Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not Sure If Something Is Wrong ...


  • This topic is locked This topic is locked
2 replies to this topic

#1 Peterabott

Peterabott

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:06 PM

Posted 11 July 2008 - 03:17 AM

Okay, well, I have a fairly good machine. Not sure of the specs, and I'm honestly too lazy to check, but they're good enough. Not fantastic, but good enough.

Now, sometimes I will start to get insane lag while running programs. I will close whatever I'm doing, and wait a bit. I check Task Manager for processes that shouldn't be running (firefox, itunes, etc.). Of course, there never are.

And yet, when I go to start firefox again, it takes a LONG time. I'm talking about minutes.


This should never happen. My computer is good enough to handle Firefox ... Lol.

Also: Sometimes, randomly, I get an error message from Windows Defender, saying the Command Line Utility encountered a problem and had to close. It's one of those send/don't send errors.

Also, one other peculiar thing. Sometimes when I go to shut down or restart my computer, hardly anything happens. I click on the shut down or restart button, a few applications and system tray items close, and then nothing happens. Clicking the shut down or restart button again gets the job done, but I find this really odd ...

I have Kaspersky, and run regular scans of startup objects and critical areas, and my entire disk while I'm out. It hasn't found any viruses, and I have all the security settings on max.

I'm not even sure if anything is wrong, but I figured I might as well be safe. Here are the two log files:

Deckard's System Scanner v20071014.68
Run by Evan on 2008-07-11 01:23:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
131: 2008-07-11 08:23:42 UTC - RP131 - Deckard's System Scanner Restore Point
130: 2008-07-11 06:05:54 UTC - RP130 - ??? Ghost
129: 2008-07-11 06:03:50 UTC - RP129 - Removed Steam(TM)
128: 2008-07-11 05:56:42 UTC - RP128 - System Checkpoint
127: 2008-07-09 02:36:46 UTC - RP127 - Software Distribution Service 3.0


-- First Restore Point -- 
1: 2008-05-14 04:07:07 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Evan.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:21:33 AM, on 11/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\Hamachi\hamachi.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\java.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\java.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\java.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Evan\Desktop\dss.exe
C:\WINDOWS\system32\logonui.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Evan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [WUSB54Gv4] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: WUSB54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 7008 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
R2 npkcrypt - c:\nexon\maplestory\npkcrypt.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver>
R3 GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - c:\windows\system32\gtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
R3 npkcusb - c:\nexon\maplestory\npkcusb.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver>

S0 cercsr6 - c:\windows\system32\drivers\cercsr6.sys <Not Verified; Adaptec, Inc.; Dell RAID Controller>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 JavaQuickStarterService (Java Quick Starter) - "c:\program files\java\jre6\bin\jqs.exe" -service -config "c:\program files\java\jre6\lib\deploy\jqs\jqs.conf" <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U10>
R2 MySQL - "c:\program files\mysql\mysql server 5.0\bin\mysqld-nt" --defaults-file="c:\program files\mysql\mysql server 5.0\my.ini" mysql (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Manufacturer: 
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Service: 

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_01D21028&REV_01\3&172E68DD&0&FB
Manufacturer: 
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_01D21028&REV_01\3&172E68DD&0&FB
Service: 


-- Scheduled Tasks -------------------------------------------------------------

2008-07-11 01:07:33	   330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-07-08 21:43:46	   284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-06-11 and 2008-07-11 -----------------------------

2008-07-11 01:09:53		 0 d-------- C:\Program Files\Trend Micro
2008-07-10 23:14:59		 0 d--hs---- C:\Documents and Settings\Evan\Recent
2008-07-03 21:53:31		 0 d-------- C:\Documents and Settings\Evan\Application Data\AVS4YOU
2008-07-03 21:53:24		 0 d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-07-01 21:18:41		 0 d-------- C:\xampp
2008-07-01 13:40:20		 0 d-------- C:\Program Files\HashCalc
2008-06-30 22:44:35		 0 d-------- C:\Documents and Settings\Evan\Application Data\Hamachi
2008-06-30 22:43:35		 0 d-------- C:\Program Files\Hamachi
2008-06-30 22:07:52		 0 d-------- C:\Program Files\MySQL
2008-06-30 19:46:53		 0 d-------- C:\Netgame
2008-06-27 20:06:52		 0 d-------- C:\Program Files\Common Files\AVSMedia
2008-06-27 20:06:09		 0 d-------- C:\Program Files\AVS4YOU
2008-06-25 20:12:22		 0 d-------- C:\Program Files\Vstplugins
2008-06-25 20:08:03		 0 d-------- C:\Documents and Settings\All Users\Application Data\Sony
2008-06-25 19:54:45		 0 d-------- C:\Program Files\Sony
2008-06-23 16:34:37		 0 d-------- C:\Nexon
2008-06-22 21:31:00		 0 d-------- C:\Program Files\DirectX
2008-06-22 05:30:40		 0 d-------- C:\Program Files\Electronic Arts
2008-06-22 05:27:44	  1096 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-06-21 23:12:38		 0 d-------- C:\Program Files\Defraggler
2008-06-21 23:00:11		 0 d-------- C:\Program Files\Orbitdownloader
2008-06-21 21:48:00		 0 d-------- C:\Documents and Settings\Administrator\Templates
2008-06-21 21:48:00	524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-21 21:48:00		 0 d-------- C:\Documents and Settings\Administrator\Local Settings
2008-06-21 21:48:00		 0 d-------- C:\Documents and Settings\Administrator\Cookies
2008-06-21 21:48:00		 0 d-------- C:\Documents and Settings\Administrator\Application Data
2008-06-21 21:48:00		 0 d-------- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-21 12:41:14		 0 d-------- C:\Documents and Settings\Evan\Application Data\MySQL
2008-06-21 11:38:31		 0 d-------- C:\Documents and Settings\Evan\Application Data\GrabPro
2008-06-20 15:22:40		 0 d-------- C:\Program Files\Sun
2008-06-20 14:52:59		 0 d-------- C:\Documents and Settings\Evan\.SunDownloadManager
2008-06-20 12:13:42		 0 d-------- C:\Program Files\Common Files\Merge Modules
2008-06-20 12:13:40		 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-20 12:12:06		 0 d-------- C:\Program Files\Microsoft SDKs
2008-06-20 12:00:16		 0 d-------- C:\wamp
2008-06-19 21:28:16   4718592 --a------ C:\Documents and Settings\Evan\ntuser.dat
2008-06-19 21:28:15	229376 --a------ C:\Documents and Settings\LocalService\ntuser.dat


-- Find3M Report ---------------------------------------------------------------

2008-07-11 01:13:17		 0 d-------- C:\Documents and Settings\Evan\Application Data\SiteAdvisor
2008-07-10 23:33:06		 0 d-------- C:\Program Files\World of Warcraft
2008-07-10 23:06:59		 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-10 23:03:55		 0 d-------- C:\Program Files\Steam
2008-07-09 03:06:26		 0 d-------- C:\Documents and Settings\Evan\Application Data\Orbit
2008-07-07 21:11:31		 0 d-------- C:\Documents and Settings\Evan\Application Data\LimeWire
2008-07-02 13:04:18	148906 --a------ C:\Program Files\DxWnd.rar
2008-06-30 21:59:35		 0 d-------- C:\Program Files\Java
2008-06-30 21:44:16		 0 d-------- C:\Documents and Settings\Evan\Application Data\uTorrent
2008-06-27 20:06:52		 0 d-------- C:\Program Files\Common Files
2008-06-26 19:01:31		 0 d-------- C:\Program Files\Cheat Engine
2008-06-25 22:26:25	  1100 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-06-21 23:13:35		 0 d-------- C:\Documents and Settings\Evan\Application Data\Real
2008-06-21 22:51:55		 0 d-------- C:\Program Files\Common Files\GTK
2008-06-20 16:22:27		 0 d-------- C:\Program Files\GameSpy Arcade
2008-06-12 10:34:53		 0 d-------- C:\Documents and Settings\Evan\Application Data\Ventrilo
2008-06-04 21:22:44		 0 d-------- C:\Documents and Settings\Evan\Application Data\Sun
2008-06-02 20:28:08		 0 d-------- C:\Program Files\N-Game
2008-06-02 20:08:57		 0 d-------- C:\Documents and Settings\Evan\Application Data\SoundSpectrum
2008-06-01 18:54:56		 0 d-------- C:\Program Files\Kaspersky Lab
2008-05-27 19:45:54		 0 d-------- C:\Program Files\GabbaSoft
2008-05-27 16:14:38		 0 d-------- C:\Documents and Settings\Evan\Application Data\Auslogics
2008-05-26 15:43:18		 0 d-------- C:\Program Files\Avast4
2008-05-25 21:15:21		 0 d-------- C:\Documents and Settings\Evan\Application Data\Publish Providers
2008-05-25 21:15:00		 0 d-------- C:\Documents and Settings\Evan\Application Data\Sony
2008-05-25 21:11:21		 0 d-------- C:\Program Files\Pivot Stickfigure Animator
2008-05-25 21:09:53		 0 d-------- C:\Program Files\DxWnd
2008-05-25 21:08:29		 0 d-------- C:\Documents and Settings\Evan\Application Data\Macromedia
2008-05-25 21:06:39		 0 d-------- C:\Program Files\Common Files\Macromedia
2008-05-25 21:06:01		 0 d-------- C:\Program Files\Sony Setup
2008-05-25 21:05:07		 0 d-------- C:\Program Files\Macromedia
2008-05-25 21:03:48		 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-24 20:04:57		 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-05-24 18:57:15		 0 d-------- C:\Documents and Settings\Evan\Application Data\DAEMON Tools
2008-05-21 21:46:36		 0 d-------- C:\Program Files\Common Files\Java
2008-05-21 21:45:08		 0 d-------- C:\Program Files\LimeWire
2008-05-21 21:38:57		 0 d-------- C:\Program Files\Free iPod Video Converter
2008-05-21 21:32:00		 0 d-------- C:\Program Files\HyCam2
2008-05-21 21:18:47		 0 d-------- C:\Program Files\Common Files\xing shared
2008-05-21 21:18:42		 0 d-------- C:\Program Files\Common Files\Real
2008-05-21 21:18:16		 0 d-------- C:\Program Files\Real
2008-05-21 21:15:45		 0 d-------- C:\Program Files\Winamp
2008-05-21 20:27:39		 0 d-------- C:\Documents and Settings\Evan\Application Data\Winamp
2008-05-18 23:18:07		 0 d-------- C:\Program Files\Google
2008-05-18 14:45:35		 0 d-------- C:\Program Files\Starcraft
2008-05-18 14:01:36		 0 d-------- C:\Documents and Settings\Evan\Application Data\Nexon
2008-05-18 13:55:10		 0 d-------- C:\Program Files\Movie Maker
2008-05-18 13:48:19		 0 d-------- C:\Program Files\SigmaTel
2008-05-18 13:41:12		 0 d-------- C:\Program Files\Vista Inspirat Ultimate 2
2008-05-18 13:26:27	 64567 --a------ C:\WINDOWS\BricoPackUninst.cmd
2008-05-18 13:26:27	  5997 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-05-18 13:26:26	218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-18 13:14:51		 0 d-------- C:\Documents and Settings\Evan\Application Data\ATI
2008-05-18 13:13:36		 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-05-18 13:11:51		 0 d-------- C:\Program Files\ATI Technologies
2008-05-18 13:00:27		 0 d-------- C:\Program Files\MSBuild
2008-05-18 13:00:17		 0 d-------- C:\Program Files\Reference Assemblies
2008-05-18 10:12:26		 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-05-18 09:53:07	   664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-17 22:23:37		 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-17 20:51:46	 32845 --a------ C:\WINDOWS\scunin.dat
2008-05-17 20:51:44	   967 --a------ C:\WINDOWS\ScUnin.pif
2008-05-17 20:51:44	 70656 --a------ C:\WINDOWS\ScUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller>
2008-05-17 20:42:11		 0 d-------- C:\Program Files\Covey Inc
2008-05-17 20:41:55		 0 d-------- C:\Documents and Settings\Evan\Application Data\WinRAR
2008-05-17 20:40:23		 0 d-------- C:\Program Files\EasyToon 1.9.8 EN
2008-05-17 20:36:13		 0 d-------- C:\Program Files\Pidgin
2008-05-17 20:21:13		 0 d-------- C:\Program Files\Common Files\AOL
2008-05-17 20:08:02		 0 d-------- C:\Documents and Settings\Evan\Application Data\Talkback
2008-05-17 19:52:48	  1160 --a------ C:\WINDOWS\mozver.dat
2008-05-17 19:49:20		 0 d-------- C:\Documents and Settings\Evan\Application Data\.purple
2008-05-17 19:34:00		 0 d-------- C:\Documents and Settings\Evan\Application Data\Adobe
2008-05-17 19:26:05		 0 d-------- C:\Program Files\Windows Live
2008-05-17 19:25:44		 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-17 19:19:06		 0 d-------- C:\Program Files\CCleaner
2008-05-17 17:54:25		 0 d-------- C:\Program Files\GIMP-2.0
2008-05-17 17:53:55		 0 d-------- C:\Documents and Settings\Evan\Application Data\Google
2008-05-17 17:52:21		 0 d-------- C:\Program Files\Ventrilo
2008-05-17 17:52:07		 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-17 17:42:54		 0 d-------- C:\Documents and Settings\Evan\Application Data\Apple Computer
2008-05-17 17:42:48		 0 d-------- C:\Program Files\iTunes
2008-05-17 17:42:42		 0 d-------- C:\Program Files\iPod
2008-05-17 17:42:22		 0 d-------- C:\Program Files\QuickTime
2008-05-17 17:41:53		 0 d-------- C:\Program Files\Apple Software Update
2008-05-17 17:41:36		 0 d-------- C:\Program Files\Common Files\Apple
2008-05-17 17:41:02		 0 d-------- C:\Program Files\UberIcon
2008-05-17 17:36:56		 0 d-------- C:\Program Files\uTorrent
2008-05-17 16:57:35		 0 d-------- C:\Program Files\Messenger
2008-05-17 16:48:03		 0 d-------- C:\Program Files\Windows Defender
2008-05-17 16:30:53		 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-17 16:30:51		 0 d-------- C:\Documents and Settings\Evan\Application Data\Mozilla
2008-05-17 15:37:47		 0 d-------- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor
2008-05-13 21:06:54		 0 d-------- C:\Documents and Settings\Evan\Application Data\Identities
2008-05-13 21:02:38		 0 d-------- C:\Program Files\microsoft frontpage
2008-05-13 21:02:27		 0 -rahs---- C:\MSDOS.SYS
2008-05-13 21:02:27		 0 -rahs---- C:\IO.SYS
2008-05-13 21:02:27		 0 --a------ C:\CONFIG.SYS
2008-05-13 21:02:27		 0 --a------ C:\AUTOEXEC.BAT
2008-05-13 21:01:07		 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-13 21:00:02		 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-13 20:59:15	 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-13 20:58:30		 0 d-------- C:\Program Files\Online Services
2008-05-13 20:58:19		 0 d-------- C:\Program Files\MSN Gaming Zone
2008-05-13 20:58:09		 0 d-------- C:\Program Files\Windows NT
2008-05-13 12:48:06		 0 d-------- C:\Program Files\Common Files\ODBC
2008-05-13 12:48:02		 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-05-13 12:47:30		62 --ahs---- C:\Documents and Settings\Evan\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
30/06/2008 09:59 PM	34816	--a------	C:\Program Files\Java\jre6\bin\jp2ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
30/06/2008 09:59 PM	73728	--a------	C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}"= C:\Program Files\Orbitdownloader\GrabPro.dll [10/06/2008 10:47 AM 457848]

[-HKEY_CLASSES_ROOT\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
[HKEY_CLASSES_ROOT\GrabPro.FindBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}]
[HKEY_CLASSES_ROOT\GrabPro.FindBar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WUSB54Gv4"="C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe" [19/04/2004 09:19 AM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [03/11/2006 07:20 PM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [17/05/2008 05:49 PM]
"SigmatelSysTrayApp"="stsystra.exe" [22/03/2005 05:20 PM C:\WINDOWS\stsystra.exe]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [18/12/2007 12:43 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UberIcon"="C:\Program Files\UberIcon\UberIcon Manager.exe" [17/08/2007 07:10 PM]

C:\Documents and Settings\Evan\Start Menu\Programs\Startup\
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe [30/06/2008 10:43:35 PM]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [01/06/2005 12:41:18 PM]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [21/05/2006 12:43:14 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll




-- End of Deckard's System Scanner: finished at 2008-07-11 02:28:52 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of Memory in Use: 40%
Physical Memory (total/avail): 1022.07 MiB / 609.82 MiB
Pagefile Memory (total/avail): 2458.84 MiB / 1837.93 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1889.12 MiB

C: is Fixed (NTFS) - 228.13 GiB total, 161.74 GiB free. 
D: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - Maxtor 7L250S0 - 232.83 GiB - 3 partitions
  \PARTITION0 - Unknown - 54.88 MiB
  \PARTITION1 (bootable) - Installable File System - 228.13 GiB - C:
  \PARTITION2 - Unknown - 4.64 GiB



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: Kaspersky Internet Security v7.0.1.321 (Kaspersky Lab)
AV: Kaspersky Internet Security v7.0.1.321 (Kaspersky Lab)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Orbitdownloader\\orbitdm.exe"="C:\\Program Files\\Orbitdownloader\\orbitdm.exe:*:Enabled:Orbit"
"C:\\Program Files\\Orbitdownloader\\orbitnet.exe"="C:\\Program Files\\Orbitdownloader\\orbitnet.exe:*:Enabled:Orbit"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Evan\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=EVAN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Evan
LOGONSERVER=\\EVAN
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0403
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Evan\LOCALS~1\Temp
TMP=C:\DOCUME~1\Evan\LOCALS~1\Temp
USERDOMAIN=EVAN
USERNAME=Evan
USERPROFILE=C:\Documents and Settings\Evan
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Evan [I](admin)[/I]
Pop [I](admin)[/I]


-- Add/Remove Programs ---------------------------------------------------------

 --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
 --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\1e1226f6ae744ea832300ff8ff4febe\Setup.exe
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\1e1226f6ae744ea832300ff8ff4febe\Setup.exe
Adobe Setup --> MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVS Video Converter 6 --> "C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.2 --> "C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Cheat Engine 5.4 --> "C:\Program Files\Cheat Engine\unins000.exe"
Counter-Strike: Source --> MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
Defraggler (remove only) --> "C:\Program Files\Defraggler\uninst.exe"
EasyToon 1.9.8 EN --> c:\Program Files\EasyToon 1.9.8 EN\Uninstal.exe
EliteSwitch --> C:\Program Files\Covey Inc\EliteSwitch\Uninstal.exe
Free iPod Video Converter 1.34 --> "C:\Program Files\Free iPod Video Converter\unins000.exe"
Gabbasoft Cube Demo --> MsiExec.exe /X{E6B4523B-A47C-4DBA-918C-D9E220B3F4EC}
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
GIMP 2.4.5 --> "C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth --> MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
GrabPro - Toolbar --> regsvr32 /u /s "C:\Program Files\Orbitdownloader\GrabPro.dll" 
Hamachi 1.0.2.5 --> C:\Program Files\Hamachi\uninstall.exe
HashCalc 2.02 --> "C:\Program Files\HashCalc\unins000.exe"
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HyperCam 2 --> "C:\Program Files\HyCam2\UnHyCam2.exe"
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) 6 Update 10 --> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
LimeWire 4.16.7 --> "C:\Program Files\LimeWire\uninstall.exe"
Linksys Wireless-G USB Network Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C7EEF2B9-8C16-4A04-B98D-B1A952A47E55}\setup.exe" -l0x9 
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 --> MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
MapleStory --> MsiExec.exe /I{7A512A34-F4E8-43C4-BD80-43A022B31BF6}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.15) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MySQL Server 5.0 --> MsiExec.exe /I{E9CF8701-483A-4344-8119-0002BD0992A8}
MySQL Tools for 5.0 --> MsiExec.exe /I{EC561602-C0B9-4FAA-A175-1B3273639AC3}
Orbit Downloader --> "C:\Program Files\Orbitdownloader\unins000.exe"
Pack Vista Inspirat 2 1.0 --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Pivot Stickfigure Animator --> MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Sony Vegas Movie Studio Platinum 8.0 --> MsiExec.exe /X{B8E8C8EC-5C22-4B02-9C02-D851262F574C}
Starcraft --> C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
Toribash 3.24 --> "c:\Games\Toribash-3.24\unins000.exe"
UberIcon 1.0.4 --> "C:\Program Files\UberIcon\unins000.exe"
Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
XAMPP 1.6.6a --> "c:\xampp\uninstall.exe"
XML Paper Specification Shared Components Pack 1.0 --> 


-- Application Event Log -------------------------------------------------------

Event Record #/Type1795 / Error
Event Submitted/Written: 07/11/2008 01:51:49 AM
Event ID/Source: 490 / ESENT
Event Description:
svchost (128) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Event Record #/Type1794 / Error
Event Submitted/Written: 07/11/2008 01:24:39 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application MpCmdRun.exe, version 1.1.1593.0, faulting module LegitLib.dll, version 1.5.540.0, fault address 0x0001dc91.
Processing media-specific event for [MpCmdRun.exe!ws!]

Event Record #/Type1793 / Error
Event Submitted/Written: 07/11/2008 01:24:28 AM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Event Record #/Type1785 / Warning
Event Submitted/Written: 07/11/2008 01:03:18 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type1784 / Error
Event Submitted/Written: 07/10/2008 11:44:39 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application MpCmdRun.exe, version 1.1.1593.0, faulting module LegitLib.dll, version 1.5.540.0, fault address 0x0001dc91.
Processing media-specific event for [MpCmdRun.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type7313 / Warning
Event Submitted/Written: 07/11/2008 02:22:36 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%EVAN27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer.  Allow changes only if you trust the program or the software publisher. %EVAN27 can't undo changes that you allow.

For more information please see the following:
%EVAN275

	Scan ID: {8754C2C3-40B3-41E2-BB8F-F359DFDAA18F}

	User: EVAN\Evan

	Name: %EVAN271

	ID: %EVAN272

	Severity: 1.1.1593.05

	Category: 1.1.1593.06

	Path Found: %EVAN276

	Alert Type: %EVAN278

	Detection Type: 1.1.1593.02

Event Record #/Type7312 / Warning
Event Submitted/Written: 07/11/2008 02:22:36 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%EVAN27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer.  Allow changes only if you trust the program or the software publisher. %EVAN27 can't undo changes that you allow.

For more information please see the following:
%EVAN275

	Scan ID: {7A2562CF-E8C9-4367-A9DA-762393556252}

	User: EVAN\Evan

	Name: %EVAN271

	ID: %EVAN272

	Severity: 1.1.1593.05

	Category: 1.1.1593.06

	Path Found: %EVAN276

	Alert Type: %EVAN278

	Detection Type: 1.1.1593.02

Event Record #/Type7311 / Warning
Event Submitted/Written: 07/11/2008 01:46:20 AM
Event ID/Source: 8021 / BROWSER
Event Description:
The browser was unable to retrieve a list of servers from the browser master \\ADRIANCOMPUTER on the network \Device\NetBT_Tcpip_{DA9C1913-D7AF-4667-A5A4-C3F2E64C3E65}.
The data is the error code.

Event Record #/Type7302 / Warning
Event Submitted/Written: 07/11/2008 01:04:55 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%EVAN27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer.  Allow changes only if you trust the program or the software publisher. %EVAN27 can't undo changes that you allow.

For more information please see the following:
%EVAN275

	Scan ID: {85E2C750-F9EA-4217-919C-62A987EDE8BF}

	User: EVAN\Evan

	Name: %EVAN271

	ID: %EVAN272

	Severity: 1.1.1593.05

	Category: 1.1.1593.06

	Path Found: %EVAN276

	Alert Type: %EVAN278

	Detection Type: 1.1.1593.02

Event Record #/Type7295 / Error
Event Submitted/Written: 07/11/2008 01:04:25 AM / 07/11/2008 01:04:52 AM
Event ID/Source: 12294 / ati2mtag
Event Description:
CRT invalid display type



-- End of Deckard's System Scanner: finished at 2008-07-11 02:28:52 ------------

Thanks for reading, and please reply!

Edited by Peterabott, 11 July 2008 - 02:38 PM.


BC AdBot (Login to Remove)

 


m

#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:06 PM

Posted 02 August 2008 - 04:03 PM

Hello Peterabott

Welcome to BleepingComputer :thumbsup:
========================
If you are still in need of assistance please post a new Dss log.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#3 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:06 PM

Posted 16 August 2008 - 08:41 AM

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member with address of this thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users