Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Worm/Downadup, I-worm/Brontok.X and I-worm/Generic.CKC infection

Started by Maassian , Aug 31 2009 08:23 AM

  • Please log in to reply

#1
Maassian
Posted 31 August 2009 - 08:23 AM

Maassian

    New Member

  • Member
  • Pip
  • 1 posts
Hi,

Over the past two weeks I've been fighting some virus infections on some pc's under my responsibility at work. I have three pc's that's connected on an internal network with one of the pc's running an OPC server connected to a bigger external network. Both networks are closed and not connected to the internet in any way, so the only way infections can happen is via people using infected flashdisks on the pc's.

To make this simpler I'm just going to focus on the OPC server pc for now. From the surface it seems like I got rid of all the viruses on the pc. I disconnected it from both networks and ran AVG 8.5, Malwarebytes' Anti-Malware and Spybot search and destroy. The viruses that was identified was Worm/Downadup, I-worm/Brontok.X and I-worm/Generic.CKC. I ran scans in both normal windows mode and safe mode until all scans were clear and I installed the necessary Windows patches.

The problem is that the moment I connect this pc back to the external network my AVG anti-virus starts complaining of the Downadup and Generic.CKC virus in my Temporary Internet Files. The exact location and file names are the following:

C:\Documents and Settings\Network Service\Local Settings\Temporary Internet Files\Content.IE5\IJ2LDW6G\pvul[1].jpg - This AVG identifies as the I-Worm/Generic.CKC virus
C:\Documents and Settings\Network Service\Local Settings\Temporary Internet Files\Content.IE5\IJ2LDW6G\pvul[1].gif - This AVG identifies as the Worm/Downadup virus

The moment I disconnect from the network, no virus are detected even if I run scans on all the anti-virus and anti-malware programs again. The question I have now is, is the pc clean or are there still lurking viruses around. It is possible that there are another pc on the external network that's affected. But we couldn't locate it yet.

I also did an OTL run as you request and pasted that below.

Thanx in advance for your assistance.

OTL logfile created on: 8/31/2009 1:21:11 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.08 Mb Total Physical Memory | 681.50 Mb Available Physical Memory | 66.68% Memory free
2.40 Gb Paging File | 2.15 Gb Available in Paging File | 89.37% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.30 Gb Total Space | 51.54 Gb Free Space | 75.46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OPC_SERVER
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/08/24 15:15:15 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2005/04/25 09:49:52 | 00,086,142 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
PRC - [2005/02/24 14:32:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2006/03/24 09:05:04 | 00,053,248 | ---- | M] (PAS) -- c:\program files\pas\pss core applications\client\pasopcdatacollector.exe
PRC - [2005/07/06 16:55:02 | 00,053,248 | ---- | M] (Dell) -- c:\Program Files\Dell\RAID Storage Manager\StorServ.exe
PRC - [2009/08/24 15:15:16 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/24 15:15:16 | 00,485,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/24 15:15:16 | 00,594,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/24 15:15:16 | 00,691,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2004/08/04 06:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2003/11/19 18:48:14 | 00,032,881 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
PRC - [2005/04/25 09:50:08 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
PRC - [2005/03/23 01:20:44 | 00,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/02/23 17:19:56 | 00,053,248 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
PRC - [2004/12/06 02:05:00 | 00,127,035 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\dla\tfswctrl.exe
PRC - [2004/07/27 17:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2009/08/24 15:15:17 | 01,932,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2004/08/04 06:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2009/08/31 09:49:48 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2004/08/04 06:00:00 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe

========== Win32 Services (SafeList) ==========

SRV - [2004/07/15 02:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/08/24 15:15:16 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/08/24 15:15:15 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2004/08/04 06:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/25 09:49:52 | 00,086,142 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe -- (IAANTMon [Auto | Running])
SRV - [2005/03/29 14:02:40 | 01,519,616 | ---- | M] (Matrikon Inc) -- C:\Program Files\Matrikon\OPC\APACS\OPCAPACS.exe -- (Matrikon OPC Server for APACS [On_Demand | Stopped])
SRV - [2005/02/24 14:32:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2004/12/02 08:28:32 | 00,098,304 | ---- | M] (OPC Foundation) -- C:\WINDOWS\System32\Opcenum.exe -- (OpcEnum [On_Demand | Stopped])
SRV - [2006/03/24 09:05:04 | 00,053,248 | ---- | M] (PAS) -- c:\program files\pas\pss core applications\client\pasopcdatacollector.exe -- (pasOpcDataCollector [Auto | Running])
SRV - [2005/07/06 16:55:02 | 00,053,248 | ---- | M] (Dell) -- c:\Program Files\Dell\RAID Storage Manager\StorServ.exe -- (RAIDStorAgent [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\dla\tfswshx.dll (Sonic Solutions)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [dla] C:\WINDOWS\System32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd-bro-ilx.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/24 15:13:23 | 00,000,007 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{e249e725-a3d7-11dc-9407-0015171c4cf0}\Shell\AutoRun\command - "" = xyw9tmdj.com
O33 - MountPoints2\{e249e725-a3d7-11dc-9407-0015171c4cf0}\Shell\explore\Command - "" = xyw9tmdj.com
O33 - MountPoints2\{e249e725-a3d7-11dc-9407-0015171c4cf0}\Shell\open\Command - "" = xyw9tmdj.com
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/08/31 13:15:36 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/08/31 10:33:13 | 00,000,015 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/08/31 10:33:06 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/08/31 10:13:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/08/31 10:13:07 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/08/31 10:13:06 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/08/31 10:13:03 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/08/31 10:11:52 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/08/31 10:09:50 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/08/31 10:06:24 | 00,272,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/08/31 10:06:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Geeks to go removal guide
[2009/08/28 13:04:08 | 10,718,04416 | -HS- | C] () -- C:\hiberfil.sys
[2009/08/28 12:32:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\CCleaner
[2009/08/28 12:32:10 | 02,348,928 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\D.exe
[2009/08/27 14:14:23 | 00,000,410 | ---- | C] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
[2009/08/27 09:08:05 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Spybot - Search & Destroy.lnk
[2009/08/27 09:07:58 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/08/27 09:07:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/08/27 09:06:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2009/08/27 09:06:57 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/27 09:06:54 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/27 09:06:53 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/08/27 09:06:53 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/27 09:06:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/08/24 15:16:01 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/08/24 15:15:28 | 00,107,912 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/08/24 15:15:28 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/08/24 15:15:28 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/08/24 15:15:24 | 00,325,640 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/08/24 15:15:23 | 00,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/08/24 15:15:21 | 40,101,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/24 15:15:21 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/08/24 15:15:21 | 00,463,779 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/08/24 15:15:21 | 00,068,001 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/24 15:15:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/08/24 15:15:14 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/08/24 15:15:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/08/20 15:12:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\OPC Tools
[2009/08/20 14:59:12 | 00,000,426 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2009/08/20 13:20:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Ok-SendMail-Bron-tok
[2009/08/20 13:18:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Loc.Mail.Bron.Tok
[2009/08/20 13:14:27 | 00,926,982 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\opc-explorer-manual.pdf
[2009/08/20 13:13:30 | 00,000,426 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2009/08/20 13:13:26 | 00,000,010 | RHS- | C] () -- C:\WINDOWS\System32\sistem.sys
[2009/08/20 13:13:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2009/08/20 11:11:59 | 00,001,155 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PlantState Suite on HP19800224658.lnk
[2009/08/20 11:11:59 | 00,001,125 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\pssOnline on HP19800224658.lnk

========== Files - Modified Within 14 Days ==========

[2009/08/31 13:15:14 | 00,023,773 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/08/31 13:14:50 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/31 13:14:46 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/31 13:14:45 | 10,718,04416 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/31 11:04:38 | 00,000,426 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2009/08/31 11:00:30 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2009/08/31 10:13:07 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/08/31 10:13:06 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/08/31 10:04:43 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/31 09:49:48 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/08/31 09:48:50 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/08/31 08:39:22 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2009/08/31 08:39:04 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/08/31 08:36:52 | 00,272,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/08/28 13:21:15 | 04,288,684 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2009/08/28 12:27:00 | 02,348,928 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\D.exe
[2009/08/27 17:08:00 | 00,000,426 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2009/08/27 14:14:23 | 00,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
[2009/08/27 09:08:05 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Spybot - Search & Destroy.lnk
[2009/08/27 09:06:57 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/24 15:16:56 | 40,101,936 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/24 15:16:55 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/08/24 15:16:55 | 00,463,779 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/08/24 15:16:55 | 00,068,001 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/24 15:15:28 | 00,107,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/08/24 15:15:28 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/08/24 15:15:28 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/08/24 15:15:24 | 00,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/08/24 15:15:23 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/08/24 15:13:23 | 00,000,007 | -HS- | M] () -- C:\AUTOEXEC.BAT
[2009/08/20 15:02:26 | 00,002,521 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\OPC Security Analyser.lnk
[2009/08/20 13:14:27 | 00,926,982 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\opc-explorer-manual.pdf
[2009/08/20 13:13:26 | 00,000,010 | RHS- | M] () -- C:\WINDOWS\System32\sistem.sys
[2009/08/20 11:11:59 | 00,001,155 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PlantState Suite on HP19800224658.lnk
[2009/08/20 11:11:59 | 00,001,125 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\pssOnline on HP19800224658.lnk

========== LOP Check ==========

[2009/08/27 09:06:59 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Application Data
[2006/03/04 05:11:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\CyberLink
[2006/03/04 05:15:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2006/02/19 11:14:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PAS
[2009/08/27 09:07:58 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2004/08/11 18:25:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/08/27 17:08:00 | 00,000,426 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2009/08/31 11:04:38 | 00,000,426 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2004/08/04 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/08/31 13:14:50 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/08/27 14:14:23 | 00,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\Schedule Task Weekly.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32\eventlog.dll >
[2004/08/04 06:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll

< %systemroot%\system32\scecli.dll >
[2004/08/04 06:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\netlogon.dll >

< %systemroot%\system32\cngaudit.dll >

< %systemroot%\system32\sceclt.dll >

< %systemroot%\ntelogon.dll >

< %systemroot%\system32\logevent.dll >
< End of report >

OTL Extras logfile created on: 8/31/2009 1:21:11 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.08 Mb Total Physical Memory | 681.50 Mb Available Physical Memory | 66.68% Memory free
2.40 Gb Paging File | 2.15 Gb Available in Paging File | 89.37% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.30 Gb Total Space | 51.54 Gb Free Space | 75.46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OPC_SERVER
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"4230:TCP" = 4230:TCP:*:Enabled:hgsub

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\WINDOWS\system32\ftp.exe" = C:\WINDOWS\system32\ftp.exe:*:Enabled:File Transfer Program -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{058B32E2-6310-4359-B2D4-1988390C3B83}" = Broadcom Advanced Control Suite
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38A5E32B-77D8-435C-AF23-141E322BF323}" = OpcSecurityAnalyser
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D0575F4-A8BD-4B4D-9244-542E9EE54FED}" = OPC Core Components 2.00 Redistributable
"{81901967-44C7-4467-9F99-DE3C3C4B3DFE}" = PlantState Suite
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{94251E15-F03A-42CF-B762-6A75B1A0790B}" = RAID Storage Manager
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"AVG8Uninstall" = AVG 8.5
"ERUNT_is1" = ERUNT 1.1j
"InstallShield_{81901967-44C7-4467-9F99-DE3C3C4B3DFE}" = PlantState Suite
"InstallShield_{94251E15-F03A-42CF-B762-6A75B1A0790B}" = RAID Storage Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MatrikonOPC Server for APACS" = MatrikonOPC Server for APACS
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"NVIDIA Drivers" = NVIDIA Drivers
"PROSet" = Intel® PRO Network Connections Drivers

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/21/2009 3:09:07 AM | Computer Name = OPC_SERVER | Source = COM | ID = 10022
Description = The application-specific access security descriptor for the COM Server
application C:\WINDOWS\system32\Opcenum.exe is invalid. It contains Access Control
Entries with permissions that are invalid. The requested action was therefore not
performed. This security permission can be corrected using the Component Services
administrative tool.

Error - 8/25/2009 8:16:38 AM | Computer Name = OPC_SERVER | Source = COM | ID = 10022
Description = The application-specific access security descriptor for the COM Server
application C:\WINDOWS\system32\Opcenum.exe is invalid. It contains Access Control
Entries with permissions that are invalid. The requested action was therefore not
performed. This security permission can be corrected using the Component Services
administrative tool.

Error - 8/25/2009 8:30:47 AM | Computer Name = OPC_SERVER | Source = COM | ID = 10022
Description = The application-specific access security descriptor for the COM Server
application C:\WINDOWS\system32\Opcenum.exe is invalid. It contains Access Control
Entries with permissions that are invalid. The requested action was therefore not
performed. This security permission can be corrected using the Component Services
administrative tool.

Error - 8/25/2009 9:33:33 AM | Computer Name = OPC_SERVER | Source = COM | ID = 10022
Description = The application-specific access security descriptor for the COM Server
application C:\WINDOWS\system32\Opcenum.exe is invalid. It contains Access Control
Entries with permissions that are invalid. The requested action was therefore not
performed. This security permission can be corrected using the Component Services
administrative tool.

Error - 8/25/2009 9:45:18 AM | Computer Name = OPC_SERVER | Source = COM | ID = 10022
Description = The application-specific access security descriptor for the COM Server
application C:\WINDOWS\system32\Opcenum.exe is invalid. It contains Access Control
Entries with permissions that are invalid. The requested action was therefore not
performed. This security permission can be corrected using the Component Services
administrative tool.

Error - 8/25/2009 10:09:03 AM | Computer Name = OPC_SERVER | Source = COM | ID = 10022
Description = The application-specific access security descriptor for the COM Server
application C:\WINDOWS\system32\Opcenum.exe is invalid. It contains Access Control
Entries with permissions that are invalid. The requested action was therefore not
performed. This security permission can be corrected using the Component Services
administrative tool.

Error - 8/26/2009 2:56:18 AM | Computer Name = OPC_SERVER | Source = COM | ID = 10022
Description = The application-specific access security descriptor for the COM Server
application C:\WINDOWS\system32\Opcenum.exe is invalid. It contains Access Control
Entries with permissions that are invalid. The requested action was therefore not
performed. This security permission can be corrected using the Component Services
administrative tool.

Error - 8/26/2009 3:48:12 AM | Computer Name = OPC_SERVER | Source = COM | ID = 10022
Description = The application-specific access security descriptor for the COM Server
application C:\WINDOWS\system32\Opcenum.exe is invalid. It contains Access Control
Entries with permissions that are invalid. The requested action was therefore not
performed. This security permission can be corrected using the Component Services
administrative tool.

Error - 8/26/2009 3:50:12 AM | Computer Name = OPC_SERVER | Source = Application Hang | ID = 1002
Description = Hanging application OPCClient.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/27/2009 8:17:59 AM | Computer Name = OPC_SERVER | Source = COM | ID = 10022
Description = The application-specific access security descriptor for the COM Server
application C:\WINDOWS\system32\Opcenum.exe is invalid. It contains Access Control
Entries with permissions that are invalid. The requested action was therefore not
performed. This security permission can be corrected using the Component Services
administrative tool.

[ System Events ]
Error - 8/31/2009 7:07:44 AM | Computer Name = OPC_SERVER | Source = a320raid | ID = 262153
Description = The device, \Device\Scsi\a320raid1, did not respond within the timeout
period.

Error - 8/31/2009 7:08:46 AM | Computer Name = OPC_SERVER | Source = a320raid | ID = 262153
Description = The device, \Device\Scsi\a320raid1, did not respond within the timeout
period.

Error - 8/31/2009 7:10:19 AM | Computer Name = OPC_SERVER | Source = a320raid | ID = 262153
Description = The device, \Device\Scsi\a320raid1, did not respond within the timeout
period.

Error - 8/31/2009 7:10:31 AM | Computer Name = OPC_SERVER | Source = a320raid | ID = 262153
Description = The device, \Device\Scsi\a320raid1, did not respond within the timeout
period.

Error - 8/31/2009 7:11:32 AM | Computer Name = OPC_SERVER | Source = a320raid | ID = 262153
Description = The device, \Device\Scsi\a320raid1, did not respond within the timeout
period.

Error - 8/31/2009 7:15:02 AM | Computer Name = OPC_SERVER | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time-nw.nist.gov,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 8/31/2009 7:15:02 AM | Computer Name = OPC_SERVER | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 8/31/2009 7:15:03 AM | Computer Name = OPC_SERVER | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time-nw.nist.gov,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 8/31/2009 7:15:03 AM | Computer Name = OPC_SERVER | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 8/31/2009 7:15:03 AM | Computer Name = OPC_SERVER | Source = Service Control Manager | ID = 7023
Description = The Image Config service terminated with the following error: %%126


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP