Antimalware Dr. / OTL results

View previous topic View next topic Go down

Antimalware Dr. / OTL results

Post by kdixon1029 on Wed 01 Dec 2010, 10:47 am

Services Stopped:

Processes terminated by Rkill or while it was running:

C:\useres\kevin\appdata\local\microsoft\windows\temporary internet files\content.ie5\hv15wk3g\rkil

What do I need to do from here? I'm using vista and am currently in safe with networking mode

Thanks


Last edited by kdixon1029 on Thu 02 Dec 2010, 3:05 am; edited 1 time in total

kdixon1029

Unborn
Unborn

Posts : 4
Joined : 2010-12-01
Operating System : vista

View user profile

Back to top Go down

Re: Antimalware Dr. / OTL results

Post by Belahzur on Wed 01 Dec 2010, 11:22 am

Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Antimalware Dr. / OTL results

Post by kdixon1029 on Wed 01 Dec 2010, 11:56 am

Will do! I should have mentioned that I was getting so frustrated with this thing that I did a system restore to the day before we became infected. I seem to be able to get on internet now with no problem. I do want to go through this process to ensure that it is indeed gone. I'm running otl now and will post log shortly. Thanks for your help

kdixon1029

Unborn
Unborn

Posts : 4
Joined : 2010-12-01
Operating System : vista

View user profile

Back to top Go down

Antilmalware doctor virus OTL results

Post by kdixon1029 on Wed 01 Dec 2010, 12:11 pm

OTL Extras logfile created on: 11/30/2010 7:50:40 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 76.55 Gb Free Space | 33.56% Space Free | Partition Type: NTFS
Drive D: | 227.87 Gb Total Space | 227.74 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu -- (Acer Inc.)
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption -- (HiTRUST)
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption -- (HiTRUST)
"C:\Program Files\PPStream\PPStream.exe" = C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPS -- (PPStream Inc.)
"C:\Program Files\PPStream\PPSAP.exe" = C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14DC0332-77FD-4A26-BFA8-2D443078D6D3}" = rport=445 | protocol=6 | dir=out | app=system |
"{278E3415-F7AC-4D15-A747-E5B7CC8769FE}" = lport=138 | protocol=17 | dir=in | app=system |
"{504487E6-066F-4D6F-B8AB-EB9E28A11EB7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{53C2599A-DA94-4AEE-A640-220FBDE5D0DD}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{741C524B-1217-4F66-A753-A1222BE737F6}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{861CF6E4-25B1-45B4-9C87-E9EBD96A4479}" = lport=137 | protocol=17 | dir=in | app=system |
"{8987B722-F5DF-45F7-B86A-E393B0E6F5F4}" = lport=139 | protocol=6 | dir=in | app=system |
"{976D7CB7-A6FF-411D-AE21-7855F35ED5FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{981D5CBE-B82C-45EF-A53E-37C62814F09E}" = rport=137 | protocol=17 | dir=out | app=system |
"{A4056767-098C-4351-A392-944B19BE1A04}" = rport=138 | protocol=17 | dir=out | app=system |
"{AB03A5B8-CB91-44D3-BF41-EB427CBBF380}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{BA8DD051-398F-4EA1-9CB7-14C4F6C41FB6}" = rport=139 | protocol=6 | dir=out | app=system |
"{BD00AE89-2BBA-47BB-9BC7-C67580E3850B}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{D19532A4-88DD-4B36-A152-FDAF6187DE0B}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04DEEACD-A2F9-437D-BB63-D9122AE93C24}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{086AE623-12D8-4988-BE97-EBA6B5CE522C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{096411C3-8E14-4722-B7B1-9593B2D14503}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{1114688A-88A2-4B04-9501-42A521A963A5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{1231D19D-9ECE-44C1-9F64-2AD0C912BD2B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B1479A6-D214-4EA1-860F-D549A1B3D4D9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{23B7CE37-C08E-4C28-B3C7-EE638061A019}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{2AD2E036-2B4E-41AD-98B1-04AD5817C290}" = dir=in | app=c:\program files\acer arcade live\acer tv share\kernel\dmstv\clmsserver.exe |
"{3A4EFBEF-914D-48EE-87D0-05EC9B85187B}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{492EC220-FB41-4472-8B20-E400B5B81034}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |
"{4AD1AD24-0FC2-45A4-841F-B19C7879B007}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{4D6CD277-DFDC-4C9C-91A1-97126EB8677F}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{507E4029-E3DD-4AAF-BC4D-BE9804FED041}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5212A1DD-1106-4AB6-8555-A151275B869D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{560429FD-BAD7-4E9A-857F-AA8C893A477F}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |
"{5622ED7A-B451-4B09-9DC0-0244C10E8514}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{608D9CE6-0F9F-4D75-A647-F23B0FBA5220}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63C2B5ED-23AB-4CB2-AC71-1114E8E91419}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{66217EFC-9DDD-4823-B3BE-F49460E6DFF2}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{68621E47-FAE9-4CC1-894D-C9FBBCD0FC5E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{771559D0-43A4-436C-9414-74EC4280A0E5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{7DDAC852-04CD-4EFE-8DE0-1361BE28FB87}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |
"{8763E0B2-7D1D-4920-8A25-3F009F447435}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1185890706\ee\aolsoftware.exe |
"{87E1143C-E194-48C9-B365-6BA79F775C5E}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{88FFE4D5-E56A-45C7-9534-E36E9286D0F2}" = protocol=6 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{9139437E-A4E7-41F4-BBAC-CA47E166A33E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1201116286\ee\aolsoftware.exe |
"{9C8A4F83-9400-4816-BA61-125CC31F09BB}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{9F9CBC1F-E400-4F24-935F-7C16D89DC624}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{A78B20ED-B53B-4BE0-9D4D-CA38CE2E05C7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A7CC7E44-C2E4-4C20-807B-E8CA61CE1CE6}" = protocol=17 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{A9EF0CBE-C737-4ECA-A8BA-72F6E91C803F}" = dir=in | app=c:\program files\acer arcade live\acer tv share\acer tv share.exe |
"{B6B08373-F2A3-4472-BB22-D018127DDD30}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1185890706\ee\aolsoftware.exe |
"{C6D90866-0F2C-45A1-933F-1838819AE5A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C7E6A68F-5CA8-41B3-BB4E-0E77EF0DEC56}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C887DAB5-F1DB-46BA-A637-DE21BE28C442}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{C88B6C6A-9590-42C9-91BD-41274D4993B4}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{D174244A-0FBB-4C36-8948-020059CF029E}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{D17BF832-A08F-43EE-BC7A-B1F26A5E11E5}" = protocol=6 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{DBC42742-B485-41E2-879C-652F423F0AFB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DE7885F1-A681-4899-8E8D-8C6A02C05CE8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DEBC54AE-AB73-47FC-8EBD-63A071FE896E}" = protocol=17 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{E961B6C9-22AB-4992-BB2F-651E1D958C57}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{ED9E9E19-C630-464A-87A6-C20269418FC1}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{EDAAE56F-245E-4774-B9C6-63BC3044E4D0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1201116286\ee\aolsoftware.exe |
"{F7E8863D-276D-4AA1-BECA-660034D86377}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"TCP Query User{0B01094B-19E2-4EAF-8474-92533303EF7C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DFE48A27-4A85-4165-87EF-E776DAEE959E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07760C24-3C41-4C64-9A1D-1CF8D281060A}" = PG583_install_V6_1_32_36_vista
"{0C297A75-3111-4B3F-9264-84D61FF79F0D}" = Acer TV Share
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{10C69612-017B-45F5-B986-7D113D5A2EA3}" = MSN Toolbar
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A52E1D3-7C17-4EE9-9137-D4B1B3060653}" = Samsung Camcorder USB-D03 Capture Driver
"{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Webroot AntiVirus with Spy Sweeper
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23C12370-3A82-4558-B727-F345B473AD87}" = BlackBerry Device Software Updater
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 18
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 4.1
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{57E0EA5F-D0A3-4036-A69B-269A469EC5B4}" = DVC5.0 Driver
"{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}" = Everio MediaBrowser
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B46E650-FD41-1E45-1910-E80B6555E2F2}" = Disney Preschool Time Online
"{7E15C4B8-85FC-4539-94F2-8280C0B213A3}" = LeapFrog Tag Plugin
"{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}" = LeapFrog Connect
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = MCF Ravenhearst
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask.com Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload Software
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.2
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D9DE9E03-71CA-423B-B101-57F13A751003}" = LeapFrog Tag Junior Plugin
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"A Fairy Tale" = A Fairy Tale (remove only)
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"AOL Mail Toolbar" = AOL Mail Toolbar
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.disney.PreschoolTime.C3D799F617C71FE59472AB0AFE68D1523BD9688E.1" = Disney Preschool Time Online
"Concord Telephony Translation" = Concord Telephony Translation
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"CTIAPI32" = CTIAPI32 (remove only)
"CtiLogC" = CtiLogC (remove only)
"DB77CFA42983BD7D1CD0FB829CC6F71BEA49C472" = Windows Driver Package - YUAN High-Tech Development Co. Ltd. (OmniTV) Media (08/19/2007 6.1.32.36)
"ExpressBurn" = Express Burn
"Exterminate It!" = Exterminate It!
"Free_TV_Bar Toolbar" = Free_TV_Bar Toolbar
"FreeImagesViewer" = Free Images Viewer 0.1
"Google Chrome" = Google Chrome
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"lvdrivers_11.80" = Logitech QuickCam Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Money2006b" = Microsoft Money 2006
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"RealPlayer 6.0" = RealPlayer
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"TagJuniorPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"UPCShell" = LeapFrog Connect
"Veetle TV" = Veetle TV 0.9.18
"ViewpointMediaPlayer" = Viewpoint Media Player
"vShare" = vShare Plugin
"WavePad" = WavePad Sound Editor

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"GoToMeeting" = GoToMeeting/GoToWebinar 3.0.0.198
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

kdixon1029

Unborn
Unborn

Posts : 4
Joined : 2010-12-01
Operating System : vista

View user profile

Back to top Go down

Re: Antimalware Dr. / OTL results

Post by kdixon1029 on Wed 01 Dec 2010, 12:16 pm

OTL Extras logfile created on: 11/30/2010 7:50:40 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 76.55 Gb Free Space | 33.56% Space Free | Partition Type: NTFS
Drive D: | 227.87 Gb Total Space | 227.74 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu -- (Acer Inc.)
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption -- (HiTRUST)
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption -- (HiTRUST)
"C:\Program Files\PPStream\PPStream.exe" = C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPS -- (PPStream Inc.)
"C:\Program Files\PPStream\PPSAP.exe" = C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14DC0332-77FD-4A26-BFA8-2D443078D6D3}" = rport=445 | protocol=6 | dir=out | app=system |
"{278E3415-F7AC-4D15-A747-E5B7CC8769FE}" = lport=138 | protocol=17 | dir=in | app=system |
"{504487E6-066F-4D6F-B8AB-EB9E28A11EB7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{53C2599A-DA94-4AEE-A640-220FBDE5D0DD}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{741C524B-1217-4F66-A753-A1222BE737F6}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{861CF6E4-25B1-45B4-9C87-E9EBD96A4479}" = lport=137 | protocol=17 | dir=in | app=system |
"{8987B722-F5DF-45F7-B86A-E393B0E6F5F4}" = lport=139 | protocol=6 | dir=in | app=system |
"{976D7CB7-A6FF-411D-AE21-7855F35ED5FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{981D5CBE-B82C-45EF-A53E-37C62814F09E}" = rport=137 | protocol=17 | dir=out | app=system |
"{A4056767-098C-4351-A392-944B19BE1A04}" = rport=138 | protocol=17 | dir=out | app=system |
"{AB03A5B8-CB91-44D3-BF41-EB427CBBF380}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{BA8DD051-398F-4EA1-9CB7-14C4F6C41FB6}" = rport=139 | protocol=6 | dir=out | app=system |
"{BD00AE89-2BBA-47BB-9BC7-C67580E3850B}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{D19532A4-88DD-4B36-A152-FDAF6187DE0B}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04DEEACD-A2F9-437D-BB63-D9122AE93C24}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{086AE623-12D8-4988-BE97-EBA6B5CE522C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{096411C3-8E14-4722-B7B1-9593B2D14503}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{1114688A-88A2-4B04-9501-42A521A963A5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{1231D19D-9ECE-44C1-9F64-2AD0C912BD2B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B1479A6-D214-4EA1-860F-D549A1B3D4D9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{23B7CE37-C08E-4C28-B3C7-EE638061A019}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{2AD2E036-2B4E-41AD-98B1-04AD5817C290}" = dir=in | app=c:\program files\acer arcade live\acer tv share\kernel\dmstv\clmsserver.exe |
"{3A4EFBEF-914D-48EE-87D0-05EC9B85187B}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{492EC220-FB41-4472-8B20-E400B5B81034}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |
"{4AD1AD24-0FC2-45A4-841F-B19C7879B007}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{4D6CD277-DFDC-4C9C-91A1-97126EB8677F}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{507E4029-E3DD-4AAF-BC4D-BE9804FED041}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5212A1DD-1106-4AB6-8555-A151275B869D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{560429FD-BAD7-4E9A-857F-AA8C893A477F}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |
"{5622ED7A-B451-4B09-9DC0-0244C10E8514}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{608D9CE6-0F9F-4D75-A647-F23B0FBA5220}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63C2B5ED-23AB-4CB2-AC71-1114E8E91419}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{66217EFC-9DDD-4823-B3BE-F49460E6DFF2}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{68621E47-FAE9-4CC1-894D-C9FBBCD0FC5E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{771559D0-43A4-436C-9414-74EC4280A0E5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{7DDAC852-04CD-4EFE-8DE0-1361BE28FB87}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |
"{8763E0B2-7D1D-4920-8A25-3F009F447435}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1185890706\ee\aolsoftware.exe |
"{87E1143C-E194-48C9-B365-6BA79F775C5E}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{88FFE4D5-E56A-45C7-9534-E36E9286D0F2}" = protocol=6 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{9139437E-A4E7-41F4-BBAC-CA47E166A33E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1201116286\ee\aolsoftware.exe |
"{9C8A4F83-9400-4816-BA61-125CC31F09BB}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{9F9CBC1F-E400-4F24-935F-7C16D89DC624}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{A78B20ED-B53B-4BE0-9D4D-CA38CE2E05C7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A7CC7E44-C2E4-4C20-807B-E8CA61CE1CE6}" = protocol=17 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{A9EF0CBE-C737-4ECA-A8BA-72F6E91C803F}" = dir=in | app=c:\program files\acer arcade live\acer tv share\acer tv share.exe |
"{B6B08373-F2A3-4472-BB22-D018127DDD30}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1185890706\ee\aolsoftware.exe |
"{C6D90866-0F2C-45A1-933F-1838819AE5A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C7E6A68F-5CA8-41B3-BB4E-0E77EF0DEC56}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C887DAB5-F1DB-46BA-A637-DE21BE28C442}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{C88B6C6A-9590-42C9-91BD-41274D4993B4}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{D174244A-0FBB-4C36-8948-020059CF029E}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{D17BF832-A08F-43EE-BC7A-B1F26A5E11E5}" = protocol=6 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{DBC42742-B485-41E2-879C-652F423F0AFB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DE7885F1-A681-4899-8E8D-8C6A02C05CE8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DEBC54AE-AB73-47FC-8EBD-63A071FE896E}" = protocol=17 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{E961B6C9-22AB-4992-BB2F-651E1D958C57}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{ED9E9E19-C630-464A-87A6-C20269418FC1}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{EDAAE56F-245E-4774-B9C6-63BC3044E4D0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1201116286\ee\aolsoftware.exe |
"{F7E8863D-276D-4AA1-BECA-660034D86377}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"TCP Query User{0B01094B-19E2-4EAF-8474-92533303EF7C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DFE48A27-4A85-4165-87EF-E776DAEE959E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07760C24-3C41-4C64-9A1D-1CF8D281060A}" = PG583_install_V6_1_32_36_vista
"{0C297A75-3111-4B3F-9264-84D61FF79F0D}" = Acer TV Share
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{10C69612-017B-45F5-B986-7D113D5A2EA3}" = MSN Toolbar
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A52E1D3-7C17-4EE9-9137-D4B1B3060653}" = Samsung Camcorder USB-D03 Capture Driver
"{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Webroot AntiVirus with Spy Sweeper
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23C12370-3A82-4558-B727-F345B473AD87}" = BlackBerry Device Software Updater
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 18
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 4.1
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{57E0EA5F-D0A3-4036-A69B-269A469EC5B4}" = DVC5.0 Driver
"{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}" = Everio MediaBrowser
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B46E650-FD41-1E45-1910-E80B6555E2F2}" = Disney Preschool Time Online
"{7E15C4B8-85FC-4539-94F2-8280C0B213A3}" = LeapFrog Tag Plugin
"{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}" = LeapFrog Connect
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = MCF Ravenhearst
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask.com Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload Software
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.2
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D9DE9E03-71CA-423B-B101-57F13A751003}" = LeapFrog Tag Junior Plugin
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"A Fairy Tale" = A Fairy Tale (remove only)
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"AOL Mail Toolbar" = AOL Mail Toolbar
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.disney.PreschoolTime.C3D799F617C71FE59472AB0AFE68D1523BD9688E.1" = Disney Preschool Time Online
"Concord Telephony Translation" = Concord Telephony Translation
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"CTIAPI32" = CTIAPI32 (remove only)
"CtiLogC" = CtiLogC (remove only)
"DB77CFA42983BD7D1CD0FB829CC6F71BEA49C472" = Windows Driver Package - YUAN High-Tech Development Co. Ltd. (OmniTV) Media (08/19/2007 6.1.32.36)
"ExpressBurn" = Express Burn
"Exterminate It!" = Exterminate It!
"Free_TV_Bar Toolbar" = Free_TV_Bar Toolbar
"FreeImagesViewer" = Free Images Viewer 0.1
"Google Chrome" = Google Chrome
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"lvdrivers_11.80" = Logitech QuickCam Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Money2006b" = Microsoft Money 2006
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"RealPlayer 6.0" = RealPlayer
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"TagJuniorPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"UPCShell" = LeapFrog Connect
"Veetle TV" = Veetle TV 0.9.18
"ViewpointMediaPlayer" = Viewpoint Media Player
"vShare" = vShare Plugin
"WavePad" = WavePad Sound Editor

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"GoToMeeting" = GoToMeeting/GoToWebinar 3.0.0.198
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

kdixon1029

Unborn
Unborn

Posts : 4
Joined : 2010-12-01
Operating System : vista

View user profile

Back to top Go down

Re: Antimalware Dr. / OTL results

Post by Belahzur on Thu 02 Dec 2010, 11:46 am

Hello.
Please post OTL.txt as you only posted Extras.txt


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Antimalware Dr. / OTL results

Post by Sponsored content Today at 2:50 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum