Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google Redirect


  • This topic is locked This topic is locked

#1
DanielSon37

DanielSon37

    Member

  • Member
  • PipPip
  • 12 posts
Hello,
I have already followed your steps in the Google Redirect HOW-T0-REMOVE GUIDE. I have downloaded and run GooredFix and TDSSKiller, but I am still getting redirects. Your help would be much appreciated. Thank you.



OTL logfile created on: 5/11/2011 12:56:16 PM - Run 1਍ഀ
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Roz\Desktop਍ഀ
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation਍ഀ
Internet Explorer (Version = 8.0.6001.18702)਍ഀ
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy਍ഀ
਍ഀ
766.00 Mb Total Physical Memory | 298.00 Mb Available Physical Memory | 39.00% Memory free਍ഀ
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free਍ഀ
Paging file location(s): C:\pagefile.sys 384 768 [binary data]਍ഀ
਍ഀ
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files਍ഀ
Drive C: | 34.13 Gb Total Space | 17.55 Gb Free Space | 51.43% Space Free | Partition Type: NTFS਍ഀ
Drive F: | 21.82 Gb Total Space | 6.83 Gb Free Space | 31.28% Space Free | Partition Type: NTFS਍ഀ
਍ഀ
Computer Name: DCA-PRINCIPAL | User Name: Roz | Logged in as Administrator.਍ഀ
Boot Mode: Normal | Scan Mode: All users | Quick Scan਍ഀ
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days਍ഀ
਍ഀ
========== Processes (SafeList) ==========਍ഀ
਍ഀ
PRC - [2011/05/11 12:55:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTL.exe਍ഀ
PRC - [2011/01/13 07:20:00 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\waol.exe਍ഀ
PRC - [2011/01/13 07:19:58 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\shellmon.exe਍ഀ
PRC - [2010/11/22 18:19:45 | 002,201,936 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe਍ഀ
PRC - [2010/10/18 15:08:40 | 000,039,240 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe਍ഀ
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1283871567\ee\aolupdates.exe਍ഀ
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1283871567\ee\aolsoftware.exe਍ഀ
PRC - [2008/12/08 23:01:54 | 002,440,120 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe਍ഀ
PRC - [2008/12/08 22:42:34 | 001,443,144 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\SmcGui.exe਍ഀ
PRC - [2008/12/08 22:42:32 | 001,795,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Smc.exe਍ഀ
PRC - [2008/08/14 15:45:28 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe਍ഀ
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe਍ഀ
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe਍ഀ
਍ഀ
਍ഀ
========== Modules (SafeList) ==========਍ഀ
਍ഀ
MOD - [2011/05/11 12:55:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTL.exe਍ഀ
MOD - [2011/01/13 07:19:51 | 000,007,168 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\idleproc.dll਍ഀ
MOD - [2009/07/12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll਍ഀ
MOD - [2008/04/13 20:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll਍ഀ
਍ഀ
਍ഀ
========== Win32 Services (SafeList) ==========਍ഀ
਍ഀ
SRV - File not found [Disabled | Stopped] -- -- (HidServ)਍ഀ
SRV - [2008/12/08 23:01:54 | 002,440,120 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)਍ഀ
SRV - [2008/12/08 22:42:32 | 001,795,400 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Smc.exe -- (SmcService)਍ഀ
SRV - [2008/12/08 22:01:28 | 000,320,840 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SNAC.EXE -- (SNAC)਍ഀ
SRV - [2008/08/14 15:45:28 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)਍ഀ
SRV - [2008/08/14 15:45:28 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)਍ഀ
SRV - [2008/06/30 17:36:35 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)਍ഀ
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)਍ഀ
਍ഀ
਍ഀ
========== Driver Services (SafeList) ==========਍ഀ
਍ഀ
DRV - [2011/04/18 04:00:00 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110508.003\navex15.sys -- (NAVEX15)਍ഀ
DRV - [2011/04/18 04:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110508.003\naveng.sys -- (NAVENG)਍ഀ
DRV - [2010/09/10 22:32:20 | 000,167,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WpsHelper.sys -- (WpsHelper)਍ഀ
DRV - [2010/06/02 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)਍ഀ
DRV - [2010/06/02 04:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)਍ഀ
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)਍ഀ
DRV - [2009/02/12 12:42:30 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)਍ഀ
DRV - [2008/12/08 22:45:28 | 000,092,488 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant)਍ഀ
DRV - [2008/12/08 22:43:46 | 000,042,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)਍ഀ
DRV - [2008/11/18 19:17:08 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)਍ഀ
DRV - [2008/10/14 12:24:18 | 000,049,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)਍ഀ
DRV - [2008/10/13 13:31:46 | 000,319,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)਍ഀ
DRV - [2008/10/13 13:31:46 | 000,279,600 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)਍ഀ
DRV - [2008/10/13 13:31:46 | 000,043,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)਍ഀ
DRV - [2008/08/21 12:13:56 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)਍ഀ
DRV - [2008/08/21 12:13:56 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)਍ഀ
DRV - [2008/06/16 17:53:14 | 000,420,400 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)਍ഀ
DRV - [2004/09/17 15:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)਍ഀ
DRV - [2003/07/15 22:20:46 | 000,043,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)਍ഀ
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)਍ഀ
DRV - [2002/11/08 20:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)਍ഀ
਍ഀ
਍ഀ
========== Standard Registry (SafeList) ==========਍ഀ
਍ഀ
਍ഀ
========== Internet Explorer ==========਍ഀ
਍ഀ
਍ഀ
਍ഀ
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz਍
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybiz਍
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz਍
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0਍ഀ
਍ഀ
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz਍
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybiz਍
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz਍
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0਍ഀ
਍ഀ
਍ഀ
਍ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz਍
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com਍
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google਍ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8਍
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/਍
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/਍
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us਍ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 EE 5E 65 00 4D CB 01 [binary data]਍ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - File not found਍ഀ
IE - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0਍ഀ
਍ഀ
਍ഀ
਍ഀ
O1 HOSTS File: ([2009/05/22 15:29:17 | 000,000,160 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts਍ഀ
O1 - Hosts: 127.0.0.1 localhost਍ഀ
O1 - Hosts: ::1 localhost਍ഀ
O1 - Hosts: 94.232.248.66 browser-security.microsoft.com਍ഀ
O1 - Hosts: 94.232.248.66 antivirprotection.com਍ഀ
O1 - Hosts: 94.232.248.66 www.antivirprotection.com਍ഀ
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - File not found਍ഀ
O2 - BHO: () - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - File not found਍ഀ
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.਍ഀ
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)਍ഀ
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - File not found਍ഀ
O3 - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - File not found਍ഀ
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1਍ഀ
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0਍ഀ
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0਍ഀ
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0਍ഀ
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145਍ഀ
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145਍ഀ
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145਍ഀ
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145਍ഀ
O7 - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145਍ഀ
O15 - HKU\S-1-5-21-3862471021-2408828704-195926605-1005\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)਍ഀ
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)਍ഀ
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)਍ഀ
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...90/mcinsctl.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1182198670109 (WUWebControl Class)਍ഀ
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1182198523265 (MUWebControl Class)਍ഀ
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)਍ഀ
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,23/mcgdmgr.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)਍ഀ
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)਍ഀ
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)਍ഀ
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)਍ഀ
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1਍ഀ
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.78,93.188.166.228਍ഀ
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)਍ഀ
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)਍ഀ
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found਍ഀ
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Roz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp਍ഀ
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)਍ഀ
O32 - HKLM CDRom: AutoRun - 1਍ഀ
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]਍ഀ
O33 - MountPoints2\{71a5ecac-11a9-11db-86cc-00123fd4551e}\Shell\AutoRun\command - "" = E:\setupSNK.exe਍ഀ
O33 - MountPoints2\{b988a750-0543-11db-86ca-00123fd4551e}\Shell\AutoRun\command - "" = E:\setupSNK.exe਍ഀ
O33 - MountPoints2\{e8120a24-446e-11de-872e-00123fd4551e}\Shell - "" = AutoRun਍ഀ
O33 - MountPoints2\{e8120a24-446e-11de-872e-00123fd4551e}\Shell\AutoRun - "" = Auto&Play਍ഀ
O33 - MountPoints2\{e8120a24-446e-11de-872e-00123fd4551e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a਍ഀ
O34 - HKLM BootExecute: (autocheck autochk *) - File not found਍ഀ
O35 - HKLM\..comfile [open] -- "%1" %*਍ഀ
O35 - HKLM\..exefile [open] -- "%1" %*਍ഀ
O37 - HKLM\...com [@ = comfile] -- "%1" %*਍ഀ
O37 - HKLM\...exe [@ = exefile] -- "%1" %*਍ഀ
਍ഀ
========== Files/Folders - Created Within 30 Days ==========਍ഀ
਍ഀ
[2011/05/11 12:54:59 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTL.exe਍ഀ
[2011/05/11 12:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\AOL਍ഀ
[2011/05/11 12:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roz\Desktop\tdsskiller਍ഀ
[2011/05/11 12:38:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roz\Desktop\GooredFix Backups਍ഀ
[2011/05/11 12:38:00 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Roz\Desktop\GooredFix.exe਍ഀ
[2011/05/11 12:25:17 | 000,000,000 | ---D | C] -- C:\_OTM਍ഀ
[2011/05/11 12:20:38 | 000,519,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTM.exe਍ഀ
[2011/05/11 10:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roz\Application Data\Malwarebytes਍ഀ
[2011/05/11 10:32:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes਍ഀ
[2011/05/10 11:33:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss਍ഀ
[2011/05/10 10:36:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Roz\Recent਍ഀ
[2011/04/20 12:50:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roz\My Documents\BoardMinutes2-16-11਍ഀ
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]਍ഀ
[28 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]਍ഀ
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]਍ഀ
਍ഀ
========== Files - Modified Within 30 Days ==========਍ഀ
਍ഀ
[2011/05/11 12:55:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTL.exe਍ഀ
[2011/05/11 12:50:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl਍ഀ
[2011/05/11 12:49:08 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\tasks\llpdhdo.job਍ഀ
[2011/05/11 12:48:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat਍ഀ
[2011/05/11 12:48:47 | 803,278,848 | -HS- | M] () -- C:\hiberfil.sys਍ഀ
[2011/05/11 12:44:57 | 001,280,815 | ---- | M] () -- C:\Documents and Settings\Roz\Desktop\tdsskiller.zip਍ഀ
[2011/05/11 12:38:00 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Roz\Desktop\GooredFix.exe਍ഀ
[2011/05/11 12:20:46 | 000,519,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roz\Desktop\OTM.exe਍ഀ
[2011/05/11 10:19:20 | 000,000,002 | ---- | M] () -- C:\WINDOWS\msoffice.ini਍ഀ
[2011/05/10 12:57:27 | 000,000,177 | ---- | M] () -- C:\WINDOWS\hpbafd.ini਍ഀ
[2011/05/10 11:36:59 | 000,000,211 | RHS- | M] () -- C:\boot.ini਍ഀ
[2011/05/06 18:30:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (ROSALIND-Roz).job਍ഀ
[2011/05/04 13:23:59 | 000,043,291 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\120_ImportantContactLetterreCutsinEducation.pdf਍ഀ
[2011/04/28 11:58:33 | 000,398,760 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid਍ഀ
[2011/04/26 13:36:22 | 000,004,049 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\faithful.jpg਍ഀ
[2011/04/25 13:24:04 | 000,012,873 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\bounty.jpg਍ഀ
[2011/04/20 12:50:28 | 000,018,487 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\BoardMinutes2-16-11.zip਍ഀ
[2011/04/19 12:32:49 | 000,000,093 | ---- | M] () -- C:\Documents and Settings\Roz\My Documents\image003.bmp਍ഀ
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]਍ഀ
[28 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]਍ഀ
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]਍ഀ
਍ഀ
========== Files Created - No Company Name ==========਍ഀ
਍ഀ
[2011/05/11 12:44:52 | 001,280,815 | ---- | C] () -- C:\Documents and Settings\Roz\Desktop\tdsskiller.zip਍ഀ
[2011/05/11 10:19:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini਍ഀ
[2011/05/04 13:23:58 | 000,043,291 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\120_ImportantContactLetterreCutsinEducation.pdf਍ഀ
[2011/04/26 13:36:59 | 000,004,049 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\faithful.jpg਍ഀ
[2011/04/25 13:24:58 | 000,012,873 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\bounty.jpg਍ഀ
[2011/04/20 12:50:27 | 000,018,487 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\BoardMinutes2-16-11.zip਍ഀ
[2011/04/19 12:32:49 | 000,000,093 | ---- | C] () -- C:\Documents and Settings\Roz\My Documents\image003.bmp਍ഀ
[2011/01/28 12:58:28 | 000,001,476 | ---- | C] () -- C:\WINDOWS\SKCMSUSR.INI਍ഀ
[2010/09/07 10:52:28 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat਍ഀ
[2010/08/03 16:19:31 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat਍ഀ
[2010/08/03 12:56:57 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\asferror6.dll਍ഀ
[2010/07/15 15:35:14 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Roz\Application Data\PnkBstrK.sys਍ഀ
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll਍ഀ
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe਍ഀ
[2009/06/11 03:06:33 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI਍ഀ
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin਍ഀ
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin਍ഀ
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini਍ഀ
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini਍ഀ
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini਍ഀ
[2007/05/24 15:07:34 | 000,034,800 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE਍ഀ
[2006/11/21 15:08:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI਍ഀ
[2006/10/20 14:30:20 | 000,000,349 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini਍ഀ
[2005/12/05 10:40:05 | 000,000,177 | ---- | C] () -- C:\WINDOWS\hpbafd.ini਍ഀ
[2005/11/23 14:56:01 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\Roz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini਍ഀ
[2005/10/25 06:24:22 | 000,020,594 | ---- | C] () -- C:\WINDOWS\System32\DELS1L3.DLL਍ഀ
[2005/08/31 13:33:12 | 000,020,594 | ---- | C] () -- C:\WINDOWS\System32\DELS1LMK.DLL਍ഀ
[2005/07/18 10:35:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI਍ഀ
[2005/07/18 10:35:35 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini਍ഀ
[2005/07/18 10:35:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI਍ഀ
[2005/07/15 15:03:48 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Roz\Local Settings\Application Data\fusioncache.dat਍ഀ
[2005/06/09 13:30:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini਍ഀ
[2005/06/09 13:24:59 | 000,000,396 | ---- | C] () -- C:\WINDOWS\wininit.ini਍ഀ
[2005/06/09 12:54:46 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe਍ഀ
[2005/06/09 12:54:00 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI਍ഀ
[2005/05/04 20:58:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini਍ഀ
[2004/08/11 18:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini਍ഀ
[2004/08/11 18:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat਍ഀ
[2004/08/11 18:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat਍ഀ
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini਍ഀ
[2004/08/11 18:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI਍ഀ
[2004/08/11 18:06:43 | 000,352,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT਍ഀ
[2004/08/11 18:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat਍ഀ
[2004/08/11 18:00:28 | 000,507,300 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat਍ഀ
[2004/08/11 18:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat਍ഀ
[2004/08/11 18:00:28 | 000,088,670 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat਍ഀ
[2004/08/11 18:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat਍ഀ
[2004/08/11 18:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat਍ഀ
[2004/08/11 18:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin਍ഀ
[2004/08/11 18:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat਍ഀ
[2004/08/11 18:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat਍ഀ
[2004/08/11 18:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin਍ഀ
[2004/08/11 18:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat਍ഀ
[2004/08/11 18:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin਍ഀ
[1999/01/22 14:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL਍ഀ
[1998/01/12 04:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL਍ഀ
਍ഀ
========== LOP Check ==========਍ഀ
਍ഀ
[2009/02/19 14:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications਍ഀ
[2011/04/04 10:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\lJb16633eMlFd16633਍ഀ
[2010/09/07 11:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint਍ഀ
[2005/07/18 15:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roz\Application Data\FileMaker਍ഀ
[2007/12/28 12:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roz\Application Data\Leadertech਍ഀ
[2008/07/29 12:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roz\Application Data\Windows Desktop Search਍ഀ
[2008/08/27 08:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roz\Application Data\Windows Search਍ഀ
[2011/05/11 12:49:08 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\Tasks\llpdhdo.job਍ഀ
਍ഀ
========== Purity Check ==========਍ഀ
਍ഀ
਍ഀ
਍ഀ
< End of report >਍ഀ

OTL Extras logfile created on: 5/11/2011 12:56:16 PM - Run 1਍ഀ
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Roz\Desktop਍ഀ
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation਍ഀ
Internet Explorer (Version = 8.0.6001.18702)਍ഀ
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy਍ഀ
਍ഀ
766.00 Mb Total Physical Memory | 298.00 Mb Available Physical Memory | 39.00% Memory free਍ഀ
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free਍ഀ
Paging file location(s): C:\pagefile.sys 384 768 [binary data]਍ഀ
਍ഀ
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files਍ഀ
Drive C: | 34.13 Gb Total Space | 17.55 Gb Free Space | 51.43% Space Free | Partition Type: NTFS਍ഀ
Drive F: | 21.82 Gb Total Space | 6.83 Gb Free Space | 31.28% Space Free | Partition Type: NTFS਍ഀ
਍ഀ
Computer Name: DCA-PRINCIPAL | User Name: Roz | Logged in as Administrator.਍ഀ
Boot Mode: Normal | Scan Mode: All users | Quick Scan਍ഀ
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days਍ഀ
਍ഀ
========== Extra Registry (SafeList) ==========਍ഀ
਍ഀ
਍ഀ
========== File Associations ==========਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]਍ഀ
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*਍ഀ
਍ഀ
========== Shell Spawning ==========਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]਍ഀ
batfile [open] -- "%1" %*਍ഀ
cmdfile [open] -- "%1" %*਍ഀ
comfile [open] -- "%1" %*਍ഀ
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*਍ഀ
exefile [open] -- "%1" %*਍ഀ
piffile [open] -- "%1" %*਍ഀ
regfile [merge] -- Reg Error: Key error.਍ഀ
scrfile [config] -- "%1"਍ഀ
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l਍ഀ
scrfile [open] -- "%1" /S਍ഀ
txtfile [edit] -- Reg Error: Key error.਍ഀ
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1਍ഀ
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)਍ഀ
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)਍ഀ
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)਍ഀ
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)਍ഀ
਍ഀ
========== Security Center Settings ==========਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]਍ഀ
"FirstRunDisabled" = 1਍ഀ
"AntiVirusDisableNotify" = 0਍ഀ
"FirewallDisableNotify" = 0਍ഀ
"UpdatesDisableNotify" = 0਍ഀ
"AntiVirusOverride" = 0਍ഀ
"FirewallOverride" = 0਍ഀ
"UacDisableNotify" = 1਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]਍ഀ
"DisableMonitoring" = 1਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]਍ഀ
਍ഀ
========== System Restore Settings ==========਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]਍ഀ
"DisableSR" = 0਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]਍ഀ
"Start" = 0਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]਍ഀ
"Start" = 2਍ഀ
਍ഀ
========== Firewall Settings ==========਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]਍ഀ
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007਍ഀ
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008਍ഀ
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004਍ഀ
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005਍ഀ
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001਍ഀ
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002਍ഀ
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]਍ഀ
"EnableFirewall" = 1਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]਍ഀ
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007਍ഀ
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008਍ഀ
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004਍ഀ
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005਍ഀ
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001਍ഀ
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002਍ഀ
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service਍ഀ
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management ਍ഀ
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In) ਍ഀ
਍ഀ
========== Authorized Applications List ==========਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]਍ഀ
"C:\Program Files\FileMaker\FileMaker Pro 6\FileMaker Pro.exe" = C:\Program Files\FileMaker\FileMaker Pro 6\FileMaker Pro.exe:*:Enabled:FileMaker Pro -- (FileMaker, Inc.)਍ഀ
"C:\Program Files\Symantec AntiVirus\Smc.exe" = C:\Program Files\Symantec AntiVirus\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)਍ഀ
"C:\Program Files\Symantec AntiVirus\SNAC.EXE" = C:\Program Files\Symantec AntiVirus\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)਍ഀ
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)਍ഀ
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA਍ഀ
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB਍ഀ
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (America Online)਍ഀ
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)਍ഀ
"C:\Program Files\Common Files\aol\1283871567\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1283871567\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)਍ഀ
"C:\Program Files\AOL 9.5\waol.exe" = C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL਍ഀ
"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)਍ഀ
"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)਍ഀ
"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL Inc.)਍ഀ
਍ഀ
਍ഀ
========== HKEY_LOCAL_MACHINE Uninstall List ==========਍ഀ
਍ഀ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]਍ഀ
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player਍ഀ
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data਍ഀ
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant਍ഀ
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE਍ഀ
"{0F07FEE1-351E-471B-B0FD-F9C6331ABFB4}" = AFM Campaign Software 2008-2009਍ഀ
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA਍ഀ
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety਍ഀ
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool਍ഀ
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT਍ഀ
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 24਍ഀ
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager਍ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4਍ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9਍ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1਍ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2਍ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3਍ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5਍ഀ
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7਍ഀ
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10਍ഀ
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP਍ഀ
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page਍ഀ
"{3BAB4914-9CC1-4CC2-A3DA-56EF62DFD373}" = Symantec Endpoint Protection਍ഀ
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile਍ഀ
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5਍ഀ
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater਍ഀ
"{58EDAD68-7839-42D8-A6AD-854A9ECB8224}" = FileMaker Pro 6਍ഀ
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool਍ഀ
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0਍ഀ
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail਍ഀ
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com਍ഀ
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer਍ഀ
"{6E4D4E0B-02F6-46C1-BAE5-1B6B2E486A7B}" = Microsoft Office Live Meeting 2007਍ഀ
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03਍ഀ
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable਍ഀ
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore਍ഀ
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053਍ഀ
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon਍ഀ
"{78D944D7-A97B-4004-AB0A-B5AD06839940}" = My Way Search Assistant਍ഀ
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries਍ഀ
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials਍ഀ
"{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs਍ഀ
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight਍ഀ
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver਍ഀ
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12਍ഀ
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007਍ഀ
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)਍ഀ
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007਍ഀ
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007਍ഀ
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007਍ഀ
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007਍ഀ
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007਍ഀ
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007਍ഀ
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007਍ഀ
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007਍ഀ
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007਍ഀ
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007਍ഀ
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007਍ഀ
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007਍ഀ
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007਍ഀ
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007਍ഀ
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)਍ഀ
"{901C0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime਍ഀ
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting਍ഀ
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI਍ഀ
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR਍ഀ
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2਍ഀ
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger਍ഀ
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries਍ഀ
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio਍ഀ
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4਍ഀ
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9਍ഀ
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0਍ഀ
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12਍ഀ
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy਍ഀ
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0਍ഀ
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation਍ഀ
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2਍ഀ
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1਍ഀ
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1਍ഀ
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update਍ഀ
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform਍ഀ
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard਍ഀ
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5਍ഀ
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call਍ഀ
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard਍ഀ
"Adobe AIR" = Adobe AIR਍ഀ
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX਍ഀ
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5਍ഀ
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0਍ഀ
"AOL Toolbar" = AOL Toolbar਍ഀ
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)਍ഀ
"CCleaner" = CCleaner਍ഀ
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com਍ഀ
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows਍ഀ
"Dell Laser Printer 1100" = Dell Laser Printer 1100 Software Uninstall਍ഀ
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs਍ഀ
"ie7" = Windows Internet Explorer 7਍ഀ
"ie8" = Windows Internet Explorer 8਍ഀ
"InstallShield_{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs਍ഀ
"Jasc Paint Shop Pro Studio.01 , Dell Edition 1.0.1.1 Patch" = Jasc Paint Shop Pro Studio.01 , Dell Edition 1.0.1.1 Patch਍ഀ
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)਍ഀ
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1਍ഀ
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1਍ഀ
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile਍ഀ
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP਍ഀ
"MyWaySearchAssistantDE" = My Way Search Assistant਍ഀ
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs਍ഀ
"PROPLUS" = Microsoft Office Professional Plus 2007਍ഀ
"SoftwareUpdUtility" = Download Updater (AOL LLC)਍ഀ
"ViewpointMediaPlayer" = Viewpoint Media Player਍ഀ
"WIC" = Windows Imaging Component਍ഀ
"Windows Media Format Runtime" = Windows Media Format 11 runtime਍ഀ
"Windows Media Player" = Windows Media Player 11਍ഀ
"Windows XP Service Pack" = Windows XP Service Pack 3਍ഀ
"WinLiveSuite_Wave3" = Windows Live Essentials਍ഀ
"WMFDist11" = Windows Media Format 11 runtime਍ഀ
"wmp11" = Windows Media Player 11਍ഀ
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0਍ഀ
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0਍ഀ
਍ഀ
========== Last 10 Event Log Errors ==========਍ഀ
਍ഀ
[ Application Events ]਍ഀ
Error - 5/11/2011 12:21:14 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725਍ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec਍ഀ
AntiVirus\SmcGui.exe Event Info: Set Information Process Action Taken: Logged Actor਍ഀ
Process: C:\Program Files\AOL Desktop 9.6\waol.exe (PID 2468) Time: Wednesday,਍ഀ
May 11, 2011 12:21:14 PM਍ഀ
਍ഀ
Error - 5/11/2011 12:25:17 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725਍ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec਍ഀ
AntiVirus\Smc.exe Event Info: Terminate Process Action Taken: Logged Actor Process:਍ഀ
C:\Documents and Settings\Roz\Desktop\OTM.exe (PID 2400) Time: Wednesday, May ਍ഀ
11, 2011 12:25:17 PM਍ഀ
਍ഀ
Error - 5/11/2011 12:35:57 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725਍ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec਍ഀ
AntiVirus\SmcGui.exe Event Info: Set Information Process Action Taken: Logged Actor਍ഀ
Process: C:\Program Files\AOL Desktop 9.6\waol.exe (PID 3524) Time: Wednesday,਍ഀ
May 11, 2011 12:35:56 PM਍ഀ
਍ഀ
Error - 5/11/2011 12:41:52 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725਍ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec਍ഀ
AntiVirus\SmcGui.exe Event Info: Set Information Process Action Taken: Logged Actor਍ഀ
Process: C:\Program Files\AOL Desktop 9.6\waol.exe (PID 3556) Time: Wednesday,਍ഀ
May 11, 2011 12:41:52 PM਍ഀ
਍ഀ
Error - 5/11/2011 12:45:29 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131083਍ഀ
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>਍
with error: A required certificate is not within its validity period when verifying਍ഀ
against the current system clock or the timestamp in the signed file. ਍ഀ
਍ഀ
Error - 5/11/2011 12:45:29 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131083਍ഀ
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>਍
with error: A required certificate is not within its validity period when verifying਍ഀ
against the current system clock or the timestamp in the signed file. ਍ഀ
਍ഀ
Error - 5/11/2011 12:45:30 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131080਍ഀ
Description = Failed auto update retrieval of third-party root list sequence number਍ഀ
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>਍
with error: A connection with the server could not be established ਍ഀ
਍ഀ
Error - 5/11/2011 12:45:31 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131083਍ഀ
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>਍
with error: A required certificate is not within its validity period when verifying਍ഀ
against the current system clock or the timestamp in the signed file. ਍ഀ
਍ഀ
Error - 5/11/2011 12:45:31 PM | Computer Name = DCA-PRINCIPAL | Source = crypt32 | ID = 131080਍ഀ
Description = Failed auto update retrieval of third-party root list sequence number਍ഀ
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>਍
with error: This network connection does not exist. ਍ഀ
਍ഀ
Error - 5/11/2011 12:52:49 PM | Computer Name = DCA-PRINCIPAL | Source = Symantec AntiVirus | ID = 16711725਍ഀ
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec਍ഀ
AntiVirus\SmcGui.exe Event Info: Set Information Process Action Taken: Logged Actor਍ഀ
Process: C:\Program Files\AOL Desktop 9.6\waol.exe (PID 2412) Time: Wednesday,਍ഀ
May 11, 2011 12:52:49 PM਍ഀ
਍ഀ
[ OSession Events ]਍ഀ
Error - 8/10/2009 2:00:47 PM | Computer Name = DCA-PRINCIPAL | Source = Microsoft Office 12 Sessions | ID = 7001਍ഀ
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:਍ഀ
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 57਍ഀ
seconds with 0 seconds of active time. This session ended with a crash.਍ഀ
਍ഀ
Error - 8/10/2009 2:01:30 PM | Computer Name = DCA-PRINCIPAL | Source = Microsoft Office 12 Sessions | ID = 7001਍ഀ
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:਍ഀ
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 96਍ഀ
seconds with 0 seconds of active time. This session ended with a crash.਍ഀ
਍ഀ
Error - 8/10/2009 2:01:52 PM | Computer Name = DCA-PRINCIPAL | Source = Microsoft Office 12 Sessions | ID = 7001਍ഀ
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:਍ഀ
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 27਍ഀ
seconds with 0 seconds of active time. This session ended with a crash.਍ഀ
਍ഀ
Error - 9/10/2009 11:36:29 AM | Computer Name = DCA-PRINCIPAL | Source = Microsoft Office 12 Sessions | ID = 7001਍ഀ
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:਍ഀ
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 190਍ഀ
seconds with 60 seconds of active time. This session ended with a crash.਍ഀ
਍ഀ
[ System Events ]਍ഀ
Error - 5/11/2011 12:25:18 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031਍ഀ
Description = The Symantec Management Client service terminated unexpectedly. It਍ഀ
has done this 1 time(s). The following corrective action will be taken in 1000਍ഀ
milliseconds: Restart the service.਍ഀ
਍ഀ
Error - 5/11/2011 12:25:18 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7034਍ഀ
Description = The Machine Debug Manager service terminated unexpectedly. It has਍ഀ
done this 1 time(s).਍ഀ
਍ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031਍ഀ
Description = The Symantec Endpoint Protection service terminated unexpectedly. ਍ഀ
It has done this 1 time(s). The following corrective action will be taken in 10000਍ഀ
milliseconds: Restart the service.਍ഀ
਍ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7034਍ഀ
Description = The Java Quick Starter service terminated unexpectedly. It has done਍ഀ
this 1 time(s).਍ഀ
਍ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031਍ഀ
Description = The Symantec Event Manager service terminated unexpectedly. It has਍ഀ
done this 1 time(s). The following corrective action will be taken in 200 milliseconds:਍ഀ
Restart the service.਍ഀ
਍ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031਍ഀ
Description = The Symantec Settings Manager service terminated unexpectedly. It਍ഀ
has done this 1 time(s). The following corrective action will be taken in 100 ਍ഀ
milliseconds: Restart the service.਍ഀ
਍ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7031਍ഀ
Description = The Windows Live ID Sign-in Assistant service terminated unexpectedly.਍ഀ
It has done this 1 time(s). The following corrective action will be taken in ਍ഀ
10000 milliseconds: Restart the service.਍ഀ
਍ഀ
Error - 5/11/2011 12:25:23 PM | Computer Name = DCA-PRINCIPAL | Source = Service Control Manager | ID = 7034਍ഀ
Description = The AOL Connectivity Service service terminated unexpectedly. It ਍ഀ
has done this 1 time(s).਍ഀ
਍ഀ
Error - 5/11/2011 12:28:47 PM | Computer Name = DCA-PRINCIPAL | Source = sr | ID = 1਍ഀ
Description = The System Restore filter encountered the unexpected error '0xC0000243'਍ഀ
while processing the file 'SrtETmp' on the volume 'HarddiskVolume2'. It has stopped਍ഀ
monitoring the volume.਍ഀ
਍ഀ
Error - 5/11/2011 12:49:23 PM | Computer Name = DCA-PRINCIPAL | Source = Print | ID = 19਍ഀ
Description = Sharing printer failed + 1722, Printer Microsoft XPS Document Writer਍ഀ
share name Printer2.਍ഀ
਍ഀ
਍ഀ
< End of report >਍ഀ
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there try this - on completion could you let me know if you are still getting redirects

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O2 - BHO: () - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - File not found.
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.78,93.188.166.228.
    [2011/04/04 10:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\lJb16633eMlFd16633
    [2011/05/11 12:49:08 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\Tasks\llpdhdo.job

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP