« previous next »
Pages: [1]

Author Topic: test  (Read 1338 times)

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« on: April 14, 2009, 04:52:54 PM »
just seeing if I can post a new topic yet.  It worked Hoorah!!

Won't let me post my log still  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' />
« Last Edit: April 14, 2009, 05:04:34 PM by djkwik »
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #1 on: April 14, 2009, 05:09:58 PM »
[quote name=\'djkwik\' post=\'461266\' date=\'Apr 14 2009, 04:52 PM\']just seeing if I can post a new topic yet.  It worked Hoorah!!

Won't let me post my log still  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' />[/quote]


Guestolo, you suggested I try to reply to a current topic.  I tried a test and it worked, but still couldn't get an RSIT log to post, so I am trying to do it in this reply as suggestd:


And it did not work...I am going to see if this part works......
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #2 on: April 14, 2009, 05:12:06 PM »
[quote name=\'djkwik\' post=\'461269\' date=\'Apr 14 2009, 05:09 PM\']Guestolo, you suggested I try to reply to a current topic.  I tried a test and it worked, but still couldn't get an RSIT log to post, so I am trying to do it in this reply as suggestd:


And it did not work...I am going to see if this part works......[/quote]


Well, it seems to always let me post a couple of words or lines, but not my log....will wait until I hear back for another suggestion...
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #3 on: April 15, 2009, 06:01:42 PM »
[quote name=\'djkwik\' post=\'461270\' date=\'Apr 14 2009, 05:12 PM\']Well, it seems to always let me post a couple of words or lines, but not my log....will wait until I hear back for another suggestion...[/quote]

Logfile of random's system information tool 1.04 (written by random/random)
Run by Home at 2009-04-12 05:13:54
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 211 GB (90%) free of 235 GB
Total RAM: 1022 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:14:03 AM, on 4/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Home\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Home.exe
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #4 on: April 15, 2009, 06:03:39 PM »
[quote name=\'djkwik\' post=\'461337\' date=\'Apr 15 2009, 06:01 PM\']Logfile of random's system information tool 1.04 (written by random/random)
Run by Home at 2009-04-12 05:13:54
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 211 GB (90%) free of 235 GB
Total RAM: 1022 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:14:03 AM, on 4/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Home\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Home.exe[/quote]


Hey, I got that much to work.  I guess I'll just piece it together.  here's more of the log...

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080314
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080314
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7069 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
« Last Edit: April 15, 2009, 06:05:33 PM by djkwik »
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #5 on: April 15, 2009, 06:07:38 PM »
[quote name=\'djkwik\' post=\'461338\' date=\'Apr 15 2009, 06:03 PM\']Hey, I got that much to work.  I guess I'll just piece it together.  here's more of the log...

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080314
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080314
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7069 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job[/quote]

Here is the next segment...

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-04-01 1078552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-24 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-04-01 1968920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-24 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-24 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-04-01 1968920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-09-25 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-16 16132608]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-24 136600]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
""= []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-04-01 1932568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Creative Detector"=C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2004-12-02 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2003-12-13 630915]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk]
C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\BACKWE~1.EXE [2003-06-08 16432]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

C:\Documents and Settings\Home\Start Menu\Programs\Startup
Microsoft Works Calendar Reminders.lnk - C:\Program Files\MSWorks\Calendar\WKCALREM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-04-01 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Disabled:backWeb-7288971"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Disabled:Microsoft  Fax Console"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #6 on: April 15, 2009, 06:10:46 PM »
[quote name=\'djkwik\' post=\'461339\' date=\'Apr 15 2009, 06:07 PM\']Here is the next segment...

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-04-01 1078552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-24 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-04-01 1968920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-24 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-24 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-04-01 1968920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-09-25 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-16 16132608]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-24 136600]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
""= []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-04-01 1932568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Creative Detector"=C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2004-12-02 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2003-12-13 630915]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk]
C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\BACKWE~1.EXE [2003-06-08 16432]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

C:\Documents and Settings\Home\Start Menu\Programs\Startup
Microsoft Works Calendar Reminders.lnk - C:\Program Files\MSWorks\Calendar\WKCALREM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-04-01 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Disabled:backWeb-7288971"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Disabled:Microsoft  Fax Console"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"[/quote]

Hopefully here is the rest of the log (nope...it wouldn't take it, so two more segments it is)...

======List of files/folders created in the last 3 months======

2009-04-01 14:13:44 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-04-01 14:13:34 ----D---- C:\Documents and Settings\Home\Application Data\AVGTOOLBAR
2009-04-01 14:13:22 ----D---- C:\Program Files\AVG
2009-04-01 14:13:21 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-04-01 14:10:40 ----A---- C:\Program Files\avg_free_stf_en_85_285a1462.exe
2009-03-31 16:02:24 ----D---- C:\WINDOWS\system32\Viewers
2009-03-31 16:01:41 ----D---- C:\Program Files\MSWorks
2009-03-31 15:59:35 ----D---- C:\Program Files\Microsoft Works and Money
2009-03-13 06:42:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-13 06:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-13 06:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-02-25 23:26:22 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-12 04:01:07 ----D---- C:\3dcfe820f9fbff27988c788b3010
2009-02-12 04:01:03 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-23 18:04:46 ----D---- C:\Documents and Settings\Home\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-01-23 18:00:30 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-23 17:59:26 ----D---- C:\Program Files\Adobe Reader 9 Installer
2009-01-23 17:58:14 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-23 17:58:12 ----D---- C:\Program Files\NOS
2009-01-14 23:09:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #7 on: April 15, 2009, 06:12:46 PM »
[quote name=\'djkwik\' post=\'461340\' date=\'Apr 15 2009, 06:10 PM\']Hopefully here is the rest of the log (nope...it wouldn't take it, so two more segments it is)...

======List of files/folders created in the last 3 months======

2009-04-01 14:13:44 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-04-01 14:13:34 ----D---- C:\Documents and Settings\Home\Application Data\AVGTOOLBAR
2009-04-01 14:13:22 ----D---- C:\Program Files\AVG
2009-04-01 14:13:21 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-04-01 14:10:40 ----A---- C:\Program Files\avg_free_stf_en_85_285a1462.exe
2009-03-31 16:02:24 ----D---- C:\WINDOWS\system32\Viewers
2009-03-31 16:01:41 ----D---- C:\Program Files\MSWorks
2009-03-31 15:59:35 ----D---- C:\Program Files\Microsoft Works and Money
2009-03-13 06:42:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-13 06:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-13 06:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-02-25 23:26:22 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-12 04:01:07 ----D---- C:\3dcfe820f9fbff27988c788b3010
2009-02-12 04:01:03 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-23 18:04:46 ----D---- C:\Documents and Settings\Home\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-01-23 18:00:30 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-23 17:59:26 ----D---- C:\Program Files\Adobe Reader 9 Installer
2009-01-23 17:58:14 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-23 17:58:12 ----D---- C:\Program Files\NOS
2009-01-14 23:09:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$[/quote]

======List of files/folders modified in the last 3 months======

2009-04-12 05:13:59 ----D---- C:\WINDOWS\Prefetch
2009-04-12 05:13:45 ----D---- C:\WINDOWS\Temp
2009-04-11 16:06:09 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-11 16:06:07 ----SD---- C:\WINDOWS\Tasks
2009-04-11 16:03:55 ----D---- C:\WINDOWS
2009-04-11 16:03:41 ----A---- C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt
2009-04-11 16:03:22 ----D---- C:\MDT
2009-04-11 16:03:18 ----D---- C:\WINDOWS\system32
2009-04-11 16:02:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-11 07:27:23 ----D---- C:\rsit
2009-04-11 07:01:05 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-11 07:00:48 ----D---- C:\Program Files\SpywareBlaster
2009-04-09 15:52:43 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-04-09 15:52:40 ----D---- C:\Program Files\Viewpoint
2009-04-06 18:08:47 ----SD---- C:\Documents and Settings\Home\Application Data\Microsoft
2009-04-01 14:18:08 ----RD---- C:\Program Files
2009-04-01 14:13:44 ----D---- C:\WINDOWS\system32\drivers
2009-04-01 14:13:17 ----SHD---- C:\WINDOWS\Installer
2009-04-01 14:01:45 ----D---- C:\WINDOWS\system
2009-03-31 16:39:26 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-31 16:06:25 ----RSD---- C:\WINDOWS\Fonts
2009-03-31 16:02:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #8 on: April 15, 2009, 06:14:49 PM »
[quote name=\'djkwik\' post=\'461341\' date=\'Apr 15 2009, 06:12 PM\']======List of files/folders modified in the last 3 months======

2009-04-12 05:13:59 ----D---- C:\WINDOWS\Prefetch
2009-04-12 05:13:45 ----D---- C:\WINDOWS\Temp
2009-04-11 16:06:09 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-11 16:06:07 ----SD---- C:\WINDOWS\Tasks
2009-04-11 16:03:55 ----D---- C:\WINDOWS
2009-04-11 16:03:41 ----A---- C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt
2009-04-11 16:03:22 ----D---- C:\MDT
2009-04-11 16:03:18 ----D---- C:\WINDOWS\system32
2009-04-11 16:02:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-11 07:27:23 ----D---- C:\rsit
2009-04-11 07:01:05 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-11 07:00:48 ----D---- C:\Program Files\SpywareBlaster
2009-04-09 15:52:43 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-04-09 15:52:40 ----D---- C:\Program Files\Viewpoint
2009-04-06 18:08:47 ----SD---- C:\Documents and Settings\Home\Application Data\Microsoft
2009-04-01 14:18:08 ----RD---- C:\Program Files
2009-04-01 14:13:44 ----D---- C:\WINDOWS\system32\drivers
2009-04-01 14:13:17 ----SHD---- C:\WINDOWS\Installer
2009-04-01 14:01:45 ----D---- C:\WINDOWS\system
2009-03-31 16:39:26 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-31 16:06:25 ----RSD---- C:\WINDOWS\Fonts
2009-03-31 16:02:21 ----D---- C:\Program Files\Common Files\Microsoft Shared[/quote]

======List of files/folders modified in the last 3 months======(Continued)...

2009-03-18 14:31:48 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-18 14:31:45 ----D---- C:\Program Files\Common Files\Adobe
2009-03-13 06:42:29 ----HD---- C:\WINDOWS\inf
2009-03-13 06:42:28 ----SHD---- C:\WINDOWS\system32\dllcache
2009-03-13 06:42:23 ----A---- C:\WINDOWS\imsins.BAK
2009-03-12 06:40:29 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-11 20:06:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-27 18:20:59 ----D---- C:\Documents and Settings\Home\Application Data\Canon
2009-02-25 12:55:00 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-12 10:16:07 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-12 04:00:53 ----D---- C:\Program Files\Internet Explorer
2009-02-01 14:03:24 ----D---- C:\Program Files\Napster
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #9 on: April 15, 2009, 06:16:07 PM »
[quote name=\'djkwik\' post=\'461342\' date=\'Apr 15 2009, 06:14 PM\']======List of files/folders modified in the last 3 months======(Continued)...

2009-03-18 14:31:48 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-18 14:31:45 ----D---- C:\Program Files\Common Files\Adobe
2009-03-13 06:42:29 ----HD---- C:\WINDOWS\inf
2009-03-13 06:42:28 ----SHD---- C:\WINDOWS\system32\dllcache
2009-03-13 06:42:23 ----A---- C:\WINDOWS\imsins.BAK
2009-03-12 06:40:29 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-11 20:06:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-27 18:20:59 ----D---- C:\Documents and Settings\Home\Application Data\Canon
2009-02-25 12:55:00 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-12 10:16:07 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-12 04:00:53 ----D---- C:\Program Files\Internet Explorer
2009-02-01 14:03:24 ----D---- C:\Program Files\Napster[/quote]

======List of files/folders modified in the last 3 months======(Continued)...

2009-01-23 18:06:36 ----D---- C:\Program Files\Adobe
2009-01-23 18:06:30 ----D---- C:\WINDOWS\WinSxS
2009-01-23 18:04:45 ----D---- C:\Documents and Settings\Home\Application Data\Adobe
2009-01-23 18:03:49 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-23 18:00:30 ----D---- C:\Program Files\Common Files
Logged

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #10 on: April 15, 2009, 06:19:59 PM »
[quote name=\'djkwik\' post=\'461344\' date=\'Apr 15 2009, 06:16 PM\']======List of files/folders modified in the last 3 months======(Continued)...

2009-01-23 18:06:36 ----D---- C:\Program Files\Adobe
2009-01-23 18:06:30 ----D---- C:\WINDOWS\WinSxS
2009-01-23 18:04:45 ----D---- C:\Documents and Settings\Home\Application Data\Adobe
2009-01-23 18:03:49 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-23 18:00:30 ----D---- C:\Program Files\Common Files[/quote]

Man this thing is whittling away how many lines it allows me to post each time.  I'll be down to another 50 posts at this rate

2009-01-16 22:35:14 ----A---- C:\WINDOWS\system32\mshtml.dll
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
test
« Reply #11 on: April 16, 2009, 08:56:53 AM »
I can't read that
Can you just Upload the logs?
Just use Browse>>Upload buttons in a reply
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #12 on: April 16, 2009, 05:25:54 PM »
[quote name=\'guestolo\' post=\'461364\' date=\'Apr 16 2009, 08:56 AM\']I can't read that
Can you just Upload the logs?
Just use Browse>>Upload buttons in a reply[/quote]


Going to give it a shot now...

It states that the upload was successful.  

One concern I had was the morning that I ran that RSIT, I woke the computer from sleep mode to find that the start bar had changed to XP style.  I always have my computer set up to look like original windows all the way.  i've never heard of just the start bar being XP style, and I've never experienced my computer changing appearance settings on its own while in sleep mode  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/huh.gif\' class=\'bbc_emoticon\' alt=\':huh:\' />  refresher:  Dell Inspiron 530s / Windows XP

Let me know if you see anything suspicious.

Thx.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
test
« Reply #13 on: April 16, 2009, 10:07:24 PM »
Are you having any kind of problems?
Everything looks good
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #14 on: April 20, 2009, 01:32:39 PM »
[quote name=\'guestolo\' post=\'461403\' date=\'Apr 16 2009, 10:07 PM\']Are you having any kind of problems?
Everything looks good[/quote]


Just the mentioned start bar changing itself to XP style while the computer was in sleep mode, and nothing else changed to XP style.  I solved it easy enough in the appearance settings, but kind of an odd thing to happen.  Also, was just trying to print a web page using the pages print button, only to be slammed by a pop-up from HP and explorer froze-up.  I had to do a ctrl-alt-del to clear it.  I stay updated on my blockers and anti-virus/spyware programs.  Other than that, this thing seems to be running about as well as a PC can run.  I haven't had it seize-up on me waking it out of sleep mode for some time now  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/unsure.gif\' class=\'bbc_emoticon\' alt=\':unsure:\' /> The new Canon all-in-one is working really great.  I haven't tried out the fax feature yet though.  The new 5.1 surround is working quite nicely...its nice to have some music on while doing tedious work on this thing.  Thanks for checking the log.  I did notice an entry from HP that I am thinking I should remove since I no longer have any HP peripherals.....
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab

How can I delete this from my system?
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
test
« Reply #15 on: April 21, 2009, 07:35:10 AM »
Can I see a fresh Log from Hijackthis please
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline djkwik

  • Jr. Member
  • **
  • Posts: 87
  • Karma: +0/-0
    • View Profile
test
« Reply #16 on: June 17, 2009, 05:17:30 PM »
[quote name='guestolo' date='Apr 21 2009, 07:35 AM' post='461675']
Can I see a fresh Log from Hijackthis please




Hey guestolo:

Sorry its been awhile since I checked here, been really busy lately.  I have been now experiencing a problem where this piece of crap Dell keeps changing the power settings on me.  It wasn't bad enough when they just wouldn't work at all forcing me to do a restart.  Not to mention the crap of this thing seizing-up on me when I go to wake it out of sleep mode when it actually DOES go into sleep mode like its supposed to.  But this is just getting ridiculous!  I just got done trying to just set up a new power scheme and saved it, then not a half hour later, I walked past the room and noticed that yet again the power settings had not taken, so when I opened it to check, sure enough this damn thing went back to Max Battery setting, and when I pull down the choices for power schemes the one I JUST CREATED AND SAVED was not even there!  Any ideas?  Here is the fresh HJT you requested...
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
test
« Reply #17 on: June 17, 2009, 11:56:09 PM »
Yah, it's been quite a while, can you start a new topic please
This one is outdated, don't know what's going on now?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »