HI deltalima: my account is an administrator account. Here is the CK Scanner result:
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.DWNATM
----- EOF -----
Here is the MGA Diag results:
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-DX2DP-HMX8W-GQ82B
Windows Product Key Hash: 68vgANjLZ/oVC3WGhM/O7SnGUAw=
Windows Product ID: 76487-OEM-2258675-94892
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {2FF68496-1C71-40D2-9E43-C8A17E2F1AC2}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A
Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft
OGA Data-->
Office Status: 101 Not Activated
Microsoft Word 2002 - 101 Not Activated
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: 025D1FF3-230-1_3E121E02-385-80004005_3E121E02-452-80004005_3E121E02-312-80004005
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{2FF68496-1C71-40D2-9E43-C8A17E2F1AC2}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-GQ82B</PKey><PID>76487-OEM-2258675-94892</PID><PIDType>3</PIDType><SID>S-1-5-21-682003330-2049760794-2146849767</SID><SYSTEM><Manufacturer>Dell Computer Corporation</Manufacturer><Model>Dimension 2400 </Model></SYSTEM><BIOS><Manufacturer>Dell Computer Corporation</Manufacturer><Version>A05</Version><SMBIOSVersion major="2" minor="3"/><Date>20031202000000.000000+000</Date></BIOS><HWID>2595389FE184C056</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>101</Result><Products><Product GUID="{911B0409-6000-11D3-8CFE-0050048383C9}"><LegitResult>101</LegitResult><Name>Microsoft Word 2002</Name><Ver>10</Ver><Val>6FFC683EFC69CC8</Val><Hash>Fx4ObSVLY3FcY5JOmbLJC4v3Ztw=</Hash><Pid>54189-OEM-1693763-43620</Pid><PidType>4</PidType></Product></Products><Applications><App Id="1B" Version="10" Result="101"/></Applications></Office></Software></GenuineResults>
Licensing Data-->
N/A
Windows Activation Technologies-->
N/A
HWID Data-->
N/A
OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1B285:Dell Inc|1B285:Microsoft Corporation
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005
OEM Activation 2.0 Data-->
N/A
Here is the OTL results:
OTL logfile created on: 3/13/2012 5:16:20 PM - Run 1
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Documents and Settings\Memaw\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: | Country: | Language: | Date Format:
503.00 Mb Total Physical Memory | 93.04 Mb Available Physical Memory | 18.50% Memory free
1.20 Gb Paging File | 0.82 Gb Available in Paging File | 68.38% Paging File free
Paging file location(s): D:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 55.92 Gb Free Space | 75.05% Space Free | Partition Type: NTFS
Drive D: | 74.50 Gb Total Space | 73.64 Gb Free Space | 98.84% Space Free | Partition Type: NTFS
Computer Name: GODS | User Name: Memaw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Memaw\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Memaw\Desktop\CKScanner.exe ()
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
PRC - C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe ()
PRC - C:\Program Files\OpenDNS Updater\OpenDNS Updater.exe (OpenDNS)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
PRC - C:\Program Files\PowerMenu\PowerMenu.exe (Thong Nguyen)
PRC - C:\WINDOWS\StartupMonitor.exe ()
========== Modules (No Company Name) ========== MOD - C:\Documents and Settings\Memaw\Desktop\CKScanner.exe ()
MOD - C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe ()
MOD - C:\WINDOWS\StartupMonitor.exe ()
========== Win32 Services (SafeList) ========== SRV - (WMPNetworkSvc) -- File not found
SRV - (WinDefend) -- File not found
SRV - (Nero BackItUp Scheduler 4.0) -- File not found
SRV - (HidServ) -- File not found
SRV - (aswUpdSv) -- File not found
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
SRV - (OpenDNS Updater.exe) -- C:\Program Files\OpenDNS Updater\OpenDNS Updater.exe (OpenDNS)
SRV - (UPHClean) -- C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (cpuz132) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- File not found
DRV - (aeaudio) -- File not found
DRV - (MpKsl5e2d80e5) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{84E5B935-94F0-40AB-9362-912A80762C3C}\MpKsl5e2d80e5.sys (Microsoft Corporation)
DRV - (a2acc) -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys (Emsi Software GmbH)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (A2DDA) -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys (Emsi Software GmbH)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (NetBurn) -- C:\WINDOWS\system32\drivers\NetBurn.sys (Rocket Division Software)
DRV - (Uim_IM) -- C:\WINDOWS\system32\drivers\Uim_IM.sys (Paragon)
DRV - (UimBus) -- C:\WINDOWS\system32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (iAimFP4) -- C:\WINDOWS\system32\drivers\wvchntxx.sys (Intel(R) Corporation)
DRV - (iAimFP3) -- C:\WINDOWS\system32\drivers\wsiintxx.sys (Intel(R) Corporation)
DRV - (iAimTV3) -- C:\WINDOWS\system32\drivers\watv04nt.sys (Intel(R) Corporation)
DRV - (iAimTV0) -- C:\WINDOWS\system32\drivers\watv01nt.sys (Intel(R) Corporation)
DRV - (iAimTV4) -- C:\WINDOWS\system32\drivers\wch7xxnt.sys (Intel(R) Corporation)
DRV - (iAimTV1) -- C:\WINDOWS\system32\drivers\watv02nt.sys (Intel(R) Corporation)
DRV - (i81x) -- C:\WINDOWS\system32\drivers\i81xnt5.sys (Intel(R) Corporation)
DRV - (iAimFP0) -- C:\WINDOWS\system32\drivers\wadv01nt.sys (Intel(R) Corporation)
DRV - (iAimFP1) -- C:\WINDOWS\system32\drivers\wadv02nt.sys (Intel(R) Corporation)
DRV - (iAimFP2) -- C:\WINDOWS\system32\drivers\wadv05nt.sys (Intel(R) Corporation)
DRV - (nnlqsujairip) -- C:\WINDOWS\system32\drivers\nnlqsujairip.sys ()
DRV - (senfilt) -- C:\WINDOWS\system32\drivers\senfilt.sys (Creative Technology Ltd.)
DRV - (iAimTV5) -- C:\WINDOWS\system32\drivers\watv10nt.sys (Intel(R) Corporation)
DRV - (iAimTV6) -- C:\WINDOWS\system32\drivers\watv06nt.sys (Intel(R) Corporation)
DRV - (iAimFP7) -- C:\WINDOWS\system32\drivers\wadv09nt.sys (Intel(R) Corporation)
DRV - (iAimFP5) -- C:\WINDOWS\system32\drivers\wadv07nt.sys (Intel(R) Corporation)
DRV - (iAimFP6) -- C:\WINDOWS\system32\drivers\wadv08nt.sys (Intel(R) Corporation)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (IdeChnDr) Intel(R) -- C:\WINDOWS\system32\DRIVERS\IdeChnDr.sys (Intel Corporation)
DRV - (IdeBusDr) -- C:\WINDOWS\system32\DRIVERS\IdeBusDr.sys (Intel Corporation)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (BCM44X2) -- C:\WINDOWS\system32\drivers\BCM4E5.SYS (Broadcom Corporation)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec)
DRV - (Cdr4vsd) -- C:\WINDOWS\System32\drivers\CDR4VSD.SYS (Adaptec)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://search.msn.com/spbasic.htmIE - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: File not found
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohPlayer: C:\Documents and Settings\Memaw\My Documents\My Videos\Veoh\AppBackup\Plugins\noreg\NPVeohVersion.dll (Veoh Networks Inc)
FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1: File not found
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/07/22 23:17:47 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/03/09 19:44:20 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O3 - HKLM\..\Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PowerMenu] C:\Program Files\PowerMenu\PowerMenu.exe (Thong Nguyen)
O4 - HKLM..\Run: [Run StartupMonitor] C:\WINDOWS\StartupMonitor.exe ()
O4 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003..\Run: [OpenDNS Updater] C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0
O7 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 01 00 00 00 [binary data]
O7 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 01 00 00 00 [binary data]
O7 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O15 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\..Trusted Domains: doityourself.com ([forum] http in Trusted sites)
O15 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O15 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
O15 - HKU\S-1-5-21-682003330-2049760794-2146849767-1003\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5340F835-041A-4B9D-A584-FCDF968F76A8}: DhcpNameServer = 172.16.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5340F835-041A-4B9D-A584-FCDF968F76A8}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0DCA3BC-E6F0-41AC-97CF-47BCC1AA4E5B}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\willowrd.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\willowrd.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/21 23:32:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2012/03/13 17:14:03 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Memaw\Desktop\OTL.exe
[2012/03/13 16:30:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Memaw\Recent
[2012/03/10 20:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/03/10 20:09:19 | 009,301,888 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Memaw\My Documents\mseinstall-x86fre-en-us.exe
[2012/03/10 18:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Emsisoft Anti-Malware
[2012/03/10 18:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2012/03/10 18:15:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Memaw\My Documents\Anti-Malware
[2012/03/09 22:48:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Memaw\Local Settings\Application Data\FixItCenter
[2012/03/09 22:41:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/03/09 22:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012/03/09 21:09:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Memaw\Desktop\dds.scr
[2012/03/08 23:55:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/08 23:55:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/03/08 23:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/03/08 15:01:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012/03/08 14:58:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012/03/07 18:25:08 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/03/07 16:10:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution.old
[2012/03/07 11:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Memaw\Application Data\Office Genuine Advantage
[2012/03/07 02:49:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/03/07 02:33:28 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/03/07 02:33:28 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/03/07 02:33:28 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/03/07 02:33:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/03/07 02:32:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/03/07 01:55:40 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2012/03/07 01:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/03/07 01:25:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRM
[2012/03/06 18:25:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2012/03/04 22:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2.old
[2012/03/04 21:53:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kodak
[2012/03/04 21:06:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2012/03/04 21:06:05 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012/03/04 21:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012/03/04 20:29:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2012/03/03 20:08:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2012/03/03 19:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Memaw\Application Data\SUPERAntiSpyware.com
[2012/03/03 19:16:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/03/03 19:16:18 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/03/03 19:16:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/03/03 01:01:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2012/03/03 01:01:50 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/03/02 19:55:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2012/03/02 07:46:26 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2012/03/01 14:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Memaw\Application Data\OpenDNS Updater
[2012/03/01 02:32:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Memaw\Application Data\ElevatedDiagnostics
[2012/03/01 02:32:27 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012/02/29 23:44:16 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/02/29 23:42:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/02/29 23:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2012/02/29 23:42:16 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Memaw\PrintHood
[2012/02/29 23:06:44 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Memaw\Desktop\TFC.exe
[2012/02/29 21:07:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Memaw\Local Settings\Application Data\PCHealth
[2012/02/29 20:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/02/29 20:22:20 | 000,326,976 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Memaw\Desktop\aswclear.exe
[2012/02/29 20:17:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/02/29 20:11:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Memaw\IECompatCache
[2012/02/29 20:11:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Memaw\PrivacIE
[2012/02/29 19:54:40 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Memaw\IETldCache
[2012/02/29 19:48:32 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012/02/29 19:47:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/02/29 19:37:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/02/29 19:28:33 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012/02/29 19:28:23 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012/02/29 19:13:39 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012/02/29 18:17:36 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012/02/29 18:12:38 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012/02/29 18:02:51 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2012/02/29 17:50:24 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012/02/29 17:50:23 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012/02/29 17:39:52 | 000,991,232 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\virtear.dll
[2012/02/29 17:39:52 | 000,065,536 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3d.dll
[2012/02/29 17:39:52 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2012/02/29 17:39:52 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2012/02/29 17:39:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar
[2012/02/29 17:39:52 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2012/02/29 17:39:00 | 000,765,952 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System\crlds3d.dll
[2012/02/29 17:39:00 | 000,732,928 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\senfilt.sys
[2012/02/29 17:39:00 | 000,311,296 | ---- | C] (Analog Devices Incorporated) -- C:\WINDOWS\System32\Edcrypt.dll
[2012/02/29 17:39:00 | 000,023,040 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\PostProc.dll
[2012/02/29 17:26:34 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2012/02/29 17:25:33 | 001,245,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2012/02/29 17:25:33 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2012/02/29 17:25:33 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2012/02/29 17:25:33 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2012/02/29 17:25:33 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2012/02/29 17:25:33 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2012/02/29 17:25:33 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2012/02/29 17:25:33 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2012/02/29 17:25:33 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2012/02/29 17:25:33 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2012/02/29 17:25:33 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2012/02/29 17:25:33 | 000,114,688 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe
[2012/02/29 17:25:32 | 002,289,664 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmgicd.dll
[2012/02/29 17:25:32 | 000,879,228 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll
[2012/02/29 17:25:32 | 000,516,096 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmgdev.dll
[2012/02/29 17:25:32 | 000,178,844 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdev5.dll
[2012/02/29 17:25:32 | 000,108,157 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll
[2012/02/29 17:25:32 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4342.dll
[2012/02/29 17:25:32 | 000,049,152 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2012/02/29 17:25:32 | 000,038,016 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll
[2012/02/29 17:25:32 | 000,036,864 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2012/02/29 17:25:32 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/02/29 17:12:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Memaw\My Documents\Downloads
[2012/02/29 16:10:51 | 000,043,136 | R--- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys
[2012/02/29 16:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/02/29 16:10:25 | 000,000,000 | ---D | C] -- C:\dell
[2012/02/29 15:47:36 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCM4E5.SYS
[2012/02/29 15:47:36 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2012/02/29 15:41:31 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\b57xp32.sys
[2012/02/29 15:41:31 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
========== Files - Modified Within 30 Days ========== [2012/03/13 17:14:17 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Memaw\Desktop\OTL.exe
[2012/03/13 17:02:54 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/13 16:56:42 | 000,458,240 | ---- | M] () -- C:\Documents and Settings\Memaw\Desktop\CKScanner.exe
[2012/03/13 16:30:38 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/03/13 16:23:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/13 16:22:21 | 000,000,345 | RHS- | M] () -- C:\boot.ini
[2012/03/12 21:56:01 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Memaw\Desktop\Launch StudyDog Level 1.lnk
[2012/03/11 23:36:41 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/03/11 23:29:42 | 000,484,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/11 23:29:42 | 000,082,062 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/11 22:19:22 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\MpCmdRun.job
[2012/03/10 20:09:22 | 009,301,888 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Memaw\My Documents\mseinstall-x86fre-en-us.exe
[2012/03/10 20:02:04 | 000,002,334 | ---- | M] () -- C:\FixitRegBackup.reg
[2012/03/10 18:16:51 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Memaw\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/03/10 18:16:51 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2012/03/10 16:34:02 | 000,326,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/09 22:41:16 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/03/09 21:43:00 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Memaw\Desktop\settings.dat
[2012/03/09 21:42:57 | 000,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Memaw\Desktop\RootRepeal.exe
[2012/03/09 21:10:09 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Memaw\Desktop\dds.scr
[2012/03/09 19:44:23 | 000,002,810 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2012/03/09 19:44:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/03/09 18:33:29 | 000,787,510 | ---- | M] () -- C:\WINDOWS\willowrd.bmp
[2012/03/08 23:55:53 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Memaw\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/03/08 15:00:26 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/03/08 15:00:26 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/03/06 19:53:51 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/03/05 18:16:28 | 000,000,063 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.old
[2012/03/05 05:08:43 | 000,002,535 | ---- | M] () -- C:\Documents and Settings\Memaw\Desktop\Launch StudyDog Level 3.lnk
[2012/03/03 19:16:32 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/03/01 02:21:59 | 000,000,446 | ---- | M] () -- C:\Documents and Settings\Memaw\Desktop\chromehtml.reg
[2012/03/01 02:18:58 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Memaw\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/29 23:06:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Memaw\Desktop\TFC.exe
[2012/02/29 20:22:23 | 000,326,976 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Memaw\Desktop\aswclear.exe
[2012/02/29 18:40:55 | 000,000,229 | ---- | M] () -- C:\Boot.bak
[2012/02/29 17:13:02 | 000,012,540 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
========== Files Created - No Company Name ========== [2012/03/13 16:56:36 | 000,458,240 | ---- | C] () -- C:\Documents and Settings\Memaw\Desktop\CKScanner.exe
[2012/03/10 20:10:10 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/03/10 18:16:51 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Memaw\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/03/10 18:16:51 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2012/03/09 22:41:16 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/03/09 22:41:16 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/03/09 21:43:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Memaw\Desktop\settings.dat
[2012/03/09 21:42:41 | 000,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Memaw\Desktop\RootRepeal.exe
[2012/03/08 23:55:53 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Memaw\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/03/08 23:31:35 | 000,002,810 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2012/03/07 02:33:28 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/03/07 02:33:28 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/03/07 02:33:28 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/03/07 02:33:28 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/03/07 02:33:28 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/03/03 19:16:32 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/03/02 19:09:12 | 000,000,422 | ---- | C] () -- C:\WINDOWS\tasks\MpCmdRun.job
[2012/03/01 14:47:00 | 000,001,659 | ---- | C] () -- C:\Documents and Settings\Memaw\Start Menu\Programs\OpenDNS Updater.lnk
[2012/03/01 02:21:55 | 000,000,446 | ---- | C] () -- C:\Documents and Settings\Memaw\Desktop\chromehtml.reg
[2012/02/29 23:44:20 | 000,000,229 | ---- | C] () -- C:\Boot.bak
[2012/02/29 23:44:18 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/02/29 21:17:46 | 000,002,334 | ---- | C] () -- C:\FixitRegBackup.reg
[2012/02/29 18:17:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/29 18:17:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/29 17:27:24 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/02/29 17:25:33 | 000,066,013 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2012/02/29 17:25:33 | 000,062,836 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2012/02/29 17:25:33 | 000,061,839 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2012/02/29 17:25:32 | 000,062,578 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2012/02/29 17:25:32 | 000,062,454 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2012/02/29 17:25:32 | 000,062,339 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2012/02/29 17:25:32 | 000,060,786 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2012/02/29 17:25:32 | 000,059,687 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2012/02/29 17:25:32 | 000,059,354 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2012/02/29 17:25:32 | 000,058,430 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\yv12vfw.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\x.264.exe:SummaryInformation
< End of report >
here is the extras result:
OTL Extras logfile created on: 3/13/2012 5:16:20 PM - Run 1
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Documents and Settings\Memaw\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: | Country: | Language: | Date Format:
503.00 Mb Total Physical Memory | 93.04 Mb Available Physical Memory | 18.50% Memory free
1.20 Gb Paging File | 0.82 Gb Available in Paging File | 68.38% Paging File free
Paging file location(s): D:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 55.92 Gb Free Space | 75.05% Space Free | Partition Type: NTFS
Drive D: | 74.50 Gb Total Space | 73.64 Gb Free Space | 98.84% Space Free | Partition Type: NTFS
Computer Name: GODS | User Name: Memaw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [opennew] -- explorer.exe /e, %1 (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\OpenDNS Updater\OpenDNS Updater.exe" = C:\Program Files\OpenDNS Updater\OpenDNS Updater.exe:*:Enabled:OpenDNS Updater for Windows -- (OpenDNS)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20DEB77C-21D6-4D22-BB47-233E47613D57}" = Microsoft Games for Windows - LIVE Redistributable
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2FBF04DC-404C-4FA4-BA28-99903080D2B9}" = Magnifier Powertoy for Windows XP
"{330A9A13-25F2-4E5F-8CE5-9D1AED7CA342}" = Microsoft Security Client
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{42D2F5FF-E065-4F06-B507-F3C678342128}" = StudyDog Level 3
"{439800C9-FD42-4EA3-94D2-063DF0926873}" = Match-Up!
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58FCA730-74A6-49C0-95A7-696D78E689A3}" = e+ 48U
"{62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0}" = Windows Rights Management Client with Service Pack 2
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76EFAC4F-1712-401F-B2AE-590B170C9BCE}" = StartupMonitor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83073C45-3003-4671-9A86-243AAADD915A}" = Microsoft Calculator Plus
"{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}" = Adobe Flash Player 9 ActiveX
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{924CCB82-8E0A-4123-B33B-AFDDCF0AFC8F}" = Microsoft Carioca Rummy
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3C993D-B303-42B1-B0E2-AF0A6314091E}" = StudyDog Level 2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2008-09-09
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B37C842A-B624-46B8-A727-654E72F1C91A}" = Calculator Powertoy for Windows XP
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C39DE425-6CCF-4B12-A101-3CB5CF3AF3AD}" = Slideshow Generator Powertoy for Windows XP
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE378F36-E404-4244-A33F-F50A2A6D31BD}" = Microsoft Color Control Panel Applet for Windows XP
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{EB7FEAB4-4E28-4A17-B49F-AE83772B5654}" = StudyDog Level 1
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Alley 19 Bowling" = Alley 19 Bowling (Requires CD)
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Cam2Scan" = Cam to Scan
"CCleaner" = CCleaner (remove only)
"Defraggler" = Defraggler (remove only)
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ieSpell" = ieSpell
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"mb69demo" = Math Blaster Ages 6-9 Demo
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"OpenDNS Updater" = OpenDNS Updater 2.2.1
"PDFZilla_is1" = PDFZilla V1.2
"PROSet" = Intel(R) Network Connections Drivers
"QuickTime32" = QuickTime for Windows (32-bit)
"rb2000" = Reading Blaster Ages 6-9
"RealPlayer 6.0" = RealPlayer
"Registry First Aid_is1" = Registry First Aid
"Ripley's Believe It or Not!" = Ripley's Believe It or Not!
"RoyaleTheme" = XP Royale Theme
"UnIQ46.exe" = Children's IQ 4-6
"UWCC32.exe" = Ultimate Writing & Creativity Center
"Willowrd.exe" = Willow Road Screen Art
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinLiveSuite_Wave3" = Windows Live Essentials
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"WrBlDemo" = Writing Blaster Demo
"Yahoo! Applications" = AT&T Yahoo! Applications
"Yahoo! Toolbar" = Yahoo! Toolbar
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 3/9/2012 11:45:54 AM | Computer Name = GODS | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid.
Error - 3/9/2012 11:45:56 AM | Computer Name = GODS | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid.
Error - 3/9/2012 11:45:56 AM | Computer Name = GODS | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid.
Error - 3/9/2012 11:45:57 AM | Computer Name = GODS | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid.
Error - 3/9/2012 11:45:57 AM | Computer Name = GODS | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid.
Error - 3/9/2012 11:45:59 AM | Computer Name = GODS | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid.
Error - 3/9/2012 11:45:59 AM | Computer Name = GODS | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid.
Error - 3/10/2012 9:10:05 PM | Computer Name = GODS | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.0.1111.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 3/11/2012 5:27:25 PM | Computer Name = GODS | Source = Application Error | ID = 1000
Description = Faulting application a2start.exe, version 6.0.0.57, faulting module
unknown, version 0.0.0.0, fault address 0x0165d645.
Error - 3/11/2012 5:53:04 PM | Computer Name = GODS | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070670, P2 patchapplication, P3 am bdd,
P4 11.1.3927.0, P5 mpsigstub.exe, P6 4.0.1111.0, P7 microsoft security essentials,
P8 NIL, P9 NIL, P10 NIL.
[ System Events ]
Error - 3/7/2012 8:50:14 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
Error - 3/7/2012 8:50:14 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
Error - 3/7/2012 8:51:31 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
Error - 3/7/2012 8:51:31 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
Error - 3/7/2012 8:53:32 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
Error - 3/7/2012 8:53:32 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
Error - 3/7/2012 8:54:13 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
Error - 3/7/2012 8:54:13 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
Error - 3/7/2012 8:55:56 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
Error - 3/7/2012 8:55:56 PM | Computer Name = GODS | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058
< End of report >
Thanks in advance
Sincerely, Brian W.