Jump to content

77clark77

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. OTListIT.exe Extras: OTListIt Extras logfile created on: 11/26/2008 9:47:54 PM - Run OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\Erin and David\Local Settings\Temporary Internet Files\Content.IE5\ITJC5OZA Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1022.37 Mb Total Physical Memory | 443.68 Mb Available Physical Memory | 43.40% Memory free 2.40 Gb Paging File | 1.93 Gb Available in Paging File | 80.15% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 87.06 Gb Total Space | 60.61 Gb Free Space | 69.62% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LAPTOP Current User Name: Erin and David Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger File not found -- D:\iTunes\iTunes.exe:*:Enabled:iTunes [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour [2008/10/18 07:25:04 | 00,514,560 | ---- | M] (GRISOFT, s.r.o.) -- C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe [2008/03/02 22:45:14 | 00,418,816 | ---- | M] (GRISOFT, s.r.o.) -- C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe [2008/10/18 07:25:03 | 00,590,848 | ---- | M] (GRISOFT, s.r.o.) -- C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe [2006/11/02 23:17:27 | 00,010,800 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader [2008/03/06 12:50:59 | 00,050,528 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM [2008/07/10 09:51:26 | 20,246,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes [2008/11/04 20:02:47 | 00,318,976 | ---- | M] (Octoshape ApS) -- C:\Documents and Settings\Erin and David\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Disabled:Octoshape add-in for Adobe Flash Player [2004/08/10 03:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:wmiprvse [2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe:*:Enabled:HPZipm12 [2008/07/10 09:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe:*:Enabled:iPodService ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{007C0BB9-C5E2-4C73-B96B-2BBD5CEA9BF9}" = 2350 "{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update "{0390854C-42B9-4BC2-B0CF-87DDA0F62EC8}" = 2350_Help "{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO "{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime "{08F7CCA6-8590-4401-8B44-CEB09A909AAB}" = del.icio.us Buttons for Internet Explorer "{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0 "{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds "{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy "{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant "{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare "{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy "{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp "{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1 "{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}" = Apple Mobile Device Support "{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour "{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme "{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour "{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell "{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone "{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller "{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI "{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects "{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery "{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update "{652C4ADF-0A29-4B02-9211-EE61675847DE}" = Canon Camera WIA Driver "{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7 "{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations "{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm "{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1 "{74BE7519-41A7-45A8-8AA6-78C7907A4808}" = EOS Capture 1.2 "{750CF8D7-4B04-404F-AFA2-14C129C42373}" = EOS Viewer Utility 1.2.1 "{77A75E29-89D0-45D4-9A3A-9823B0D0C939}" = CFLR Suite 2007-2 "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg "{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1 "{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders "{A02ED372-22FA-448B-AB6A-1B0FC23B7D08}" = ATI Catalyst Control Center "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director "{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer "{C0E7118C-CF3D-46EC-B431-F744C035A571}" = 2350Trb "{C537C86E-22C0-41CF-8A8E-3B23E986C3D9}" = Canon Camera WIA Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg "{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer "{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}" = Canon Camera WIA Driver "{EF6C4600-306D-4F6A-A119-C2A877D25B4A}" = iTunes "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi "{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic "4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) "ActiveScan 2.0" = Panda ActiveScan 2.0 "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "AIM Toolbar" = AIM Toolbar 5.0 "AIM_6" = AIM 6 "All ATI Software" = ATI - Software Uninstall Utility "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.2 "AOL Search" = AOL Search "ATI Display Driver" = ATI Display Driver "AVG7Uninstall" = AVG 7.5 "B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem "DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility "EsetOnlineScanner" = ESET Online Scanner "ESPNMotion" = ESPNMotion "Excel Utilities 1.5" = Excel Utilities 1.5 "Excel VBA Code Cleaner 4.4" = Excel VBA Code Cleaner 4.4 "ExpressBurn" = Express Burn "HP Photo & Imaging" = HP Image Zone 4.7 "InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1 "InstallShield_{652C4ADF-0A29-4B02-9211-EE61675847DE}" = Canon EOS-1Ds Mark II WIA Driver "InstallShield_{74BE7519-41A7-45A8-8AA6-78C7907A4808}" = Canon Utilities EOS Capture 1.2 "InstallShield_{750CF8D7-4B04-404F-AFA2-14C129C42373}" = Canon Utilities EOS Viewer Utility 1.2 "InstallShield_{C537C86E-22C0-41CF-8A8E-3B23E986C3D9}" = Canon EOS-1D Mark II WIA Driver "InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}" = Canon EOS 20D WIA Driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Power Ranger_is1" = Power Ranger "ProInst" = Intel® PROSet/Wireless Software "Shed 1.0" = Shed 1.0 "ViewpointMediaPlayer" = Viewpoint Media Player "WavePad" = WavePad Uninstall "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XY Chart Labeler 6.22" = XY Chart Labeler 6.22 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 5/21/2008 7:28:58 PM | Computer Name = LAPTOP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting module pngfilt.dll, version 6.0.2900.3314, fault address 0x000049ce. Error - 5/22/2008 11:10:44 PM | Computer Name = LAPTOP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting module pngfilt.dll, version 6.0.2900.3314, fault address 0x000049ce. Error - 5/24/2008 1:18:41 PM | Computer Name = LAPTOP | Source = Application Hang | ID = 1002 Description = Hanging application aim6.exe, version 1.4.9.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 5/24/2008 5:31:24 PM | Computer Name = LAPTOP | Source = Application Hang | ID = 1002 Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 5/26/2008 1:12:53 AM | Computer Name = LAPTOP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting module pngfilt.dll, version 6.0.2900.3314, fault address 0x000049ce. Error - 5/29/2008 1:51:16 AM | Computer Name = LAPTOP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting module pngfilt.dll, version 6.0.2900.3314, fault address 0x000049ce. Error - 5/30/2008 9:29:47 PM | Computer Name = LAPTOP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting module pngfilt.dll, version 6.0.2900.3314, fault address 0x000049ce. Error - 5/31/2008 2:40:19 AM | Computer Name = LAPTOP | Source = Application Hang | ID = 1002 Description = Hanging application Photoshop.exe, version 9.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 5/31/2008 7:18:46 PM | Computer Name = LAPTOP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting module pngfilt.dll, version 6.0.2900.3314, fault address 0x000049ce. Error - 6/1/2008 12:18:25 AM | Computer Name = LAPTOP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting module pngfilt.dll, version 6.0.2900.3314, fault address 0x000049ce. [ System Events ] Error - 11/8/2008 10:36:15 PM | Computer Name = LAPTOP | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 11/8/2008 10:36:15 PM | Computer Name = LAPTOP | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 11/15/2008 12:54:10 AM | Computer Name = LAPTOP | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 11/15/2008 12:54:10 AM | Computer Name = LAPTOP | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 11/20/2008 12:17:38 PM | Computer Name = LAPTOP | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 11/20/2008 12:17:38 PM | Computer Name = LAPTOP | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 11/23/2008 1:38:20 PM | Computer Name = LAPTOP | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 11/23/2008 1:38:20 PM | Computer Name = LAPTOP | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 11/25/2008 9:33:18 PM | Computer Name = LAPTOP | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 11/25/2008 9:33:18 PM | Computer Name = LAPTOP | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. < End of report >
  2. OTListIT.exe LOG: OTListIt logfile created on: 11/26/2008 9:47:54 PM - Run OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\Erin and David\Local Settings\Temporary Internet Files\Content.IE5\ITJC5OZA Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1022.37 Mb Total Physical Memory | 443.68 Mb Available Physical Memory | 43.40% Memory free 2.40 Gb Paging File | 1.93 Gb Available in Paging File | 80.15% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 87.06 Gb Total Space | 60.61 Gb Free Space | 69.62% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LAPTOP Current User Name: Erin and David Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days ========== Processes ========== [2006/05/23 21:59:38 | 00,409,600 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe [2007/10/08 14:06:44 | 01,183,744 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006/05/23 21:59:38 | 00,409,600 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe [2005/08/05 13:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe [2006/01/02 17:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [2007/10/08 14:18:04 | 00,995,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe [2007/10/08 14:13:36 | 01,101,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe [2006/03/24 17:30:44 | 00,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe [2005/12/09 20:29:52 | 00,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2008/10/18 07:25:03 | 00,590,848 | ---- | M] (GRISOFT, s.r.o.) -- C:\Program Files\Grisoft\AVG7\avgcc.exe [2004/09/13 14:49:00 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [2008/07/10 09:51:32 | 00,289,064 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe [2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2007/12/31 12:35:11 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe [2004/11/04 18:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004/11/04 18:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe [2008/07/10 08:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008/03/02 22:45:14 | 00,418,816 | ---- | M] (GRISOFT, s.r.o.) -- C:\Program Files\Grisoft\AVG7\avgamsvr.exe [2008/03/02 22:45:18 | 00,049,664 | ---- | M] (GRISOFT, s.r.o.) -- C:\Program Files\Grisoft\AVG7\avgupsvc.exe [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe [2005/10/11 08:40:32 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe [2005/08/05 13:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe [2007/10/08 14:27:02 | 00,794,624 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe [2007/10/08 14:01:54 | 00,483,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007/10/08 14:15:50 | 00,356,352 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe [2005/08/05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe [2008/07/10 09:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe [2007/10/08 14:09:26 | 00,659,456 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe [2005/08/05 13:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe [2006/01/02 17:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [2008/11/26 21:47:48 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Erin and David\Local Settings\Temporary Internet Files\Content.IE5\ITJC5OZA\OTListIt[1].exe ========== (O23) Win32 Services ========== [2007/12/29 14:40:16 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped]) [2008/07/10 08:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) [2004/07/15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) [2006/05/23 21:59:38 | 00,409,600 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running]) [2008/03/02 22:45:14 | 00,418,816 | ---- | M] (GRISOFT, s.r.o.) -- C:\Program Files\Grisoft\AVG7\avgamsvr.exe -- (Avg7Alrt [Auto | Running]) [2008/03/02 22:45:18 | 00,049,664 | ---- | M] (GRISOFT, s.r.o.) -- C:\Program Files\Grisoft\AVG7\avgupsvc.exe -- (Avg7UpdSvc [Auto | Running]) [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) [2005/10/11 08:40:32 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe -- (ehRecvr [Auto | Running]) [2005/08/05 13:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe -- (ehSched [Auto | Running]) [2007/10/08 14:27:02 | 00,794,624 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running]) [2007/12/27 22:00:17 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped]) [2008/07/10 09:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) [2005/08/05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running]) [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) [2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running]) [2007/10/08 14:01:54 | 00,483,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running]) [2007/10/08 14:06:44 | 01,183,744 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running]) [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running]) [2007/10/08 14:15:50 | 00,356,352 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER [Auto | Running]) [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) ========== Driver Services ========== [2006/09/19 16:46:00 | 00,011,465 | ---- | M] () -- C:\WINDOWS\system32\drivers\6250spi.sys -- (6250spi [On_Demand | Stopped]) [2007/12/27 21:38:57 | 00,021,361 | ---- | M] (Cisco Systems, Inc.) -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP [Auto | Running]) [2006/05/23 22:06:36 | 01,578,496 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running]) [2008/03/02 22:45:23 | 00,821,856 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\avg7core.sys -- (Avg7Core [system | Running]) [2008/03/02 22:45:29 | 00,004,224 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\avg7rsw.sys -- (Avg7RsW [system | Running]) [2008/03/02 22:45:29 | 00,027,776 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\avg7rsxp.sys -- (Avg7RsXP [system | Running]) [2008/03/02 22:45:29 | 00,010,760 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\avgclean.sys -- (AvgClean [system | Running]) [2006/11/21 03:25:44 | 00,045,568 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running]) [2005/03/22 14:40:18 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [boot | Stopped]) [2008/01/29 11:01:28 | 00,016,168 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) [2004/08/12 17:45:54 | 00,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus [On_Demand | Running]) [2004/12/14 08:07:44 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Running]) [2004/12/14 08:07:44 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Running]) [2004/12/14 08:07:44 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Running]) [2005/07/22 08:01:08 | 00,201,600 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running]) [2005/07/22 08:02:12 | 01,035,008 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running]) [2004/08/03 21:58:36 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [system | Stopped]) [2004/03/17 09:04:14 | 00,013,059 | R--- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running]) [2007/09/26 06:01:32 | 02,236,032 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32 [On_Demand | Running]) [2001/08/22 07:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI [system | Running]) [2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [boot | Running]) [2004/08/10 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running]) [2005/05/12 18:54:10 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [boot | Running]) [2006/11/15 00:16:24 | 00,032,256 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running]) [2006/11/14 19:42:46 | 00,043,520 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk [Auto | Running]) [2006/11/14 17:35:20 | 00,037,376 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp [Auto | Running]) [2007/08/27 11:10:36 | 00,012,288 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans [Auto | Running]) [2004/08/10 03:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus [On_Demand | Running]) [2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped]) [2006/03/24 17:34:30 | 01,156,648 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA [On_Demand | Running]) [2008/02/17 20:57:46 | 00,023,600 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\system32\drivers\TVICHW32.SYS -- (TVICHW32 [On_Demand | Stopped]) [2007/10/31 14:09:14 | 00,030,464 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped]) [2005/07/22 08:01:00 | 00,717,952 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running]) ========== Internet Explorer ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL Search\AOLSearch.dll (America Online, Inc.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (del.icio.us Toolbar Helper) - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll (del.icio.us, a Yahoo! Company) O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.) O2 - BHO: (no name) - {d9c59070-c2f1-4958-8d78-a0f85a0b1cac} - C:\WINDOWS\system32\vihorazo.dll File not found O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (del.icio.us) - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll (del.icio.us, a Yahoo! Company) O3 - HKLM\..\Toolbar: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKCU\..\Toolbar: (no name) - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll (del.icio.us, a Yahoo! Company) O3 - HKCU\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay (ATI Technologies Inc.) O4 - HKLM..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP (GRISOFT, s.r.o.) O4 - HKLM..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" (CyberLink Corp.) O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation) O4 - HKLM..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" (Hewlett-Packard Company) O4 - HKLM..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless (Intel Corporation) O4 - HKLM..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [leralegipu] Rundll32.exe "C:\WINDOWS\system32\zotahase.dll",s File not found O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.) O4 - HKLM..\Run: [sigmatelSysTrayApp] stsystra.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKCU..\Run: [Aim6] File not found O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\Erin and David\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemydsl.verizon.net/sdcCommon...DSL/tgctlcm.cab (Support.com Configuration Class) O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://www.pandasecurity.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1198820672592 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl.sun.com/webapps/download/AutoDL?BundleId=23100 (Java Plug-in 1.6.0_07) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key does not exist or could not be opened.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.com/files/driveragent.cab (Driver Agent ActiveX Control) O18 - Protocol\Handler: - ipp - No CLSID value found O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler: - msdaipp - No CLSID value found O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler: - mso-offdap - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler: - mso-offdap11 - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - See sections below for AppInitDlls and Winlogon settings ========== AppInit_DLLs ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls" = C:\WINDOWS\system32\babonehu.dll c:\windows\system32\ripojopo.dll >[2008/08/24 21:36:18 | 00,060,416 | -HS- | M] () -- C:\WINDOWS\system32\babonehu.dll >File not found -- c:\windows\system32\ripojopo.dll ========== Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\] AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.) ========== Safeboot Options ========== "AlternateShell" = cmd.exe ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ========== Autorun Files on Drives ========== AUTOEXEC.BAT [] [2007/12/27 20:44:47 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ] ========== Files/Folders - Created Within 30 Days ========== [2008/11/26 19:31:57 | 00,000,000 | ---D | C] -- C:\Program Files\EsetOnlineScanner [2008/11/25 21:40:01 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys [2008/11/25 21:39:53 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security [2008/11/25 21:11:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Erin and David\Application Data\Malwarebytes [2008/11/25 21:11:22 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2008/11/25 21:11:22 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2008/11/25 21:11:19 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2008/11/25 21:11:18 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2008/11/25 21:11:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2008/11/25 21:10:39 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup.exe [2008/11/25 21:05:24 | 00,000,211 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008/11/25 20:33:21 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Erin and David\Desktop\Spybot - Search & Destroy.lnk [2008/11/25 20:33:16 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2008/11/25 20:33:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2008/11/25 20:31:49 | 15,083,520 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd160.exe [2008/11/22 16:04:19 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\Erin and David\My Documents\Yvonne 11.22.08.doc [2008/11/21 21:26:49 | 00,000,000 | ---D | C] -- C:\Program Files\__MACOSX [2008/11/20 17:46:25 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Erin and David\My Documents\Book2.xls [2008/11/16 22:29:10 | 00,018,432 | ---- | C] () -- C:\Documents and Settings\Erin and David\My Documents\budget whittier brokers.xls [2008/11/07 22:41:32 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Erin and David\Desktop\Whittier Co-op November order_update.xls [2008/11/05 19:19:45 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Erin and David\My Documents\Vonage Charges.xls [2008/10/30 07:43:46 | 04,366,539 | ---- | C] () -- C:\Documents and Settings\Erin and David\Desktop\control panel.psd [2008/10/29 17:43:51 | 01,172,134 | ---- | C] () -- C:\Documents and Settings\Erin and David\Desktop\untitled.bmp ========== Files - Modified Within 30 Days ========== [5 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [2008/11/26 21:48:37 | 00,008,812 | -H-- | M] () -- C:\WINDOWS\System32\popevuhi [2008/11/26 19:29:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2008/11/26 19:29:08 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2008/11/26 19:11:13 | 00,000,211 | ---- | M] () -- C:\WINDOWS\wininit.ini [2008/11/25 21:11:22 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2008/11/25 20:33:21 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Erin and David\Desktop\Spybot - Search & Destroy.lnk [2008/11/24 19:40:10 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2008/11/22 19:53:29 | 00,025,600 | ---- | M] () -- C:\Documents and Settings\Erin and David\My Documents\Yvonne 11.22.08.doc [2008/11/20 21:03:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2008/11/20 17:46:25 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Erin and David\My Documents\Book2.xls [2008/11/19 20:06:31 | 01,315,840 | ---- | M] () -- C:\Documents and Settings\Erin and David\My Documents\Matty Schedule - Master.xls [2008/11/16 22:29:11 | 00,018,432 | ---- | M] () -- C:\Documents and Settings\Erin and David\My Documents\budget whittier brokers.xls [2008/11/12 22:47:06 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2008/11/11 20:35:01 | 00,010,752 | ---- | M] () -- C:\Documents and Settings\Erin and David\My Documents\Current Sale Price List.xls [2008/11/07 22:41:33 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Erin and David\Desktop\Whittier Co-op November order_update.xls [2008/11/05 22:08:04 | 00,037,376 | ---- | M] () -- C:\Documents and Settings\Erin and David\My Documents\D Almeida Word Format Resume 07.17.08.doc [2008/11/05 19:19:45 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Erin and David\My Documents\Vonage Charges.xls [2008/11/02 23:00:43 | 00,012,288 | ---- | M] () -- C:\Documents and Settings\Erin and David\My Documents\Current Sale Price List_a.xls [2008/11/02 08:05:40 | 00,383,822 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2008/11/02 08:05:40 | 00,054,010 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2008/11/02 08:05:39 | 00,443,556 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2008/10/30 07:43:49 | 04,366,539 | ---- | M] () -- C:\Documents and Settings\Erin and David\Desktop\control panel.psd [2008/10/29 17:43:51 | 01,172,134 | ---- | M] () -- C:\Documents and Settings\Erin and David\Desktop\untitled.bmp < End of report >
  3. PandaActive Log from my system: ;******************************************************************************* ******************************************************************************** * ******************* ANALYSIS: 2008-11-26 21:35:20 PROTECTIONS: 1 MALWARE: 34 SUSPECTS: 0 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== AVG 7.5.549 7.5.549 Yes Yes ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@trafficmp[2].txt 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@trafficmp[2].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@casalemedia[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@doubleclick[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@atdmt[1].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@247realmedia[2].txt 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@fastclick[1].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@tribalfusion[2].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@tribalfusion[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@mediaplex[2].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@mediaplex[1].txt 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@revenue[2].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@com[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@xiti[1].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@statcounter[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@ad.yieldmanager[2].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@ad.yieldmanager[2].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@apmebf[1].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@apmebf[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@serving-sys[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@bs.serving-sys[1].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@bs.serving-sys[2].txt 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@www.burstbeacon[1].txt 00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@weborama[1].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@advertising[2].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@ads.pointroll[2].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@ads.pointroll[1].txt 00170549 Cookie/FortuneCity TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@fortunecity[2].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@overture[2].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@overture[2].txt 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@realmedia[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temp\Cookies\erin and david@questionmarket[2].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@questionmarket[1].txt 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@adrevolver[1].txt 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@searchportal.information[2].txt 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@target[1].txt 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@did-it[1].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@atwola[1].txt 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@ads.addynamix[1].txt 00456116 Adware/Antivirus2009 Adware No 0 Yes No C:\Documents and Settings\Erin and David\Local Settings\Temporary Internet Files\Content.IE5\KXEZO1AB\freescan[2].htm 01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Erin and David\Cookies\erin and david@enhance[2].txt 02164907 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\DIGStream\digstream.exe 03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{1EAAE548-C791-437B-A25F-0CC789572E50}\RP329\A0040288.sys 03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{1EAAE548-C791-437B-A25F-0CC789572E50}\RP328\A0040257.sys ;=============================================================================== ================================================================================ = =================== SUSPECTS Sent Location ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== VULNERABILITIES Id Severity Description ;=============================================================================== ================================================================================ = =================== 108742 MEDIUM MS06-006 ;=============================================================================== ================================================================================ = ===================
  4. I have started the PreHJT Instructions, and did run Spybot S&D. The immunize feature did not however "Protect" and files. All remained "unprotected". Previous post is MBAM log as instructed. PandaActive is currently scanning my system. Will download suggested program to my desktop - and post logs from PandaActive and OTListIt.exe Thanks-
  5. .....First off, thanks for the work you are doing. Much appreciated!!! Here is my first log. Two nights ago I started getting all sorts of pop-ups from premium-live-scan.com. Since then, I've been getting some others as well. Malwarebytes' Anti-Malware 1.30 Database version: 1423 Windows 5.1.2600 Service Pack 2 11/26/2008 7:25:57 PM mbam-log-2008-11-26 (19-25-57).txt Scan type: Quick Scan Objects scanned: 56717 Time elapsed: 8 minute(s), 12 second(s) Memory Processes Infected: 0 Memory Modules Infected: 2 Registry Keys Infected: 3 Registry Values Infected: 4 Registry Data Items Infected: 2 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\WINDOWS\system32\zodofigu.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\yubiwojo.dll (Trojan.BHO) -> Delete on reboot. Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpma37ca89c (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\leralegipu (Trojan.Agent) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: c:\windows\system32\yubiwojo.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: system32\yubiwojo.dll -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\zodofigu.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\ugifodoz.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. c:\WINDOWS\system32\yubiwojo.dll (Trojan.BHO) -> Delete on reboot.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.