Phill\Desktop\MBR.dat
[2011/07/18 13:10:36 | 000,459,264 | ---- | C] () -- C:\Users\Phill\Desktop\CKScanner.exe
[2011/07/17 03:28:31 | 013,405,541 | ---- | C] () -- C:\Users\Phill\AppData\Roaming\SMRBackup200.dat
[2011/07/17 03:07:23 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/07/17 02:38:40 | 000,001,568 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011/07/16 09:43:46 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/07/15 17:54:07 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/07/15 17:54:07 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/07/15 03:19:43 | 000,000,312 | -HS- | C] () -- C:\Windows\tasks\ITAX.job
[2011/07/15 03:19:41 | 000,064,000 | RHS- | C] () -- C:\Windows\System32\dhcpsapi4.dll
[2011/07/13 18:22:54 | 001,747,101 | ---- | C] () -- C:\Users\Phill\Desktop\Sonic 2 Music Emerald Hill Zone 2-player.mp3
[2011/07/13 18:21:58 | 003,145,303 | ---- | C] () -- C:\Users\Phill\Desktop\Nte The Great - Emerald Hill Zone 2-Player Version Nte The Great Remix.mp3
[2011/07/12 22:44:59 | 004,023,725 | ---- | C] () -- C:\Users\Phill\Desktop\Pokemon Orchestral Arrangement National Park.mp3
[2011/07/11 15:10:59 | 000,134,308 | ---- | C] () -- C:\Users\Phill\Documents\fim.Mosko.Mobi.CAB
[2011/07/02 13:03:20 | 000,001,092 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Run Registration Tool.lnk
[2011/06/29 14:35:10 | 000,008,587 | ---- | C] () -- C:\Windows\System32\msaudio.cat
[2011/06/29 14:35:09 | 000,040,960 | ---- | C] () -- C:\Windows\System32\wavdest.ax
[2011/06/29 14:35:09 | 000,008,608 | ---- | C] () -- C:\Windows\System32\mpeg4ax.cat
[2011/06/26 12:14:05 | 000,001,201 | ---- | C] () -- C:\Users\Phill\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.8.lnk
[2011/06/26 12:14:05 | 000,001,177 | ---- | C] () -- C:\Users\Phill\Desktop\FrostWire 4.21.8.lnk
[2011/06/22 23:02:39 | 000,001,509 | ---- | C] () -- C:\Users\Phill\Desktop\StarCraft II.lnk
[2011/06/20 23:36:22 | 000,000,945 | ---- | C] () -- C:\Users\Phill\Desktop\StarCraft.lnk
[2011/06/20 22:29:37 | 000,007,306 | ---- | C] () -- C:\Windows\scedunin.dat
[2011/06/20 22:29:33 | 000,000,967 | ---- | C] () -- C:\Windows\ScEdUnin.pif
[2011/06/10 12:33:00 | 000,000,000 | ---- | C] () -- C:\Users\Phill\AppData\Roaming\FileOut.cns
[2011/06/10 12:33:00 | 000,000,000 | ---- | C] () -- C:\Users\Phill\AppData\Roaming\FileIn.cns
[2011/05/21 20:35:59 | 000,162,082 | ---- | C] () -- C:\Windows\DP Animation Maker Uninstaller.exe
[2011/04/15 23:25:33 | 000,029,008 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/04/15 23:25:33 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/03/21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/03/12 00:17:40 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\lxebrwrd.ini
[2011/03/11 19:01:27 | 000,331,776 | ---- | C] () -- C:\Windows\System32\LXEBinst.dll
[2011/02/22 21:25:40 | 000,668,160 | ---- | C] () -- C:\Windows\System32\autochk.exe
[2011/02/15 07:46:02 | 014,135,296 | ---- | C] () -- C:\Windows\System32\common_res.dll
[2011/01/09 11:46:21 | 000,002,552 | ---- | C] () -- C:\Windows\WAVEMIX.INI
[2011/01/09 11:46:02 | 000,000,888 | ---- | C] () -- C:\Windows\INSPACE.INI
[2011/01/08 12:24:38 | 000,189,051 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/01/08 11:18:38 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 17:59:56 | 000,040,960 | ---- | C] () -- C:\Windows\98Setup.exe
[2011/01/04 03:55:42 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2011/01/04 03:55:31 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2011/01/02 08:26:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/29 08:21:26 | 000,001,355 | ---- | C] () -- C:\Windows\kaillera.ini
[2010/12/28 17:13:24 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll
[2010/12/28 17:12:26 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.exe
[2010/12/28 15:33:55 | 000,007,613 | ---- | C] () -- C:\Users\Phill\AppData\Local\resmon.resmoncfg
[2010/02/11 00:30:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009/11/09 09:06:50 | 000,106,496 | ---- | C] () -- C:\Windows\System32\lxebinsr.dll
[2009/11/09 09:06:48 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxebcur.dll
[2009/11/09 09:06:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxebjswr.dll
[2009/11/09 09:06:24 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxebinsb.dll
[2009/11/09 09:06:22 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxebcub.dll
[2009/11/09 09:06:12 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxebgrd.dll
[2009/11/09 09:06:06 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxebcu.dll
[2009/11/09 09:05:54 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxebins.dll
[2009/11/09 08:59:58 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxebgcfg.dll
[2009/10/21 11:06:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxebcui.dll
[2009/10/21 11:06:20 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxebcuir.dll
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,259,776 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,652,490 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,113,900 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/20 09:48:44 | 000,023,552 | ---- | C] () -- C:\Windows\System32\lxebsmr.dll
[2009/02/20 09:48:04 | 000,299,008 | ---- | C] () -- C:\Windows\System32\lxebsm.dll
[2008/12/01 21:08:40 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/03/05 03:55:36 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxebvs.dll
[2006/11/02 10:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
 
========== LOP Check ==========
 
[2011/03/27 16:13:35 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\.visualvm
[2011/03/18 21:26:41 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\Aura4You
[2011/07/15 12:50:36 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\AVG10
[2011/01/01 08:25:15 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\enchant
[2011/07/17 20:10:41 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\FrostWire
[2011/07/15 06:27:50 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\IObit
[2011/05/30 00:42:41 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\Laconic Software
[2011/06/16 23:10:12 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\PCDr
[2011/07/08 18:18:43 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\Software Informer
[2011/07/16 22:06:31 | 000,000,000 | ---D | M] -- C:\Users\Phill\AppData\Roaming\uTorrent
[2011/07/18 13:24:11 | 000,000,312 | -HS- | M] () -- C:\Windows\Tasks\ITAX.job
[2011/06/25 22:09:34 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/05/28 16:08:23 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/07/18 12:00:04 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
[2011/07/18 13:24:07 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:EEDA5B17
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:96D0C06F
< End of report >
 
OTL Extras logfile created on: 7/18/2011 1:46:15 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Phill\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
894.05 Mb Total Physical Memory | 226.96 Mb Available Physical Memory | 25.39% Memory free
1.87 Gb Paging File | 1.09 Gb Available in Paging File | 58.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55.72 Gb Total Space | 5.45 Gb Free Space | 9.79% Space Free | Partition Type: NTFS
Drive D: | 2.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 3.66 Gb Total Space | 0.19 Gb Free Space | 5.23% Space Free | Partition Type: FAT32
Drive G: | 7.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 5.67 Gb Total Space | 0.23 Gb Free Space | 4.11% Space Free | Partition Type: FAT32
 
Computer Name: PHILL-PC | User Name: Phill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{080E275F-67BF-6E44-10A5-6B25BD0C73E6}" = ccc-utility
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{2866B2D9-B57E-4829-A554-47DF68868F15}" = Fiesta
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3B321407-8558-4C72-86F6-C1E72AC9F8BA}" = Continuum
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{5F577CD8-A997-2E11-83BC-4445DD2D4542}" = AMD VISION Engine Control Center
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{658DE1DF-D156-DD5A-800E-20C693806F65}" = Catalyst Control Center InstallProxy
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{6844F85B-1AEE-093A-5FC9-235035B3A127}" = Catalyst Control Center Graphics Previews Common
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{71790311-0C42-B5BC-AF01-97BFFEF2A30B}" = ATI Catalyst Install Manager
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{8004E5FD-A3A1-F723-EDAF-D5808A756DDC}" = Catalyst Control Center Graphics Previews Common
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3A3C74-0163-F062-08D6-C8AC7430669E}" = ccc-utility
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EB278E8-7FDA-4ED9-A429-C87A76F95087}_is1" = 1AVCapture version 1.9.0.01
"{8FD4407C-A901-092A-EB3C-602B52C361DC}" = Catalyst Control Center
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9A6F4E4F-9FAB-78A2-020B-3DAED3B2E0E1}" = AMD Fuel
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B7749EE2-5318-D255-F0EE-14D5845B0925}" = CCC Help English
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C24B0741-A616-6C3F-F952-BAC0CE90761F}" = CCC Help English
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC CIF Camer@
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E127B28D-1A2A-45C4-A74E-C817E0A74E3E}" = Fiesta
"{E15E74CC-E9D1-9042-4481-BE3B573620BA}" = AMD Fuel
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{E9BECF5D-5BA8-950F-7757-17D825A37371}" = Catalyst Control Center InstallProxy
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Dell Support Center" = Dell Support Center
"DMX5_is1" = DriverMax 5
"DP Animation Maker" = DP Animation Maker
"Fantastic Flame Screensaver" = Fantastic Flame Screensaver
"FormatFactory" = FormatFactory 2.60
"FrostWire" = FrostWire 4.21.8
"Lexmark Pro200-S500 Series" = Lexmark Pro200-S500 Series
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NoLimits Coasters full" = NoLimits Coasters 1.7 (remove only)
"OGPlanet Game Launcher US" = OGPlanet Game Launcher
"RumbleFighter" = Rumble Fighter
"Smart Defrag 2_is1" = Smart Defrag 2
"Software Informer_is1" = Software Informer 1.1
"StarCraft II" = StarCraft II
"Starcraft Shareware(ED)" = Starcraft Shareware(ED)
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TinyWord2" = TinyWord 2.9.0
"Train Simulator 1.0" = Microsoft Train Simulator
"uTorrent" = µTorrent
"WiFiConnector" = Nintendo Wi-Fi USB Connector Registration Tool
"Windows Mobile Device Handbook" = HTC Touch Pro2 User Guide
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
 
Malwarebytes' Anti-Malware 1.51.1.1800
[URL="http://www.malwarebytes.org/"]www.malwarebytes.org[/URL]
Database version: 7192
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
7/18/2011 3:07:13 PM
mbam-log-2011-07-18 (15-06-57).txt
Scan type: Full scan (C:\|)
Objects scanned: 302799
Time elapsed: 1 hour(s), 10 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\XMZH42I4GI (Trojan.FakeAlert.SA) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
 
Last edited:

My Computer

Computer Manufacturer/Model Number
(Laptop) Dell Inc./PP23LA
OS
MS Windows 7 Home Premium 32-bit SP1
CPU
AMD Turion 64 X2 Mobile TL-50
Motherboard
Dell Inc. (Socket M2/S1G1)
Memory
1.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Graphics Card(s)
ATI Radeon Xpress Series (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic Pnp Monitor
Screen Resolution
1280x800 pixels
Hard Drives
59GB TOSHIBA TOSHIBA MK6034GSX ATA Device (SATA)
3.85GB Ricoh SD/MMC Disk Device (IDE)
Keyboard
Standard PS/2 Keyboard
Mouse
PS/2 Compatible Mouse
Internet Speed
54 Mbps
Other Info
Optical Drives:
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632D ATA Device

Wifi Adapter:
Broadcom 802.11g Network Adapter
CKScanner log is fine
aswMBR log is fine

Delete the entry malwarebytes found. Reboot and scan again and upload a fresh malwarebytes log.

I'll go through your OTL log tomorrow, it's going to take a while and I'm very tired!

Tom
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Build #1
OS
Windows 8.1 Pro x64
CPU
Intel i7 3770K @4.5GHz
Motherboard
ASUS P8Z77-V PRO
Memory
Corsair Vengeance 2x4GB DDR3 1600MHz Low Profile (White)
Graphics Card(s)
Gigabyte Radeon HD 7850 (2GB GDDR5)
Sound Card
Integrated on motherboard
Monitor(s) Displays
23" LG LCD/LED IPS
Screen Resolution
1920*1080
Hard Drives
Samsung EVO 128GB SSD
Seagate Barracuda 2GB 7200rpm
2x Seagate FreeAgent [500gb]
PSU
Corsair TX650W V2 (80+ Bronze)
Case
NZXT Phantom 410 White
Cooling
Corsair H100 Water Cooler
Keyboard
Microsoft Desktop 2000 Wireless Keyboard
Mouse
Microsoft Desktop 2000 Wireless Mouse
Internet Speed
95 Mb/s Download 70 Mb/s Upload
Antivirus
MSE + MBAM Pro
Browser
Firefox
ok, malwarebytes is scanning now. ill post the log afterwards. When thats done, ill try the microsoft standalone system sweeper
 

My Computer

Computer Manufacturer/Model Number
(Laptop) Dell Inc./PP23LA
OS
MS Windows 7 Home Premium 32-bit SP1
CPU
AMD Turion 64 X2 Mobile TL-50
Motherboard
Dell Inc. (Socket M2/S1G1)
Memory
1.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Graphics Card(s)
ATI Radeon Xpress Series (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic Pnp Monitor
Screen Resolution
1280x800 pixels
Hard Drives
59GB TOSHIBA TOSHIBA MK6034GSX ATA Device (SATA)
3.85GB Ricoh SD/MMC Disk Device (IDE)
Keyboard
Standard PS/2 Keyboard
Mouse
PS/2 Compatible Mouse
Internet Speed
54 Mbps
Other Info
Optical Drives:
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632D ATA Device

Wifi Adapter:
Broadcom 802.11g Network Adapter
Reports that theres no infection now, but both problems still occur.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7192
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
7/18/2011 6:19:34 PM
mbam-log-2011-07-18 (18-19-33).txt
Scan type: Full scan (C:\|)
Objects scanned: 303036
Time elapsed: 1 hour(s), 31 minute(s), 34 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
 

My Computer

Computer Manufacturer/Model Number
(Laptop) Dell Inc./PP23LA
OS
MS Windows 7 Home Premium 32-bit SP1
CPU
AMD Turion 64 X2 Mobile TL-50
Motherboard
Dell Inc. (Socket M2/S1G1)
Memory
1.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Graphics Card(s)
ATI Radeon Xpress Series (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic Pnp Monitor
Screen Resolution
1280x800 pixels
Hard Drives
59GB TOSHIBA TOSHIBA MK6034GSX ATA Device (SATA)
3.85GB Ricoh SD/MMC Disk Device (IDE)
Keyboard
Standard PS/2 Keyboard
Mouse
PS/2 Compatible Mouse
Internet Speed
54 Mbps
Other Info
Optical Drives:
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632D ATA Device

Wifi Adapter:
Broadcom 802.11g Network Adapter
trying the sweeper now
 

My Computer

Computer Manufacturer/Model Number
(Laptop) Dell Inc./PP23LA
OS
MS Windows 7 Home Premium 32-bit SP1
CPU
AMD Turion 64 X2 Mobile TL-50
Motherboard
Dell Inc. (Socket M2/S1G1)
Memory
1.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Graphics Card(s)
ATI Radeon Xpress Series (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic Pnp Monitor
Screen Resolution
1280x800 pixels
Hard Drives
59GB TOSHIBA TOSHIBA MK6034GSX ATA Device (SATA)
3.85GB Ricoh SD/MMC Disk Device (IDE)
Keyboard
Standard PS/2 Keyboard
Mouse
PS/2 Compatible Mouse
Internet Speed
54 Mbps
Other Info
Optical Drives:
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632D ATA Device

Wifi Adapter:
Broadcom 802.11g Network Adapter
Phillywells, Excellent-although I don't expect the system sweeper to find anything.

I'd say we need another approach to your problem.

Could you help us out and fluff out your System Specs?

Here's a procedure to guide you.

UPDATE YOUR SEVENFORUMS SYSTEM SPECS


User CP (3rd item in the top menu bar) |
in left-hand column, under Your Profile, Edit System Spec |


Use Speccy - System Information - Free Download
and/or SIW to gather info for filling in the blanks.

Do me a favor and add the word laptop or desktop to the “system manufacturer” block.

Use the “Other Info” block for Optical Reader, Mouse, touchpad, wifi adapter, speakers, monitor

Scroll down and click on the SAVE CHANGES button.
 

My Computer

Computer Manufacturer/Model Number
Toshiba Satellite S875D-S7239 laptop
OS
MS Windows 7 Ultimate SP1 64-bit
CPU
AMD A10-4600M
Motherboard
AMD Pumori (Socket FT1)
Memory
6.00 GB Dual-Channel DDR3 @ 798MHz (11-11-12-28)
Graphics Card(s)
AMD Radeon HD 7660G
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1600x900@60Hz)
Screen Resolution
1600x900@60Hz
Hard Drives
SSD 119GB Corsair CSSD-V128GB2 ATA Device
Keyboard
Standard PS/2 Keyboard
Mouse
HP Wireless Optical Mobile Mouse Model FHA-3410
Internet Speed
What the local pub, local coffee shop offers.
Other Info
Optical Drive:MATSHITA BD-CMB UJ160B ATA Device


Also have an Asus ha1002xp netbook with Win 7 Ultimate installed.
Ok, its been updated now and yeah the sweeper didnt find anything.
 

My Computer

Computer Manufacturer/Model Number
(Laptop) Dell Inc./PP23LA
OS
MS Windows 7 Home Premium 32-bit SP1
CPU
AMD Turion 64 X2 Mobile TL-50
Motherboard
Dell Inc. (Socket M2/S1G1)
Memory
1.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Graphics Card(s)
ATI Radeon Xpress Series (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic Pnp Monitor
Screen Resolution
1280x800 pixels
Hard Drives
59GB TOSHIBA TOSHIBA MK6034GSX ATA Device (SATA)
3.85GB Ricoh SD/MMC Disk Device (IDE)
Keyboard
Standard PS/2 Keyboard
Mouse
PS/2 Compatible Mouse
Internet Speed
54 Mbps
Other Info
Optical Drives:
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632D ATA Device

Wifi Adapter:
Broadcom 802.11g Network Adapter
phillywells said:
Ok, its been updated now and yeah the sweeper didnt find anything.
Click to expand...

Excellent! Thanks.

Now I don't think that MagicISO is the source of your problems, but could you delete MagicISO till we have located the problem?

I tried MagicISO and found the program to be interfering.

I liked some of the features but I would recommend to anyone to use it to accomplish an objective and then immediately uninstall it.

Which anti-virus are you presently using?

If at all possible, until the source of the problem is located, remove and anti-virus, anti-spyware, firewall program that you have installed if it is not from Microsoft. That means, use Microsoft Security Essentials, Windows Firewall and the Security Center defaults.

Would you please download, install and run CCleaner (link in my sig). CCleaner is free. Don't get tricked into clicking on the buy buttons.

AFter cleaning, then follow this procedure:
LIST OF STARTUP PROGRAMS USING CCLEANER


CCleaner | Tasks icon | Startup tab | click on Save to text file button (bottom right side)

Using the PAPER CLIP icon in the top panel of a Message Reply window, attach the .txt file generated by CCleaner.
 

My Computer

Computer Manufacturer/Model Number
Toshiba Satellite S875D-S7239 laptop
OS
MS Windows 7 Ultimate SP1 64-bit
CPU
AMD A10-4600M
Motherboard
AMD Pumori (Socket FT1)
Memory
6.00 GB Dual-Channel DDR3 @ 798MHz (11-11-12-28)
Graphics Card(s)
AMD Radeon HD 7660G
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1600x900@60Hz)
Screen Resolution
1600x900@60Hz
Hard Drives
SSD 119GB Corsair CSSD-V128GB2 ATA Device
Keyboard
Standard PS/2 Keyboard
Mouse
HP Wireless Optical Mobile Mouse Model FHA-3410
Internet Speed
What the local pub, local coffee shop offers.
Other Info
Optical Drive:MATSHITA BD-CMB UJ160B ATA Device


Also have an Asus ha1002xp netbook with Win 7 Ultimate installed.
Ok i got rid of MagicISO and I dont have any anti virus programs installed right now. Microsoft Security Essentials wont start and im guessing its because the Security Center and the Microsoft Antimalware services keep getting disabled automatically when i try to turn it on. Windows Firewall works fine though.
 

Attachments

My Computer

Computer Manufacturer/Model Number
(Laptop) Dell Inc./PP23LA
OS
MS Windows 7 Home Premium 32-bit SP1
CPU
AMD Turion 64 X2 Mobile TL-50
Motherboard
Dell Inc. (Socket M2/S1G1)
Memory
1.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Graphics Card(s)
ATI Radeon Xpress Series (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic Pnp Monitor
Screen Resolution
1280x800 pixels
Hard Drives
59GB TOSHIBA TOSHIBA MK6034GSX ATA Device (SATA)
3.85GB Ricoh SD/MMC Disk Device (IDE)
Keyboard
Standard PS/2 Keyboard
Mouse
PS/2 Compatible Mouse
Internet Speed
54 Mbps
Other Info
Optical Drives:
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632D ATA Device

Wifi Adapter:
Broadcom 802.11g Network Adapter
philly,
:orb: | MSCONFIG | ENTER | STARTUP tab |
uncheck ALL except for:
Sidebar C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSC "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

RESTART your computer.

In the Start Menu, If you select All Programs, do you see an entry for Microsoft Security Essentials?

If yes, then click on it.
 

My Computer

Computer Manufacturer/Model Number
Toshiba Satellite S875D-S7239 laptop
OS
MS Windows 7 Ultimate SP1 64-bit
CPU
AMD A10-4600M
Motherboard
AMD Pumori (Socket FT1)
Memory
6.00 GB Dual-Channel DDR3 @ 798MHz (11-11-12-28)
Graphics Card(s)
AMD Radeon HD 7660G
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1600x900@60Hz)
Screen Resolution
1600x900@60Hz
Hard Drives
SSD 119GB Corsair CSSD-V128GB2 ATA Device
Keyboard
Standard PS/2 Keyboard
Mouse
HP Wireless Optical Mobile Mouse Model FHA-3410
Internet Speed
What the local pub, local coffee shop offers.
Other Info
Optical Drive:MATSHITA BD-CMB UJ160B ATA Device


Also have an Asus ha1002xp netbook with Win 7 Ultimate installed.
its there but nothing happens when i click on it
 

My Computer

Computer Manufacturer/Model Number
(Laptop) Dell Inc./PP23LA
OS
MS Windows 7 Home Premium 32-bit SP1
CPU
AMD Turion 64 X2 Mobile TL-50
Motherboard
Dell Inc. (Socket M2/S1G1)
Memory
1.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Graphics Card(s)
ATI Radeon Xpress Series (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic Pnp Monitor
Screen Resolution
1280x800 pixels
Hard Drives
59GB TOSHIBA TOSHIBA MK6034GSX ATA Device (SATA)
3.85GB Ricoh SD/MMC Disk Device (IDE)
Keyboard
Standard PS/2 Keyboard
Mouse
PS/2 Compatible Mouse
Internet Speed
54 Mbps
Other Info
Optical Drives:
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632D ATA Device

Wifi Adapter:
Broadcom 802.11g Network Adapter
did you uncheck all except for the two I listed? Yes or No.

Be sure to leave all unchecked except for those two.
 

My Computer

Computer Manufacturer/Model Number
Toshiba Satellite S875D-S7239 laptop
OS
MS Windows 7 Ultimate SP1 64-bit
CPU
AMD A10-4600M
Motherboard
AMD Pumori (Socket FT1)
Memory
6.00 GB Dual-Channel DDR3 @ 798MHz (11-11-12-28)
Graphics Card(s)
AMD Radeon HD 7660G
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1600x900@60Hz)
Screen Resolution
1600x900@60Hz
Hard Drives
SSD 119GB Corsair CSSD-V128GB2 ATA Device
Keyboard
Standard PS/2 Keyboard
Mouse
HP Wireless Optical Mobile Mouse Model FHA-3410
Internet Speed
What the local pub, local coffee shop offers.
Other Info
Optical Drive:MATSHITA BD-CMB UJ160B ATA Device


Also have an Asus ha1002xp netbook with Win 7 Ultimate installed.
I've put a call out for assistance as I find your case unusual. I must be missing the obvious.
 

My Computer

Computer Manufacturer/Model Number
Toshiba Satellite S875D-S7239 laptop
OS
MS Windows 7 Ultimate SP1 64-bit
CPU
AMD A10-4600M
Motherboard
AMD Pumori (Socket FT1)
Memory
6.00 GB Dual-Channel DDR3 @ 798MHz (11-11-12-28)
Graphics Card(s)
AMD Radeon HD 7660G
Sound Card
High Definition Audio Device
Monitor(s) Displays
Generic PnP Monitor (1600x900@60Hz)
Screen Resolution
1600x900@60Hz
Hard Drives
SSD 119GB Corsair CSSD-V128GB2 ATA Device
Keyboard
Standard PS/2 Keyboard
Mouse
HP Wireless Optical Mobile Mouse Model FHA-3410
Internet Speed
What the local pub, local coffee shop offers.
Other Info
Optical Drive:MATSHITA BD-CMB UJ160B ATA Device


Also have an Asus ha1002xp netbook with Win 7 Ultimate installed.
yes those two are the only ones checked. not sure whats wrong here.
 

My Computer

Computer Manufacturer/Model Number
(Laptop) Dell Inc./PP23LA
OS
MS Windows 7 Home Premium 32-bit SP1
CPU
AMD Turion 64 X2 Mobile TL-50
Motherboard
Dell Inc. (Socket M2/S1G1)
Memory
1.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Graphics Card(s)
ATI Radeon Xpress Series (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic Pnp Monitor
Screen Resolution
1280x800 pixels
Hard Drives
59GB TOSHIBA TOSHIBA MK6034GSX ATA Device (SATA)
3.85GB Ricoh SD/MMC Disk Device (IDE)
Keyboard
Standard PS/2 Keyboard
Mouse
PS/2 Compatible Mouse
Internet Speed
54 Mbps
Other Info
Optical Drives:
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632D ATA Device

Wifi Adapter:
Broadcom 802.11g Network Adapter

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Sony Vaio VPCEB47GM Laptop
OS
Win 7 Pro 64-bit
CPU
Intel i5 2.4 Ghz
Memory
8GB DDR3
Graphics Card(s)
Intel HD 3000
Sound Card
IDT High Definition
Monitor(s) Displays
15.6 WGXA Anti-Glare LED
Screen Resolution
1280x800
Hard Drives
640Gb 7200rpm
Antivirus
MSE
Browser
Opera (primary) with IE9 backup
You must log in or register to reply here.
Back
Top