Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Kaspersky Found viruslist advisories/34924

Started by Robert Tracy , May 18 2009 12:32 PM

  • Please log in to reply

#1
Robert Tracy
Posted 18 May 2009 - 12:32 PM

Robert Tracy

    Member

  • Member
  • PipPipPip
  • 150 posts
I hope I'm doing this right. Everything is very very slow. As I type this I'm not even seeing the typing until I stop and then the hourglass appears for a long time as my typing finally appears after minutes.

This is how my IE 8 looks:

These are the logs:

Microsoft Windows XP Professional (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:38138 Mo/Free:2692 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Removable] (Total:0 Mo/Free:0 Mo)

Mon 05/18/2009|13:37

----------------------\\  Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\svchost.exe
--Locked-- avp.exe
---------- C:\WINDOWS\system32\hkcmd.exe
--Locked-- avp.exe
---------- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
---------- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE
---------- C:\WINDOWS\system32\umonit.exe
---------- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
---------- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE
---------- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
---------- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
---------- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
---------- C:\Program Files\Logitech\SetPoint\SetPoint.exe
---------- C:\Program Files\Canon\CAL\CALMAIN.exe
---------- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
---------- C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
---------- C:\WINDOWS\system32\wuauclt.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\  Search..

----------------------\\  ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Tue 04/14/2009|13:19
2 - "C:\Rooter$\Rooter_2.txt" - Mon 05/18/2009|13:38

----------------------\\  Scan completed at 13:38


*****


Virus Scan: completed 5/16/2009 6:37:04 AM   (events: 2, objects: 2, time: 00:00:01)	
5/1/2009 10:36:53 AM	Task started									
5/1/2009 11:46:04 AM	Task completed									
Virus Scan: completed 5/16/2009 6:37:04 AM   (events: 2, objects: 2, time: 00:00:01)	
5/1/2009 12:17:23 PM	Task started									
5/1/2009 12:34:20 PM	Task completed									
Virus Scan: completed 5/16/2009 6:37:04 AM   (events: 2, objects: 2, time: 00:00:01)	
5/16/2009 6:37:03 AM	Task started									
5/16/2009 6:37:04 AM	Task completed									
Virus Scan: completed 5/16/2009 6:37:04 AM   (events: 2, objects: 2, time: 00:00:01)	
5/16/2009 5:54:45 PM	Task started									
5/16/2009 6:24:20 PM	Detected	Vulnerability	http://www.viruslist.com/en/advisories/34924	Low	Exact	File	C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\	Annots.FRA		
5/16/2009 6:24:20 PM	Detected	Vulnerability	http://www.viruslist.com/en/advisories/34924	Low	Exact	File	C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\	Annots.DEU		
5/16/2009 6:24:25 PM	Detected	Vulnerability	http://www.viruslist.com/en/advisories/34924	Low	Exact	File	C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\	Annots.api		
5/16/2009 6:34:44 PM	Detected	Vulnerability	http://www.viruslist.com/en/advisories/34924	Low	Exact	File	C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\	Annots.api		
5/16/2009 7:07:32 PM	Task completed									
Virus Scan: completed 5/16/2009 6:37:04 AM   (events: 2, objects: 2, time: 00:00:01)	
5/18/2009 12:31:30 PM	Task started									
5/18/2009 12:53:35 PM	Detected	Vulnerability	http://www.viruslist.com/en/advisories/34924	Low	Exact	File	C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\	Annots.DEU		
5/18/2009 12:53:35 PM	Detected	Vulnerability	http://www.viruslist.com/en/advisories/34924	Low	Exact	File	C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\	Annots.FRA		
5/18/2009 1:04:26 PM	Task completed


***** 


Malwarebytes' Anti-Malware 1.36
Database version: 2147
Windows 5.1.2600 Service Pack 3

5/18/2009 12:24:38 PM
mbam-log-2009-05-18 (12-24-38).txt

Scan type: Quick Scan
Objects scanned: 75224
Time elapsed: 7 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


*****

OTListIt logfile created on: 5/18/2009 1:43:47 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8	 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
509.99 Mb Total Physical Memory | 184.52 Mb Available Physical Memory | 36.18% Memory free
858.24 Mb Paging File | 598.10 Mb Available in Paging File | 69.69% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 22.63 Gb Free Space | 60.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BOB
Current User Name: Administrator
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
 
[color=orange]========== Processes (SafeList) ==========[/color]
 
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
PRC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE (SEIKO EPSON CORPORATION)
PRC - C:\WINDOWS\system32\umonit.exe (General)
PRC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe ()
PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe (OldTimer Tools)
 
[color=orange]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (AVP [Auto | Running]) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (nmraapache [On_Demand | Stopped]) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
SRV - (nmservice [Auto | Running]) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (PDAgent [Auto | Running]) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
SRV - (PDEngine [On_Demand | Stopped]) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (Raxco Software, Inc.)
SRV - (spkrmon [Auto | Running]) -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe ()
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (YahooAUService [Auto | Running]) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
 
[color=orange]========== Driver Services (SafeList) ==========[/color]
 
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (arusb(Atheros) [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\arusb.sys (Atheros Communications, Inc.)
DRV - (cercsr6 [Boot | Stopped]) -- C:\WINDOWS\System32\drivers\cercsr6.sys (Adaptec, Inc.)
DRV - (DefragFS [Auto | Running]) -- C:\WINDOWS\System32\drivers\DefragFs.sys (Raxco Software, Inc.)
DRV - (E1000 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e1000325.sys (Intel Corporation)
DRV - (fixustor [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\fixustor.sys (Genesys Logic)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (kl1 [Boot | Running]) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (klbg [Boot | Running]) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (KLFLTDEV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\klfltdev.sys (Kaspersky Lab)
DRV - (KLIF [System | Running]) -- C:\WINDOWS\system32\DRIVERS\klif.sys (Kaspersky Lab)
DRV - (klim5 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\klim5.sys (Kaspersky Lab)
DRV - (LHidFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (pnarp [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\pnarp.sys (Cisco Systems, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (purendis [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\purendis.sys (Cisco Systems, Inc.)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (winusb [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\WinUSB.SYS (Microsoft Corporation)
DRV - ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ialmsbw.sys (Intel Corporation)
DRV - ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ialmkchw.sys (Intel Corporation)
 
[color=orange]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=orange]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=orange]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.2.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/12 09:17:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/13 05:47:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/30 14:22:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2009\THBEXT [2009/03/11 19:57:34 | 00,000,000 | ---D | M]
 
[2009/03/11 22:23:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2009/03/11 22:23:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/12 10:04:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\yaelei2h.default\extensions
[2009/04/04 18:21:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\yaelei2h.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/03/20 08:20:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\yaelei2h.default\extensions\[email protected]
[2009/04/14 10:00:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/30 14:22:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/30 14:21:58 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/30 14:21:58 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 14:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 14:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 14:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 14:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 14:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 14:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 14:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
 
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1	   localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (CDelHotkeys Object) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [\\192.168.0.198\EPSON Stylus C88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P39 "\\192.168.0.198\EPSON Stylus C88 Series" /O6 "USB001" /M "Stylus C88" (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [\\CHUCK\EPSON Stylus C88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P31 "\\CHUCK\EPSON Stylus C88 Series" /O6 "USB001" /M "Stylus C88" (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [\\Linda\EPSON Stylus C88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P31 "\\Linda\EPSON Stylus C88 Series" /O6 "USB001" /M "Stylus C88" (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Auto EPSON Stylus C88 Series on Linda] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P37 "Auto Epson Stylus C88 Series on Linda" /O15 "\\LINDA\Printer" /M "Stylus C88" (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" (Kaspersky Lab)
O4 - HKLM..\Run: [EPSON Stylus C88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P23 "EPSON Stylus C88 Series" /O6 "USB001" /M "Stylus C88" (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash (Pure Networks, Inc.)
O4 - HKLM..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" (Cisco Systems, Inc.)
O4 - HKLM..\Run: [UMonit] C:\WINDOWS\system32\umonit.exe (General)
O4 - HKLM..\Run: [WebEx Document Loader] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P21 "WebEx Document Loader" /O26 "WebEx Document Loader Port" /M "Stylus C88" (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Delicious - {2C887991-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: Bookmarks - {2C887992-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: Tag - {2C887993-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab (DLM Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://fb.familylink.com/we_are_related/stream/core/lib/AurigmaImageUploader/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/05 20:28:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{e0d5a8fe-17f5-11de-9de4-000874d8ccdc}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\system32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/18 13:42:10 | 00,000,000 | ---D | M]
 
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/05/18 13:06:47 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMINI~1\My Documents\New Folder (2)
[2009/05/18 13:06:35 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMINI~1\My Documents\New Folder
[2009/05/18 12:16:06 | 00,000,727 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/18 12:16:05 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/18 12:16:02 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/18 12:16:00 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/18 12:11:30 | 00,000,642 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\NTREGOPT.lnk
[2009/05/18 12:11:30 | 00,000,623 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\ERUNT.lnk
[2009/05/18 12:11:29 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/18 12:00:43 | 00,000,227 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\Malware and Spyware Cleaning Guide.url
[2009/05/18 11:38:47 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\ADMINI~1\Desktop\OTListIt2.exe
[2009/05/18 11:33:38 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMINI~1\Desktop\Malware Programs
[2009/05/18 11:13:12 | 00,349,696 | ---- | C] (iS3, Inc.) -- C:\DOCUME~1\ADMINI~1\Desktop\STOPzilla_Setup.exe
[2009/05/18 11:11:43 | 05,797,152 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\SUPERAntiSpyware.exe
[2009/05/17 16:43:10 | 00,000,224 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\The Rule of Reason   Weblog of the Center for the Advancement of Capitalism.url
[2009/05/16 23:46:32 | 00,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/05/16 23:44:54 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009/05/16 23:39:55 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/05/16 23:39:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/05/16 20:58:14 | 09,152,024 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\favritius_goldfinch.psd
[2009/05/16 16:58:46 | 00,036,715 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\mom_in_uniform_s.jpg
[2009/05/16 15:55:45 | 01,633,078 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\img113.jpg
[2009/05/16 15:39:54 | 22,230,096 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\mom_in_uniform.tif
[2009/05/16 15:20:19 | 00,170,009 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\mom_in_uniform-copy.jpg
[2009/05/16 15:17:03 | 22,228,915 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\mom_in_uniform.psd
[2009/05/16 08:07:16 | 02,609,323 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\early_afternoon_first_version.png
[2009/05/16 08:04:49 | 03,864,403 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\early_afternoon_first_edition.psd
[2009/05/16 06:36:41 | 00,000,026 | ---- | C] () -- C:\WINDOWS\Zone.Identifier
[2009/05/15 14:27:05 | 00,000,157 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\The Gift Certificate - THE FORUM for Ayn Rand Fans.url
[2009/05/14 18:17:17 | 00,144,265 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\dlink_proof2.jpg
[2009/05/14 17:38:41 | 00,019,224 | -H-- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\ZbThumbnail.info
[2009/05/14 17:36:33 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMINI~1\Desktop\New Folder
[2009/05/14 12:12:59 | 00,003,284 | ---- | C] () -- C:\WINDOWS\System32\ANIWZCS{E6318FE0-13E7-4C9A-A077-A2BD1B1330EE}
[2009/05/14 11:50:33 | 00,000,014 | ---- | C] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{E6318FE0-13E7-4C9A-A077-A2BD1B1330EE}
[2009/05/13 15:02:41 | 00,000,438 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{92B909D4-C488-41DB-ACA8-38B37A71C869}.job
[2009/05/13 14:52:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/05/13 14:52:18 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/05/13 14:48:52 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/05/13 09:28:11 | 00,000,000 | ---D | C] -- C:\Program Files\WebEx
[2009/05/13 09:27:48 | 08,673,792 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2009/05/13 09:27:00 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Pure Networks Shared
[2009/05/13 07:30:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/05/13 06:46:40 | 00,000,123 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\THE FORUM for Ayn Rand Fans (Powered by Invision Power Board).URL
[2009/05/13 06:46:28 | 00,000,208 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\Online Banking Login.URL
[2009/05/12 11:38:15 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMINI~1\Desktop\Annie Christmas Lights
[2009/05/11 09:25:26 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMINI~1\Desktop\Christine Photos
[2009/05/10 07:09:47 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMINI~1\Desktop\Temp
[2009/04/21 12:42:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/04/21 11:26:39 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ADMINI~1\My Documents\My Digital Editions
[2009/04/21 11:15:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/04/21 11:14:16 | 00,045,392 | ---- | C] (Adobe Systems Inc) -- C:\WINDOWS\System32\AdobePDF.dll
[2009/04/21 10:29:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Download Manager
[2009/04/20 13:25:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/04/01 15:18:28 | 00,005,553 | R--- | C] () -- C:\WINDOWS\System32\iconcfg.ini
[2009/03/30 13:33:30 | 00,000,470 | ---- | C] () -- C:\WINDOWS\ui_mv32.ini
[2009/03/26 04:27:37 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/03/26 04:27:08 | 00,000,074 | ---- | C] () -- C:\WINDOWS\EPSONC88.ini
[2009/03/26 04:25:35 | 00,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2009/03/18 12:32:43 | 00,000,340 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2009/03/15 07:30:02 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/07 20:06:07 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2004/08/04 08:00:00 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
 
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
 
[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/05/18 13:45:16 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{92B909D4-C488-41DB-ACA8-38B37A71C869}.job
[2009/05/18 13:32:26 | 00,000,227 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\Malware and Spyware Cleaning Guide.url
[2009/05/18 13:30:37 | 00,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2009/05/18 13:29:34 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/18 13:27:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/18 13:27:15 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Local Settings\desktop.ini
[2009/05/18 13:27:05 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/18 13:26:35 | 02,243,616 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/05/18 13:26:35 | 00,458,784 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/05/18 13:26:35 | 00,018,608 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009/05/18 13:26:35 | 00,002,648 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009/05/18 12:16:06 | 00,000,727 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/18 12:11:30 | 00,000,642 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\NTREGOPT.lnk
[2009/05/18 12:11:30 | 00,000,623 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\ERUNT.lnk
[2009/05/18 12:06:06 | 00,039,696 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2009/05/18 11:38:48 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\ADMINI~1\Desktop\OTListIt2.exe
[2009/05/18 11:13:13 | 00,349,696 | ---- | M] (iS3, Inc.) -- C:\DOCUME~1\ADMINI~1\Desktop\STOPzilla_Setup.exe
[2009/05/18 11:11:48 | 05,797,152 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\SUPERAntiSpyware.exe
[2009/05/18 08:49:19 | 00,000,224 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\The Rule of Reason   Weblog of the Center for the Advancement of Capitalism.url
[2009/05/17 03:05:02 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/16 23:46:01 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/05/16 23:46:01 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/05/16 23:45:31 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/16 23:39:55 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/05/16 20:58:16 | 09,152,024 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\favritius_goldfinch.psd
[2009/05/16 16:58:46 | 00,036,715 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\mom_in_uniform_s.jpg
[2009/05/16 15:55:46 | 01,633,078 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\img113.jpg
[2009/05/16 15:40:01 | 22,230,096 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\mom_in_uniform.tif
[2009/05/16 15:36:16 | 22,228,915 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\mom_in_uniform.psd
[2009/05/16 15:20:20 | 00,170,009 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\mom_in_uniform-copy.jpg
[2009/05/16 09:00:02 | 03,864,403 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\early_afternoon_first_edition.psd
[2009/05/16 08:07:20 | 02,609,323 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\early_afternoon_first_version.png
[2009/05/16 06:36:41 | 00,000,026 | ---- | M] () -- C:\WINDOWS\Zone.Identifier
[2009/05/15 15:56:59 | 00,019,224 | -H-- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\ZbThumbnail.info
[2009/05/15 14:27:05 | 00,000,157 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\The Gift Certificate - THE FORUM for Ayn Rand Fans.url
[2009/05/15 13:28:43 | 00,144,265 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\dlink_proof2.jpg
[2009/05/14 16:56:24 | 00,000,014 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{E6318FE0-13E7-4C9A-A077-A2BD1B1330EE}
[2009/05/14 16:16:35 | 00,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{E6318FE0-13E7-4C9A-A077-A2BD1B1330EE}
[2009/05/14 12:11:50 | 00,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2009/05/13 19:11:21 | 00,000,123 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\THE FORUM for Ayn Rand Fans (Powered by Invision Power Board).URL
[2009/05/13 14:55:43 | 00,000,084 | -HS- | M] () -- C:\DOCUME~1\ADMINI~1\My Documents\desktop.ini
[2009/05/13 14:25:24 | 00,000,300 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\hank1 on deviantART.URL
[2009/05/13 11:12:37 | 00,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/13 09:27:58 | 08,673,792 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2009/05/13 08:04:22 | 00,000,208 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\Online Banking Login.URL
[2009/05/07 03:16:30 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/25 19:31:42 | 00,000,470 | ---- | M] () -- C:\WINDOWS\ui_mv32.ini
[2009/04/25 01:30:39 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/04/24 10:04:04 | 00,001,368 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\wklnhst.dat
[2009/04/22 11:49:06 | 00,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{125BB5F5-AF1B-4FFD-A90A-2A5963E835F6}
[2009/04/22 11:06:57 | 00,000,014 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{125BB5F5-AF1B-4FFD-A90A-2A5963E835F6}
 
[color=orange]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 3638 bytes -> C:\DOCUME~1\ADMINI~1\Desktop\The Rule of Reason   Weblog of the Center for the Advancement of Capitalism.url:favicon
@Alternate Data Stream - 22486 bytes -> C:\DOCUME~1\ADMINI~1\Desktop\Malware and Spyware Cleaning Guide.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\DOCUME~1\ADMINI~1\Desktop\THE FORUM for Ayn Rand Fans (Powered by Invision Power Board).URL:favicon
@Alternate Data Stream - 1406 bytes -> C:\DOCUME~1\ADMINI~1\Desktop\hank1 on deviantART.URL:favicon
@Alternate Data Stream - 1150 bytes -> C:\DOCUME~1\ADMINI~1\Desktop\The Fontman’s Blog.url:favicon
< End of report >


*****

OTListIt Extras logfile created on: 5/18/2009 1:43:47 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8	 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
509.99 Mb Total Physical Memory | 184.52 Mb Available Physical Memory | 36.18% Memory free
858.24 Mb Paging File | 598.10 Mb Available in Paging File | 69.69% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 22.63 Gb Free Space | 60.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BOB
Current User Name: Administrator
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
 
[color=orange]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
[color=orange]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" = 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"67:UDP" = 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service
 
[color=orange]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE:*:Enabled:SAgent4 (SEIKO EPSON CORPORATION)
 
[color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17E3A651-12B9-4149-BAE8-E6FB9A5ADC4F}" = Microsoft Works Suite Add-in for Microsoft Word
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon Camera WIA Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4F47D5A8-15C1-4424-9851-AD01A66CABB2}" = The Objectivism Research CDROM
"{578B6EF9-119B-4FB8-8377-7DAFA9588B97}" = Network Magic
"{652C4ADF-0A29-4B02-9211-EE61675847DE}" = Canon Camera WIA Driver
"{7B738CD9-D107-48C7-8E65-2E6639A39C8D}" = PerfectDisk 10 Professional
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Internet Security 2009
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90170409-6000-11D3-8CFE-0050048383C9}" = Microsoft FrontPage 2002
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C89C8D86-4423-4A58-AA40-DD259ACE07C1}" = KhalSetup
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DE1AF137-C455-494A-A817-EFE44BCCFDEE}" = Works Upgrade
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FBDBC490-089D-4476-BF72-1F7A6368200A}" = Pure Networks Platform
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0.1
"Adobe SVG Viewer" = Adobe SVG Viewer
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
"CSCLIB" = Canon Camera Support Core Library
"Delicious Add-on for Internet Explorer" = Delicious Add-on for Internet Explorer
"Digital Editions" = Adobe Digital Editions
"DPP" = Canon Utilities Digital Photo Professional 3.0
"EPSON Printer and Utilities" = EPSON Printer Software
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.2.4.1
"FixUstor" = Generic color icon driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Image Composer" = Microsoft Image Composer 1.5
"InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon EOS Kiss_N REBEL_XT 350D WIA Driver
"InstallShield_{652C4ADF-0A29-4B02-9211-EE61675847DE}" = Canon EOS-1Ds Mark II WIA Driver
"InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA Driver
"InstallWIX_{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Internet Security 2009
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile - PREVIEW
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Network MagicUninstall" = Network Magic
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SWiSH v2.01" = SWiSH v2.01
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2006Setup" = Microsoft Works Suite 2006 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
[color=orange]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 4/12/2009 9:26:15 AM | Computer Name = XPPRO | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
 - Failed to compile: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll
 . Error code = 0x80070002  
 
Error - 4/12/2009 9:27:47 AM | Computer Name = XPPRO | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
 - Failed to compile: System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 . Error code = 0x80070002  
 
Error - 4/14/2009 10:40:48 AM | Computer Name = XPPRO | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application sysrestorepoint.exe, version 1.3.0.0, stamp 485da791,
 faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802a12c, debug? 0, 
fault address 0x00012aeb.
 
Error - 4/14/2009 10:41:10 AM | Computer Name = XPPRO | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application sysrestorepoint.exe, version 1.3.0.0, stamp 485da791,
 faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802a12c, debug? 0, 
fault address 0x00012aeb.
 
Error - 4/14/2009 10:42:28 AM | Computer Name = XPPRO | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application sysrestorepoint.exe, version 1.3.0.0, stamp 485da791,
 faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802a12c, debug? 0, 
fault address 0x00012aeb.
 
Error - 4/14/2009 1:23:00 PM | Computer Name = XPPRO | Source = Application Hang | ID = 1002
Description = Hanging application OTListIt2.exe, version 2.0.14.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 4/21/2009 10:06:55 AM | Computer Name = XPPRO | Source = Application Error | ID = 1000
Description = Faulting application acrobat.com.exe, version 0.0.0.0, faulting module
 webkit.dll, version 0.0.0.0, fault address 0x000f24e8.
 
Error - 4/22/2009 12:00:26 PM | Computer Name = XPPRO | Source = Application Error | ID = 1000
Description = Faulting application acrodist.exe, version 9.0.0.332, faulting module
 acrodistdll.dll, version 9.0.0.332, fault address 0x001ed704.
 
Error - 5/12/2009 12:18:04 PM | Computer Name = XPPRO | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.5512, hang module 
hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 5/13/2009 9:11:58 AM | Computer Name = XPPRO | Source = Application Error | ID = 1000
Description = Faulting application demo32.exe, version 0.0.0.0, faulting module 
, version 0.0.0.0, fault address 0x00000000.
 
[ System Events ]
Error - 5/13/2009 10:22:11 AM | Computer Name = XPPRO | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.198 for the Network Card with network
 address 000874D8CCDC has been  denied by the DHCP server 192.168.1.1 (The DHCP Server
 sent a DHCPNACK message).
 
Error - 5/15/2009 2:31:33 PM | Computer Name = BOB | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.101 for the Network Card with network
 address 000874D8CCDC has been  denied by the DHCP server 192.168.1.1 (The DHCP Server
 sent a DHCPNACK message).
 
Error - 5/15/2009 7:15:58 PM | Computer Name = BOB | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.101 for the Network Card with network
 address 000874D8CCDC has been  denied by the DHCP server 192.168.1.1 (The DHCP Server
 sent a DHCPNACK message).
 
 
< End of report >


It's only online that things are this slow. It can take over a minute for a page to even open, whether it's a new page or one I visit often. My email is OK, just a little slow, opening in around 5 seconds. And some applications are slow to open and close.

Thank you very much for your attention to this matter.

Edited by Robert Tracy, 18 May 2009 - 12:54 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP