Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google links mis directed

Started by jpmuzz , Jun 21 2009 03:11 PM

  • Please log in to reply

#1
jpmuzz
Posted 21 June 2009 - 03:11 PM

jpmuzz

    New Member

  • Member
  • Pip
  • 3 posts
Hello all i'm JP and ive been reading over this site for awhile and am in dire need of assistance.

I click a ling in google and it redirects me to some other web ste or page can be displayed. The address is not the address of the link I am clicking. I notived this problem when I was browing the political fourms from http://www.caglepost.com/ So if i'm getting this problem then others must be as well.

I have read another post were someone else had this same problem and I have ran the OTL tool i'll post below. to me I can't see any thing in the log that would be caueing my trouble.

********************************************

OTL logfile created on: 6/21/2009 4:09:32 PM - Run 1
OTL by OldTimer - Version 3.0.2.0 Folder = C:\Documents and Settings\john_muzingo\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 59.20% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 3008 4010 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 32.97 Gb Free Space | 44.26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Y: | 70.00 Gb Total Space | 22.38 Gb Free Space | 31.97% Space Free | Partition Type: NTFS
Drive Z: | 800.00 Mb Total Space | 104.20 Mb Free Space | 13.03% Space Free | Partition Type: NTFS

Computer Name: WXP-BD2N2H1
Current User Name: john_muzingo
NOT logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\WINNT\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINNT\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Intel\ASF Agent\ASFAgent.exe (Intel Corporation)
PRC - C:\Program Files\Intel\AMT\atchksrv.exe (Intel Corporation)
PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\Dell\OpenManage\Client\Iap.exe (Dell Inc.)
PRC - C:\Program Files\Intel\AMT\LMS.exe (Intel)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Program Files\1E\NightWatchman\NwmSvc.exe (1E Ltd.)
PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
PRC - C:\WINNT\System32\wdfmgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\AMT\UNS.exe (Intel)
PRC - C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
PRC - C:\Program Files\1E\WakeUp\Agent\WakeUpAgt.exe (1E)
PRC - C:\WINNT\System32\CCM\CcmExec.exe (Microsoft Corporation)
PRC - C:\WINNT\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINNT\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINNT\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\AMT\atchk.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
PRC - C:\Program Files\Adobe\Distillr\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Microsoft Office Communicator\communicator.exe (Microsoft Corporation)
PRC - C:\Program Files\Citrix\ICA Client\pnagent.exe (Citrix Systems, Inc.)
PRC - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\1E\NightWatchman\NWMCLI.EXE (1E Ltd.)
PRC - C:\WINNT\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINNT\System32\CCM\SMSCliUI.exe (Microsoft Corporation)
PRC - Z:\MMTaskbar\MultiMon.exe ()
PRC - C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\john_muzingo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINNT\notepad.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (ASFAgent [Auto | Running]) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe (Intel Corporation)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (atchksrv [Auto | Running]) -- C:\Program Files\Intel\AMT\atchksrv.exe (Intel Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINNT\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (CcmExec [Auto | Running]) -- C:\WINNT\System32\CCM\CcmExec.exe (Microsoft Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DefWatch [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
SRV - (dsiasrv [Auto | Stopped]) -- C:\Program Files\Dell\SysMgt\dsia\bin\DsiaSrv32.exe (Dell Inc.)
SRV - (enstart [Unknown | Running]) -- C:\WINNT\System32\enstart.exe ()
SRV - (ExtranetAccess [On_Demand | Stopped]) -- C:\Program Files\Nortel Networks\Extranet_serv.exe (Nortel Networks NA, Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINNT\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (GameConsoleService [On_Demand | Stopped]) -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe (WildTangent, Inc.)
SRV - (helpsvc [Auto | Running]) -- C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (Iap [Auto | Running]) -- C:\Program Files\Dell\OpenManage\Client\Iap.exe (Dell Inc.)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)
SRV - (LMS [Auto | Running]) -- C:\Program Files\Intel\AMT\LMS.exe (Intel)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NightWatchman50 [Auto | Running]) -- C:\Program Files\1E\NightWatchman\NwmSvc.exe (1E Ltd.)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PsShutdownSvc [On_Demand | Stopped]) -- C:\WINNT\PSSDNSVC.EXE (Systems Internals)
SRV - (SavRoam [On_Demand | Stopped]) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
SRV - (smstsmgr [On_Demand | Stopped]) -- C:\WINNT\System32\CCM\TSManager.exe (Microsoft Corporation)
SRV - (SNDSrvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (SPBBCSvc [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
SRV - (Symantec AntiVirus [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
SRV - (UMWdf [Auto | Running]) -- C:\WINNT\System32\wdfmgr.exe (Microsoft Corporation)
SRV - (UNS [Auto | Running]) -- C:\Program Files\Intel\AMT\UNS.exe (Intel)
SRV - (UPHClean [Auto | Running]) -- C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
SRV - (WakeUpAgt [Auto | Running]) -- C:\Program Files\1E\WakeUp\Agent\WakeUpAgt.exe (1E)

========== Driver Services (SafeList) ==========

DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINNT\System32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (b57w2k [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (DellProf [On_Demand | Stopped]) -- C:\WINNT\System32\drivers\DellProf.sys (Dell Computer Corporation)
DRV - (e1express [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (Eacfilt [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\eacfilt.sys (Nortel Networks)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (enstart_ [System | Running]) -- C:\WINNT\System32\enstart_.sys (Guidance Software Inc.)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HECI [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\HECI.sys (Intel Corporation)
DRV - (ialm [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (iaStor [Boot | Running]) -- C:\WINNT\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (IPSECEXT [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\ipsecw2k.sys (Nortel Networks NA, Inc.)
DRV - (IPSECSHM [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\ipsecw2k.sys (Nortel Networks NA, Inc.)
DRV - (NAVENG [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090619.004\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090619.004\NAVEX15.SYS (Symantec Corporation)
DRV - (NwmSleepless [Auto | Running]) -- C:\WINNT\System32\DRIVERS\NwmSleepless.sys (1E Ltd.)
DRV - (ohyiuw [Unknown | Running]) -- File not found
DRV - (omci [System | Running]) -- C:\WINNT\System32\DRIVERS\omci.sys (Dell Inc.)
DRV - (prepdrvr [On_Demand | Running]) -- C:\WINNT\System32\CCM\prepdrv.sys (Microsoft Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (SAVRT [System | Running]) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)
DRV - (SAVRTPEL [System | Running]) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINNT\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SenFiltService [On_Demand | Running]) -- C:\WINNT\System32\drivers\Senfilt.sys (Sensaura)
DRV - (smsmdd [On_Demand | Running]) -- C:\WINNT\System32\DRIVERS\smsmdm.sys (Microsoft Corporation)
DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\WINNT\System32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Running]) -- C:\WINNT\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINNT\System32\Drivers\SYMTDI.SYS (Symantec Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Update_Check_Page = http://inside.us.del.../is/am/software
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.c...c...amp;gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



O1 HOSTS File: (838 bytes) - C:\WINNT\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (TW_BHO Class) - {1E1B2879-88FF-11D2-8D96-FFFFAC95951F} - C:\Program Files\Perfect Keyboard PRO\mtwbho.dll ()
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ViewerHelper Class) - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [atchk] C:\Program Files\Intel\AMT\atchk.exe (Intel Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Communicator] C:\Program Files\Microsoft Office Communicator\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINNT\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Synchronization Manager] C:\WINNT\System32\mobsync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SysInfo] C:\WINNT\bginfo\Bginfo.exe (Sysinternals)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINNT\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Program Neighborhood Agent.lnk = C:\WINNT\Installer\{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}\Icon80951CEC.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe ()
O4 - Startup: C:\Documents and Settings\john_muzingo\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LegalNoticeCaption = APPROPRIATE USE OF COMPANY RESOURCES
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: enablelua = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = [String data over 1000 bytes]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: promptonsecuredesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 2 = Default Programs
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 3 = Windows CardSpace
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 4 = Windows Defender
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 5 = Windows Update
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_15\bin\npjpi150_15.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINNT\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINNT\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: dell.com ([amer] * in Local intranet)
O15 - HKLM\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: dell.com ([amer] * in Local intranet)
O15 - HKCU\..Trusted Domains: google.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: imdb.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: wikipedia.org ([en] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 4 domain(s) and sub-domain(s) not assigned to a zone.
  • 0

Advertisements

#2
jpmuzz
Posted 21 June 2009 - 03:12 PM

jpmuzz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFECAFE-0013-0001-0021-ABCDEFABCDEF} Reg Error: Value error. (JInitiator 1.3.1.21)
O16 - DPF: {CAFECAFE-0013-0001-0029-ABCDEFABCDEF} http://dsprdapp01.us...tor/oajinit.exe (JInitiator 1.3.1.29)
O16 - DPF: {CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_16)
O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINNT\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = amer.dell.com
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\rmh {23C585BB-48FF-4865-8934-185F0A7EB84C} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/msword - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/vnd.ms-excel - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/vnd.ms-powerpoint - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/vnd-viewer - C:\Program Files\Microsoft\Rights Management Add-on\rmadoc.exe (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-microsoft-rpmsg-message - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINNT\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINNT\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINNT\system32\NavLogon.dll - C:\WINNT\System32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/19 14:46:53 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINNT\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\WINNT\System32\*.tmp files]
[3 C:\WINNT\*.tmp files]
[2009/06/21 15:36:37 | 00,512,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\john_muzingo\Desktop\OTL.exe
[2009/06/21 15:14:27 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\HijackThis.lnk
[2009/06/21 15:14:27 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/21 15:14:09 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\john_muzingo\My Documents\HJTInstall.exe
[2009/06/21 12:47:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\Malwarebytes
[2009/06/21 12:47:28 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/21 12:47:25 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2009/06/21 12:47:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/06/21 12:47:24 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2009/06/21 12:47:24 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/21 12:46:02 | 03,561,744 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\john_muzingo\My Documents\mbam-setup.exe
[2009/06/21 12:29:11 | 21,114,18368 | -HS- | C] () -- C:\hiberfil.sys
[2009/06/21 12:10:01 | 00,000,000 | ---D | C] -- C:\!KillBox
[2009/06/21 11:50:12 | 00,092,672 | ---- | C] (Option^Explicit Software [email protected]) -- C:\Documents and Settings\john_muzingo\My Documents\KillBox.exe
[2009/06/20 09:37:30 | 00,000,773 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Media Player Classic.lnk
[2009/06/20 09:37:25 | 00,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack
[2009/06/20 09:36:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\vlc
[2009/06/20 09:36:39 | 16,742,799 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\vlc-0.9.9-win32.exe
[2009/06/20 09:35:36 | 09,158,965 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\WECPSetup.exe
[2009/06/20 09:34:25 | 00,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/06/20 09:34:14 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/06/20 08:06:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Desktop\shots
[2009/06/19 09:18:33 | 00,000,201 | ---- | C] () -- C:\WINNT\j-p_time.INI
[2009/06/19 07:09:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\InfoExpress
[2009/06/19 07:03:45 | 00,000,000 | ---D | C] -- C:\Program Files\vsclient
[2009/06/19 06:58:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\ICAClient
[2009/06/19 06:44:19 | 00,000,000 | ---D | C] -- C:\WINNT\WBEM
[2009/06/19 06:43:54 | 00,000,000 | -H-D | C] -- C:\WINNT\ie7
[2009/06/19 06:43:40 | 00,000,000 | -H-D | C] -- C:\WINNT\$NtServicePackUninstallIDNMitigationAPIs$
[2009/06/19 06:43:12 | 00,000,000 | -H-D | C] -- C:\WINNT\$NtServicePackUninstallNLSDownlevelMapping$
[2009/06/19 06:39:09 | 00,000,000 | ---D | C] -- C:\PureVoice
[2009/06/19 06:39:02 | 00,297,472 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINNT\uninst.exe
[2009/06/19 06:38:56 | 01,385,758 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\276PureWin132.exe
[2009/06/19 06:37:59 | 15,452,536 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\john_muzingo\Desktop\IE7-WindowsXP-x86-enu.exe
[2009/06/19 06:35:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\Macromedia
[2009/06/19 06:33:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Desktop\Avon
[2009/06/19 06:33:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Desktop\ICE Chat
[2009/06/19 06:33:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Desktop\BOE
[2009/06/19 06:33:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Desktop\Keep Remote
[2009/06/19 06:32:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Desktop\Personal
[2009/06/19 06:32:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Desktop\SK
[2009/06/19 06:32:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Desktop\Screen Shots
[2009/06/19 06:32:25 | 00,261,120 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\TX-DIR KB Articles (4_29_09).doc
[2009/06/19 06:32:25 | 00,108,084 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Trucking 3.png
[2009/06/19 06:32:25 | 00,084,602 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Trucking.png
[2009/06/19 06:32:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Desktop\Xcel
[2009/06/19 06:32:24 | 00,379,392 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\subinacl.msi
[2009/06/19 06:32:24 | 00,259,606 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\sb1014_int.rtf
[2009/06/19 06:32:24 | 00,045,321 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Trucking 2.png
[2009/06/19 06:32:24 | 00,010,049 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Test test test test test test test test.docx
[2009/06/19 06:32:24 | 00,000,830 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Solar Wars.LNK
[2009/06/19 06:32:24 | 00,000,362 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Shortcut to MySTuff.lnk
[2009/06/19 06:32:23 | 00,838,754 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\PureVoice_2_4_0c.zip
[2009/06/19 06:32:23 | 00,285,517 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Job Title.docx
[2009/06/19 06:32:23 | 00,149,927 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Henderson bill 6-8-09.pdf
[2009/06/19 06:32:23 | 00,066,085 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Fax Manuel.pdf
[2009/06/19 06:32:23 | 00,001,930 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\NMC.RDP
[2009/06/19 06:32:23 | 00,000,183 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\NMC test.url
[2009/06/19 06:32:22 | 02,866,176 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\151 (3).doc
[2009/06/19 06:32:22 | 00,085,504 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Copy of YUMS2009.xls
[2009/06/19 06:32:22 | 00,031,744 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\1234196491536.OIS_Emergency_order.oft
[2009/06/19 06:32:22 | 00,000,806 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Autodeploy.lnk
[2009/06/19 06:23:23 | 00,000,000 | ---D | C] -- C:\Call Recordings
[2009/06/19 06:21:18 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Shortcut to john_muzingo WXP-BD2N2H1.lnk
[2009/06/16 17:29:51 | 00,000,000 | ---D | C] -- C:\MySTuff
[2009/06/16 16:55:34 | 00,000,000 | ---D | C] -- C:\WINNT\Prefetch
[2009/06/16 16:44:56 | 00,585,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\rpcrt4.dll
[2009/06/16 16:44:53 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\localspl.dll
[2009/06/16 16:41:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\My Documents\OneNote Notebooks
[2009/06/16 16:41:05 | 00,000,947 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2009/06/16 16:39:06 | 00,001,779 | ---- | C] () -- C:\WINNT\ntsvcpak.mif
[2009/06/16 16:36:49 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msxml6.dll
[2009/06/16 16:36:49 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msxml6r.dll
[2009/06/16 16:36:49 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msxml6r.dll
[2009/06/16 16:36:48 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\dpcdll.dll
[2009/06/16 16:36:45 | 00,239,616 | ---- | C] () -- C:\WINNT\System32\wstrenderer.ax
[2009/06/16 16:36:45 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\irbus.sys
[2009/06/16 16:36:45 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\smtpapi.dll
[2009/06/16 16:36:45 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rwnh.dll
[2009/06/16 16:36:45 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\comsdupd.exe
[2009/06/16 16:36:44 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\azroles.dll
[2009/06/16 16:36:44 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\credssp.dll
[2009/06/16 16:36:43 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dot3ui.dll
[2009/06/16 16:36:43 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eapp3hst.dll
[2009/06/16 16:36:43 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eapphost.dll
[2009/06/16 16:36:43 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dot3svc.dll
[2009/06/16 16:36:43 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eappcfg.dll
[2009/06/16 16:36:43 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eappgnui.dll
[2009/06/16 16:36:43 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kmsvc.dll
[2009/06/16 16:36:43 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eapqec.dll
[2009/06/16 16:36:43 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dot3cfg.dll
[2009/06/16 16:36:43 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dot3msm.dll
[2009/06/16 16:36:43 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dhcpqec.dll
[2009/06/16 16:36:43 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eappprxy.dll
[2009/06/16 16:36:43 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dot3gpclnt.dll
[2009/06/16 16:36:43 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dimsroam.dll
[2009/06/16 16:36:43 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\l2gpstore.dll
[2009/06/16 16:36:43 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eapsvc.dll
[2009/06/16 16:36:43 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\eapolqec.dll
[2009/06/16 16:36:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dot3api.dll
[2009/06/16 16:36:43 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dimsntfy.dll
[2009/06/16 16:36:43 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dot3dlg.dll
[2009/06/16 16:36:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kbdpash.dll
[2009/06/16 16:36:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kbdnepr.dll
[2009/06/16 16:36:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kbdiultn.dll
[2009/06/16 16:36:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\kbdbhc.dll
[2009/06/16 16:36:42 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmcex.dll
[2009/06/16 16:36:42 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\qagentrt.dll
[2009/06/16 16:36:42 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\napmontr.dll
[2009/06/16 16:36:42 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\microsoft.managementconsole.dll
[2009/06/16 16:36:42 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\napstat.exe
[2009/06/16 16:36:42 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mssha.dll
[2009/06/16 16:36:42 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\qagent.dll
[2009/06/16 16:36:42 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\onex.dll
[2009/06/16 16:36:42 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmcfxcommon.dll
[2009/06/16 16:36:42 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\qutil.dll
[2009/06/16 16:36:42 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msshavmsg.dll
[2009/06/16 16:36:42 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\qcliprov.dll
[2009/06/16 16:36:42 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\rasqec.dll
[2009/06/16 16:36:42 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\mmcperf.exe
[2009/06/16 16:36:42 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\napipsec.dll
[2009/06/16 16:36:41 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\xmllite.dll
[2009/06/16 16:36:41 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wlanapi.dll
[2009/06/16 16:36:41 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\tspkg.dll
[2009/06/16 16:36:41 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\setupn.exe
[2009/06/16 16:36:41 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\vidcap.ax
[2009/06/16 16:36:40 | 00,000,000 | ---D | C] -- C:\WINNT\System32\scripting
[2009/06/16 16:36:40 | 00,000,000 | ---D | C] -- C:\WINNT\l2schemas
[2009/06/16 16:36:39 | 00,000,000 | ---D | C] -- C:\WINNT\System32\en
[2009/06/16 16:36:39 | 00,000,000 | ---D | C] -- C:\Program Files\msn
[2009/06/16 16:34:57 | 00,000,000 | ---D | C] -- C:\WINNT\ServicePackFiles
[2009/06/16 16:33:45 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\agpcpq.sys
[2009/06/16 16:33:45 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\alim1541.sys
[2009/06/16 16:33:45 | 00,000,000 | ---D | C] -- C:\WINNT\network diagnostic
[2009/06/16 16:33:44 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\bthpan.sys
[2009/06/16 16:33:44 | 00,064,352 | ---- | C] () -- C:\WINNT\System32\drivers\ativmc20.cod
[2009/06/16 16:33:44 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\bthmodem.sys
[2009/06/16 16:33:44 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\bthprint.sys
[2009/06/16 16:33:44 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\bthenum.sys
[2009/06/16 16:33:43 | 00,129,045 | ---- | C] () -- C:\WINNT\System32\drivers\cxthsfs2.cty
[2009/06/16 16:33:43 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\gagp30kx.sys
[2009/06/16 16:33:43 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\hidbth.sys
[2009/06/16 16:33:43 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\hidir.sys
[2009/06/16 16:33:43 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\bthusb.sys
[2009/06/16 16:33:42 | 00,067,866 | ---- | C] () -- C:\WINNT\System32\drivers\netwlan5.img
[2009/06/16 16:33:42 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\rfcomm.sys
[2009/06/16 16:33:42 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\rndismpx.sys
[2009/06/16 16:33:42 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\mutohpen.sys
[2009/06/16 16:33:42 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\sffp_mmc.sys
[2009/06/16 16:33:41 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbvideo.sys
[2009/06/16 16:33:41 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\uagp35.sys
[2009/06/16 16:33:41 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\viaagp.sys
[2009/06/16 16:33:41 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\wacompen.sys
[2009/06/16 16:33:41 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usb8023x.sys
[2009/06/16 16:33:41 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\smbali.sys
[2009/06/16 16:31:48 | 00,000,000 | -H-D | C] -- C:\WINNT\$NtServicePackUninstall$
[2009/06/16 16:18:01 | 00,002,325 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Office Outlook 2007.lnk
[2009/06/16 16:17:54 | 00,032,592 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\msonpmon.dll
[2009/06/16 16:17:01 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2009/06/16 16:15:52 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009/06/16 16:11:45 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2009/06/16 14:53:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\Adobe
[2009/06/16 14:52:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\1E
[2009/06/16 14:52:45 | 00,000,786 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Desktop\Windows Media Player.lnk
[2009/06/16 14:52:30 | 04,802,104 | -H-- | C] () -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\IconCache.db
[2009/06/16 14:52:30 | 00,049,216 | ---- | C] () -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/06/16 14:52:29 | 00,000,000 | --SD | C] -- C:\Documents and Settings\john_muzingo\Application Data\Microsoft
[2009/06/16 14:52:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\john_muzingo\My Documents\My Videos
[2009/06/16 14:52:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\john_muzingo\My Documents\My Pictures
[2009/06/16 14:52:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\john_muzingo\My Documents\My Music
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\Symantec
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\Microsoft Help
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\Microsoft
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\ApplicationHistory
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\Adobe
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142160}
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\U3
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\Sun
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\InstallShield
[2009/06/16 14:52:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\john_muzingo\Application Data\Identities
[2009/05/26 10:38:05 | 00,004,024 | ---- | C] () -- C:\WINNT\System32\2nd.cmd
[2009/05/26 10:38:03 | 00,001,200 | ---- | C] () -- C:\WINNT\System32\AssignClosest.vbs
[2009/02/05 18:03:10 | 00,000,270 | ---- | C] () -- C:\WINNT\{716BD2E5-6F62-45BB-AF3F-F83FC97931C6}_WiseFW.ini
[2008/10/02 10:37:08 | 00,000,238 | ---- | C] () -- C:\WINNT\wininit.ini
[2008/09/26 15:07:14 | 00,004,764 | ---- | C] () -- C:\WINNT\System32\CcmFramework.ini
[2008/09/11 12:42:41 | 00,000,027 | ---- | C] () -- C:\WINNT\pu32i.ini
[2008/09/11 11:30:20 | 00,036,962 | ---- | C] () -- C:\WINNT\System32\ActPanel.dll
[2008/09/09 16:54:36 | 00,147,456 | ---- | C] () -- C:\WINNT\System32\igfxCoIn_v4864.dll
[2008/09/09 16:00:27 | 00,000,494 | ---- | C] () -- C:\WINNT\smscfg.ini
[2007/02/28 05:03:32 | 00,080,720 | ---- | C] () -- C:\WINNT\System32\AsfBios.dll
[2007/01/23 03:45:40 | 00,025,424 | ---- | C] () -- C:\WINNT\System32\drivers\netamsg.dll
[2006/05/26 09:17:24 | 00,000,000 | ---- | C] () -- C:\WINNT\VPC32.INI
[2006/01/26 16:21:00 | 00,000,370 | ---- | C] () -- C:\WINNT\ODBC.INI
[1979/12/31 19:00:00 | 00,000,775 | ---- | C] () -- C:\WINNT\System32\OEMINFO.INI
[1979/12/31 19:00:00 | 00,000,733 | ---- | C] () -- C:\WINNT\win.ini
[1979/12/31 19:00:00 | 00,000,231 | ---- | C] () -- C:\WINNT\system.ini

========== Files - Modified Within 30 Days ==========

[2 C:\WINNT\System32\*.tmp files]
[3 C:\WINNT\*.tmp files]
[2009/06/21 16:06:22 | 00,000,027 | ---- | M] () -- C:\WINNT\pu32i.ini
[2009/06/21 15:36:52 | 00,512,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\john_muzingo\Desktop\OTL.exe
[2009/06/21 15:14:27 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\HijackThis.lnk
[2009/06/21 15:14:11 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\john_muzingo\My Documents\HJTInstall.exe
[2009/06/21 15:04:44 | 00,000,201 | ---- | M] () -- C:\WINNT\j-p_time.INI
[2009/06/21 12:57:31 | 00,000,494 | ---- | M] () -- C:\WINNT\smscfg.ini
[2009/06/21 12:56:09 | 00,002,399 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Program Neighborhood Agent.lnk
[2009/06/21 12:56:01 | 08,909,878 | ---- | M] () -- C:\WINNT\BGInfo.bmp
[2009/06/21 12:55:57 | 00,002,235 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/06/21 12:55:11 | 00,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2009/06/21 12:55:07 | 00,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat
[2009/06/21 12:55:03 | 21,114,18368 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/21 12:47:28 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/21 12:46:06 | 03,561,744 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\john_muzingo\My Documents\mbam-setup.exe
[2009/06/21 11:50:19 | 00,092,672 | ---- | M] (Option^Explicit Software [email protected]) -- C:\Documents and Settings\john_muzingo\My Documents\KillBox.exe
[2009/06/21 11:29:54 | 00,002,206 | ---- | M] () -- C:\WINNT\System32\wpa.dbl
[2009/06/20 09:37:30 | 00,000,773 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Media Player Classic.lnk
[2009/06/20 09:36:40 | 16,742,799 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\vlc-0.9.9-win32.exe
[2009/06/20 09:35:37 | 09,158,965 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\WECPSetup.exe
[2009/06/20 09:34:25 | 00,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/06/19 12:29:06 | 00,000,838 | ---- | M] () -- C:\WINNT\System32\drivers\etc\hosts
[2009/06/19 12:28:17 | 00,000,812 | ---- | M] () -- C:\WINNT\System32\drivers\etc\hosts.004
[2009/06/19 09:23:45 | 00,000,830 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Solar Wars.LNK
[2009/06/19 09:23:44 | 00,000,806 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Autodeploy.lnk
[2009/06/19 07:03:52 | 00,000,733 | ---- | M] () -- C:\WINNT\win.ini
[2009/06/19 07:03:36 | 00,000,786 | ---- | M] () -- C:\WINNT\System32\drivers\etc\hosts.003
[2009/06/19 07:03:01 | 00,000,760 | ---- | M] () -- C:\WINNT\System32\drivers\etc\hosts.002
[2009/06/19 06:58:14 | 00,002,363 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Citrix Program Neighborhood.lnk2
[2009/06/19 06:43:48 | 00,001,374 | ---- | M] () -- C:\WINNT\imsins.BAK
[2009/06/19 06:38:12 | 15,452,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\john_muzingo\Desktop\IE7-WindowsXP-x86-enu.exe
[2009/06/19 06:21:18 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Shortcut to john_muzingo WXP-BD2N2H1.lnk
[2009/06/18 17:56:07 | 04,802,104 | -H-- | M] () -- C:\Documents and Settings\john_muzingo\Local Settings\Application Data\IconCache.db
[2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2009/06/16 17:27:26 | 00,002,325 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Office Outlook 2007.lnk
[2009/06/16 16:56:59 | 00,529,070 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI
[2009/06/16 16:56:59 | 00,446,250 | ---- | M] () -- C:\WINNT\System32\perfh009.dat
[2009/06/16 16:56:59 | 00,072,728 | ---- | M] () -- C:\WINNT\System32\perfc009.dat
[2009/06/16 16:55:49 | 00,316,640 | ---- | M] () -- C:\WINNT\WMSysPr9.prx
[2009/06/16 16:55:03 | 00,278,152 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2009/06/16 16:41:05 | 00,000,947 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2009/06/16 16:39:06 | 00,001,779 | ---- | M] () -- C:\WINNT\ntsvcpak.mif
[2009/06/16 16:33:30 | 00,250,048 | RHS- | M] () -- C:\NTLDR
[2009/06/16 14:52:45 | 00,000,786 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Windows Media Player.lnk
[2009/06/16 09:47:43 | 00,010,049 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Test test test test test test test test.docx
[2009/06/15 12:09:42 | 00,149,927 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Henderson bill 6-8-09.pdf
[2009/06/06 12:18:15 | 00,838,754 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\PureVoice_2_4_0c.zip
[2009/06/05 15:48:46 | 00,031,744 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\1234196491536.OIS_Emergency_order.oft
[2009/06/05 08:20:45 | 00,066,085 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Fax Manuel.pdf
[2009/05/27 15:00:51 | 00,285,517 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Job Title.docx
[2009/05/27 14:17:52 | 00,108,084 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Trucking 3.png
[2009/05/27 14:12:06 | 00,045,321 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Trucking 2.png
[2009/05/27 14:08:11 | 00,084,602 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\Trucking.png
[2009/05/27 14:06:00 | 02,866,176 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\151 (3).doc
[2009/05/22 18:47:59 | 00,000,183 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\NMC test.url
[2009/05/22 18:47:32 | 00,001,930 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\NMC.RDP
[2009/05/22 18:23:24 | 00,259,606 | ---- | M] () -- C:\Documents and Settings\john_muzingo\Desktop\sb1014_int.rtf

========== LOP Check ==========

[2009/06/21 12:47:25 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/01/09 09:26:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1E
[2008/12/26 18:33:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2008/12/30 18:56:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2008/12/26 12:19:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/06/21 12:47:29 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\john_muzingo\Application Data
[2009/06/19 07:16:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\john_muzingo\Application Data\ICAClient
[2009/06/19 07:09:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\john_muzingo\Application Data\InfoExpress
[2007/07/29 14:12:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\john_muzingo\Application Data\U3
[2001/08/23 01:00:00 | 00,000,065 | RH-- | M] () -- C:\WINNT\Tasks\desktop.ini
[2009/06/21 12:55:11 | 00,000,006 | -H-- | M] () -- C:\WINNT\Tasks\SA.DAT
< End of report >
  • 0

#3
jpmuzz
Posted 21 June 2009 - 03:13 PM

jpmuzz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
****************
**** EXTRA *****
****************


OTL Extras logfile created on: 6/21/2009 4:09:32 PM - Run 1
OTL by OldTimer - Version 3.0.2.0 Folder = C:\Documents and Settings\john_muzingo\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 59.20% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 3008 4010 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 32.97 Gb Free Space | 44.26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Y: | 70.00 Gb Total Space | 22.38 Gb Free Space | 31.97% Space Free | Partition Type: NTFS
Drive Z: | 800.00 Mb Total Space | 104.20 Mb Free Space | 13.03% Space Free | Partition Type: NTFS

Computer Name: WXP-BD2N2H1
Current User Name: john_muzingo
NOT logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINNT\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\1E\WakeUp\Agent\WakeUpAgt.exe:*:Enabled:WakeUp Agent (1E)
C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Communicator (Microsoft Corporation)
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook (Microsoft Corporation)
C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1611A5CF-50B8-4669-98BF-087A28A8CB49}" = Microsoft Conferencing Add-in for Microsoft Office Outlook
"{2515BF88-E42E-4AFA-A8E7-DF272762589B}" = Microsoft Office Live Meeting 2007
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{3248F0A8-6813-11D6-A77B-00B0D0150150}" = J2SE Runtime Environment 5.0 Update 15
"{3248F0A8-6813-11D6-A77B-00B0D0150160}" = J2SE Runtime Environment 5.0 Update 16
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3505E1E2-8127-4681-A3EC-F9B5CAAA07C9}" = Rights Management Add-on for Internet Explorer
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E6BC757-4204-492E-B8D5-8D5FD40A6319}" = NightWatchman50
"{437B532F-EB2B-40A2-8585-DEFA15F92C76}" = Remedy User 6.3
"{50E125D1-88E5-48CE-80AE-98EC9698E639}" = Symantec AntiVirus
"{53183B25-FBDC-4B95-856A-DCDD69DFEE18}" = Intel® PRO Alerting Agent
"{538FCBF9-30C9-4E79-8A5B-FAB41F0ACCB8}" = VSclient
"{543C7F37-8978-4CC8-A95D-E02E7999CF44}" = Microsoft Office Live Meeting 2005 Replay Wrapper
"{5FE5E200-AFFF-4ca0-83ED-173F0F0A2449}" = Dell OpenManage Inventory Agent (for Dell Business Client Systems)
"{65D6A518-0F90-4BB6-936F-431F699E1E2E}" = ShoppingProbe
"{7148F0A8-6813-11D6-A77B-00B0D0142160}" = Java 2 Runtime Environment, SE v1.4.2_16
"{716BD2E5-6F62-45BB-AF3F-F83FC97931C6}" = 1E WakeUp Agent
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{721ABC3B-5F12-4332-9C0C-C11424EF666C}" = WIMGAPI
"{73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B}" = OMCI
"{799F17AB-F575-455F-9DF3-2081349CAFE1}" = SAFE Servlet Installer
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001C-0409-0000-0000000FF1CE}" = Microsoft Office Access Runtime (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{A8DD74DC-14C4-4BA0-8DF7-D84524D0B0D2}" = ST Microelectronics TPM Driver Installer
"{AC76BA86-1033-0000-7760-100000000002}" = Adobe Acrobat 7.0 Professional
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}" = Citrix Presentation Server Client
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload Software
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CAFECAFE-0013-0001-0121-ABCDEFABCDEF}" = Oracle JInitiator 1.3.1.21
"{CAFECAFE-0013-0001-0129-ABCDEFABCDEF}" = Oracle JInitiator 1.3.1.29
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE6A85D8-D6B9-479A-9FE9-A06E56881E61}" = Configuration Manager Client
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{E058F31C-4783-43DA-BA09-02FEFE69AC25}" = WindowsTimeServiceSynchronization
"{E5BA0430-919F-46DD-B656-0796F8A5ADFF}" = Microsoft Office Communicator 2007
"{E80D3B3D-86EE-4B6B-831B-C5B0D30F71DE}" = Microsoft Office Live Meeting 2005
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{EF964A78-078C-11D1-B7A7-0000C0134CE6}" = Boeing IPSec Client v06_01.054
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"35858E766EFC35B58A45C301DD358D503119A8FA" = Windows Driver Package - STMicroelectronics (stmtpm) System (05/24/2007 1.00.04.15)
"Adobe Acrobat 7.0 Professional - V" = Adobe Acrobat 7.1.0 Professional
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"EB88B6218325D2AB47CFFBF7170236B60A6198FF" = Windows Driver Package - Microsoft Corporation (usbvideo) Image (05/25/2007 1.0.3656.0)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel® Graphics Media Accelerator Driver
"HECI" = Intel® Management Engine Interface
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MESOL" = Intel® Active Management Technology
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Perfect Keyboard PRO 6.25" = Perfect Keyboard PRO 6.25
"PROSet" = Intel® PRO Network Connections Drivers
"PureVoice" = PureVoice 1.3.2
"RDC" = RDC
"SkillSoft Course Manager" = SkillSoft Course Manager
"ST6UNST #1" = ELSI
"VLC media player" = VLC media player 0.9.9
"WIC" = Windows Imaging Component
"WildTangent dell Master Uninstall" = WildTangent Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 2.3c
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/19/2009 1:29:10 PM | Computer Name = WXP-BD2N2H1 | Source = MsiInstaller | ID = 11720
Description = Product: VSclient -- Error 1720. There is a problem with this Windows
Installer package. A script required for this install to complete could not be
run. Contact your support personnel or package vendor. Custom action Action script
error -2146828218, Microsoft VBScript runtime error: Permission denied Line 13,
Column 2,

Error - 6/20/2009 10:58:26 AM | Computer Name = WXP-BD2N2H1 | Source = Application Error | ID = 1000
Description = Faulting application purevoice.exe, version 1.3.2.0, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x0001168b.

Error - 6/20/2009 10:59:54 AM | Computer Name = WXP-BD2N2H1 | Source = Application Error | ID = 1000
Description = Faulting application purevoice.exe, version 1.3.2.0, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x000116f4.

Error - 6/21/2009 9:37:33 AM | Computer Name = WXP-BD2N2H1 | Source = Symantec AntiVirus | ID = 16711685
Description = Risk Found!Risk: Backdoor.Tidserv in File: C:\Documents and Settings\john_muzingo\Local
Settings\Temp\jkbduthxnc.tmp by: Auto-Protect scan. Action: Clean failed : Quarantine
failed : Access denied. Action Description: The file was left unchanged.

Error - 6/21/2009 9:42:19 AM | Computer Name = WXP-BD2N2H1 | Source = Symantec AntiVirus | ID = 16711685
Description = Risk Found!Risk: Backdoor.Tidserv in File: C:\Documents and Settings\john_muzingo\Local
Settings\Temp\jkbduthxnc.tmp by: Auto-Protect scan. Action: Clean failed : Quarantine
failed : Access denied. Action Description: The file was left unchanged.

Error - 6/21/2009 9:49:49 AM | Computer Name = WXP-BD2N2H1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.5730.13, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/21/2009 12:30:13 PM | Computer Name = WXP-BD2N2H1 | Source = Intel® AMT | ID = 2002
Description = [UNS] Failed to subscribe to local Intel® AMT.

Error - 6/21/2009 1:29:32 PM | Computer Name = WXP-BD2N2H1 | Source = Intel® AMT | ID = 2002
Description = [UNS] Failed to subscribe to local Intel® AMT.

Error - 6/21/2009 1:55:14 PM | Computer Name = WXP-BD2N2H1 | Source = Intel® AMT | ID = 2002
Description = [UNS] Failed to subscribe to local Intel® AMT.

Error - 6/21/2009 2:01:26 PM | Computer Name = WXP-BD2N2H1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.5730.13, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ OSession Events ]
Error - 6/19/2009 7:41:22 AM | Computer Name = WXP-BD2N2H1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 13, Application Name: Microsoft Office OneNote, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 79
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6/21/2009 12:30:06 PM | Computer Name = WXP-BD2N2H1 | Source = ati2mtag | ID = 44044
Description = I2c return failed

Error - 6/21/2009 12:30:06 PM | Computer Name = WXP-BD2N2H1 | Source = ati2mtag | ID = 44044
Description = I2c return failed

Error - 6/21/2009 12:30:38 PM | Computer Name = WXP-BD2N2H1 | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Launch
permission for the COM Server application with CLSID {7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1}

to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be
modified using the Component Services administrative tool.

Error - 6/21/2009 12:34:16 PM | Computer Name = WXP-BD2N2H1 | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Launch
permission for the COM Server application with CLSID {24FF4FDC-1D9F-4195-8C79-0DA39248FF48}

to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be
modified using the Component Services administrative tool.

Error - 6/21/2009 1:29:34 PM | Computer Name = WXP-BD2N2H1 | Source = ati2mtag | ID = 44044
Description = I2c return failed

Error - 6/21/2009 1:29:34 PM | Computer Name = WXP-BD2N2H1 | Source = ati2mtag | ID = 44044
Description = I2c return failed

Error - 6/21/2009 1:32:28 PM | Computer Name = WXP-BD2N2H1 | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Launch
permission for the COM Server application with CLSID {24FF4FDC-1D9F-4195-8C79-0DA39248FF48}

to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be
modified using the Component Services administrative tool.

Error - 6/21/2009 1:55:23 PM | Computer Name = WXP-BD2N2H1 | Source = ati2mtag | ID = 44044
Description = I2c return failed

Error - 6/21/2009 1:55:23 PM | Computer Name = WXP-BD2N2H1 | Source = ati2mtag | ID = 44044
Description = I2c return failed

Error - 6/21/2009 1:57:43 PM | Computer Name = WXP-BD2N2H1 | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Launch
permission for the COM Server application with CLSID {24FF4FDC-1D9F-4195-8C79-0DA39248FF48}

to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be
modified using the Component Services administrative tool.


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP