Advertisement
Advertisement
 Search | |
| |
17-Apr-2011, 08:05 PM
#1 | |||||||
| Computer is playing random ads |
19-Apr-2011, 09:32 PM
#2 | |||||||
| |
26-Apr-2011, 02:38 PM
#3 | |||||||
| Hiya and welcome to Tech Support Guy  Download TFC by OldTimer to your desktop
Please download Malwarebytes' Anti-Malware from Here or Here Double Click mbam-setup.exe to install the application.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly. Download and scan with SUPERAntiSpyware Free for Home Users
Please include the MBAM log and, SUPERAntiSpyware Scan Log and a fresh HijackThis log in your next reply eddie
__________________ Just go with the flow, like a twig on the shoulders of a mighty stream MVP in Consumer Security |
28-Apr-2011, 11:29 AM
#4 | |||||||
| |
29-Apr-2011, 03:46 PM
#5 | |||||||
| Normal mode is fine Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.  Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:  Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply. eddie |
30-Apr-2011, 03:40 PM
#6 | |||||||
| Combo fix log: ComboFix 11-04-29.04 - Andrea Lamb 04/30/2011 14:25:51.1.1 - x86 Running from: c:\documents and settings\Andrea Lamb\Desktop\andrea123.exe * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe . Infected copy of c:\windows\system32\drivers\volsnap.sys was found and disinfected Restored copy from - Kitty had a snack  . ((((((((((((((((((((((((( Files Created from 2011-03-28 to 2011-04-30 ))))))))))))))))))))))))))))))) . . 2011-04-28 03:02 . 2011-04-28 03:02 -------- d-----w- c:\documents and settings\Andrea Lamb\Application Data\SUPERAntiSpyware.com 2011-04-28 03:02 . 2011-04-28 03:02 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2011-04-28 03:01 . 2011-04-28 03:03 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-04-20 01:41 . 2011-04-20 01:41 12872 ----a-w- c:\windows\system32\bootdelete.exe 2011-04-17 02:55 . 2011-04-17 02:55 388096 ----a-r- c:\documents and settings\Andrea Lamb\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-04-17 02:55 . 2011-04-17 02:55 -------- d-----w- c:\program files\Trend Micro 2011-04-17 01:25 . 2010-05-26 15:45 18816 ------w- c:\windows\system32\SAVRKBootTasks.sys 2011-04-17 00:41 . 2010-09-06 09:26 189520 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2011-04-16 20:10 . 2011-04-16 20:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2011-04-16 00:45 . 2011-04-16 00:45 -------- d-----w- c:\documents and settings\Leon Davis\Application Data\Malwarebytes 2011-04-14 03:40 . 2011-04-14 03:40 -------- d-----w- c:\documents and settings\Andrea Lamb\Application Data\Malwarebytes 2011-04-14 03:39 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-04-14 03:39 . 2011-04-14 03:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-04-14 03:39 . 2011-04-14 03:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-04-13 13:16 . 2011-04-13 13:16 -------- d-----w- c:\program files\Sophos . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-20 01:53 . 2011-03-27 04:41 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-02-09 13:53 . 2010-08-26 04:34 270848 ----a-w- c:\windows\system32\sbe.dll 2011-02-09 13:53 . 2010-08-26 04:33 186880 ----a-w- c:\windows\system32\encdec.dll 2011-02-02 07:58 . 2010-08-26 04:33 2067456 ----a-w- c:\windows\system32\mstscax.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-04-20 2423752] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688] "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-26 53248] "AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-17 1392640] "lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2008-03-27 660136] "EzPrint"="c:\program files\Lexmark 2600 Series\ezprint.exe" [2008-03-27 107176] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-01-11 344064] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\Shell ExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf010 00.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\lxdncoms.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnpswx.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdntime.exe"= "c:\\Program Files\\Lexmark 2600 Series\\lxdnmon.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnjswx.exe"= "c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"= "c:\\Program Files\\Lexmark 2600 Series\\lxdnlscn.exe"= . R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 1:25 PM 12872] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 1:41 PM 67656] R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys [4/16/2011 8:25 PM 18816] R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?] R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [8/25/2010 11:36 PM 87936] S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\s pool\drivers\w32x86\3\lxdnserv.exe [8/28/2010 1:13 PM 98984] S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [3/26/2011 11:41 PM 16968] S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\6.tmp --> c:\windows\system32\6.tmp [?] . . ------- Supplementary Scan ------- . IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB FF - ProfilePath - c:\documents and settings\Andrea Lamb\Application Data\Mozilla\Firefox\Profiles\1rladtfc.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-04-30 14:30 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2] "ImagePath"="\??\c:\windows\system32\6.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_Ac tiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(864) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll c:\windows\system32\Ati2evxx.dll c:\windows\System32\BCMLogon.dll . Completion time: 2011-04-30 14:34:29 ComboFix-quarantined-files.txt 2011-04-30 19:34 . Pre-Run: 16,699,887,616 bytes free Post-Run: 16,664,641,536 bytes free . WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - FA5FF48B796F3F3D8E11207691110DB5 |
03-May-2011, 09:48 PM
#8 | |||||||
| |
03-May-2011, 09:53 PM
#9 | |||||||
| extras.txt as follows: OTL Extras logfile created on: 5/3/2011 8:25:32 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Andrea Lamb\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 511.00 Mb Total Physical Memory | 231.00 Mb Available Physical Memory | 45.00% Memory free 1.00 Gb Paging File | 1.00 Gb Available in Paging File | 76.00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 24.03 Gb Total Space | 15.52 Gb Free Space | 64.58% Space Free | Partition Type: NTFS Drive D: | 492.37 Mb Total Space | 393.89 Mb Free Space | 80.00% Space Free | Partition Type: FAT32 Computer Name: LAMBS-KORNER | User Name: Andrea Lamb | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfil e] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProf ile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet  isabled:@xpsp2res.dll,-22004"445:TCP" = 445:TCP:LocalSubNet isabled:@xpsp2res.dll,-22005"137:UDP" = 137:UDP:LocalSubNet isabled:@xpsp2res.dll,-22001"138:UDP" = 138:UDP:LocalSubNet isabled:@xpsp2res.dll,-22002"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer "4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery "4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer "4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\lxdncoms.exe" = C:\WINDOWS\system32\lxdncoms.exe:*:Enabled:2600 Series Server -- ( ) "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnpswx.exe:*:Enabled:Printer Status Window Interface -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdntime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdntime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.) "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe" = C:\Program Files\Lexmark 2600 Series\lxdnmon.exe:*:Enabled:Printer Device Monitor -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnjswx.exe:*:Enabled:Job Status Window Interface -- () "C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion) "C:\Program Files\Lexmark 2600 Series\lxdnlscn.exe" = C:\Program Files\Lexmark 2600 Series\lxdnlscn.exe:*:Enabled: -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}" = BlackBerry Desktop Software 6.0.1 "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.1 "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card "CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "ie8" = Windows Internet Explorer 8 "kSolo" = kSolo Recorder "Lexmark 2600 Series" = Lexmark 2600 Series "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5) "Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WinGimp-2.0_is1" = GIMP 2.6.4 "Xvid_is1" = Xvid 1.2.1 final uninstall ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 1/9/2011 8:19:16 AM | Computer Name = LAMBS-KORNER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 1/13/2011 1:43:23 PM | Computer Name = LAMBS-KORNER | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18999, fault address 0x001b95b9. Error - 1/20/2011 11:49:52 PM | Computer Name = LAMBS-KORNER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 1/21/2011 6:52:24 PM | Computer Name = LAMBS-KORNER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 1/22/2011 6:56:46 PM | Computer Name = LAMBS-KORNER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 2/6/2011 3:40:41 AM | Computer Name = LAMBS-KORNER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 2/19/2011 5:53:15 AM | Computer Name = LAMBS-KORNER | Source = MsiInstaller | ID = 11305 Description = Product: BlackBerry Desktop Software 6.0.1 -- Error 1305.Error reading from file C:\DOCUME~1\ANDREA~1\LOCALS~1\Temp\WZSE0.TMP\BlackBerry Desktop Software.msi. Verify that the file exists and that you can access it. Error - 2/19/2011 5:53:16 AM | Computer Name = LAMBS-KORNER | Source = MsiInstaller | ID = 11305 Description = Product: BlackBerry Desktop Software 6.0.1 -- Error 1305.Error reading from file C:\DOCUME~1\ANDREA~1\LOCALS~1\Temp\WZSE0.TMP\BlackBerry Desktop Software.msi. Verify that the file exists and that you can access it. Error - 2/19/2011 5:53:18 AM | Computer Name = LAMBS-KORNER | Source = MsiInstaller | ID = 11305 Description = Product: BlackBerry Desktop Software 6.0.1 -- Error 1305.Error reading from file C:\DOCUME~1\ANDREA~1\LOCALS~1\Temp\WZSE0.TMP\BlackBerry Desktop Software.msi. Verify that the file exists and that you can access it. Error - 2/20/2011 1:37:29 PM | Computer Name = LAMBS-KORNER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 4/30/2011 3:13:39 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the lxdnCATSCustConnectService service to connect. Error - 4/30/2011 3:13:39 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7000 Description = The lxdnCATSCustConnectService service failed to start due to the following error: %%1053 Error - 4/30/2011 3:13:39 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7031 Description = The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 4/30/2011 3:14:33 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7031 Description = The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 4/30/2011 3:16:04 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7034 Description = The Print Spooler service terminated unexpectedly. It has done this 3 time(s). Error - 4/30/2011 3:25:36 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7034 Description = The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s). Error - 4/30/2011 3:25:36 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7034 Description = The Smart Card service terminated unexpectedly. It has done this 1 time(s). Error - 5/3/2011 9:20:12 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the lxdnCATSCustConnectService service to connect. Error - 5/3/2011 9:20:12 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7000 Description = The lxdnCATSCustConnectService service failed to start due to the following error: %%1053 Error - 5/3/2011 9:20:12 PM | Computer Name = LAMBS-KORNER | Source = Service Control Manager | ID = 7034 Description = The Print Spooler service terminated unexpectedly. It has done this 1 time(s). < End of report > |
08-May-2011, 04:14 PM
#11 | |||||||
| |
09-May-2011, 05:58 PM
#12 | |||||||
| That's okay, I'm always around, so anytime is fine Run OTL
eddie |
11-May-2011, 03:07 PM
#13 | |||||||
| |
16-May-2011, 05:46 PM
#14 | |||||||
| Just to let you know, I'm on holiday on may 20th until May 27th, but will do what I can until then Please download SystemLook from one of the links below and save it to your Desktop. Download Mirror #1 Download Mirror #2
eddie |
18-May-2011, 05:08 AM
#15 | |||||||
| |
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
| |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
