Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

random auto adjusting, shifted screen

Started by shmalligator , Sep 02 2011 08:17 PM

  • Please log in to reply

#1
shmalligator
Posted 02 September 2011 - 08:17 PM

shmalligator

    Member

  • Member
  • PipPip
  • 31 posts
I already posted about this in another part of the forum, but last time I was having this problem, it happened at the same time I had these problems, so I'd like to try to avoid it if I managed to catch the same type of virus twice (if the two things are even related!). I was hoping someone could look at my OTL log and tell me if it looks okay? I've been running Avast and MBAM but nothing is coming up. So what's happening is that a box that says Auto-Adjust is popping up on my screen and then the images on my monitor are shifted a little to the right, so anything on the left edge of the screen is cut off. If I take a screenshot, it turns out normal so I edited this screenshot to show what my monitor looks like.

Here is my OTL log. Is this a virus/malware problem, or am I just being paranoid? :)


OTL logfile created on: 9/2/2011 10:09:11 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\DELL\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.07 Mb Total Physical Memory | 298.23 Mb Available Physical Memory | 29.41% Memory free
2.39 Gb Paging File | 1.78 Gb Available in Paging File | 74.61% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 15.96 Gb Free Space | 42.85% Space Free | Partition Type: NTFS

Computer Name: GX520 | User Name: DELL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/02 22:08:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DELL\desktop\OTL.exe
PRC - [2011/09/02 15:16:24 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/09 12:27:52 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2011/07/04 07:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/28 21:14:52 | 017,529,856 | ---- | M] (Electronic Arts) -- C:\Program Files\Electronic Arts\EADM\EADMUI.exe
PRC - [2011/04/28 21:08:16 | 000,095,024 | ---- | M] (Electronic Arts) -- C:\Program Files\Electronic Arts\EADM\EACoreServer.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2011/03/18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/09 19:08:04 | 002,712,920 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008/07/01 10:34:48 | 002,326,528 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/02 16:48:01 | 001,384,960 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090201\algo.dll
MOD - [2011/09/02 15:18:11 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/02 15:16:25 | 001,001,432 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/09/02 04:45:18 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090201\aswRep.dll
MOD - [2011/08/09 12:27:52 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2011/07/28 20:28:53 | 003,542,616 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll
MOD - [2011/04/26 20:37:22 | 000,327,680 | R--- | M] () -- C:\Program Files\Electronic Arts\EADM\phonon4.dll
MOD - [2011/04/26 20:37:12 | 000,413,184 | R--- | M] () -- C:\Program Files\Electronic Arts\EADM\QtXml4.dll
MOD - [2011/04/26 20:36:58 | 015,724,544 | R--- | M] () -- C:\Program Files\Electronic Arts\EADM\QtWebKit4.dll
MOD - [2011/04/26 20:36:40 | 001,092,096 | R--- | M] () -- C:\Program Files\Electronic Arts\EADM\QtNetwork4.dll
MOD - [2011/04/26 20:36:30 | 009,433,600 | R--- | M] () -- C:\Program Files\Electronic Arts\EADM\QtGui4.dll
MOD - [2011/04/26 20:34:58 | 002,686,464 | R--- | M] () -- C:\Program Files\Electronic Arts\EADM\QtCore4.dll
MOD - [2009/01/12 19:56:14 | 000,071,504 | ---- | M] () -- C:\Program Files\IObit\IObit SmartDefrag\taskdll.dll
MOD - [2009/01/12 19:56:00 | 000,059,216 | ---- | M] () -- C:\Program Files\IObit\IObit SmartDefrag\NtfsData.dll
MOD - [2008/07/01 10:34:48 | 002,326,528 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
MOD - [2008/06/13 15:17:30 | 000,049,152 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WlanDll.dll
MOD - [2007/09/14 10:27:14 | 000,024,576 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\CheckSessions.dll
MOD - [2006/12/15 11:30:38 | 000,966,765 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\acAuth.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/07/28 20:28:53 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
SRV - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/05/08 15:10:00 | 004,051,248 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)


========== Driver Services (SafeList) ==========

DRV - [2011/09/02 21:46:45 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{48F9B909-5A8C-48EA-BEED-292A0CB824A5}\MpKsl470992d4.sys -- (MpKsl470992d4)
DRV - [2011/07/04 07:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 07:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 07:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 07:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 07:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 07:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 07:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2008/04/25 05:06:44 | 000,014,336 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007/12/28 16:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2006/05/10 15:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2645238
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.6
FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1203
FF - prefs.js..keyword.URL: "http://search.yahoo....type=382950&p="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/18 08:19:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.21\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/02 15:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.21\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/02 15:16:29 | 000,000,000 | ---D | M]

[2010/11/26 18:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DELL\Application Data\Mozilla\Extensions
[2011/09/02 08:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DELL\Application Data\Mozilla\Firefox\Profiles\u8soku1l.default\extensions
[2011/07/04 08:51:28 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\DELL\Application Data\Mozilla\Firefox\Profiles\u8soku1l.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/05/03 10:56:32 | 000,000,939 | ---- | M] () -- C:\Documents and Settings\DELL\Application Data\Mozilla\Firefox\Profiles\u8soku1l.default\searchplugins\conduit.xml
[2011/05/23 11:19:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/18 08:19:36 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009/06/14 22:47:23 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2011/08/19 09:23:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SmartDefrag] C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe (IObit)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [EADM] C:\Program Files\Electronic Arts\EADM\EADMUI.exe (Electronic Arts)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1290810829234 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.21.0.cab (SysInfo Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88CA0601-D5C2-457A-A391-A346F2603E04}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\DELL\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\DELL\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/14 19:13:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/02 22:07:56 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DELL\Desktop\OTL.exe
[2011/08/29 14:18:08 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/08/25 09:00:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DELL\Local Settings\Application Data\ArcSoft
[2011/08/25 09:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DELL\Application Data\ArcSoft
[2011/08/25 09:00:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2011/08/25 09:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Connect
[2011/08/25 08:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Magic-i Visual Effects 2
[2011/08/25 08:59:32 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\System32\PCDLIB32.DLL
[2011/08/25 08:59:08 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\WINDOWS\System32\ArcSoftKsUFilter.dll
[2011/08/25 08:59:08 | 000,014,336 | ---- | C] (ArcSoft, Inc.) -- C:\WINDOWS\System32\drivers\ArcSoftKsUFilter.sys
[2011/08/25 08:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2011/08/25 08:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2011/08/20 17:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011/08/20 17:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DELL\Application Data\SystemRequirementsLab
[2011/08/19 09:26:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/08/19 08:51:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/08/18 08:20:03 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/08/18 08:20:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/08/18 08:20:02 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/08/18 08:19:57 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/08/18 08:19:57 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/08/18 08:19:56 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/08/18 08:19:56 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/08/18 08:19:56 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/08/18 08:19:55 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/08/18 08:19:30 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/08/18 08:19:29 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/08/10 12:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/08/09 12:58:31 | 004,051,248 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des
[2011/08/09 12:58:08 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\npptNT2.sys
[2011/08/09 12:57:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2011/08/09 12:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DELL\Start Menu\Programs\GamesCampus
[2011/08/09 12:46:18 | 000,000,000 | ---D | C] -- C:\GamesCampus
[2011/08/09 12:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DELL\Local Settings\Application Data\PMB Files
[2011/08/09 12:27:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/08/09 12:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011/08/04 19:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/08/04 19:23:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2004/11/24 14:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[1 C:\Documents and Settings\DELL\Desktop\*.tmp files -> C:\Documents and Settings\DELL\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/02 22:08:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DELL\Desktop\OTL.exe
[2011/09/02 21:51:46 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/09/02 21:47:39 | 000,000,248 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2011/09/02 21:47:25 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/02 21:46:58 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/09/02 21:46:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/25 22:12:46 | 000,000,456 | ---- | M] () -- C:\Documents and Settings\DELL\Desktop\USB Video Device.lnk
[2011/08/25 08:59:48 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Magic-i Visual Effects 2.lnk
[2011/08/20 17:02:32 | 000,051,757 | ---- | M] () -- C:\Documents and Settings\DELL\My Documents\greatandterrible.jpg
[2011/08/20 16:47:09 | 000,107,808 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/19 09:23:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/08/18 08:20:03 | 000,001,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/08/18 08:19:56 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/08/17 10:06:16 | 000,000,097 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/08/10 12:20:54 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/08/09 12:49:00 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\DELL\Desktop\ShotOnline.lnk
[2011/08/04 19:23:49 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[1 C:\Documents and Settings\DELL\Desktop\*.tmp files -> C:\Documents and Settings\DELL\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/25 22:12:46 | 000,000,456 | ---- | C] () -- C:\Documents and Settings\DELL\Desktop\USB Video Device.lnk
[2011/08/25 08:59:48 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Magic-i Visual Effects 2.lnk
[2011/08/20 17:02:29 | 000,051,757 | ---- | C] () -- C:\Documents and Settings\DELL\My Documents\greatandterrible.jpg
[2011/08/18 08:20:03 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/08/17 10:06:16 | 000,000,097 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/08/10 12:25:46 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/08/10 11:59:02 | 000,000,268 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/08/09 12:58:07 | 000,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd
[2011/08/09 12:49:00 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\DELL\Desktop\ShotOnline.lnk
[2011/08/04 19:23:49 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/05/08 16:17:48 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/07 15:39:47 | 000,001,152 | ---- | C] () -- C:\WINDOWS\System32\windrv.sys
[2011/03/06 23:49:02 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/11/26 18:33:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/11/26 18:27:38 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/26 13:48:39 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\DELL\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/14 23:40:24 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/06/14 19:26:38 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2009/06/14 19:15:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/06/14 19:09:44 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/06/14 15:02:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/06/14 15:01:43 | 000,107,808 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/19 10:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 12:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 12:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 12:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 12:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 11:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/04/14 06:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/12/31 08:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/11/02 11:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2004/10/03 12:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2001/08/18 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/18 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 08:00:00 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/18 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 08:00:00 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/18 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 08:00:00 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/18 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2010/05/08 12:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/08/18 08:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/12/25 12:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/12/21 22:05:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/05/08 16:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/08/09 12:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/09/02 21:46:58 | 000,000,268 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
[2011/09/02 21:47:39 | 000,000,248 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
[2011/09/02 21:51:46 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



< End of report >





Extras report



OTL Extras logfile created on: 9/2/2011 10:09:11 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\DELL\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.07 Mb Total Physical Memory | 298.23 Mb Available Physical Memory | 29.41% Memory free
2.39 Gb Paging File | 1.78 Gb Available in Paging File | 74.61% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 15.96 Gb Free Space | 42.85% Space Free | Partition Type: NTFS

Computer Name: GX520 | User Name: DELL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57525:TCP" = 57525:TCP:*:Enabled:Pando Media Booster
"57525:UDP" = 57525:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"57525:TCP" = 57525:TCP:*:Enabled:Pando Media Booster
"57525:UDP" = 57525:UDP:*:Enabled:Pando Media Booster
"1067:TCP" = 1067:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{41B44041-D45D-41EB-A1EF-A12BB5C6996B}" = ArcSoft Magic-i Visual Effects 2
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life
"{C22E50B4-B9D0-4a07-B1F3-12362514FEA7}" = The Sims™ 2 Double Deluxe
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F248ADFA-64E0-4B03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"avast" = avast! Free Antivirus
"EADM" = EA Download Manager
"Game Booster_is1" = Game Booster
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.21)" = Mozilla Firefox (3.6.21)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"ShotOnline" = ShotOnline
"Smart Defrag_is1" = Smart Defrag
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"ZoneAlarm" = ZoneAlarm

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/10/2011 12:12:34 PM | Computer Name = GX520 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 8/10/2011 12:12:35 PM | Computer Name = GX520 | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF05 Description:Can't complete the Setup Wizard. One
or more command line arguments are invalid. Error code:0x8004FF05.

Error - 8/10/2011 12:20:26 PM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8402.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 8/10/2011 12:41:21 PM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0, P2 moaccapability, P3 3.0.8402.0, P4
0, P5 0, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 8/16/2011 5:41:46 PM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 1.1.7104.0, P3 1.109.1918.0, P4 1.109.1918.0, P5 trojandownloader_win32_tracur.y,
P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 8/17/2011 9:44:05 AM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 1.1.7104.0, P3 1.109.1918.0, P4 1.109.1918.0, P5 trojandownloader_win32_tracur.y,
P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 8/17/2011 10:11:12 AM | Computer Name = GX520 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 8/17/2011 10:11:21 AM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 1.1.7104.0, P3 1.109.1918.0, P4 1.109.1918.0, P5 trojandownloader_win32_tracur.y,
P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 8/17/2011 9:09:08 PM | Computer Name = GX520 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 8/20/2011 4:48:24 PM | Computer Name = GX520 | Source = ESENT | ID = 485
Description = wuauclt (2332) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
failed with system error 5 (0x00000005): "Access is denied. ". The delete file
operation will fail with error -1032 (0xfffffbf8).

[ Application Events ]
Error - 8/10/2011 12:12:34 PM | Computer Name = GX520 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 8/10/2011 12:12:35 PM | Computer Name = GX520 | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF05 Description:Can't complete the Setup Wizard. One
or more command line arguments are invalid. Error code:0x8004FF05.

Error - 8/10/2011 12:20:26 PM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8402.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 8/10/2011 12:41:21 PM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0, P2 moaccapability, P3 3.0.8402.0, P4
0, P5 0, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 8/16/2011 5:41:46 PM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 1.1.7104.0, P3 1.109.1918.0, P4 1.109.1918.0, P5 trojandownloader_win32_tracur.y,
P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 8/17/2011 9:44:05 AM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 1.1.7104.0, P3 1.109.1918.0, P4 1.109.1918.0, P5 trojandownloader_win32_tracur.y,
P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 8/17/2011 10:11:12 AM | Computer Name = GX520 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 8/17/2011 10:11:21 AM | Computer Name = GX520 | Source = MPSampleSubmission | ID = 5000
Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 1.1.7104.0, P3 1.109.1918.0, P4 1.109.1918.0, P5 trojandownloader_win32_tracur.y,
P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 8/17/2011 9:09:08 PM | Computer Name = GX520 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 8/20/2011 4:48:24 PM | Computer Name = GX520 | Source = ESENT | ID = 485
Description = wuauclt (2332) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
failed with system error 5 (0x00000005): "Access is denied. ". The delete file
operation will fail with error -1032 (0xfffffbf8).

[ System Events ]
Error - 9/2/2011 1:41:19 PM | Computer Name = GX520 | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.1.3. The machine with the IP address 192.168.1.2 did not
allow the name to be claimed by this machine.

Error - 9/2/2011 1:43:11 PM | Computer Name = GX520 | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.1.3. The machine with the IP address 192.168.1.2 did not
allow the name to be claimed by this machine.

Error - 9/2/2011 1:48:21 PM | Computer Name = GX520 | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.1.3. The machine with the IP address 192.168.1.2 did not
allow the name to be claimed by this machine.

Error - 9/2/2011 1:53:31 PM | Computer Name = GX520 | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.1.3. The machine with the IP address 192.168.1.2 did not
allow the name to be claimed by this machine.

Error - 9/2/2011 1:55:23 PM | Computer Name = GX520 | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.1.3. The machine with the IP address 192.168.1.2 did not
allow the name to be claimed by this machine.

Error - 9/2/2011 2:00:33 PM | Computer Name = GX520 | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.1.3. The machine with the IP address 192.168.1.2 did not
allow the name to be claimed by this machine.

Error - 9/2/2011 2:05:43 PM | Computer Name = GX520 | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.1.3. The machine with the IP address 192.168.1.2 did not
allow the name to be claimed by this machine.

Error - 9/2/2011 2:07:36 PM | Computer Name = GX520 | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 192.168.1.3. The machine with the IP address 192.168.1.2 did not
allow the name to be claimed by this machine.

Error - 9/2/2011 9:12:58 PM | Computer Name = GX520 | Source = Service Control Manager | ID = 7034
Description = The Advanced SystemCare Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 9/2/2011 9:52:45 PM | Computer Name = GX520 | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{88CA0601-D5C2-457A-A391-A346F2603E04}. The
backup browser is stopping.


< End of report >




Thanks, and sorry to bother you if I'm just being paranoid!
  • 0

Advertisements

#2
shmalligator
Posted 03 September 2011 - 09:20 AM

shmalligator

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Please close this topic-- the auto-adjust button on my monitor is just getting stuck. :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP