Any help would be greatly appreciated.
Infected with the Conficker.B [Solved]
Started by
mewsick75
, Jun 07 2013 08:28 AM
-
This topic is locked
#1
Posted 07 June 2013 - 08:28 AM
mewsick75
-
- Member
-
- 292 posts
Member
Any help would be greatly appreciated.
#2
Posted 07 June 2013 - 08:47 AM
mewsick75
- Topic Starter
-
- Member
-
- 292 posts
Member
Here is the OTL log:
OTL logfile created on: 6/7/2013 10:37:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\ersdcom\Desktop
Windows 2000 Professional Edition Service Pack 2 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 5.00.3315.1000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
509.99 Mb Total Physical Memory | 288.84 Mb Available Physical Memory | 56.64% Memory free
1.22 Gb Paging File | 0.93 Gb Available in Paging File | 76.13% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 34.56 Gb Free Space | 92.80% Space Free | Partition Type: NTFS
Drive E: | 7.44 Gb Total Space | 1.28 Gb Free Space | 17.25% Space Free | Partition Type: FAT32
Computer Name: TROUBLE | User Name: ERSDCOM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/07 10:25:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ersdcom\Desktop\OTL.exe
PRC - [2011/02/17 03:23:12 | 000,389,960 | ---- | M] (CA) -- C:\Program Files\CA\eTrustITM\InoTask.exe
PRC - [2009/12/08 03:07:29 | 000,283,888 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\SharedComponents\PPRealtime\bin\ITMRTSVC.exe
PRC - [2009/06/26 13:49:48 | 000,192,512 | ---- | M] (CA) -- C:\Program Files\CA\eTrustITM\InoRPC.exe
PRC - [2009/06/26 13:49:47 | 000,208,896 | ---- | M] (CA) -- C:\Program Files\CA\eTrustITM\InoRT.exe
PRC - [2008/02/08 17:58:44 | 000,407,368 | ---- | M] (CA) -- C:\Program Files\CA\eTrustITM\Realmon.exe
PRC - [2007/02/05 07:57:24 | 000,106,496 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe
PRC - [2006/03/15 00:50:18 | 000,409,600 | ---- | M] (Computer Associates) -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe
PRC - [2006/03/15 00:42:24 | 000,131,072 | ---- | M] (Computer Associates) -- C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
PRC - [2006/03/14 22:57:08 | 000,122,880 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor Backup Agent for Open Files\Ofant.exe
PRC - [2006/02/09 03:50:00 | 000,267,488 | ---- | M] (Microsoft Corporation) -- C:\WINNT\SYSTEM32\ccmsetup\ccmsetup.exe
PRC - [2005/02/23 15:56:12 | 000,053,248 | ---- | M] (Computer Associates) -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
PRC - [2004/03/08 11:56:10 | 000,320,656 | ---- | M] (VERITAS Software Corporation) -- C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe
PRC - [2003/11/09 16:12:26 | 000,815,104 | ---- | M] () -- C:\Program Files\ERS MS\ERS MS Alarm Receiver.exe
PRC - [2003/11/07 16:26:16 | 000,061,440 | ---- | M] () -- C:\Program Files\ERS MS\ERSAlarmBuffer.exe
PRC - [2003/11/05 19:26:40 | 000,122,880 | ---- | M] () -- C:\Program Files\ERS MS\DBLocking.exe
PRC - [2003/11/05 15:13:28 | 000,081,920 | ---- | M] () -- C:\Program Files\ERS MS\PCMCMS.exe
PRC - [2002/05/08 10:51:52 | 000,212,992 | ---- | M] (Intel Corporation) -- C:\Program Files\intel\ASF Agent\ASFAgent.exe
PRC - [2002/04/04 13:56:10 | 000,163,840 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell\OpenManage\Client\Iap.exe
PRC - [2002/02/27 10:57:34 | 001,118,208 | ---- | M] (Intel Corporation) -- C:\WINNT\SYSTEM32\NMSSvc.Exe
PRC - [2001/05/08 07:00:00 | 000,242,960 | ---- | M] (Microsoft Corporation) -- C:\WINNT\EXPLORER.EXE
PRC - [2001/05/08 07:00:00 | 000,118,032 | ---- | M] (Microsoft Corporation) -- C:\WINNT\SYSTEM32\MSTASK.EXE
PRC - [2001/05/08 07:00:00 | 000,066,832 | ---- | M] (Microsoft Corporation) -- C:\WINNT\SYSTEM32\REGSVC.EXE
PRC - [2001/05/08 07:00:00 | 000,020,752 | ---- | M] (Microsoft Corporation) -- C:\WINNT\SYSTEM32\INTERNAT.EXE
========== Modules (No Company Name) ==========
MOD - [2007/02/05 07:57:22 | 000,974,848 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\libetpki_openssl_crypto.dll
MOD - [2007/02/05 07:57:22 | 000,798,720 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\libeay32.dll
MOD - [2007/02/05 07:57:22 | 000,184,320 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\libetpki_openssl_ssl.dll
MOD - [2007/02/05 07:57:22 | 000,155,648 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\ssleay32.dll
MOD - [2007/02/05 07:57:22 | 000,073,728 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\zlib.dll
MOD - [2006/03/14 22:39:58 | 000,077,824 | ---- | M] () -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\shrdmem.dll
MOD - [2003/11/18 01:29:04 | 000,055,808 | ---- | M] () -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\zlib1.dll
MOD - [2003/11/09 16:12:26 | 000,815,104 | ---- | M] () -- C:\Program Files\ERS MS\ERS MS Alarm Receiver.exe
MOD - [2003/11/08 15:21:14 | 000,114,688 | ---- | M] () -- C:\Program Files\ERS MS\ERSParser.dll
MOD - [2003/11/07 16:26:16 | 000,061,440 | ---- | M] () -- C:\Program Files\ERS MS\ERSAlarmBuffer.exe
MOD - [2003/11/05 19:26:40 | 000,122,880 | ---- | M] () -- C:\Program Files\ERS MS\DBLocking.exe
MOD - [2003/11/05 19:16:06 | 001,351,680 | ---- | M] () -- C:\Program Files\ERS MS\PCMsecurity.dll
MOD - [2003/11/05 19:15:40 | 000,081,920 | ---- | M] () -- C:\Program Files\ERS MS\PCMRS232.dll
MOD - [2003/11/05 19:13:20 | 000,094,208 | ---- | M] () -- C:\Program Files\ERS MS\PCMPaging.dll
MOD - [2003/11/05 19:12:40 | 000,086,016 | ---- | M] () -- C:\Program Files\ERS MS\PCMLogging.dll
MOD - [2003/11/05 19:12:02 | 000,102,400 | ---- | M] () -- C:\Program Files\ERS MS\PCMDispatch.dll
MOD - [2003/11/05 19:11:16 | 000,229,376 | ---- | M] () -- C:\Program Files\ERS MS\ERSDBServer.dll
MOD - [2003/11/05 19:10:46 | 000,077,824 | ---- | M] () -- C:\Program Files\ERS MS\PCMdatabase.dll
MOD - [2003/11/05 15:13:28 | 000,081,920 | ---- | M] () -- C:\Program Files\ERS MS\PCMCMS.exe
MOD - [2003/04/04 02:37:00 | 000,028,672 | ---- | M] () -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\pthread.dll
MOD - [2002/08/08 17:25:26 | 000,024,576 | ---- | M] () -- C:\Program Files\ERS MS\DBLockingps.dll
MOD - [2002/08/02 16:54:26 | 000,024,576 | ---- | M] () -- C:\Program Files\ERS MS\ERSAlarmBufferps.dll
========== Services (SafeList) ==========
SRV - [2011/02/17 03:23:12 | 000,389,960 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\eTrustITM\InoTask.exe -- (InoTask)
SRV - [2009/12/08 03:07:29 | 000,283,888 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\SharedComponents\PPRealtime\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - [2009/06/26 13:49:48 | 000,192,512 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\eTrustITM\InoRPC.exe -- (InoRPC)
SRV - [2009/06/26 13:49:47 | 000,208,896 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\eTrustITM\InoRT.exe -- (InoRT)
SRV - [2008/06/24 14:32:18 | 000,095,808 | ---- | M] (Sysinternals) [On_Demand | Stopped] -- C:\WINNT\PSEXESVC.EXE -- (PSEXESVC)
SRV - [2007/02/05 07:57:24 | 000,106,496 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe -- (iGateway)
SRV - [2006/03/15 00:50:18 | 000,409,600 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe -- (CASUniversalAgent)
SRV - [2006/03/15 00:42:24 | 000,131,072 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe -- (CASDiscoverySvc)
SRV - [2006/03/14 22:57:08 | 000,122,880 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\BrightStor Backup Agent for Open Files\Ofant.exe -- (OpenFileAgent)
SRV - [2006/02/09 03:50:00 | 000,267,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\System32\ccmsetup\ccmsetup.exe -- (ccmsetup)
SRV - [2005/03/23 14:17:00 | 000,126,976 | ---- | M] (Computer Associates International Inc.) [On_Demand | Stopped] -- C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe -- (CA_LIC_CLNT)
SRV - [2005/03/23 14:16:00 | 000,155,648 | ---- | M] (Computer Associates International Inc.) [On_Demand | Stopped] -- C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe -- (CA_LIC_SRVR)
SRV - [2005/02/23 15:56:12 | 000,053,248 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe -- (LogWatch)
SRV - [2004/03/08 11:56:10 | 000,320,656 | ---- | M] (VERITAS Software Corporation) [Auto | Running] -- C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe -- (BackupExecAgentAccelerator)
SRV - [2003/11/05 19:41:20 | 000,122,880 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSWatchdog.exe -- (ERS MS 5 Watchdog)
SRV - [2003/11/05 19:33:38 | 000,114,688 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSConfigToolServer.exe -- (ERS MS 5 Configuration Tool Server)
SRV - [2003/11/05 15:19:52 | 000,102,400 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\PCMAutoArchiving.exe -- (ERS MS 5 Auto Archiver - 1)
SRV - [2003/11/05 15:19:08 | 000,102,400 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSWatchmate.exe -- (ERS MS 5 Watchmate)
SRV - [2003/11/05 15:18:42 | 000,122,968 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSRedirector.exe -- (ERS MS 5 Redirector)
SRV - [2003/11/05 15:18:24 | 000,118,784 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\PCMOH2000.exe -- (ERS MS 5 OH-2000)
SRV - [2003/11/05 15:16:58 | 000,032,768 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\PCMOHMP.exe -- (ERS MS 5 QuickAlert - 1)
SRV - [2003/11/05 15:16:26 | 000,094,208 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSMSIPFirmware.exe -- (ERS MS 5 IP Firmware Server)
SRV - [2003/11/05 15:16:04 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSMSConfig.exe -- (ERS MS 5 IP Configuration Server)
SRV - [2003/11/05 15:15:28 | 000,098,304 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSMSIPAlarm.exe -- (ERS MS 5 IP Alarm Server)
SRV - [2003/11/05 15:14:40 | 000,118,784 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSDHCPServer.exe -- (ERS MS 5 DHCP Server)
SRV - [2003/11/05 15:13:28 | 000,081,920 | ---- | M] () [Auto | Running] -- C:\Program Files\ERS MS\PCMCMS.exe -- (ERS MS 5 CMS - 1)
SRV - [2002/05/08 10:51:52 | 000,212,992 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\intel\ASF Agent\ASFAgent.exe -- (ASFAgent)
SRV - [2002/04/04 13:56:10 | 000,163,840 | ---- | M] (Dell Computer Corporation) [Auto | Running] -- C:\Program Files\Dell\OpenManage\Client\Iap.exe -- (Iap)
SRV - [2002/02/27 10:57:34 | 001,118,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINNT\SYSTEM32\NMSSvc.Exe -- (NMSSvc)
SRV - [2002/02/15 11:51:00 | 000,114,749 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\pcAnywhere\AWHOST32.EXE -- (awhost32)
SRV - [2001/05/08 07:00:00 | 000,196,685 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\SYSTEM32\WBEM\WINMGMT.EXE -- (WinMgmt)
SRV - [2001/05/08 07:00:00 | 000,147,728 | ---- | M] (VERITAS Software Corp.) [On_Demand | Stopped] -- C:\WINNT\System32\dmadmin.exe -- (dmadmin)
SRV - [2001/05/08 07:00:00 | 000,118,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\SYSTEM32\MSTASK.EXE -- (Schedule)
SRV - [2001/05/08 07:00:00 | 000,096,528 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINNT\SYSTEM32\FAXSVC.EXE -- (Fax)
SRV - [2001/05/08 07:00:00 | 000,066,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\SYSTEM32\REGSVC.EXE -- (RemoteRegistry)
SRV - [2001/05/08 07:00:00 | 000,022,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\SYSTEM32\UTILMAN.EXE -- (UtilMan)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\vncdrv.sys -- (vncdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (tga)
DRV - File not found [Kernel | System | Stopped] -- -- (sglfb)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\ersdcom\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2007/10/18 21:14:32 | 000,184,080 | ---- | M] (Computer Associates) [File_System | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\ino_fltr.sys -- (INO_FLTR)
DRV - [2007/08/06 22:07:02 | 000,027,536 | ---- | M] (Computer Associates) [File_System | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\ino_flpy.sys -- (INO_FLPY)
DRV - [2006/03/14 22:58:06 | 000,157,766 | ---- | M] (Computer Associates) [File_System | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\OFANT.sys -- (OFADriver)
DRV - [2004/11/19 11:04:18 | 000,073,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2004/06/18 15:17:21 | 000,121,344 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\hardlock.sys -- (Hardlock)
DRV - [2004/06/18 15:17:21 | 000,097,280 | ---- | M] (Aladdin Knowledge Systems.) [Kernel | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\Haspnt.sys -- (Haspnt)
DRV - [2003/09/05 11:34:42 | 000,050,080 | ---- | M] (VERITAS Software) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\VSP.SYS -- (VSP)
DRV - [2002/07/15 16:15:38 | 000,089,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\e1000nt5.sys -- (E1000)
DRV - [2002/05/07 17:06:36 | 000,023,744 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\platalrt.sys -- (PlatAlrt)
DRV - [2002/05/07 17:05:56 | 000,039,680 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\Netalrt.sys -- (NetAlrt)
DRV - [2002/04/18 12:46:00 | 000,049,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\usbhub20.sys -- (usbhub20)
DRV - [2002/04/10 10:12:10 | 000,293,884 | ---- | M] (Keyspan) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\usa49w2k.sys -- (USA49W)
DRV - [2002/04/08 12:46:12 | 000,040,908 | ---- | M] (Keyspan) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\usa49w2kp.sys -- (USA49W2KP)
DRV - [2002/04/04 13:55:22 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINNT\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/02/27 10:57:52 | 000,009,868 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\NMSCFG.SYS -- (NMSCFG)
DRV - [2002/02/11 11:51:00 | 000,033,496 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\AW_HOST5.sys -- (AW_HOST)
DRV - [2001/11/14 22:13:10 | 000,050,798 | R--- | M] (OEM) [Kernel | System | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\oxser.sys -- (oxser)
DRV - [2001/11/14 22:13:10 | 000,013,596 | R--- | M] (OEM) [Kernel | System | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\oxmf.sys -- (oxmf)
DRV - [2001/11/14 22:13:10 | 000,004,992 | R--- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\oxmfuf.sys -- (Oxmfuf)
DRV - [2001/11/14 22:08:50 | 000,075,904 | R--- | M] (OEM) [Kernel | System | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\oxpar.sys -- (oxpar)
DRV - [2001/10/09 11:51:00 | 000,014,944 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\GERNUWA.SYS -- (Gernuwa)
DRV - [2001/06/08 09:25:56 | 000,017,258 | ---- | M] (American Megatrends, Inc.) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\MRAID2K.SYS -- (mraid2k)
DRV - [2001/05/08 07:00:00 | 000,368,976 | ---- | M] (VERITAS Software Corp.) [Kernel | Disabled | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\DMBOOT.SYS -- (dmboot)
DRV - [2001/05/08 07:00:00 | 000,137,008 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\DMIO.SYS -- (dmio)
DRV - [2001/05/08 07:00:00 | 000,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\PARALLEL.SYS -- (Parallel)
DRV - [2001/05/08 07:00:00 | 000,027,440 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINNT\System32\drivers\EFS.SYS -- (EFS)
DRV - [2001/05/08 07:00:00 | 000,021,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\RCA.SYS -- (RCA)
DRV - [2001/05/08 07:00:00 | 000,009,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\NETDTECT.SYS -- (NetDetect)
DRV - [2001/05/08 07:00:00 | 000,007,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\DISKPERF.SYS -- (Diskperf)
DRV - [2001/05/08 07:00:00 | 000,007,312 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\DMLOAD.SYS -- (dmload)
DRV - [2001/05/04 13:05:02 | 000,032,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\uhcd.sys -- (uhcd)
DRV - [2001/04/26 16:00:30 | 000,064,418 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\Fasttrak.sys -- (fasttrak)
DRV - [2000/09/11 11:51:00 | 000,010,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINNT\SYSTEM32\DRIVERS\AWLEGACY.SYS -- (awlegacy)
DRV - [1999/10/27 16:23:38 | 000,345,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\NV4.SYS -- (nv4)
DRV - [1999/10/23 13:22:20 | 000,061,712 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90BC)
DRV - [1999/10/22 15:54:42 | 000,032,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\ICHAUD.SYS -- (ichaud)
DRV - [1999/09/25 12:11:42 | 000,011,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\FD16_700.SYS -- (Fd16_700)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://smbusiness.dellnet.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\System32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2001/05/08 07:00:00 | 000,000,734 | ---- | M]) - C:\WINNT\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\SYSTEM32\MSDXM.OCX ()
O4 - HKLM..\Run: [PPRT] C:\Program Files\CA\SharedComponents\PPRealtime\bin\ITMRTSVC_Logon.exe (CA, Inc.)
O4 - HKLM..\Run: [Realtime Monitor] C:\Program Files\CA\eTrustITM\realmon.exe (CA)
O4 - HKCU..\Run: [Internat.exe] C:\WINNT\System32\INTERNAT.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ERS MS Alarm Receiver.lnk = C:\Program Files\ERS MS\ERS MS Alarm Receiver.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\SYSTEM32\RNR20.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: fellowshipvillage.local ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: fellowshipvillage.local ([jenga] http in Local intranet)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: DirectAnimation Java Classes file://C:\WINNT\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINNT\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.5 192.168.1.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = FellowshipVillage.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC0A603B-CB60-4464-BC42-969E8376CA2F}: DhcpNameServer = 192.168.1.5 192.168.1.12
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\SYSTEM32\MSDXM.OCX ()
O18 - Protocol\Filter\Class Install Handler - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O18 - Protocol\Filter\text/webviewhtml - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.Exe) - C:\WINNT\EXPLORER.EXE (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINNT\system32\userinit.exe) - C:\WINNT\SYSTEM32\USERINIT.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINNT\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\PCANotify: DllName - (PCANotify.dll) - C:\WINNT\System32\PCANotify.dll (Symantec Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\CA\SHARED~1\SCANEN~1\inocboot.exe -s -r \??\C:\PROGRA~1\CA\SHARED~1\SCANEN~1\)
O34 - HKLM BootExecute: (09jow4wj2304lfd0sf9fsd0a2t4ld.biz)
O34 - HKLM BootExecute: (77A8-11D2-9B6C-0000F8080861}.ini...)
O34 - HKLM BootExecute: (->)
O34 - HKLM BootExecute: (m Files\VERITAS\Backup Exec\RANT\b)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/07 10:37:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ersdcom\Desktop\OTL.exe
[2013/06/07 10:13:49 | 007,337,424 | ---- | C] (Bitdefender LLC) -- C:\Documents and Settings\ersdcom\Desktop\BDRemovalToolLauncher_downadup.exe
[2 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/06/07 10:25:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ersdcom\Desktop\OTL.exe
[2013/06/05 18:22:26 | 007,337,424 | ---- | M] (Bitdefender LLC) -- C:\Documents and Settings\ersdcom\Desktop\BDRemovalToolLauncher_downadup.exe
[2013/05/24 13:53:59 | 000,376,286 | -H-- | M] () -- C:\WINNT\ShellIconCache
[2 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/08 16:03:59 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_4e0.dat
[2011/07/08 04:06:19 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_22c.dat
[2011/07/07 16:03:36 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_700.dat
[2009/06/26 13:20:49 | 000,012,288 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2004/06/18 15:50:26 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\ersdcom\ntuser.pol
[2002/03/12 11:53:40 | 000,021,952 | -H-- | C] () -- C:\Program Files\FOLDER.HTT
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
========== Purity Check ==========
< End of report >
OTL logfile created on: 6/7/2013 10:37:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\ersdcom\Desktop
Windows 2000 Professional Edition Service Pack 2 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 5.00.3315.1000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
509.99 Mb Total Physical Memory | 288.84 Mb Available Physical Memory | 56.64% Memory free
1.22 Gb Paging File | 0.93 Gb Available in Paging File | 76.13% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 34.56 Gb Free Space | 92.80% Space Free | Partition Type: NTFS
Drive E: | 7.44 Gb Total Space | 1.28 Gb Free Space | 17.25% Space Free | Partition Type: FAT32
Computer Name: TROUBLE | User Name: ERSDCOM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/07 10:25:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ersdcom\Desktop\OTL.exe
PRC - [2011/02/17 03:23:12 | 000,389,960 | ---- | M] (CA) -- C:\Program Files\CA\eTrustITM\InoTask.exe
PRC - [2009/12/08 03:07:29 | 000,283,888 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\SharedComponents\PPRealtime\bin\ITMRTSVC.exe
PRC - [2009/06/26 13:49:48 | 000,192,512 | ---- | M] (CA) -- C:\Program Files\CA\eTrustITM\InoRPC.exe
PRC - [2009/06/26 13:49:47 | 000,208,896 | ---- | M] (CA) -- C:\Program Files\CA\eTrustITM\InoRT.exe
PRC - [2008/02/08 17:58:44 | 000,407,368 | ---- | M] (CA) -- C:\Program Files\CA\eTrustITM\Realmon.exe
PRC - [2007/02/05 07:57:24 | 000,106,496 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe
PRC - [2006/03/15 00:50:18 | 000,409,600 | ---- | M] (Computer Associates) -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe
PRC - [2006/03/15 00:42:24 | 000,131,072 | ---- | M] (Computer Associates) -- C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
PRC - [2006/03/14 22:57:08 | 000,122,880 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor Backup Agent for Open Files\Ofant.exe
PRC - [2006/02/09 03:50:00 | 000,267,488 | ---- | M] (Microsoft Corporation) -- C:\WINNT\SYSTEM32\ccmsetup\ccmsetup.exe
PRC - [2005/02/23 15:56:12 | 000,053,248 | ---- | M] (Computer Associates) -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
PRC - [2004/03/08 11:56:10 | 000,320,656 | ---- | M] (VERITAS Software Corporation) -- C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe
PRC - [2003/11/09 16:12:26 | 000,815,104 | ---- | M] () -- C:\Program Files\ERS MS\ERS MS Alarm Receiver.exe
PRC - [2003/11/07 16:26:16 | 000,061,440 | ---- | M] () -- C:\Program Files\ERS MS\ERSAlarmBuffer.exe
PRC - [2003/11/05 19:26:40 | 000,122,880 | ---- | M] () -- C:\Program Files\ERS MS\DBLocking.exe
PRC - [2003/11/05 15:13:28 | 000,081,920 | ---- | M] () -- C:\Program Files\ERS MS\PCMCMS.exe
PRC - [2002/05/08 10:51:52 | 000,212,992 | ---- | M] (Intel Corporation) -- C:\Program Files\intel\ASF Agent\ASFAgent.exe
PRC - [2002/04/04 13:56:10 | 000,163,840 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell\OpenManage\Client\Iap.exe
PRC - [2002/02/27 10:57:34 | 001,118,208 | ---- | M] (Intel Corporation) -- C:\WINNT\SYSTEM32\NMSSvc.Exe
PRC - [2001/05/08 07:00:00 | 000,242,960 | ---- | M] (Microsoft Corporation) -- C:\WINNT\EXPLORER.EXE
PRC - [2001/05/08 07:00:00 | 000,118,032 | ---- | M] (Microsoft Corporation) -- C:\WINNT\SYSTEM32\MSTASK.EXE
PRC - [2001/05/08 07:00:00 | 000,066,832 | ---- | M] (Microsoft Corporation) -- C:\WINNT\SYSTEM32\REGSVC.EXE
PRC - [2001/05/08 07:00:00 | 000,020,752 | ---- | M] (Microsoft Corporation) -- C:\WINNT\SYSTEM32\INTERNAT.EXE
========== Modules (No Company Name) ==========
MOD - [2007/02/05 07:57:22 | 000,974,848 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\libetpki_openssl_crypto.dll
MOD - [2007/02/05 07:57:22 | 000,798,720 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\libeay32.dll
MOD - [2007/02/05 07:57:22 | 000,184,320 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\libetpki_openssl_ssl.dll
MOD - [2007/02/05 07:57:22 | 000,155,648 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\ssleay32.dll
MOD - [2007/02/05 07:57:22 | 000,073,728 | ---- | M] () -- C:\Program Files\CA\SharedComponents\iTechnology\zlib.dll
MOD - [2006/03/14 22:39:58 | 000,077,824 | ---- | M] () -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\shrdmem.dll
MOD - [2003/11/18 01:29:04 | 000,055,808 | ---- | M] () -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\zlib1.dll
MOD - [2003/11/09 16:12:26 | 000,815,104 | ---- | M] () -- C:\Program Files\ERS MS\ERS MS Alarm Receiver.exe
MOD - [2003/11/08 15:21:14 | 000,114,688 | ---- | M] () -- C:\Program Files\ERS MS\ERSParser.dll
MOD - [2003/11/07 16:26:16 | 000,061,440 | ---- | M] () -- C:\Program Files\ERS MS\ERSAlarmBuffer.exe
MOD - [2003/11/05 19:26:40 | 000,122,880 | ---- | M] () -- C:\Program Files\ERS MS\DBLocking.exe
MOD - [2003/11/05 19:16:06 | 001,351,680 | ---- | M] () -- C:\Program Files\ERS MS\PCMsecurity.dll
MOD - [2003/11/05 19:15:40 | 000,081,920 | ---- | M] () -- C:\Program Files\ERS MS\PCMRS232.dll
MOD - [2003/11/05 19:13:20 | 000,094,208 | ---- | M] () -- C:\Program Files\ERS MS\PCMPaging.dll
MOD - [2003/11/05 19:12:40 | 000,086,016 | ---- | M] () -- C:\Program Files\ERS MS\PCMLogging.dll
MOD - [2003/11/05 19:12:02 | 000,102,400 | ---- | M] () -- C:\Program Files\ERS MS\PCMDispatch.dll
MOD - [2003/11/05 19:11:16 | 000,229,376 | ---- | M] () -- C:\Program Files\ERS MS\ERSDBServer.dll
MOD - [2003/11/05 19:10:46 | 000,077,824 | ---- | M] () -- C:\Program Files\ERS MS\PCMdatabase.dll
MOD - [2003/11/05 15:13:28 | 000,081,920 | ---- | M] () -- C:\Program Files\ERS MS\PCMCMS.exe
MOD - [2003/04/04 02:37:00 | 000,028,672 | ---- | M] () -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\pthread.dll
MOD - [2002/08/08 17:25:26 | 000,024,576 | ---- | M] () -- C:\Program Files\ERS MS\DBLockingps.dll
MOD - [2002/08/02 16:54:26 | 000,024,576 | ---- | M] () -- C:\Program Files\ERS MS\ERSAlarmBufferps.dll
========== Services (SafeList) ==========
SRV - [2011/02/17 03:23:12 | 000,389,960 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\eTrustITM\InoTask.exe -- (InoTask)
SRV - [2009/12/08 03:07:29 | 000,283,888 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\SharedComponents\PPRealtime\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - [2009/06/26 13:49:48 | 000,192,512 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\eTrustITM\InoRPC.exe -- (InoRPC)
SRV - [2009/06/26 13:49:47 | 000,208,896 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\eTrustITM\InoRT.exe -- (InoRT)
SRV - [2008/06/24 14:32:18 | 000,095,808 | ---- | M] (Sysinternals) [On_Demand | Stopped] -- C:\WINNT\PSEXESVC.EXE -- (PSEXESVC)
SRV - [2007/02/05 07:57:24 | 000,106,496 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe -- (iGateway)
SRV - [2006/03/15 00:50:18 | 000,409,600 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe -- (CASUniversalAgent)
SRV - [2006/03/15 00:42:24 | 000,131,072 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe -- (CASDiscoverySvc)
SRV - [2006/03/14 22:57:08 | 000,122,880 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\BrightStor Backup Agent for Open Files\Ofant.exe -- (OpenFileAgent)
SRV - [2006/02/09 03:50:00 | 000,267,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\System32\ccmsetup\ccmsetup.exe -- (ccmsetup)
SRV - [2005/03/23 14:17:00 | 000,126,976 | ---- | M] (Computer Associates International Inc.) [On_Demand | Stopped] -- C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe -- (CA_LIC_CLNT)
SRV - [2005/03/23 14:16:00 | 000,155,648 | ---- | M] (Computer Associates International Inc.) [On_Demand | Stopped] -- C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe -- (CA_LIC_SRVR)
SRV - [2005/02/23 15:56:12 | 000,053,248 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe -- (LogWatch)
SRV - [2004/03/08 11:56:10 | 000,320,656 | ---- | M] (VERITAS Software Corporation) [Auto | Running] -- C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe -- (BackupExecAgentAccelerator)
SRV - [2003/11/05 19:41:20 | 000,122,880 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSWatchdog.exe -- (ERS MS 5 Watchdog)
SRV - [2003/11/05 19:33:38 | 000,114,688 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSConfigToolServer.exe -- (ERS MS 5 Configuration Tool Server)
SRV - [2003/11/05 15:19:52 | 000,102,400 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\PCMAutoArchiving.exe -- (ERS MS 5 Auto Archiver - 1)
SRV - [2003/11/05 15:19:08 | 000,102,400 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSWatchmate.exe -- (ERS MS 5 Watchmate)
SRV - [2003/11/05 15:18:42 | 000,122,968 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSRedirector.exe -- (ERS MS 5 Redirector)
SRV - [2003/11/05 15:18:24 | 000,118,784 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\PCMOH2000.exe -- (ERS MS 5 OH-2000)
SRV - [2003/11/05 15:16:58 | 000,032,768 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\PCMOHMP.exe -- (ERS MS 5 QuickAlert - 1)
SRV - [2003/11/05 15:16:26 | 000,094,208 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSMSIPFirmware.exe -- (ERS MS 5 IP Firmware Server)
SRV - [2003/11/05 15:16:04 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSMSConfig.exe -- (ERS MS 5 IP Configuration Server)
SRV - [2003/11/05 15:15:28 | 000,098,304 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSMSIPAlarm.exe -- (ERS MS 5 IP Alarm Server)
SRV - [2003/11/05 15:14:40 | 000,118,784 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ERS MS\ERSDHCPServer.exe -- (ERS MS 5 DHCP Server)
SRV - [2003/11/05 15:13:28 | 000,081,920 | ---- | M] () [Auto | Running] -- C:\Program Files\ERS MS\PCMCMS.exe -- (ERS MS 5 CMS - 1)
SRV - [2002/05/08 10:51:52 | 000,212,992 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\intel\ASF Agent\ASFAgent.exe -- (ASFAgent)
SRV - [2002/04/04 13:56:10 | 000,163,840 | ---- | M] (Dell Computer Corporation) [Auto | Running] -- C:\Program Files\Dell\OpenManage\Client\Iap.exe -- (Iap)
SRV - [2002/02/27 10:57:34 | 001,118,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINNT\SYSTEM32\NMSSvc.Exe -- (NMSSvc)
SRV - [2002/02/15 11:51:00 | 000,114,749 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\pcAnywhere\AWHOST32.EXE -- (awhost32)
SRV - [2001/05/08 07:00:00 | 000,196,685 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\SYSTEM32\WBEM\WINMGMT.EXE -- (WinMgmt)
SRV - [2001/05/08 07:00:00 | 000,147,728 | ---- | M] (VERITAS Software Corp.) [On_Demand | Stopped] -- C:\WINNT\System32\dmadmin.exe -- (dmadmin)
SRV - [2001/05/08 07:00:00 | 000,118,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\SYSTEM32\MSTASK.EXE -- (Schedule)
SRV - [2001/05/08 07:00:00 | 000,096,528 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINNT\SYSTEM32\FAXSVC.EXE -- (Fax)
SRV - [2001/05/08 07:00:00 | 000,066,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\SYSTEM32\REGSVC.EXE -- (RemoteRegistry)
SRV - [2001/05/08 07:00:00 | 000,022,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\SYSTEM32\UTILMAN.EXE -- (UtilMan)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\vncdrv.sys -- (vncdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (tga)
DRV - File not found [Kernel | System | Stopped] -- -- (sglfb)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\ersdcom\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2007/10/18 21:14:32 | 000,184,080 | ---- | M] (Computer Associates) [File_System | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\ino_fltr.sys -- (INO_FLTR)
DRV - [2007/08/06 22:07:02 | 000,027,536 | ---- | M] (Computer Associates) [File_System | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\ino_flpy.sys -- (INO_FLPY)
DRV - [2006/03/14 22:58:06 | 000,157,766 | ---- | M] (Computer Associates) [File_System | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\OFANT.sys -- (OFADriver)
DRV - [2004/11/19 11:04:18 | 000,073,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2004/06/18 15:17:21 | 000,121,344 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\hardlock.sys -- (Hardlock)
DRV - [2004/06/18 15:17:21 | 000,097,280 | ---- | M] (Aladdin Knowledge Systems.) [Kernel | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\Haspnt.sys -- (Haspnt)
DRV - [2003/09/05 11:34:42 | 000,050,080 | ---- | M] (VERITAS Software) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\VSP.SYS -- (VSP)
DRV - [2002/07/15 16:15:38 | 000,089,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\e1000nt5.sys -- (E1000)
DRV - [2002/05/07 17:06:36 | 000,023,744 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\platalrt.sys -- (PlatAlrt)
DRV - [2002/05/07 17:05:56 | 000,039,680 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINNT\SYSTEM32\DRIVERS\Netalrt.sys -- (NetAlrt)
DRV - [2002/04/18 12:46:00 | 000,049,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\usbhub20.sys -- (usbhub20)
DRV - [2002/04/10 10:12:10 | 000,293,884 | ---- | M] (Keyspan) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\usa49w2k.sys -- (USA49W)
DRV - [2002/04/08 12:46:12 | 000,040,908 | ---- | M] (Keyspan) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\usa49w2kp.sys -- (USA49W2KP)
DRV - [2002/04/04 13:55:22 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINNT\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/02/27 10:57:52 | 000,009,868 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\NMSCFG.SYS -- (NMSCFG)
DRV - [2002/02/11 11:51:00 | 000,033,496 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\AW_HOST5.sys -- (AW_HOST)
DRV - [2001/11/14 22:13:10 | 000,050,798 | R--- | M] (OEM) [Kernel | System | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\oxser.sys -- (oxser)
DRV - [2001/11/14 22:13:10 | 000,013,596 | R--- | M] (OEM) [Kernel | System | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\oxmf.sys -- (oxmf)
DRV - [2001/11/14 22:13:10 | 000,004,992 | R--- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\oxmfuf.sys -- (Oxmfuf)
DRV - [2001/11/14 22:08:50 | 000,075,904 | R--- | M] (OEM) [Kernel | System | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\oxpar.sys -- (oxpar)
DRV - [2001/10/09 11:51:00 | 000,014,944 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\GERNUWA.SYS -- (Gernuwa)
DRV - [2001/06/08 09:25:56 | 000,017,258 | ---- | M] (American Megatrends, Inc.) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\MRAID2K.SYS -- (mraid2k)
DRV - [2001/05/08 07:00:00 | 000,368,976 | ---- | M] (VERITAS Software Corp.) [Kernel | Disabled | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\DMBOOT.SYS -- (dmboot)
DRV - [2001/05/08 07:00:00 | 000,137,008 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\DMIO.SYS -- (dmio)
DRV - [2001/05/08 07:00:00 | 000,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\PARALLEL.SYS -- (Parallel)
DRV - [2001/05/08 07:00:00 | 000,027,440 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINNT\System32\drivers\EFS.SYS -- (EFS)
DRV - [2001/05/08 07:00:00 | 000,021,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\RCA.SYS -- (RCA)
DRV - [2001/05/08 07:00:00 | 000,009,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\NETDTECT.SYS -- (NetDetect)
DRV - [2001/05/08 07:00:00 | 000,007,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\DISKPERF.SYS -- (Diskperf)
DRV - [2001/05/08 07:00:00 | 000,007,312 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\DMLOAD.SYS -- (dmload)
DRV - [2001/05/04 13:05:02 | 000,032,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\SYSTEM32\DRIVERS\uhcd.sys -- (uhcd)
DRV - [2001/04/26 16:00:30 | 000,064,418 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\Fasttrak.sys -- (fasttrak)
DRV - [2000/09/11 11:51:00 | 000,010,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINNT\SYSTEM32\DRIVERS\AWLEGACY.SYS -- (awlegacy)
DRV - [1999/10/27 16:23:38 | 000,345,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\NV4.SYS -- (nv4)
DRV - [1999/10/23 13:22:20 | 000,061,712 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90BC)
DRV - [1999/10/22 15:54:42 | 000,032,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\SYSTEM32\DRIVERS\ICHAUD.SYS -- (ichaud)
DRV - [1999/09/25 12:11:42 | 000,011,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\SYSTEM32\DRIVERS\FD16_700.SYS -- (Fd16_700)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://smbusiness.dellnet.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\System32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2001/05/08 07:00:00 | 000,000,734 | ---- | M]) - C:\WINNT\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\SYSTEM32\MSDXM.OCX ()
O4 - HKLM..\Run: [PPRT] C:\Program Files\CA\SharedComponents\PPRealtime\bin\ITMRTSVC_Logon.exe (CA, Inc.)
O4 - HKLM..\Run: [Realtime Monitor] C:\Program Files\CA\eTrustITM\realmon.exe (CA)
O4 - HKCU..\Run: [Internat.exe] C:\WINNT\System32\INTERNAT.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ERS MS Alarm Receiver.lnk = C:\Program Files\ERS MS\ERS MS Alarm Receiver.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\SYSTEM32\RNR20.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\SYSTEM32\MSAFD.DLL (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: fellowshipvillage.local ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: fellowshipvillage.local ([jenga] http in Local intranet)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: DirectAnimation Java Classes file://C:\WINNT\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINNT\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.5 192.168.1.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = FellowshipVillage.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC0A603B-CB60-4464-BC42-969E8376CA2F}: DhcpNameServer = 192.168.1.5 192.168.1.12
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\SYSTEM32\MSDXM.OCX ()
O18 - Protocol\Filter\Class Install Handler - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O18 - Protocol\Filter\text/webviewhtml - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.Exe) - C:\WINNT\EXPLORER.EXE (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINNT\system32\userinit.exe) - C:\WINNT\SYSTEM32\USERINIT.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINNT\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\PCANotify: DllName - (PCANotify.dll) - C:\WINNT\System32\PCANotify.dll (Symantec Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\CA\SHARED~1\SCANEN~1\inocboot.exe -s -r \??\C:\PROGRA~1\CA\SHARED~1\SCANEN~1\)
O34 - HKLM BootExecute: (09jow4wj2304lfd0sf9fsd0a2t4ld.biz)
O34 - HKLM BootExecute: (77A8-11D2-9B6C-0000F8080861}.ini...)
O34 - HKLM BootExecute: (->)
O34 - HKLM BootExecute: (m Files\VERITAS\Backup Exec\RANT\b)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/07 10:37:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ersdcom\Desktop\OTL.exe
[2013/06/07 10:13:49 | 007,337,424 | ---- | C] (Bitdefender LLC) -- C:\Documents and Settings\ersdcom\Desktop\BDRemovalToolLauncher_downadup.exe
[2 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/06/07 10:25:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ersdcom\Desktop\OTL.exe
[2013/06/05 18:22:26 | 007,337,424 | ---- | M] (Bitdefender LLC) -- C:\Documents and Settings\ersdcom\Desktop\BDRemovalToolLauncher_downadup.exe
[2013/05/24 13:53:59 | 000,376,286 | -H-- | M] () -- C:\WINNT\ShellIconCache
[2 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/08 16:03:59 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_4e0.dat
[2011/07/08 04:06:19 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_22c.dat
[2011/07/07 16:03:36 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_700.dat
[2009/06/26 13:20:49 | 000,012,288 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2004/06/18 15:50:26 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\ersdcom\ntuser.pol
[2002/03/12 11:53:40 | 000,021,952 | -H-- | C] () -- C:\Program Files\FOLDER.HTT
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
========== Purity Check ==========
< End of report >
#3
Posted 07 June 2013 - 01:37 PM
Dakeyras
-
- Expert
-
- 9,772 posts
Anti-Malware Mammoth
Hi and welcome back to Geeks to Go. 
Either way it is prudent not to use this machine with a active internet connection/actually use it to go online with etc. The most prudent course of action would be either carry out is a reformat and reinstallation of the Windows Operating System and merely keep the machine as a stand alone word processor with no Internet access for example. Or consider upgrading the actual Operating System itself.
Next:
I am not advising you attempt the aforementioned merely pointing out a possible remedy that has a very slim chance of success and or even leave the machine unbootable. Even if does work the machine with the current Operating System will always be deemed a security risk all told if used online...As it stands my initial advice is the best course of action.
My apologies I cannot actually provide specific Anti-Malware support at this time and good luck for what ever course of action you decide upon.
Are you aware this particular Operating System is no longer supported by Microsoft ? Plus the fact is does not even have the last Service Pack released installed.I have a Windows 2000 Pro computer
Either way it is prudent not to use this machine with a active internet connection/actually use it to go online with etc. The most prudent course of action would be either carry out is a reformat and reinstallation of the Windows Operating System and merely keep the machine as a stand alone word processor with no Internet access for example. Or consider upgrading the actual Operating System itself.
Aye not much still compatible from a security tool point of view any more I'm afraid. You could consider using this from Symantec but I would create a backup first using Erunt. Finally run a online scan with Eset.infected with the Conficker.b virus and I've tried to run several programs on it but they won't run. I don't know if it's because the program won't let them run or because they aren't compatible with Windows 2000.
Next:
I am not advising you attempt the aforementioned merely pointing out a possible remedy that has a very slim chance of success and or even leave the machine unbootable. Even if does work the machine with the current Operating System will always be deemed a security risk all told if used online...As it stands my initial advice is the best course of action.
My apologies I cannot actually provide specific Anti-Malware support at this time and good luck for what ever course of action you decide upon.
#4
Posted 07 June 2013 - 02:14 PM
mewsick75
- Topic Starter
-
- Member
-
- 292 posts
Member
There is nothing that can be done?
This is what I have, I can not upgrade at this time and I have to get this infection off this machine.
Is there any other action we can take to get this rectified?
This is what I have, I can not upgrade at this time and I have to get this infection off this machine.
Is there any other action we can take to get this rectified?
#5
Posted 07 June 2013 - 02:28 PM
Dakeyras
-
- Expert
-
- 9,772 posts
Anti-Malware Mammoth
I'm afraid not unfortunately, I have provided the best possible advice concerning the Operating System in use.
#6
Posted 10 June 2013 - 10:55 AM
Dakeyras
-
- Expert
-
- 9,772 posts
Anti-Malware Mammoth
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
