-
Member
OLT.txt 6
Last edited by ken545; 2010-12-07 at 23:48.
-
Member
OLT.txt 7
Last edited by ken545; 2010-12-07 at 23:49.
-
Member
OLT.txt 8
Last edited by ken545; 2010-12-07 at 23:50.
-
Member
OLT.txt 9
Last edited by ken545; 2010-12-07 at 23:52.
-
Member
OLT.txt 10
Last edited by ken545; 2010-12-07 at 23:50.
-
Member
OLT.txt 11
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (TLFind Class) - {8692FED1-9267-4624-96B9-3B94946A0524} - C:\Program Files\Tildes Birojs 2002\TLFindAddIn.dll ()
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No CLSID value found.
O2 - BHO: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CF745ACA-6FA6-45ED-AB49-E10A0D1870C5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Immunet Protect] C:\Program Files\Immunet Protect\2.0.17\iptray.exe (Immunet)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [AnVir Task Manager Free] C:\Program Files\AnVir Task Manager Free\AnVir.exe (AnVir Software)
O4 - HKCU..\Run: [FreeRAM XP] C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe (YourWare Solutions (TM))
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Tulkot ar Tildes Datorvārdnīcu - C:\Program Files\Tildes Birojs 2002\TDVLauncher.DLL ()
O9 - Extra Button: Tildes Meklētājs - {11FD30F4-F186-4ebe-A384-E22965FDEC7A} - C:\Program Files\Tildes Birojs 2002\TLFindAddIn.dll ()
O9 - Extra 'Tools' menuitem : Tildes &Meklētājs - {11FD30F4-F186-4ebe-A384-E22965FDEC7A} - C:\Program Files\Tildes Birojs 2002\TLFindAddIn.dll ()
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/res...scbase6770.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1265051472109 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.09.29 11:31:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.07 22:09:33 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010.12.07 22:06:55 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Administrator\Desktop\ATF-Cleaner.exe
[2010.12.03 15:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\New Folder
[2010.12.02 19:34:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010.12.02 19:30:19 | 002,963,664 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Desktop\ccsetup301.exe
[2010.12.02 19:01:07 | 001,841,456 | ---- | C] (IObit ) -- C:\Documents and Settings\Administrator\Desktop\defragsetup.exe
[2010.12.02 15:35:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\diagnostics
[2010.12.02 14:48:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.12.02 14:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010.12.02 14:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\prog
[2010.11.30 11:05:57 | 000,000,000 | ---D | C] -- C:\own_files
[2010.11.26 16:33:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\makslas_stils
[2010.11.26 16:33:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\zpd
[2010.11.13 15:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\AquaSnap
[2010.11.10 19:06:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\pazera
[2010.11.10 19:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2010.11.08 16:35:58 | 000,028,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2010.11.08 16:30:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H
[2010.11.08 16:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010.11.08 16:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010.11.08 16:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010.11.08 16:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010.11.08 16:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.11.08 16:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.11.08 16:22:20 | 000,000,000 | RH-D | C] -- C:\MSOCache
========== Files - Modified Within 30 Days ==========
[2010.12.07 22:24:50 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.07 22:23:45 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\PandaUSBVaccine.job
[2010.12.07 22:22:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.07 22:12:59 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\www_analize3.doc
[2010.12.07 22:09:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010.12.07 22:06:55 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Administrator\Desktop\ATF-Cleaner.exe
[2010.12.07 22:01:06 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\www_analize2.doc
[2010.12.07 21:13:15 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010.12.07 16:21:20 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.12.07 15:43:42 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2010.12.06 20:26:47 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\www_analize.doc
[2010.12.06 16:00:52 | 000,015,529 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\msg.JPG
[2010.12.03 16:04:16 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.12.02 22:49:20 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010.12.02 19:30:29 | 002,963,664 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Desktop\ccsetup301.exe
[2010.12.02 19:01:13 | 001,841,456 | ---- | M] (IObit ) -- C:\Documents and Settings\Administrator\Desktop\defragsetup.exe
[2010.12.02 14:48:10 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Startup\ERUNT AutoBackup.lnk
[2010.12.02 14:47:48 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.29 16:44:59 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.28 10:27:01 | 000,061,952 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Funkciju_izmantoshana_Uzd2.doc
[2010.11.26 07:44:09 | 001,524,095 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Untitled-Scanned-01.jpg
[2010.11.25 22:11:35 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\funkcijas_if_case.doc
[2010.11.24 20:10:14 | 002,239,670 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Untitled-Scanned-02.jpg
[2010.11.24 18:16:16 | 000,060,416 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Funkciju_izmantoshana_Uzd.doc
[2010.11.24 17:56:38 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\rgb.doc
[2010.11.21 21:17:33 | 000,607,162 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\untitled.JPG
[2010.11.16 20:03:52 | 000,074,752 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\zpd.doc
[2010.11.14 18:26:31 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\izmantota_lit.xls
[2010.11.12 16:30:39 | 000,461,864 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.11.12 16:30:39 | 000,078,192 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.11.11 14:41:50 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Forms.doc
[2010.11.09 22:26:17 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\kalkulators.doc
[2010.11.09 18:10:40 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Administrator\Desktop\~$ogramesana.doc
[2010.11.08 18:47:50 | 000,342,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.08 16:36:22 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010.11.08 10:32:38 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.exe
========== Files Created - No Company Name ==========
[2010.12.07 22:14:31 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.exe
[2010.12.07 22:12:58 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\www_analize3.doc
[2010.12.07 15:43:38 | 000,288,107 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2010.12.06 23:31:14 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\www_analize2.doc
[2010.12.06 19:31:43 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\www_analize.doc
[2010.12.06 16:00:52 | 000,015,529 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\msg.JPG
[2010.12.03 16:04:16 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.12.02 19:02:57 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010.12.02 14:48:10 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Startup\ERUNT AutoBackup.lnk
[2010.12.02 14:47:48 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010.11.26 16:33:23 | 000,061,952 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Funkciju_izmantoshana_Uzd2.doc
[2010.11.25 16:39:51 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\funkcijas_if_case.doc
[2010.11.25 08:34:38 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Forms.doc
[2010.11.24 20:10:10 | 002,239,670 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Untitled-Scanned-02.jpg
[2010.11.24 20:10:01 | 001,524,095 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Untitled-Scanned-01.jpg
[2010.11.24 17:54:02 | 000,060,416 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Funkciju_izmantoshana_Uzd.doc
[2010.11.21 21:17:33 | 000,607,162 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\untitled.JPG
[2010.11.17 18:32:07 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\rgb.doc
[2010.11.13 14:34:14 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\izmantota_lit.xls
[2010.11.13 14:32:58 | 000,074,752 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\zpd.doc
[2010.11.09 18:10:40 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Administrator\Desktop\~$ogramesana.doc
[2010.11.08 18:17:00 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\kalkulators.doc
[2010.11.08 16:36:22 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.03.28 16:02:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\flag.ini
[2010.01.26 16:14:28 | 000,000,178 | ---- | C] () -- C:\WINDOWS\EQ3D.ini
[2010.01.25 15:42:47 | 000,119,296 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2010.01.25 15:42:47 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2010.01.25 15:42:47 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dxinputdll.dll
[2009.12.21 22:36:46 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2009.11.23 15:51:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\settings.ini
[2009.11.23 15:50:44 | 000,000,060 | ---- | C] () -- C:\WINDOWS\excel5.ini
[2009.11.18 16:39:15 | 000,000,207 | ---- | C] () -- C:\WINDOWS\youtube2mp3.ini
[2009.11.16 19:09:35 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\syoepk_lib0.dll
[2009.10.22 16:29:24 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009.10.19 13:43:26 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009.10.04 16:48:29 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.02 12:50:35 | 000,168,208 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll1
[2009.09.29 14:21:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.09.29 11:51:58 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.09.29 11:51:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009.09.29 11:51:56 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.09.29 11:51:56 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.09.29 11:51:55 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.09.29 11:51:52 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.02.05 12:28:20 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\setup.txt
[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005.02.05 22:46:00 | 000,004,608 | ---- | C] () -- C:\WINDOWS\fgexec.dll
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2003.01.07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2009.10.19 13:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon
[2010.01.25 17:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\CBS Interactive
[2010.08.31 19:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\CheckPoint
[2009.10.12 16:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\COWON
[2010.10.14 19:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
[2010.02.18 19:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IcoFX
[2010.09.10 11:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Immunet
[2010.01.10 11:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IObit
[2010.01.25 15:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\KALiNKOsoft
[2009.11.11 16:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Laconic Software
[2010.02.05 16:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nokia
[2010.09.22 20:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Notepad++
[2009.09.29 12:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2010.12.03 15:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PC Suite
[2009.10.19 13:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2009.12.08 20:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Stardock
[2009.11.11 18:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Thunderbird
[2009.12.03 17:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2010.02.02 08:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2010.02.02 08:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2010.09.29 15:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2010.02.16 17:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009.10.19 13:38:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010.02.18 18:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IconTweaker
[2009.12.18 16:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010.11.10 19:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2009.12.18 16:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010.02.05 16:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2010.04.12 12:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2010.02.05 15:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.10.19 13:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010.01.23 21:19:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010.02.04 19:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.10.28 12:21:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
[2010.12.07 22:23:45 | 000,000,510 | ---- | M] () -- C:\WINDOWS\Tasks\PandaUSBVaccine.job
[2010.12.07 21:13:15 | 000,000,400 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\WINDOWS\System32\zlib.dll:�SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\WINDOWS\System32\zlib.dll:�DocumentSummaryInformation
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
-
Member
Extras.txt
OTL Extras logfile created on: 2010.12.07. 22:29:01 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000426 | Country: Latvia | Language: LVI | Date Format: yyyy.MM.dd.
510,00 Mb Total Physical Memory | 163,00 Mb Available Physical Memory | 32,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 19,50 Gb Free Space | 52,35% Space Free | Partition Type: NTFS
Computer Name: IBM-NETVISTA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004098A1-0362-4C42-A1C3-CAD436CFF4A1}" = YouTube Downloader Toolbar v1.0
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{4876620D-206A-49CD-932B-9BFBED83D55D}" = Latvian (Apostrofs v0.3; komats)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}" = PC Connectivity Solution
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 3.70
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AAA8CA88-8A22-43D1-867F-ABD7944C9815}" = Intel(R) Network Connections 14.3.0.0
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C6194F20-5684-4D79-9F60-3F132C4F2880}" = AquaSnap
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D88C3E7C-1DA6-4AD7-97FC-75BC8705B266}" = runtime
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E32B4F2B-5CED-45F1-8B94-55394553F1F0}" = Tildes Birojs 2002
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"1-Click YouTube Downloader_is1" = 1-Click YouTube Downloader 4.0
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnVir Task Manager Free" = AnVir Task Manager Free
"avast5" = avast! Free Antivirus
"Canon MP140 series User Registration" = Canon MP140 series User Registration
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"ERUNT_is1" = ERUNT 1.1j
"Fences" = Fences
"Free Fire Screensaver" = Free Fire Screensaver
"HijackThis" = HijackThis 2.0.2
"IcoFX_is1" = IcoFX 1.6.4
"IconTweaker" = IconTweaker
"ie8" = Windows Internet Explorer 8
"Immunet Protect" = Immunet Protect
"IrfanView" = IrfanView (remove only)
"KeyScrambler" = KeyScrambler
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.1.0
"Lossless JPEG Rotator_is1" = Lossless JPEG Rotator 1.01
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"MP Navigator 3.1" = Canon MP Navigator 3.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"ObjectDock" = ObjectDock
"qt7lite_is1" = QT Lite 2.8.0
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.87
"SimCity 3000" = SimCity 3000
"Smart Defrag_is1" = Smart Defrag
"Speccy" = Speccy
"TipCam" = TipCam 2.2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinPatrol" = WinPatrol
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"ZoneAlarm Pro" = ZoneAlarm Pro
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
"WinDirStat" = WinDirStat 1.1.2
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2010.11.01. 16:23:21 | Computer Name = IBM-NETVISTA | Source = Application Error | ID = 1001
Description = Fault bucket -2137488337.
Error - 2010.11.01. 16:23:54 | Computer Name = IBM-NETVISTA | Source = Application Error | ID = 1000
Description = Faulting application casetup32.exe, version 2.0.17.31, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x00011780.
Error - 2010.11.13. 13:40:45 | Computer Name = IBM-NETVISTA | Source = ESENT | ID = 490
Description = svchost (868) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 2010.11.14. 12:04:05 | Computer Name = IBM-NETVISTA | Source = ESENT | ID = 490
Description = svchost (868) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 2010.11.14. 12:04:06 | Computer Name = IBM-NETVISTA | Source = ESENT | ID = 439
Description = Catalog Database (868) Unable to write a shadowed header for file
C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb. Error
-1032.
Error - 2010.11.14. 12:04:06 | Computer Name = IBM-NETVISTA | Source = ESENT | ID = 470
Description = Catalog Database (868) Database C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
is partially attached. Attachment stage: 1. Error: -1032.
Error - 2010.11.14. 15:42:51 | Computer Name = IBM-NETVISTA | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3951, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.
Error - 2010.11.18. 12:45:38 | Computer Name = IBM-NETVISTA | Source = Application Hang | ID = 1002
Description = Hanging application MDICTION.DEX, version 2.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 2010.11.18. 12:46:30 | Computer Name = IBM-NETVISTA | Source = Application Hang | ID = 1001
Description = Fault bucket 16633019.
Error - 2010.11.22. 1:12:54 | Computer Name = IBM-NETVISTA | Source = ESENT | ID = 490
Description = svchost (924) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
[ System Events ]
Error - 2010.11.29. 9:35:53 | Computer Name = IBM-NETVISTA | Source = DCOM | ID = 10010
Description = The server {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C} did not register
with DCOM within the required timeout.
Error - 2010.11.30. 9:07:13 | Computer Name = IBM-NETVISTA | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.
Error - 2010.11.30. 9:07:19 | Computer Name = IBM-NETVISTA | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.
Error - 2010.12.01. 9:19:42 | Computer Name = IBM-NETVISTA | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the McAfee SiteAdvisor Service service.
Error - 2010.12.07. 9:46:53 | Computer Name = IBM-NETVISTA | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 2010.12.07. 9:46:56 | Computer Name = IBM-NETVISTA | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 2010.12.07. 9:47:03 | Computer Name = IBM-NETVISTA | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 2010.12.07. 9:47:05 | Computer Name = IBM-NETVISTA | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 2010.12.07. 9:47:14 | Computer Name = IBM-NETVISTA | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 2010.12.07. 9:47:14 | Computer Name = IBM-NETVISTA | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.
< End of report >
-
Member
One more question- was the hosts file suppose to look like that?
-
I dont know what that was all about so I deleted it. Any other scans we run, anything like that comes up DO NOT POST IT.
Run Malwarebytes and post the log
Last edited by ken545; 2010-12-07 at 23:51.
-
Member
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Database version: 5270
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010.12.08. 17:58:47
mbam-log-2010-12-08 (17-58-47).txt
Scan type: Full scan (A:\|C:\|D:\|)
Objects scanned: 171335
Time elapsed: 1 hour(s), 5 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
---
This PC is still slower than usual (especially on startup) after running the gmer tool, and it has been several reboots and shutdowns since then.
Also I had a look at the original hosts file (didn't even think of modifying anything):
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
