Antimalware Dr. / OTL results

View previous topic View next topic Go down

Antimalware Dr. / OTL results

Post by kdixon1029 on 30th November 2010, 11:47 pm

Services Stopped:

Processes terminated by Rkill or while it was running:

C:\useres\kevin\appdata\local\microsoft\windows\temporary internet files\content.ie5\hv15wk3g\rkil

What do I need to do from here? I'm using vista and am currently in safe with networking mode

Thanks


Last edited by kdixon1029 on 1st December 2010, 4:05 pm; edited 1 time in total

kdixon1029
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-11-30
OS OS : vista
Points Points : 22026
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antimalware Dr. / OTL results

Post by Belahzur on 1st December 2010, 12:22 am

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antimalware Dr. / OTL results

Post by kdixon1029 on 1st December 2010, 12:56 am

Will do! I should have mentioned that I was getting so frustrated with this thing that I did a system restore to the day before we became infected. I seem to be able to get on internet now with no problem. I do want to go through this process to ensure that it is indeed gone. I'm running otl now and will post log shortly. Thanks for your help

kdixon1029
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-11-30
OS OS : vista
Points Points : 22026
# Likes # Likes : 0

View user profile

Back to top Go down

Antilmalware doctor virus OTL results

Post by kdixon1029 on 1st December 2010, 1:11 am

OTL Extras logfile created on: 11/30/2010 7:50:40 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 76.55 Gb Free Space | 33.56% Space Free | Partition Type: NTFS
Drive D: | 227.87 Gb Total Space | 227.74 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu -- (Acer Inc.)
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption -- (HiTRUST)
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption -- (HiTRUST)
"C:\Program Files\PPStream\PPStream.exe" = C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPS -- (PPStream Inc.)
"C:\Program Files\PPStream\PPSAP.exe" = C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14DC0332-77FD-4A26-BFA8-2D443078D6D3}" = rport=445 | protocol=6 | dir=out | app=system |
"{278E3415-F7AC-4D15-A747-E5B7CC8769FE}" = lport=138 | protocol=17 | dir=in | app=system |
"{504487E6-066F-4D6F-B8AB-EB9E28A11EB7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{53C2599A-DA94-4AEE-A640-220FBDE5D0DD}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{741C524B-1217-4F66-A753-A1222BE737F6}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{861CF6E4-25B1-45B4-9C87-E9EBD96A4479}" = lport=137 | protocol=17 | dir=in | app=system |
"{8987B722-F5DF-45F7-B86A-E393B0E6F5F4}" = lport=139 | protocol=6 | dir=in | app=system |
"{976D7CB7-A6FF-411D-AE21-7855F35ED5FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{981D5CBE-B82C-45EF-A53E-37C62814F09E}" = rport=137 | protocol=17 | dir=out | app=system |
"{A4056767-098C-4351-A392-944B19BE1A04}" = rport=138 | protocol=17 | dir=out | app=system |
"{AB03A5B8-CB91-44D3-BF41-EB427CBBF380}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{BA8DD051-398F-4EA1-9CB7-14C4F6C41FB6}" = rport=139 | protocol=6 | dir=out | app=system |
"{BD00AE89-2BBA-47BB-9BC7-C67580E3850B}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{D19532A4-88DD-4B36-A152-FDAF6187DE0B}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04DEEACD-A2F9-437D-BB63-D9122AE93C24}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{086AE623-12D8-4988-BE97-EBA6B5CE522C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{096411C3-8E14-4722-B7B1-9593B2D14503}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{1114688A-88A2-4B04-9501-42A521A963A5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{1231D19D-9ECE-44C1-9F64-2AD0C912BD2B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B1479A6-D214-4EA1-860F-D549A1B3D4D9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{23B7CE37-C08E-4C28-B3C7-EE638061A019}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{2AD2E036-2B4E-41AD-98B1-04AD5817C290}" = dir=in | app=c:\program files\acer arcade live\acer tv share\kernel\dmstv\clmsserver.exe |
"{3A4EFBEF-914D-48EE-87D0-05EC9B85187B}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{492EC220-FB41-4472-8B20-E400B5B81034}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |
"{4AD1AD24-0FC2-45A4-841F-B19C7879B007}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{4D6CD277-DFDC-4C9C-91A1-97126EB8677F}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{507E4029-E3DD-4AAF-BC4D-BE9804FED041}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5212A1DD-1106-4AB6-8555-A151275B869D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{560429FD-BAD7-4E9A-857F-AA8C893A477F}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |
"{5622ED7A-B451-4B09-9DC0-0244C10E8514}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{608D9CE6-0F9F-4D75-A647-F23B0FBA5220}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63C2B5ED-23AB-4CB2-AC71-1114E8E91419}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{66217EFC-9DDD-4823-B3BE-F49460E6DFF2}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{68621E47-FAE9-4CC1-894D-C9FBBCD0FC5E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{771559D0-43A4-436C-9414-74EC4280A0E5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{7DDAC852-04CD-4EFE-8DE0-1361BE28FB87}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |
"{8763E0B2-7D1D-4920-8A25-3F009F447435}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1185890706\ee\aolsoftware.exe |
"{87E1143C-E194-48C9-B365-6BA79F775C5E}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{88FFE4D5-E56A-45C7-9534-E36E9286D0F2}" = protocol=6 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{9139437E-A4E7-41F4-BBAC-CA47E166A33E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1201116286\ee\aolsoftware.exe |
"{9C8A4F83-9400-4816-BA61-125CC31F09BB}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{9F9CBC1F-E400-4F24-935F-7C16D89DC624}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{A78B20ED-B53B-4BE0-9D4D-CA38CE2E05C7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A7CC7E44-C2E4-4C20-807B-E8CA61CE1CE6}" = protocol=17 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{A9EF0CBE-C737-4ECA-A8BA-72F6E91C803F}" = dir=in | app=c:\program files\acer arcade live\acer tv share\acer tv share.exe |
"{B6B08373-F2A3-4472-BB22-D018127DDD30}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1185890706\ee\aolsoftware.exe |
"{C6D90866-0F2C-45A1-933F-1838819AE5A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C7E6A68F-5CA8-41B3-BB4E-0E77EF0DEC56}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C887DAB5-F1DB-46BA-A637-DE21BE28C442}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{C88B6C6A-9590-42C9-91BD-41274D4993B4}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{D174244A-0FBB-4C36-8948-020059CF029E}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{D17BF832-A08F-43EE-BC7A-B1F26A5E11E5}" = protocol=6 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{DBC42742-B485-41E2-879C-652F423F0AFB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DE7885F1-A681-4899-8E8D-8C6A02C05CE8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DEBC54AE-AB73-47FC-8EBD-63A071FE896E}" = protocol=17 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{E961B6C9-22AB-4992-BB2F-651E1D958C57}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{ED9E9E19-C630-464A-87A6-C20269418FC1}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{EDAAE56F-245E-4774-B9C6-63BC3044E4D0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1201116286\ee\aolsoftware.exe |
"{F7E8863D-276D-4AA1-BECA-660034D86377}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"TCP Query User{0B01094B-19E2-4EAF-8474-92533303EF7C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DFE48A27-4A85-4165-87EF-E776DAEE959E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07760C24-3C41-4C64-9A1D-1CF8D281060A}" = PG583_install_V6_1_32_36_vista
"{0C297A75-3111-4B3F-9264-84D61FF79F0D}" = Acer TV Share
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{10C69612-017B-45F5-B986-7D113D5A2EA3}" = MSN Toolbar
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A52E1D3-7C17-4EE9-9137-D4B1B3060653}" = Samsung Camcorder USB-D03 Capture Driver
"{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Webroot AntiVirus with Spy Sweeper
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23C12370-3A82-4558-B727-F345B473AD87}" = BlackBerry Device Software Updater
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 18
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 4.1
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{57E0EA5F-D0A3-4036-A69B-269A469EC5B4}" = DVC5.0 Driver
"{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}" = Everio MediaBrowser
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B46E650-FD41-1E45-1910-E80B6555E2F2}" = Disney Preschool Time Online
"{7E15C4B8-85FC-4539-94F2-8280C0B213A3}" = LeapFrog Tag Plugin
"{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}" = LeapFrog Connect
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = MCF Ravenhearst
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask.com Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload Software
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.2
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D9DE9E03-71CA-423B-B101-57F13A751003}" = LeapFrog Tag Junior Plugin
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"A Fairy Tale" = A Fairy Tale (remove only)
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"AOL Mail Toolbar" = AOL Mail Toolbar
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.disney.PreschoolTime.C3D799F617C71FE59472AB0AFE68D1523BD9688E.1" = Disney Preschool Time Online
"Concord Telephony Translation" = Concord Telephony Translation
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"CTIAPI32" = CTIAPI32 (remove only)
"CtiLogC" = CtiLogC (remove only)
"DB77CFA42983BD7D1CD0FB829CC6F71BEA49C472" = Windows Driver Package - YUAN High-Tech Development Co. Ltd. (OmniTV) Media (08/19/2007 6.1.32.36)
"ExpressBurn" = Express Burn
"Exterminate It!" = Exterminate It!
"Free_TV_Bar Toolbar" = Free_TV_Bar Toolbar
"FreeImagesViewer" = Free Images Viewer 0.1
"Google Chrome" = Google Chrome
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"lvdrivers_11.80" = Logitech QuickCam Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Money2006b" = Microsoft Money 2006
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"RealPlayer 6.0" = RealPlayer
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"TagJuniorPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"UPCShell" = LeapFrog Connect
"Veetle TV" = Veetle TV 0.9.18
"ViewpointMediaPlayer" = Viewpoint Media Player
"vShare" = vShare Plugin
"WavePad" = WavePad Sound Editor

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"GoToMeeting" = GoToMeeting/GoToWebinar 3.0.0.198
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

kdixon1029
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-11-30
OS OS : vista
Points Points : 22026
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antimalware Dr. / OTL results

Post by kdixon1029 on 1st December 2010, 1:16 am

OTL Extras logfile created on: 11/30/2010 7:50:40 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 76.55 Gb Free Space | 33.56% Space Free | Partition Type: NTFS
Drive D: | 227.87 Gb Total Space | 227.74 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu -- (Acer Inc.)
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption -- (HiTRUST)
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption -- (HiTRUST)
"C:\Program Files\PPStream\PPStream.exe" = C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPS -- (PPStream Inc.)
"C:\Program Files\PPStream\PPSAP.exe" = C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14DC0332-77FD-4A26-BFA8-2D443078D6D3}" = rport=445 | protocol=6 | dir=out | app=system |
"{278E3415-F7AC-4D15-A747-E5B7CC8769FE}" = lport=138 | protocol=17 | dir=in | app=system |
"{504487E6-066F-4D6F-B8AB-EB9E28A11EB7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{53C2599A-DA94-4AEE-A640-220FBDE5D0DD}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{741C524B-1217-4F66-A753-A1222BE737F6}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{861CF6E4-25B1-45B4-9C87-E9EBD96A4479}" = lport=137 | protocol=17 | dir=in | app=system |
"{8987B722-F5DF-45F7-B86A-E393B0E6F5F4}" = lport=139 | protocol=6 | dir=in | app=system |
"{976D7CB7-A6FF-411D-AE21-7855F35ED5FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{981D5CBE-B82C-45EF-A53E-37C62814F09E}" = rport=137 | protocol=17 | dir=out | app=system |
"{A4056767-098C-4351-A392-944B19BE1A04}" = rport=138 | protocol=17 | dir=out | app=system |
"{AB03A5B8-CB91-44D3-BF41-EB427CBBF380}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{BA8DD051-398F-4EA1-9CB7-14C4F6C41FB6}" = rport=139 | protocol=6 | dir=out | app=system |
"{BD00AE89-2BBA-47BB-9BC7-C67580E3850B}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{D19532A4-88DD-4B36-A152-FDAF6187DE0B}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04DEEACD-A2F9-437D-BB63-D9122AE93C24}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{086AE623-12D8-4988-BE97-EBA6B5CE522C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{096411C3-8E14-4722-B7B1-9593B2D14503}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{1114688A-88A2-4B04-9501-42A521A963A5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{1231D19D-9ECE-44C1-9F64-2AD0C912BD2B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B1479A6-D214-4EA1-860F-D549A1B3D4D9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{23B7CE37-C08E-4C28-B3C7-EE638061A019}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{2AD2E036-2B4E-41AD-98B1-04AD5817C290}" = dir=in | app=c:\program files\acer arcade live\acer tv share\kernel\dmstv\clmsserver.exe |
"{3A4EFBEF-914D-48EE-87D0-05EC9B85187B}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{492EC220-FB41-4472-8B20-E400B5B81034}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |
"{4AD1AD24-0FC2-45A4-841F-B19C7879B007}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{4D6CD277-DFDC-4C9C-91A1-97126EB8677F}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{507E4029-E3DD-4AAF-BC4D-BE9804FED041}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5212A1DD-1106-4AB6-8555-A151275B869D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{560429FD-BAD7-4E9A-857F-AA8C893A477F}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |
"{5622ED7A-B451-4B09-9DC0-0244C10E8514}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{608D9CE6-0F9F-4D75-A647-F23B0FBA5220}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63C2B5ED-23AB-4CB2-AC71-1114E8E91419}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{66217EFC-9DDD-4823-B3BE-F49460E6DFF2}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{68621E47-FAE9-4CC1-894D-C9FBBCD0FC5E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{771559D0-43A4-436C-9414-74EC4280A0E5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{7DDAC852-04CD-4EFE-8DE0-1361BE28FB87}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |
"{8763E0B2-7D1D-4920-8A25-3F009F447435}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1185890706\ee\aolsoftware.exe |
"{87E1143C-E194-48C9-B365-6BA79F775C5E}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{88FFE4D5-E56A-45C7-9534-E36E9286D0F2}" = protocol=6 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{9139437E-A4E7-41F4-BBAC-CA47E166A33E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1201116286\ee\aolsoftware.exe |
"{9C8A4F83-9400-4816-BA61-125CC31F09BB}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{9F9CBC1F-E400-4F24-935F-7C16D89DC624}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{A78B20ED-B53B-4BE0-9D4D-CA38CE2E05C7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A7CC7E44-C2E4-4C20-807B-E8CA61CE1CE6}" = protocol=17 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{A9EF0CBE-C737-4ECA-A8BA-72F6E91C803F}" = dir=in | app=c:\program files\acer arcade live\acer tv share\acer tv share.exe |
"{B6B08373-F2A3-4472-BB22-D018127DDD30}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1185890706\ee\aolsoftware.exe |
"{C6D90866-0F2C-45A1-933F-1838819AE5A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C7E6A68F-5CA8-41B3-BB4E-0E77EF0DEC56}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C887DAB5-F1DB-46BA-A637-DE21BE28C442}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{C88B6C6A-9590-42C9-91BD-41274D4993B4}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{D174244A-0FBB-4C36-8948-020059CF029E}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{D17BF832-A08F-43EE-BC7A-B1F26A5E11E5}" = protocol=6 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{DBC42742-B485-41E2-879C-652F423F0AFB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DE7885F1-A681-4899-8E8D-8C6A02C05CE8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DEBC54AE-AB73-47FC-8EBD-63A071FE896E}" = protocol=17 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{E961B6C9-22AB-4992-BB2F-651E1D958C57}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{ED9E9E19-C630-464A-87A6-C20269418FC1}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{EDAAE56F-245E-4774-B9C6-63BC3044E4D0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1201116286\ee\aolsoftware.exe |
"{F7E8863D-276D-4AA1-BECA-660034D86377}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"TCP Query User{0B01094B-19E2-4EAF-8474-92533303EF7C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DFE48A27-4A85-4165-87EF-E776DAEE959E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07760C24-3C41-4C64-9A1D-1CF8D281060A}" = PG583_install_V6_1_32_36_vista
"{0C297A75-3111-4B3F-9264-84D61FF79F0D}" = Acer TV Share
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{10C69612-017B-45F5-B986-7D113D5A2EA3}" = MSN Toolbar
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A52E1D3-7C17-4EE9-9137-D4B1B3060653}" = Samsung Camcorder USB-D03 Capture Driver
"{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Webroot AntiVirus with Spy Sweeper
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23C12370-3A82-4558-B727-F345B473AD87}" = BlackBerry Device Software Updater
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 18
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 4.1
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{57E0EA5F-D0A3-4036-A69B-269A469EC5B4}" = DVC5.0 Driver
"{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}" = Everio MediaBrowser
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B46E650-FD41-1E45-1910-E80B6555E2F2}" = Disney Preschool Time Online
"{7E15C4B8-85FC-4539-94F2-8280C0B213A3}" = LeapFrog Tag Plugin
"{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}" = LeapFrog Connect
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = MCF Ravenhearst
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask.com Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload Software
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.2
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D9DE9E03-71CA-423B-B101-57F13A751003}" = LeapFrog Tag Junior Plugin
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"A Fairy Tale" = A Fairy Tale (remove only)
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"AOL Mail Toolbar" = AOL Mail Toolbar
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.disney.PreschoolTime.C3D799F617C71FE59472AB0AFE68D1523BD9688E.1" = Disney Preschool Time Online
"Concord Telephony Translation" = Concord Telephony Translation
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"CTIAPI32" = CTIAPI32 (remove only)
"CtiLogC" = CtiLogC (remove only)
"DB77CFA42983BD7D1CD0FB829CC6F71BEA49C472" = Windows Driver Package - YUAN High-Tech Development Co. Ltd. (OmniTV) Media (08/19/2007 6.1.32.36)
"ExpressBurn" = Express Burn
"Exterminate It!" = Exterminate It!
"Free_TV_Bar Toolbar" = Free_TV_Bar Toolbar
"FreeImagesViewer" = Free Images Viewer 0.1
"Google Chrome" = Google Chrome
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"lvdrivers_11.80" = Logitech QuickCam Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Money2006b" = Microsoft Money 2006
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"RealPlayer 6.0" = RealPlayer
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"TagJuniorPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"UPCShell" = LeapFrog Connect
"Veetle TV" = Veetle TV 0.9.18
"ViewpointMediaPlayer" = Viewpoint Media Player
"vShare" = vShare Plugin
"WavePad" = WavePad Sound Editor

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"GoToMeeting" = GoToMeeting/GoToWebinar 3.0.0.198
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

kdixon1029
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-11-30
OS OS : vista
Points Points : 22026
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antimalware Dr. / OTL results

Post by Belahzur on 2nd December 2010, 12:46 am

Hello.
Please post OTL.txt as you only posted Extras.txt


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum