vbs generic

View previous topic View next topic Go down

vbs generic

Post by viruswalla1 on 7th March 2011, 1:18 pm

i got this virus on my dell laptop. vbs/generic virus , any idea how to get rid of this one

viruswalla1
Beginner
Beginner

Posts Posts : 3
Joined Joined : 2011-03-07
OS OS : vista
Points Points : 21063
# Likes # Likes : 0

View user profile

Back to top Go down

Re: vbs generic

Post by Gabethebabe on 7th March 2011, 6:46 pm

Hi there viruswalla1 and welcome to GeekPolice!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
  • Whilst Im helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. Im here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end! If your computer starts running better, doesnt mean it is clean yet!


====================

Please download OTL by OldTimer from [You must be registered and logged in to see this link.] and save it to your Desktop.
  • Close all windows and double click OTL.exe.
  • Copy and paste the following text into the Custom Scans/Fixes box:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
/md5start
atapi.sys
explorer.exe
iastor.sys
userinit.exe
winlogon.exe
/md5stop
  • Click the Run Scan button and allow it to run.
  • It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  • You may need to use two posts to get it all.


Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38238
# Likes # Likes : 0

View user profile

Back to top Go down

Re: vbs generic

Post by viruswalla1 on 8th March 2011, 6:38 pm

OTL Extras logfile created on: 08/03/2011 17:40:09 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\admin\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 24.00% Memory free
4.00 Gb Paging File | 1.00 Gb Available in Paging File | 23.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.28 Gb Total Space | 150.25 Gb Free Space | 68.21% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 1.72 Gb Free Space | 17.25% Space Free | Partition Type: NTFS
Drive F: | 488.60 Mb Total Space | 64.95 Mb Free Space | 13.29% Space Free | Partition Type: FAT

Computer Name: SHAHNAZ-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C15C2B-076D-4153-8903-9BFDA0F16BFB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{08FE2ABD-B63D-4E20-B825-2A1CEB45142C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0B844298-02E7-4CC3-8348-E1705AE1324F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D16A444-7527-46C0-8A3F-7B938684B1A7}" = lport=137 | protocol=17 | dir=in | app=system |
"{0EC45684-360B-4EEF-85D9-405DA9186E99}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1132A4B4-E818-4D58-8262-190C461DE66F}" = lport=138 | protocol=17 | dir=in | app=system |
"{1EE1E07C-FAE0-4F80-9217-64F0C6EAE514}" = rport=137 | protocol=17 | dir=out | app=system |
"{360CD0A3-B1E1-40A4-868F-922CAF1F7B10}" = rport=138 | protocol=17 | dir=out | app=system |
"{5F623835-6599-4573-92BD-2BA49B71796B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{69EB42B2-DDE4-4D0E-8A0F-AB3C5C1E625F}" = rport=445 | protocol=6 | dir=out | app=system |
"{79720DA7-C4AC-4242-830F-1F64ACFC85C0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{901C60E9-F19E-4887-B579-6176F1B4C94B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{94C80BD5-0768-4614-9EA0-D07542F726D2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9F8C3D8F-C49D-4B0E-A121-69CFBFB2A302}" = lport=139 | protocol=6 | dir=in | app=system |
"{B0779A17-0E96-4C78-BCEC-363FA7E9E65D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B534ACFC-2085-4B7E-88D8-E3D82046ED00}" = lport=445 | protocol=6 | dir=in | app=system |
"{BEDB06CD-AB7C-4641-9A15-D5783FD125E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C9EDC252-6319-456B-BF5A-A1EBBF7FFE8F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CDB69814-FAF9-4D76-90BA-D4FA715060E1}" = rport=139 | protocol=6 | dir=out | app=system |
"{EA3D1755-5923-4E2F-B18D-15123BD09D21}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B531C69-F6EA-4078-ABEB-A74887D17766}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{16C73E70-26CF-4081-BB2B-3FFC2FE64E3A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{198065DE-CABA-4F27-AF2F-0DC8C6FB54B7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1FDFAAE6-0D21-46DC-8265-FF622EA606E0}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{28AD278F-8748-4F67-BBB3-08E2EEFC1A2D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{36B1A037-A2B0-48DB-95D9-C81237C4152C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{36D586F1-90D7-4E78-A2D0-AEC207D4E1D1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3DCB6911-22BB-4DD8-9E40-FBB1D8BF5B15}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4D710A2F-3270-4B59-951A-E05FD457ED60}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{6219B3ED-7F84-4D2A-AE80-08DBE7FB5F31}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{62E1804D-E468-4209-9BE8-47BDE80058A2}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{65163E50-4F4E-4ACC-ADDE-C060B36DCDBE}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{810879DA-915E-4A49-861C-6586D5A8AD18}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{887DCE36-A6EA-4BF9-AC64-2D9B3EBBE76D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8B415825-07F9-4268-A6A6-911A1EDB093B}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{8C4AFDB1-C863-4FAA-AE56-DD041B7D03EF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8DAAF861-65F9-4501-A10E-E375CF14AB6D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{935F99E2-9F7D-426C-90A2-405D8AA4E6E4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A4D2195A-29D6-4D21-B54E-874BF88C83C1}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{B12ED16E-CA6D-4CAC-8D8A-58C1317C536A}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{BA611746-4F68-4E74-86BC-740252FD469E}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{BCB02F8C-63AD-4129-A3B0-2A0060FB61A7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C0929982-6CC9-4EF2-83F6-D393B77B4086}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D51C2AD5-7C9C-44BF-B040-A01A070A91C8}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{D6881CF2-5D3F-4E77-A19F-06ABA8047041}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{DF60AEE9-E9E7-47FD-8B04-0AA6D8D26C68}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{E12AD081-D347-4A96-B439-499FF96F60FC}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{E6AF2B1A-B160-40D2-AB93-C2EA565DC246}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E9427D6F-2691-4CF5-8469-216A993BD5DF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EA36F2B9-C56E-4826-B00E-445E2A3A0A6F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{ED62C2A1-8BB1-43BA-B652-6192C83D2C57}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F63684A7-CCBB-4F0F-8D03-283A4B7118F5}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"TCP Query User{2265AE8A-E9DB-4E27-BC9C-4C87DBF5C3E5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{36A3A0BF-8CE8-43CB-BC9A-885FF199247D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A7D18358-8686-450E-BA2C-226095A0FC2A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D15CF4F7-50BF-410C-983B-EEA31E849A51}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{11D3D948-2789-2E3D-03D7-282B537D8C01}" = BBC iPlayer Desktop
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{38024121-D084-4E7D-B1A2-1A04CB5C4CF3}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}" = Tiscali Internet
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B751AEA-D37F-4246-9CF1-D37B429FDFD3}" = AVG 2011
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{6FFB40A5-7F7D-4A32-8905-3CDF962EE1E4}" = Internet From BT
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95FC661A-A0C5-4B18-92CE-90347DA79CC9}" = Smart Menus (Windows Live Toolbar)
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A276502A-8979-44FB-8090-90CF72F22ABC}" = AVG 2011
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ECDA9BD9-A54E-462A-8191-A2B569D9AB34}" = Map Button (Windows Live Toolbar)
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ARO 2011_is1" = ARO 2011
"AVG" = AVG 2011
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"Browser Defender_is1" = Browser Defender 3.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Support Center" = Dell Support Center
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007 Trial
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Spyware Doctor" = Spyware Doctor with AntiVirus 8.0
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 06/03/2011 10:12:22 | Computer Name = shahnaz-pc | Source = PC-Doctor | ID = 1
Description = (3344) Asapi: (14:12:22:5120)(3344) libMatrix.profiler.ProfilerSnapshots
- Error -- 348 getDirectoryContents(C:\ProgramData\PCDr\5744/performance) failed


Error - 06/03/2011 10:12:22 | Computer Name = shahnaz-pc | Source = PC-Doctor | ID = 1
Description = (3344) Asapi: (14:12:22:5130)(3344) libMatrix.profiler.ProfilerSnapshots
- Error -- 446 getDirectoryContents(C:\ProgramData\PCDr\5744/performance) failed


Error - 06/03/2011 10:18:16 | Computer Name = shahnaz-pc | Source = VSS | ID = 8194
Description =

Error - 06/03/2011 10:22:11 | Computer Name = shahnaz-pc | Source = VSS | ID = 8194
Description =

Error - 06/03/2011 10:45:03 | Computer Name = shahnaz-pc | Source = VSS | ID = 8194
Description =

Error - 06/03/2011 10:47:34 | Computer Name = shahnaz-pc | Source = EventSystem | ID = 4621
Description =

Error - 06/03/2011 10:50:38 | Computer Name = shahnaz-pc | Source = WinMgmt | ID = 10
Description =

Error - 06/03/2011 10:55:50 | Computer Name = shahnaz-pc | Source = WinMgmt | ID = 10
Description =

Error - 06/03/2011 11:32:49 | Computer Name = shahnaz-pc | Source = EventSystem | ID = 4621
Description =

Error - 06/03/2011 11:35:46 | Computer Name = shahnaz-pc | Source = WinMgmt | ID = 10
Description =

[ Broadcom Wireless LAN Events ]
Error - 18/01/2011 15:00:40 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 19:00:40, Tue, Jan 18, 11 Error - User "" does not have administrative
privileges on this system

Error - 24/01/2011 16:59:41 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 20:59:37, Mon, Jan 24, 11 Error - Unable to gain access to user store


Error - 09/02/2011 15:45:36 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 19:45:36, Wed, Feb 09, 11 Error - User "" does not have administrative
privileges on this system

Error - 09/02/2011 18:31:56 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 22:31:56, Wed, Feb 09, 11 Error - User "" does not have administrative
privileges on this system

Error - 25/02/2011 19:10:01 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 23:10:01, Fri, Feb 25, 11 Error - User "" does not have administrative
privileges on this system

Error - 05/03/2011 16:25:51 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 20:25:51, Sat, Mar 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 05/03/2011 18:56:19 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 22:56:19, Sat, Mar 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 05/03/2011 18:57:29 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 22:57:29, Sat, Mar 05, 11 Error - Unable to decrypt string

Error - 05/03/2011 19:48:32 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 23:48:32, Sat, Mar 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 06/03/2011 14:48:49 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 18:48:49, Sun, Mar 06, 11 Error - User "" does not have administrative
privileges on this system


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

viruswalla1
Beginner
Beginner

Posts Posts : 3
Joined Joined : 2011-03-07
OS OS : vista
Points Points : 21063
# Likes # Likes : 0

View user profile

Back to top Go down

Re: vbs generic

Post by Gabethebabe on 8th March 2011, 6:47 pm

I will need the OTL.txt as well, please.

Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38238
# Likes # Likes : 0

View user profile

Back to top Go down

Re: vbs generic

Post by viruswalla1 on 10th March 2011, 1:38 pm

OTL Extras logfile created on: 08/03/2011 17:40:09 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\admin\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 24.00% Memory free
4.00 Gb Paging File | 1.00 Gb Available in Paging File | 23.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.28 Gb Total Space | 150.25 Gb Free Space | 68.21% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 1.72 Gb Free Space | 17.25% Space Free | Partition Type: NTFS
Drive F: | 488.60 Mb Total Space | 64.95 Mb Free Space | 13.29% Space Free | Partition Type: FAT

Computer Name: SHAHNAZ-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C15C2B-076D-4153-8903-9BFDA0F16BFB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{08FE2ABD-B63D-4E20-B825-2A1CEB45142C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0B844298-02E7-4CC3-8348-E1705AE1324F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D16A444-7527-46C0-8A3F-7B938684B1A7}" = lport=137 | protocol=17 | dir=in | app=system |
"{0EC45684-360B-4EEF-85D9-405DA9186E99}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1132A4B4-E818-4D58-8262-190C461DE66F}" = lport=138 | protocol=17 | dir=in | app=system |
"{1EE1E07C-FAE0-4F80-9217-64F0C6EAE514}" = rport=137 | protocol=17 | dir=out | app=system |
"{360CD0A3-B1E1-40A4-868F-922CAF1F7B10}" = rport=138 | protocol=17 | dir=out | app=system |
"{5F623835-6599-4573-92BD-2BA49B71796B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{69EB42B2-DDE4-4D0E-8A0F-AB3C5C1E625F}" = rport=445 | protocol=6 | dir=out | app=system |
"{79720DA7-C4AC-4242-830F-1F64ACFC85C0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{901C60E9-F19E-4887-B579-6176F1B4C94B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{94C80BD5-0768-4614-9EA0-D07542F726D2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9F8C3D8F-C49D-4B0E-A121-69CFBFB2A302}" = lport=139 | protocol=6 | dir=in | app=system |
"{B0779A17-0E96-4C78-BCEC-363FA7E9E65D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B534ACFC-2085-4B7E-88D8-E3D82046ED00}" = lport=445 | protocol=6 | dir=in | app=system |
"{BEDB06CD-AB7C-4641-9A15-D5783FD125E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C9EDC252-6319-456B-BF5A-A1EBBF7FFE8F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CDB69814-FAF9-4D76-90BA-D4FA715060E1}" = rport=139 | protocol=6 | dir=out | app=system |
"{EA3D1755-5923-4E2F-B18D-15123BD09D21}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B531C69-F6EA-4078-ABEB-A74887D17766}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{16C73E70-26CF-4081-BB2B-3FFC2FE64E3A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{198065DE-CABA-4F27-AF2F-0DC8C6FB54B7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1FDFAAE6-0D21-46DC-8265-FF622EA606E0}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{28AD278F-8748-4F67-BBB3-08E2EEFC1A2D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{36B1A037-A2B0-48DB-95D9-C81237C4152C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{36D586F1-90D7-4E78-A2D0-AEC207D4E1D1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3DCB6911-22BB-4DD8-9E40-FBB1D8BF5B15}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4D710A2F-3270-4B59-951A-E05FD457ED60}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{6219B3ED-7F84-4D2A-AE80-08DBE7FB5F31}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{62E1804D-E468-4209-9BE8-47BDE80058A2}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{65163E50-4F4E-4ACC-ADDE-C060B36DCDBE}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{810879DA-915E-4A49-861C-6586D5A8AD18}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{887DCE36-A6EA-4BF9-AC64-2D9B3EBBE76D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8B415825-07F9-4268-A6A6-911A1EDB093B}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{8C4AFDB1-C863-4FAA-AE56-DD041B7D03EF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8DAAF861-65F9-4501-A10E-E375CF14AB6D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{935F99E2-9F7D-426C-90A2-405D8AA4E6E4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A4D2195A-29D6-4D21-B54E-874BF88C83C1}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{B12ED16E-CA6D-4CAC-8D8A-58C1317C536A}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{BA611746-4F68-4E74-86BC-740252FD469E}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{BCB02F8C-63AD-4129-A3B0-2A0060FB61A7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C0929982-6CC9-4EF2-83F6-D393B77B4086}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D51C2AD5-7C9C-44BF-B040-A01A070A91C8}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{D6881CF2-5D3F-4E77-A19F-06ABA8047041}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{DF60AEE9-E9E7-47FD-8B04-0AA6D8D26C68}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{E12AD081-D347-4A96-B439-499FF96F60FC}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{E6AF2B1A-B160-40D2-AB93-C2EA565DC246}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E9427D6F-2691-4CF5-8469-216A993BD5DF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EA36F2B9-C56E-4826-B00E-445E2A3A0A6F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{ED62C2A1-8BB1-43BA-B652-6192C83D2C57}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F63684A7-CCBB-4F0F-8D03-283A4B7118F5}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"TCP Query User{2265AE8A-E9DB-4E27-BC9C-4C87DBF5C3E5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{36A3A0BF-8CE8-43CB-BC9A-885FF199247D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A7D18358-8686-450E-BA2C-226095A0FC2A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D15CF4F7-50BF-410C-983B-EEA31E849A51}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{11D3D948-2789-2E3D-03D7-282B537D8C01}" = BBC iPlayer Desktop
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{38024121-D084-4E7D-B1A2-1A04CB5C4CF3}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}" = Tiscali Internet
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B751AEA-D37F-4246-9CF1-D37B429FDFD3}" = AVG 2011
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{6FFB40A5-7F7D-4A32-8905-3CDF962EE1E4}" = Internet From BT
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95FC661A-A0C5-4B18-92CE-90347DA79CC9}" = Smart Menus (Windows Live Toolbar)
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A276502A-8979-44FB-8090-90CF72F22ABC}" = AVG 2011
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ECDA9BD9-A54E-462A-8191-A2B569D9AB34}" = Map Button (Windows Live Toolbar)
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ARO 2011_is1" = ARO 2011
"AVG" = AVG 2011
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"Browser Defender_is1" = Browser Defender 3.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Support Center" = Dell Support Center
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007 Trial
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Spyware Doctor" = Spyware Doctor with AntiVirus 8.0
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 06/03/2011 10:12:22 | Computer Name = shahnaz-pc | Source = PC-Doctor | ID = 1
Description = (3344) Asapi: (14:12:22:5120)(3344) libMatrix.profiler.ProfilerSnapshots
- Error -- 348 getDirectoryContents(C:\ProgramData\PCDr\5744/performance) failed


Error - 06/03/2011 10:12:22 | Computer Name = shahnaz-pc | Source = PC-Doctor | ID = 1
Description = (3344) Asapi: (14:12:22:5130)(3344) libMatrix.profiler.ProfilerSnapshots
- Error -- 446 getDirectoryContents(C:\ProgramData\PCDr\5744/performance) failed


Error - 06/03/2011 10:18:16 | Computer Name = shahnaz-pc | Source = VSS | ID = 8194
Description =

Error - 06/03/2011 10:22:11 | Computer Name = shahnaz-pc | Source = VSS | ID = 8194
Description =

Error - 06/03/2011 10:45:03 | Computer Name = shahnaz-pc | Source = VSS | ID = 8194
Description =

Error - 06/03/2011 10:47:34 | Computer Name = shahnaz-pc | Source = EventSystem | ID = 4621
Description =

Error - 06/03/2011 10:50:38 | Computer Name = shahnaz-pc | Source = WinMgmt | ID = 10
Description =

Error - 06/03/2011 10:55:50 | Computer Name = shahnaz-pc | Source = WinMgmt | ID = 10
Description =

Error - 06/03/2011 11:32:49 | Computer Name = shahnaz-pc | Source = EventSystem | ID = 4621
Description =

Error - 06/03/2011 11:35:46 | Computer Name = shahnaz-pc | Source = WinMgmt | ID = 10
Description =

[ Broadcom Wireless LAN Events ]
Error - 18/01/2011 15:00:40 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 19:00:40, Tue, Jan 18, 11 Error - User "" does not have administrative
privileges on this system

Error - 24/01/2011 16:59:41 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 20:59:37, Mon, Jan 24, 11 Error - Unable to gain access to user store


Error - 09/02/2011 15:45:36 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 19:45:36, Wed, Feb 09, 11 Error - User "" does not have administrative
privileges on this system

Error - 09/02/2011 18:31:56 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 22:31:56, Wed, Feb 09, 11 Error - User "" does not have administrative
privileges on this system

Error - 25/02/2011 19:10:01 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 23:10:01, Fri, Feb 25, 11 Error - User "" does not have administrative
privileges on this system

Error - 05/03/2011 16:25:51 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 20:25:51, Sat, Mar 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 05/03/2011 18:56:19 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 22:56:19, Sat, Mar 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 05/03/2011 18:57:29 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 22:57:29, Sat, Mar 05, 11 Error - Unable to decrypt string

Error - 05/03/2011 19:48:32 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 23:48:32, Sat, Mar 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 06/03/2011 14:48:49 | Computer Name = shahnaz-pc | Source = WLAN-Tray | ID = 0
Description = 18:48:49, Sun, Mar 06, 11 Error - User "" does not have administrative
privileges on this system


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

viruswalla1
Beginner
Beginner

Posts Posts : 3
Joined Joined : 2011-03-07
OS OS : vista
Points Points : 21063
# Likes # Likes : 0

View user profile

Back to top Go down

Re: vbs generic

Post by Gabethebabe on 10th March 2011, 3:19 pm

Im sorry viruswalla1, but that is the Extras.Txt again :sad:

What I need is the contents of OTL.Txt. It should be located in the same folder where you saved OTL.exe (your desktop, probably). If you run OTL, it is the log that pops up after the scan.

Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38238
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum