Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer VERY much slower than in past

Started by DavB , Jun 15 2009 06:30 PM

  • Please log in to reply

#1
DavB
Posted 15 June 2009 - 06:30 PM

DavB

    New Member

  • Member
  • Pip
  • 1 posts
Opening Mozilla takes 30-45 seconds. A MS Word file can take 15-20 seconds. Opening a stock chart is so slow I could file bankruptcy while waiting to get the bad news that the company whose stock I own has been taken over by the government and the shares distributed to the autoworkers union.
:)

After a file has been opened once, response time for subsequent openings is quicker. Can someone help me with my OTL log. I have backed up with Erunt, run MalwareBytes and Rooter.exe, and included their logs along with the OTL log. Unfortuanely I don't know how to attach a file with the above logs to this post.


Malwarebytes' Anti-Malware 1.37
Database version: 2262
Windows 5.1.2600 Service Pack 3

6/14/2009 4:33:35 PM
mbam-log-2009-06-14 (16-33-35).txt

Scan type: Full Scan (C:\|H:\|)
Objects scanned: 195023
Time elapsed: 50 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


//////////////////////////////////////////////////////////


Rooter.exe (v1.0) by Eric_71
¨
Microsoft Windows XP Professional (5.1.2600) Service Pack 3
32_bits - x86 Family 15 Model 2 Stepping 9, GenuineIntel
¨
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:74 Go - Free:58 Go )
D:\ [CD_Rom]
E:\ [CD_Rom]
F:\ [CD_Rom]
H:\ [Removable]
¨
Scan : 16:41.13
Path : C:\Documents and Settings\David Barker\Desktop\GeeksToGo\Rooter.exe
User : David Barker ( Administrator -> YES )
¨
----------------------\\ Processes
¨
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (416)
______ \??\C:\WINDOWS\system32\csrss.exe (640)
______ \??\C:\WINDOWS\system32\winlogon.exe (684)
______ C:\WINDOWS\system32\services.exe (728)
______ C:\WINDOWS\system32\lsass.exe (740)
______ C:\WINDOWS\system32\Ati2evxx.exe (940)
______ C:\WINDOWS\system32\svchost.exe (952)
______ C:\WINDOWS\system32\svchost.exe (1036)
Locked livesrv.exe (1128)
Locked vsserv.exe (1152)
______ C:\WINDOWS\System32\svchost.exe (1264)
______ C:\WINDOWS\System32\svchost.exe (1336)
______ C:\WINDOWS\system32\Ati2evxx.exe (1400)
______ C:\WINDOWS\system32\spoolsv.exe (1792)
______ C:\WINDOWS\System32\svchost.exe (1896)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (1928)
______ C:\Program Files\Bonjour\mDNSResponder.exe (1964)
______ C:\WINDOWS\system32\HPZipm12.exe (2020)
______ C:\WINDOWS\System32\svchost.exe (200)
______ C:\WINDOWS\System32\alg.exe (156)
______ C:\WINDOWS\Explorer.EXE (1828)
______ C:\WINDOWS\BCMSMMSG.exe (2216)
______ C:\Program Files\Common Files\Real\Update_OB\realsched.exe (2232)
Locked bdagent.exe (2532)
Locked seccenter.exe (2660)
______ C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (2792)
______ C:\WINDOWS\system32\ctfmon.exe (2816)
______ C:\WINDOWS\system32\wuauclt.exe (3632)
______ C:\Program Files\Mozilla Firefox\firefox.exe (3012)
______ C:\Documents and Settings\David Barker\Desktop\GeeksToGo\Rooter.exe (2492)
¨
----------------------\\ Device\Harddisk0\
¨
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
¨
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:41094144)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:41126400 | Length:79949721600)
¨
----------------------\\ Scheduled Tasks
¨
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\SA.DAT
¨
----------------------\\ Registry
¨
¨
----------------------\\ Files & Folders
¨
----------------------\\ Scan completed at 16:41.24
¨
C:\Rooter$\Rooter_1.txt - (14/06/2009 | 16:41.24)



//////////////////////////////////////////////////////////


OTL logfile created on: 6/14/2009 4:48:59 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\David Barker\Desktop\GeeksToGo
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

767.00 Mb Total Physical Memory | 377.97 Mb Available Physical Memory | 49.28% Memory free
1.83 Gb Paging File | 1.43 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): c:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 58.04 Gb Free Space | 77.95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 4.04 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
Drive H: | 973.73 Mb Total Space | 320.98 Mb Free Space | 32.96% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: DESKTOP
Current User Name: David Barker
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
PRC - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\BCMSMMSG.exe (Broadcom Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe ()
PRC - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\David Barker\Desktop\GeeksToGo\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Arrakis3 [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe ()
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\SYSTEM32\ati2sgag.exe ()
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Creative Service for CDROM Access [Disabled | Stopped]) -- C:\WINDOWS\System32\CTsvcCDA.exe (Creative Technology Ltd)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Iomega Activity Disk2 [Disabled | Stopped]) -- File not found
SRV - (Iomega App Services [Disabled | Stopped]) -- C:\Program Files\Iomega\System32\AppServices.exe (Iomega Corporation)
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Lavasoft Ad-Aware Service [Disabled | Stopped]) -- File not found
SRV - (LIVESRV [Auto | Running]) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (scan [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (VSSERV [Auto | Running]) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (zzzxSYSTEM_32 [Disabled | Stopped]) -- File not found

========== Driver Services (SafeList) ==========

DRV - (aeaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (BCMModem [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\BCMSM.sys (Broadcom Corporation)
DRV - (bdfm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (bdfsfltr [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (bdftdif [System | Running]) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (BDSelfPr [On_Demand | Running]) -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender S.R.L.)
DRV - (bvrp_pci [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\bvrp_pci.sys ()
DRV - (ctsfm2k [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys (Creative Technology Ltd)
DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (drvnddm [Auto | Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (iomdisk [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\iomdisk.sys (Iomega Corporation)
DRV - (L8042PR2 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\l8042pr2.sys (Logitech, Inc.)
DRV - (LHidFlt2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\LHidFlt2.Sys (Logitech, Inc.)
DRV - (LHidUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\LHidUsb.Sys (Logitech, Inc.)
DRV - (LHidUsbK [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\LHidUsbK.Sys (Logitech Inc.)
DRV - (LMouFlt2 [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\LMouFlt2.sys (Logitech, Inc.)
DRV - (MODEMCSA [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (OlCamudp [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\olcamudp.sys (OLYMPUS Optical Co.,Ltd.)
DRV - (OMCI [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)
DRV - (ossrv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ctoss2k.sys (Creative Technology Ltd.)
DRV - (P16X [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\P16X.sys (Creative Technology Ltd.)
DRV - (PfModNT [Auto | Running]) -- C:\WINDOWS\System32\PfModNT.sys (Creative Technology Ltd.)
DRV - (Profos [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys ()
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (RTL8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (smwdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (SONYPVU1 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS (Sony Corporation)
DRV - (sscdbhk5 [System | Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (ssrtln [System | Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (StillCam [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (tfsnboio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsncofs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsndrct [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (tfsnifs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsnopio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsnudf [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnudfa [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (tmcomm [Auto | Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (Trufos [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.)
DRV - (VIAudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\vinyl97.sys (VIA Technologies, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/06 00:09:15 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2009\FFTOOLBAR\ [2009/04/03 17:27:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/06/12 23:12:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/06/12 23:12:37 | 00,000,000 | ---D | M]

[2008/08/27 17:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\David Barker\Application Data\mozilla\Extensions
[2008/08/27 17:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\David Barker\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/06 01:23:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\David Barker\Application Data\mozilla\Firefox\Profiles\default.vrz\extensions
[2009/06/13 23:20:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/06/12 23:12:37 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/04/17 12:07:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/07/17 15:04:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2009/06/12 23:12:29 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/12 23:12:29 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/05 18:08:04 | 00,049,664 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2008/11/14 20:34:44 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/11/14 20:34:44 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/11/14 20:34:44 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/14 20:34:44 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/11/14 20:34:44 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/11/14 20:34:44 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/11/14 20:34:45 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (765 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.15.100 HP000D9D115DFB
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll (Bitdefender)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C7768536-96F8-4001-B1A2-90EE21279187} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCMSMMSG] BCMSMMSG.exe (Broadcom Corporation)
O4 - HKLM..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" (BitDefender)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot (BillP Studios)
O4 - HKCU..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO (Piriform Ltd)
O4 - HKCU..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] File not found
O4 - Startup: C:\Documents and Settings\David Barker\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: sungard.com ([lockbox] https in Trusted sites)
O15 - HKCU\..Trusted Domains: tradestation.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 72 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1187726015906 (MUWebControl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/30 08:08:52 | 00,000,145 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- [2005/08/30 08:08:52 | 00,925,696 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/14 16:48:28 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[7051/02/22 19:36:15 | 00,000,006 | -H-- | C] () -- C:\rasmon.bin
[7051/02/22 19:36:15 | 00,000,004 | -H-- | C] () -- C:\ddefact.bin
[2009/06/14 16:41:24 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/06/14 16:39:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\David Barker\Desktop\GeeksToGo
[2009/06/13 21:53:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\David Barker\Application Data\WinPatrol
[2009/06/13 21:53:39 | 00,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2009/06/13 17:41:26 | 00,027,136 | ---- | C] () -- C:\Documents and Settings\David Barker\My Documents\HiJackThis Signature Information.doc
[2009/06/12 23:34:27 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/11 00:59:10 | 00,000,026 | ---- | C] () -- C:\WINDOWS\Zone.Identifier
[2009/06/10 17:22:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Innovative Solutions
[2009/06/10 17:22:31 | 00,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions
[2009/06/08 16:11:28 | 00,057,344 | ---- | C] () -- C:\Documents and Settings\David Barker\My Documents\CWD bacteria TEXT.doc
[2009/06/08 16:01:15 | 00,313,856 | ---- | C] () -- C:\Documents and Settings\David Barker\My Documents\CWD Bacteria Brochure.pub
[2009/06/06 13:42:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/06/06 13:41:49 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/06/06 13:39:37 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/06/04 14:09:06 | 00,000,000 | ---D | C] -- C:\Program Files\GPLGS
[2009/06/04 14:08:42 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/02/09 18:43:14 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/01/15 14:43:32 | 00,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2008/10/09 16:31:54 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll
[2008/01/04 14:58:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/01/04 14:57:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/01/04 14:57:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/01/04 14:56:24 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/10/12 15:31:17 | 00,000,614 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/21 15:20:01 | 00,004,272 | R--- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2007/01/31 14:50:32 | 00,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2007/01/24 13:33:54 | 00,771,584 | ---- | C] () -- C:\WINDOWS\System32\Isyspdf3.dll
[2007/01/24 13:33:54 | 00,627,712 | ---- | C] () -- C:\WINDOWS\System32\Isys532.dll
[2007/01/24 13:33:54 | 00,531,456 | ---- | C] () -- C:\WINDOWS\System32\Isysu532.dll
[2005/05/03 11:44:44 | 00,025,157 | ---- | C] () -- C:\WINDOWS\RMAgentOutput.dll
[2005/05/03 11:43:44 | 00,126,976 | ---- | C] () -- C:\WINDOWS\dllTSCLIBMT.dll
[2005/05/01 16:15:08 | 00,003,399 | R--- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2005/05/01 16:15:08 | 00,000,457 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2005/04/08 18:46:11 | 00,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2005/04/08 18:46:11 | 00,000,679 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2005/04/08 18:45:06 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/01/20 23:24:58 | 00,000,474 | ---- | C] () -- C:\WINDOWS\winros.ini
[2004/01/20 23:24:58 | 00,000,051 | ---- | C] () -- C:\WINDOWS\WinSig.Ini
[2004/01/20 23:24:58 | 00,000,040 | ---- | C] () -- C:\WINDOWS\Reader.Ini
[2004/01/20 12:37:30 | 00,001,255 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2004/01/20 12:37:29 | 00,000,064 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2004/01/20 12:35:00 | 00,001,617 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/01/19 17:52:27 | 00,000,037 | ---- | C] () -- C:\WINDOWS\Server.INI
[2003/12/28 14:11:22 | 00,000,138 | ---- | C] () -- C:\WINDOWS\WinInit.ini.backup
[2003/11/25 15:40:37 | 00,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2003/11/25 14:57:33 | 00,001,272 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/11/25 14:36:58 | 00,000,043 | ---- | C] () -- C:\WINDOWS\WALLSTRT.INI
[2003/11/25 14:14:21 | 00,000,024 | ---- | C] () -- C:\WINDOWS\ss.dll
[2003/11/25 14:14:21 | 00,000,013 | ---- | C] () -- C:\WINDOWS\ss.drv
[2003/11/24 18:52:59 | 00,000,138 | ---- | C] () -- C:\WINDOWS\WinInit.ini
[2003/11/24 18:25:10 | 00,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/11/24 18:24:29 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2003/11/24 18:24:29 | 00,047,616 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2003/11/24 18:24:29 | 00,002,158 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2003/11/24 18:24:29 | 00,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/11/24 18:24:26 | 00,002,572 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2003/11/24 18:24:25 | 00,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2003/11/24 18:23:35 | 00,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/08/13 23:54:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/07/16 09:45:02 | 00,000,736 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/07/16 09:41:30 | 00,000,246 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/11/01 16:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 15:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 13:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[1999/07/23 13:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/22 06:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 01:00:00 | 00,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== Files - Modified Within 30 Days ==========

[7051/02/22 19:36:15 | 00,000,006 | -H-- | M] () -- C:\rasmon.bin
[7051/02/22 19:36:15 | 00,000,004 | -H-- | M] () -- C:\ddefact.bin
[2009/06/14 14:26:09 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/14 14:25:56 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\David Barker\Local Settings\desktop.ini
[2009/06/14 14:25:39 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/14 14:25:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/14 14:24:54 | 00,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
[2009/06/14 13:03:33 | 00,000,673 | ---- | M] () -- C:\WINDOWS\System32\BDUpdateV1.xml
[2009/06/13 22:29:37 | 00,032,768 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\PWID.doc
[2009/06/13 19:05:49 | 00,027,136 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\HiJackThis Signature Information.doc
[2009/06/13 17:15:46 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\David Barker\Desktop\Microsoft Word.lnk
[2009/06/12 22:28:19 | 00,000,736 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/06/12 22:28:19 | 00,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/06/12 22:28:19 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009/06/12 13:36:09 | 00,073,169 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\EURO_1_5_15_Dy.wks
[2009/06/12 13:21:30 | 00,056,822 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\ED_YEN.wks
[2009/06/12 12:10:24 | 00,056,130 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\ED_YEN.bak
[2009/06/12 12:05:00 | 00,072,477 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\EURO_1_5_15_Dy.bak
[2009/06/12 01:16:35 | 00,030,838 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\YEN_1_5_15_Dy.wks
[2009/06/11 19:09:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/11 18:04:12 | 00,030,838 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\YEN_1_5_15_Dy.bak
[2009/06/11 17:00:20 | 00,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI
[2009/06/11 00:59:10 | 00,000,026 | ---- | M] () -- C:\WINDOWS\Zone.Identifier
[2009/06/10 11:00:31 | 00,002,471 | ---- | M] () -- C:\Documents and Settings\David Barker\Desktop\Microsoft Excel.lnk
[2009/06/09 21:59:57 | 00,002,419 | ---- | M] () -- C:\Documents and Settings\David Barker\Desktop\Microsoft Publisher.lnk
[2009/06/08 16:12:47 | 00,313,856 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\CWD Bacteria Brochure.pub
[2009/06/08 16:11:29 | 00,057,344 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\CWD bacteria TEXT.doc
[2009/06/07 15:52:14 | 00,025,600 | ---- | M] () -- C:\Documents and Settings\David Barker\Desktop\Shop_Book List.doc
[2009/06/06 13:47:16 | 00,000,083 | -HS- | M] () -- C:\Documents and Settings\David Barker\My Documents\desktop.ini
[2009/06/05 11:05:57 | 00,051,903 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\AUD_BP_ED_BP.bak
[2009/06/04 15:55:23 | 00,211,456 | ---- | M] () -- C:\Documents and Settings\David Barker\My Documents\Addres&Phone.doc
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
< End of report >


//////////////////////////////////////////////////////////



OTL Extras logfile created on: 6/14/2009 4:48:59 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\David Barker\Desktop\GeeksToGo
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

767.00 Mb Total Physical Memory | 377.97 Mb Available Physical Memory | 49.28% Memory free
1.83 Gb Paging File | 1.43 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): c:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 58.04 Gb Free Space | 77.95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 4.04 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
Drive H: | 973.73 Mb Total Space | 320.98 Mb Free Space | 32.96% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: DESKTOP
Current User Name: David Barker
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:HP Digital Imaging Monitor File not found
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{105D3B41-2F2F-335A-C309-C859A0F4CBE8}" = FX AccuCharts
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2b02f821-a9b9-458c-80e5-3ea8c0de8471}" = QuickBooks Basic Edition 2004
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8}" = Quicken 2004
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B333753-F83F-4D58-AEA0-3D0110034BBC}" = Global Trading System Pro
"{7635D07D-B727-496F-94CA-8AC60E0C40CE}" = Microsoft Report Viewer Redistributable 2005
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81A26C27-8CC5-4E8F-BE58-7E3E003875B7}" = ATIMCEE
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}" = Sound Blaster Live!
"{A1FA92EE-84A3-447D-A6C6-4514B5936DC2}" = BitDefender Antivirus 2009
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C057F6D0-0E4C-4B18-B645-9D0804FCFAFD}" = EarthLink Common Authentication
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D42B6F90-1084-4C9B-AF28-958926E6E32E}" = LP_Flash
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"ATI Display Driver" = ATI Display Driver
"BCM V.92 56K Modem" = BCM V.92 56K Modem
"CCleaner" = CCleaner (remove only)
"CutePDF Writer Installation" = CutePDF Writer 2.7
"DMX5_is1" = DriverMax 5
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8}" = Quicken 2004
"InstallShield_{81A26C27-8CC5-4E8F-BE58-7E3E003875B7}" = ATIMCEE
"IomegaWare" = IomegaWare 4.0.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Report Viewer Redistributable 2005" = Microsoft Report Viewer Redistributable 2005
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.83
"Signal For Windows" = Signal For Windows
"VLC media player" = VideoLAN VLC media player 0.8.6a
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPatrol" = WinPatrol 2009
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/14/2009 5:40:57 PM | Computer Name = DESKTOP | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 4/14/2009 5:40:58 PM | Computer Name = DESKTOP | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 4/14/2009 5:41:13 PM | Computer Name = DESKTOP | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 4/14/2009 5:41:13 PM | Computer Name = DESKTOP | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 4/14/2009 5:41:13 PM | Computer Name = DESKTOP | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 4/16/2009 1:29:17 AM | Computer Name = DESKTOP | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 7540, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 4/16/2009 1:29:17 AM | Computer Name = DESKTOP | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 4/16/2009 1:29:20 AM | Computer Name = DESKTOP | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 7540, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 4/16/2009 11:58:47 PM | Computer Name = DESKTOP | Source = MsiInstaller | ID = 11714
Description = Product: QuickTime -- Error 1714. The older version of QuickTime cannot
be removed. Contact your technical support group. System Error 1612.

Error - 5/12/2009 12:54:05 AM | Computer Name = DESKTOP | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

[ System Events ]
Error - 6/11/2009 5:19:14 PM | Computer Name = DESKTOP | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.15.101 for the Network Card with network
address 0030BDB3E3F1 has been denied by the DHCP server 192.168.15.1 (The DHCP Server
sent a DHCPNACK message).

Error - 6/11/2009 8:33:58 PM | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%3

Error - 6/11/2009 8:33:58 PM | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2

Error - 6/11/2009 8:33:58 PM | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd

Error - 6/13/2009 1:09:12 AM | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%3

Error - 6/13/2009 1:09:12 AM | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2

Error - 6/13/2009 1:09:15 AM | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd

Error - 6/13/2009 1:23:23 AM | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%3

Error - 6/13/2009 1:23:23 AM | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2

Error - 6/13/2009 1:23:30 AM | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP