I have already followed your steps in the Google Redirect HOW-T0-REMOVE GUIDE. I have downloaded and run GooredFix and TDSSKiller, but I am still getting redirects. Your help would be much appreciated. Thank you.
OTL logfile created on: 5/11/2011 12:56:16 PM - Run 1ഀ
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Roz\Desktopഀ
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationഀ
Internet Explorer (Version = 8.0.6001.18702)ഀ
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyyഀ
ഀ
766.00 Mb Total Physical Memory | 298.00 Mb Available Physical Memory | 39.00% Memory freeഀ
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File freeഀ
Paging file location(s): C:\pagefile.sys 384 768 [binary data]ഀ
ഀ
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Filesഀ
Drive C: | 34.13 Gb Total Space | 17.55 Gb Free Space | 51.43% Space Free | Partition Type: NTFSഀ
Drive F: | 21.82 Gb Total Space | 6.83 Gb Free Space | 31.28% Space Free | Partition Type: NTFSഀ
ഀ
Computer Name: DCA-PRINCIPAL | User Name: Roz | Logged in as Administrator.ഀ
Boot Mode: Normal | Scan Mode: All users | Quick Scanഀ
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Daysഀ
ഀ
========== Processes (SafeList) ==========ഀ
ഀ
PRC - [2011/05/11 12:55:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTL.exeഀ
PRC - [2011/01/13 07:20:00 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\waol.exeഀ
PRC - [2011/01/13 07:19:58 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\shellmon.exeഀ
PRC - [2010/11/22 18:19:45 | 002,201,936 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exeഀ
PRC - [2010/10/18 15:08:40 | 000,039,240 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exeഀ
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1283871567\ee\aolupdates.exeഀ
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1283871567\ee\aolsoftware.exeഀ
PRC - [2008/12/08 23:01:54 | 002,440,120 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exeഀ
PRC - [2008/12/08 22:42:34 | 001,443,144 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\SmcGui.exeഀ
PRC - [2008/12/08 22:42:32 | 001,795,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Smc.exeഀ
PRC - [2008/08/14 15:45:28 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeഀ
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exeഀ
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exeഀ
ഀ
ഀ
========== Modules (SafeList) ==========ഀ
ഀ
MOD - [2011/05/11 12:55:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTL.exeഀ
MOD - [2011/01/13 07:19:51 | 000,007,168 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\idleproc.dllഀ
MOD - [2009/07/12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dllഀ
MOD - [2008/04/13 20:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dllഀ
ഀ
ഀ
========== Win32 Services (SafeList) ==========ഀ
ഀ
SRV - File not found [Disabled | Stopped] -- -- (HidServ)ഀ
SRV - [2008/12/08 23:01:54 | 002,440,120 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)ഀ
SRV - [2008/12/08 22:42:32 | 001,795,400 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Smc.exe -- (SmcService)ഀ
SRV - [2008/12/08 22:01:28 | 000,320,840 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SNAC.EXE -- (SNAC)ഀ
SRV - [2008/08/14 15:45:28 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)ഀ
SRV - [2008/08/14 15:45:28 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)ഀ
SRV - [2008/06/30 17:36:35 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)ഀ
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)ഀ
ഀ
ഀ
========== Driver Services (SafeList) ==========ഀ
ഀ
DRV - [2011/04/18 04:00:00 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110508.003\navex15.sys -- (NAVEX15)ഀ
DRV - [2011/04/18 04:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110508.003\naveng.sys -- (NAVENG)ഀ
DRV - [2010/09/10 22:32:20 | 000,167,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WpsHelper.sys -- (WpsHelper)ഀ
DRV - [2010/06/02 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)ഀ
DRV - [2010/06/02 04:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)ഀ
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)ഀ
DRV - [2009/02/12 12:42:30 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)ഀ
DRV - [2008/12/08 22:45:28 | 000,092,488 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant)ഀ
DRV - [2008/12/08 22:43:46 | 000,042,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)ഀ
DRV - [2008/11/18 19:17:08 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)ഀ
DRV - [2008/10/14 12:24:18 | 000,049,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)ഀ
DRV - [2008/10/13 13:31:46 | 000,319,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)ഀ
DRV - [2008/10/13 13:31:46 | 000,279,600 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)ഀ
DRV - [2008/10/13 13:31:46 | 000,043,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)ഀ
DRV - [2008/08/21 12:13:56 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)ഀ
DRV - [2008/08/21 12:13:56 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)ഀ
DRV - [2008/06/16 17:53:14 | 000,420,400 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)ഀ
DRV - [2004/09/17 15:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)ഀ
DRV - [2003/07/15 22:20:46 | 000,043,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)ഀ
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)ഀ
DRV - [2002/11/08 20:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)ഀ
ഀ
ഀ
========== Standard Registry (SafeList) ==========ഀ
ഀ
ഀ
========== Internet Explorer ==========ഀ
ഀ
ഀ
ഀ
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybizഀ
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybizഀ
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybizഀ
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0ഀ
ഀ
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybizഀ
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybizഀ
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybizഀ
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0ഀ
ഀ
ഀ
ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybizഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.comഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Googleഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 EE 5E 65 00 4D CB 01 [binary data]ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - File not foundഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0ഀ
ഀ
ഀ
ഀ
O1 HOSTS File: ([2009/05/22 15:29:17 | 000,000,160 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsഀ
O1 - Hosts: 127.0.0.1 localhostഀ
O1 - Hosts: ::1 localhostഀ
O1 - Hosts: 94.232.248.66 browser-security.microsoft.comഀ
O1 - Hosts: 94.232.248.66 antivirprotection.comഀ
O1 - Hosts: 94.232.248.66 www.antivirprotection.comഀ
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - File not foundഀ
O2 - BHO: () - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - File not foundഀ
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.ഀ
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)ഀ
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - File not foundഀ
O3 - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - File not foundഀ
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1ഀ
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0ഀ
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0ഀ
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0ഀ
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145ഀ
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145ഀ
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145ഀ
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145ഀ
O7 - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145ഀ
O15 - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)ഀ
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)ഀ
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)ഀ
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...90/mcinsctl.cab (Reg Error: Key error.)ഀ
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1182198670109 (WUWebControl Class)ഀ
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1182198523265 (MUWebControl Class)ഀ
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)ഀ
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,23/mcgdmgr.cab (Reg Error: Key error.)ഀ
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)ഀ
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)ഀ
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)ഀ
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)ഀ
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)ഀ
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1ഀ
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.78,93.188.166.228ഀ
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)ഀ
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)ഀ
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not foundഀ
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Roz\Local Settings\Application Data\Microsoft\Wallpaper1.bmpഀ
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)ഀ
O32 - HKLM CDRom: AutoRun - 1ഀ
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]ഀ
O33 - MountPoints2\{71a5ecac-11a9-11db-86cc-00123fd4551e}\Shell\AutoRun\command - "" = E:\setupSNK.exeഀ
O33 - MountPoints2\{b988a750-0543-11db-86ca-00123fd4551e}\Shell\AutoRun\command - "" = E:\setupSNK.exeഀ
O33 - MountPoints2\{e8120a24-446e-11de-872e-00123fd4551e}\Shell - "" = AutoRunഀ
O33 - MountPoints2\{e8120a24-446e-11de-872e-00123fd4551e}\Shell\AutoRun - "" = Auto&Playഀ
O33 - MountPoints2\{e8120a24-446e-11de-872e-00123fd4551e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -aഀ
O34 - HKLM BootExecute: (autocheck autochk *) - File not foundഀ
O35 - HKLM\..comfile [open] -- "%1" %*ഀ
O35 - HKLM\..exefile [open] -- "%1" %*ഀ
O37 - HKLM\...com [@ = comfile] -- "%1" %*ഀ
O37 - HKLM\...exe [@ = exefile] -- "%1" %*ഀ
ഀ
========== Files/Folders - Created Within 30 Days ==========ഀ
ഀ
[2011/05/11 12:54:59 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTL.exeഀ
[2011/05/11 12:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\AOLഀ
[2011/05/11 12:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roz\Desktop\tdsskillerഀ
[2011/05/11 12:38:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roz\Desktop\GooredFix Backupsഀ
[2011/05/11 12:38:00 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Roz\Desktop\GooredFix.exeഀ
[2011/05/11 12:25:17 | 000,000,000 | ---D | C] -- C:\_OTMഀ
[2011/05/11 12:20:38 | 000,519,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTM.exeഀ
[2011/05/11 10:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roz\Application Data\Malwarebytesഀ
[2011/05/11 10:32:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytesഀ
[2011/05/10 11:33:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\pssഀ
[2011/05/10 10:36:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Roz\Recentഀ
[2011/04/20 12:50:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roz\My Documents\BoardMinutes2-16-11ഀ
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]ഀ
[28 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]ഀ
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]ഀ
ഀ
========== Files - Modified Within 30 Days ==========ഀ
ഀ
[2011/05/11 12:55:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTL.exeഀ
[2011/05/11 12:50:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dblഀ
[2011/05/11 12:49:08 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\tasks\llpdhdo.jobഀ
[2011/05/11 12:48:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.datഀ
[2011/05/11 12:48:47 | 803,278,848 | -HS- | M] () -- C:\hiberfil.sysഀ
[2011/05/11 12:44:57 | 001,280,815 | ---- | M] () -- C:\Documents and Settings\Roz\Desktop\tdsskiller.zipഀ
[2011/05/11 12:38:00 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Roz\Desktop\GooredFix.exeഀ
[2011/05/11 12:20:46 | 000,519,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTM.exeഀ
[2011/05/11 10:19:20 | 000,000,002 | ---- | M] () -- C:\WINDOWS\msoffice.iniഀ
[2011/05/10 12:57:27 | 000,000,177 | ---- | M] () -- C:\WINDOWS\hpbafd.iniഀ
[2011/05/10 11:36:59 | 000,000,211 | RHS- | M] () -- C:\boot.iniഀ
[2011/05/06 18:30:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (ROSALIND-Roz).jobഀ
[2011/05/04 13:23:59 | 000,043,291 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\120_ImportantContactLetterreCutsinEducation.pdfഀ
[2011/04/28 11:58:33 | 000,398,760 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cidഀ
[2011/04/26 13:36:22 | 000,004,049 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\faithful.jpgഀ
[2011/04/25 13:24:04 | 000,012,873 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\bounty.jpgഀ
[2011/04/20 12:50:28 | 000,018,487 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\BoardMinutes2-16-11.zipഀ
[2011/04/19 12:32:49 | 000,000,093 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\image003.bmpഀ
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]ഀ
[28 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]ഀ
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]ഀ
ഀ
========== Files Created - No Company Name ==========ഀ
ഀ
[2011/05/11 12:44:52 | 001,280,815 | ---- | C] () -- C:\Documents and Settings\Roz\Desktop\tdsskiller.zipഀ
[2011/05/11 10:19:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.iniഀ
[2011/05/04 13:23:58 | 000,043,291 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\120_ImportantContactLetterreCutsinEducation.pdfഀ
[2011/04/26 13:36:59 | 000,004,049 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\faithful.jpgഀ
[2011/04/25 13:24:58 | 000,012,873 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\bounty.jpgഀ
[2011/04/20 12:50:27 | 000,018,487 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\BoardMinutes2-16-11.zipഀ
[2011/04/19 12:32:49 | 000,000,093 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\image003.bmpഀ
[2011/01/28 12:58:28 | 000,001,476 | ---- | C] () -- C:\WINDOWS\SKCMSUSR.INIഀ
[2010/09/07 10:52:28 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.datഀ
[2010/08/03 16:19:31 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.datഀ
[2010/08/03 12:56:57 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\asferror6.dllഀ
[2010/07/15 15:35:14 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Roz\Application Data\PnkBstrK.sysഀ
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dllഀ
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exeഀ
[2009/06/11 03:06:33 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INIഀ
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.binഀ
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.binഀ
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.iniഀ
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.iniഀ
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.iniഀ
[2007/05/24 15:07:34 | 000,034,800 | ---- | C] () -- C:\WINDOWS\UNWISE.EXEഀ
[2006/11/21 15:08:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INIഀ
[2006/10/20 14:30:20 | 000,000,349 | ---- | C] () -- C:\WINDOWS\cdPlayer.iniഀ
[2005/12/05 10:40:05 | 000,000,177 | ---- | C] () -- C:\WINDOWS\hpbafd.iniഀ
[2005/11/23 14:56:01 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\Roz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.iniഀ
[2005/10/25 06:24:22 | 000,020,594 | ---- | C] () -- C:\WINDOWS\System32\DELS1L3.DLLഀ
[2005/08/31 13:33:12 | 000,020,594 | ---- | C] () -- C:\WINDOWS\System32\DELS1LMK.DLLഀ
[2005/07/18 10:35:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INIഀ
[2005/07/18 10:35:35 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.iniഀ
[2005/07/18 10:35:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INIഀ
[2005/07/15 15:03:48 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Roz\Local Settings\Application Data\fusioncache.datഀ
[2005/06/09 13:30:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.iniഀ
[2005/06/09 13:24:59 | 000,000,396 | ---- | C] () -- C:\WINDOWS\wininit.iniഀ
[2005/06/09 12:54:46 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exeഀ
[2005/06/09 12:54:00 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INIഀ
[2005/05/04 20:58:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.iniഀ
[2004/08/11 18:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.iniഀ
[2004/08/11 18:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.datഀ
[2004/08/11 18:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.datഀ
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.iniഀ
[2004/08/11 18:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INIഀ
[2004/08/11 18:06:43 | 000,352,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DATഀ
[2004/08/11 18:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.datഀ
[2004/08/11 18:00:28 | 000,507,300 | ---- | C] () -- C:\WINDOWS\System32\perfh009.datഀ
[2004/08/11 18:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.datഀ
[2004/08/11 18:00:28 | 000,088,670 | ---- | C] () -- C:\WINDOWS\System32\perfc009.datഀ
[2004/08/11 18:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.datഀ
[2004/08/11 18:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.datഀ
[2004/08/11 18:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.binഀ
[2004/08/11 18:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.datഀ
[2004/08/11 18:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.datഀ
[2004/08/11 18:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.binഀ
[2004/08/11 18:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.datഀ
[2004/08/11 18:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.binഀ
[1999/01/22 14:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLLഀ
[1998/01/12 04:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLLഀ
ഀ
========== LOP Check ==========ഀ
ഀ
[2009/02/19 14:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applicationsഀ
[2011/04/04 10:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\lJb16633eMlFd16633ഀ
[2010/09/07 11:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpointഀ
[2005/07/18 15:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roz\Application Data\FileMakerഀ
[2007/12/28 12:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roz\Application Data\Leadertechഀ
[2008/07/29 12:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roz\Application Data\Windows Desktop Searchഀ
[2008/08/27 08:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roz\Application Data\Windows Searchഀ
[2011/05/11 12:49:08 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\Tasks\llpdhdo.jobഀ
ഀ
========== Purity Check ==========ഀ
ഀ
ഀ
ഀ
< End of report >ഀ
OTL Extras logfile created on: 5/11/2011 12:56:16 PM - Run 1ഀ
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Roz\Desktopഀ
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationഀ
Internet Explorer (Version = 8.0.6001.18702)ഀ
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyyഀ
ഀ
766.00 Mb Total Physical Memory | 298.00 Mb Available Physical Memory | 39.00% Memory freeഀ
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File freeഀ
Paging file location(s): C:\pagefile.sys 384 768 [binary data]ഀ
ഀ
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Filesഀ
Drive C: | 34.13 Gb Total Space | 17.55 Gb Free Space | 51.43% Space Free | Partition Type: NTFSഀ
Drive F: | 21.82 Gb Total Space | 6.83 Gb Free Space | 31.28% Space Free | Partition Type: NTFSഀ
ഀ
Computer Name: DCA-PRINCIPAL | User Name: Roz | Logged in as Administrator.ഀ
Boot Mode: Normal | Scan Mode: All users | Quick Scanഀ
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Daysഀ
ഀ
========== Extra Registry (SafeList) ==========ഀ
ഀ
ഀ
========== File Associations ==========ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]ഀ
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*ഀ
ഀ
========== Shell Spawning ==========ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]ഀ
batfile [open] -- "%1" %*ഀ
cmdfile [open] -- "%1" %*ഀ
comfile [open] -- "%1" %*ഀ
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*ഀ
exefile [open] -- "%1" %*ഀ
piffile [open] -- "%1" %*ഀ
regfile [merge] -- Reg Error: Key error.ഀ
scrfile [config] -- "%1"ഀ
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lഀ
scrfile [open] -- "%1" /Sഀ
txtfile [edit] -- Reg Error: Key error.ഀ
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1ഀ
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)ഀ
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)ഀ
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)ഀ
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)ഀ
ഀ
========== Security Center Settings ==========ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]ഀ
"FirstRunDisabled" = 1ഀ
"AntiVirusDisableNotify" = 0ഀ
"FirewallDisableNotify" = 0ഀ
"UpdatesDisableNotify" = 0ഀ
"AntiVirusOverride" = 0ഀ
"FirewallOverride" = 0ഀ
"UacDisableNotify" = 1ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]ഀ
"DisableMonitoring" = 1ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]ഀ
ഀ
========== System Restore Settings ==========ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]ഀ
"DisableSR" = 0ഀ
ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]ഀ
"Start" = 0ഀ
ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]ഀ
"Start" = 2ഀ
ഀ
========== Firewall Settings ==========ഀ
ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]ഀ
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007ഀ
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008ഀ
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004ഀ
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005ഀ
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001ഀ
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002ഀ
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]ഀ
"EnableFirewall" = 1ഀ
ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]ഀ
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007ഀ
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008ഀ
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004ഀ
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005ഀ
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001ഀ
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002ഀ
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Serviceഀ
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management ഀ
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In) ഀ
ഀ
========== Authorized Applications List ==========ഀ
ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]ഀ
ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]ഀ
"C:\Program Files\FileMaker\FileMaker Pro 6\FileMaker Pro.exe" = C:\Program Files\FileMaker\FileMaker Pro 6\FileMaker Pro.exe:*:Enabled:FileMaker Pro -- (FileMaker, Inc.)ഀ
"C:\Program Files\Symantec AntiVirus\Smc.exe" = C:\Program Files\Symantec AntiVirus\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)ഀ
"C:\Program Files\Symantec AntiVirus\SNAC.EXE" = C:\Program Files\Symantec AntiVirus\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)ഀ
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)ഀ
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrAഀ
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrBഀ
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (America Online)ഀ
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)ഀ
"C:\Program Files\Common Files\aol\1283871567\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1283871567\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)ഀ
"C:\Program Files\AOL 9.5\waol.exe" = C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOLഀ
"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)ഀ
"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)ഀ
"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL Inc.)ഀ
ഀ
ഀ
========== HKEY_LOCAL_MACHINE Uninstall List ==========ഀ
ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]ഀ
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Playerഀ
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Dataഀ
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistantഀ
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LEഀ
"{0F07FEE1-351E-471B-B0FD-F9C6331ABFB4}" = AFM Campaign Software 2008-2009ഀ
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLAഀ
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safetyഀ
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Toolഀ
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRTഀ
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24ഀ
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Managerഀ
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7ഀ
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10ഀ
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XPഀ
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Pageഀ
"{3BAB4914-9CC1-4CC2-A3DA-56EF62DFD373}" = Symantec Endpoint Protectionഀ
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profileഀ
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5ഀ
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updaterഀ
"{58EDAD68-7839-42D8-A6AD-854A9ECB8224}" = FileMaker Pro 6ഀ
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Toolഀ
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0ഀ
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mailഀ
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.comഀ
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installerഀ
"{6E4D4E0B-02F6-46C1-BAE5-1B6B2E486A7B}" = Microsoft Office Live Meeting 2007ഀ
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03ഀ
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributableഀ
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restoreഀ
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053ഀ
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editonഀ
"{78D944D7-A97B-4004-AB0A-B5AD06839940}" = My Way Search Assistantഀ
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime librariesഀ
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentialsഀ
"{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programsഀ
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlightഀ
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driverഀ
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12ഀ
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007ഀ
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)ഀ
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007ഀ
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007ഀ
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007ഀ
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007ഀ
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007ഀ
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007ഀ
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007ഀ
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)ഀ
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007ഀ
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)ഀ
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007ഀ
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)ഀ
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007ഀ
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007ഀ
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007ഀ
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007ഀ
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007ഀ
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)ഀ
"{901C0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtimeഀ
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reportingഀ
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UIഀ
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIRഀ
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2ഀ
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messengerഀ
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime librariesഀ
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audioഀ
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4ഀ
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9ഀ
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0ഀ
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12ഀ
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copyഀ
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0ഀ
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundationഀ
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2ഀ
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1ഀ
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1ഀ
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter updateഀ
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platformഀ
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guardഀ
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5ഀ
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Callഀ
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizardഀ
"Adobe AIR" = Adobe AIRഀ
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveXഀ
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5ഀ
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0ഀ
"AOL Toolbar" = AOL Toolbarഀ
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)ഀ
"CCleaner" = CCleanerഀ
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.comഀ
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windowsഀ
"Dell Laser Printer 1100" = Dell Laser Printer 1100 Software Uninstallഀ
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIsഀ
"ie7" = Windows Internet Explorer 7ഀ
"ie8" = Windows Internet Explorer 8ഀ
"InstallShield_{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programsഀ
"Jasc Paint Shop Pro Studio.01 , Dell Edition 1.0.1.1 Patch" = Jasc Paint Shop Pro Studio.01 , Dell Edition 1.0.1.1 Patchഀ
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)ഀ
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1ഀ
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1ഀ
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profileഀ
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XPഀ
"MyWaySearchAssistantDE" = My Way Search Assistantഀ
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIsഀ
"PROPLUS" = Microsoft Office Professional Plus 2007ഀ
"SoftwareUpdUtility" = Download Updater (AOL LLC)ഀ
"ViewpointMediaPlayer" = Viewpoint Media Playerഀ
"WIC" = Windows Imaging Componentഀ
"Windows Media Format Runtime" = Windows Media Format 11 runtimeഀ
"Windows Media Player" = Windows Media Player 11ഀ
"Windows XP Service Pack" = Windows XP Service Pack 3ഀ
"WinLiveSuite_Wave3" = Windows Live Essentialsഀ
"WMFDist11" = Windows Media Format 11 runtimeഀ
"wmp11" = Windows Media Player 11ഀ
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0ഀ
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0ഀ
ഀ
========== Last 10 Event Log Errors ==========ഀ
ഀ
[ Application Events ]ഀ
Error - 5/11/2011 12:21:14 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantecഀ
AntiVirus\SmcGui.exe Event Info: Set Information Process Action Taken: Logged Actorഀ
Process: C:\Program Files\AOL Desktop 9.6\waol.exe (PID 2468) Time: Wednesday,ഀ
May 11, 2011 12:21:14 PMഀ
ഀ
Error - 5/11/2011 12:25:17 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantecഀ
AntiVirus\Smc.exe Event Info: Terminate Process Action Taken: Logged Actor Process:ഀ
C:\Documents and Settings\Roz\Desktop\OTM.exe (PID 2400) Time: Wednesday, May ഀ
11, 2011 12:25:17 PMഀ
ഀ
Error - 5/11/2011 12:35:57 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantecഀ
AntiVirus\SmcGui.exe Event Info: Set Information Process Action Taken: Logged Actorഀ
Process: C:\Program Files\AOL Desktop 9.6\waol.exe (PID 3524) Time: Wednesday,ഀ
May 11, 2011 12:35:56 PMഀ
ഀ
Error - 5/11/2011 12:41:52 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantecഀ
AntiVirus\SmcGui.exe Event Info: Set Information Process Action Taken: Logged Actorഀ
Process: C:\Program Files\AOL Desktop 9.6\waol.exe (PID 3556) Time: Wednesday,ഀ
May 11, 2011 12:41:52 PMഀ
ഀ
Error - 5/11/2011 12:45:29 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131083ഀ
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>ഀ
with error: A required certificate is not within its validity period when verifyingഀ
against the current system clock or the timestamp in the signed file. ഀ
ഀ
Error - 5/11/2011 12:45:29 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131083ഀ
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>ഀ
with error: A required certificate is not within its validity period when verifyingഀ
against the current system clock or the timestamp in the signed file. ഀ
ഀ
Error - 5/11/2011 12:45:30 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131080ഀ
Description = Failed auto update retrieval of third-party root list sequence numberഀ
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>ഀ
with error: A connection with the server could not be established ഀ
ഀ
Error - 5/11/2011 12:45:31 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131083ഀ
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>ഀ
with error: A required certificate is not within its validity period when verifyingഀ
against the current system clock or the timestamp in the signed file. ഀ
ഀ
Error - 5/11/2011 12:45:31 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131080ഀ
Description = Failed auto update retrieval of third-party root list sequence numberഀ
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>ഀ
with error: This network connection does not exist. ഀ
ഀ
Error - 5/11/2011 12:52:49 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantecഀ
AntiVirus\SmcGui.exe Event Info: Set Information Process Action Taken: Logged Actorഀ
Process: C:\Program Files\AOL Desktop 9.6\waol.exe (PID 2412) Time: Wednesday,ഀ
May 11, 2011 12:52:49 PMഀ
ഀ
[ OSession Events ]ഀ
Error - 8/10/2009 2:00:47 PM | Computer Name = DCA-PRINCIPAL | Source = Microsoft Office 12 Sessions | ID = 7001ഀ
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:ഀ
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 57ഀ
seconds with 0 seconds of active time. This session ended with a crash.ഀ
ഀ
Error - 8/10/2009 2:01:30 PM | Computer Name = DCA-PRINCIPAL | Source = Microsoft Office 12 Sessions | ID = 7001ഀ
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:ഀ
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 96ഀ
seconds with 0 seconds of active time. This session ended with a crash.ഀ
ഀ
Error - 8/10/2009 2:01:52 PM | Computer Name = DCA-PRINCIPAL | Source = Microsoft Office 12 Sessions | ID = 7001ഀ
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:ഀ
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 27ഀ
seconds with 0 seconds of active time. This session ended with a crash.ഀ
ഀ
Error - 9/10/2009 11:36:29 AM | Computer Name = DCA-PRINCIPAL | Source = Microsoft Office 12 Sessions | ID = 7001ഀ
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:ഀ
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 190ഀ
seconds with 60 seconds of active time. This session ended with a crash.ഀ
ഀ
[ System Events ]ഀ
Error - 5/11/2011 12:25:18 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031ഀ
Description = The Symantec Management Client service terminated unexpectedly. Itഀ
has done this 1 time(s). The following corrective action will be taken in 1000ഀ
milliseconds: Restart the service.ഀ
ഀ
Error - 5/11/2011 12:25:18 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7034ഀ
Description = The Machine Debug Manager service terminated unexpectedly. It hasഀ
done this 1 time(s).ഀ
ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031ഀ
Description = The Symantec Endpoint Protection service terminated unexpectedly. ഀ
It has done this 1 time(s). The following corrective action will be taken in 10000ഀ
milliseconds: Restart the service.ഀ
ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7034ഀ
Description = The Java Quick Starter service terminated unexpectedly. It has doneഀ
this 1 time(s).ഀ
ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031ഀ
Description = The Symantec Event Manager service terminated unexpectedly. It hasഀ
done this 1 time(s). The following corrective action will be taken in 200 milliseconds:ഀ
Restart the service.ഀ
ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031ഀ
Description = The Symantec Settings Manager service terminated unexpectedly. Itഀ
has done this 1 time(s). The following corrective action will be taken in 100 ഀ
milliseconds: Restart the service.ഀ
ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031ഀ
Description = The Windows Live ID Sign-in Assistant service terminated unexpectedly.ഀ
It has done this 1 time(s). The following corrective action will be taken in ഀ
10000 milliseconds: Restart the service.ഀ
ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7034ഀ
Description = The AOL Connectivity Service service terminated unexpectedly. It ഀ
has done this 1 time(s).ഀ
ഀ
Error - 5/11/2011 12:28:47 PM | Computer Name = DCA-PRINCIPAL | Source = sr | ID = 1ഀ
Description = The System Restore filter encountered the unexpected error '0xC0000243'ഀ
while processing the file 'SrtETmp' on the volume 'HarddiskVolume2'. It has stoppedഀ
monitoring the volume.ഀ
ഀ
Error - 5/11/2011 12:49:23 PM | Computer Name = DCA-PRINCIPAL | Source = Print | ID = 19ഀ
Description = Sharing printer failed + 1722, Printer Microsoft XPS Document Writerഀ
share name Printer2.ഀ
ഀ
ഀ
< End of report >ഀ