Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows activation error 0XC004D401 spam


  • This topic is locked This topic is locked

#1
HunterAce

HunterAce

    Member

  • Member
  • PipPip
  • 27 posts
Hi G2G, you've always been helpful before so I am looking for your assistance again.

My wife's computer, after typing in the windows password (Vista 64 bit) - at times - not every time - will produce a windows activation error.
It says 'An unauthorized change was made to windows'. Windows has discovered a change that will result in limited windows functionality. Use the link below to find out how to fix windows (yeah right). If you click more info, it has code 0XC004D401.

I personally think this is some sort of spam issue so I've run OTL and posted the log here so you can tell me if that is the case or if I have some other problem. For what its worth, we use Yahoo mail and every time we browse to the yahoo mail it tells us our screen resolution is not high enough. Its set to over 1200 by 600 - so It should be fine. Just included this in case it helps resolve the issue.

Here's the OTL log. I look forward to hearing back from you!

OTL logfile created on: 6/29/2011 8:00:37 PM - Run 2
OTL by OldTimer - Version 3.2.24.2 Folder = C:\Users\Karla\Downloads
64bit-Windows Vista Unlicensed product Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 56.91% Memory free
8.09 Gb Paging File | 6.29 Gb Available in Paging File | 77.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 252.95 Gb Total Space | 174.75 Gb Free Space | 69.08% Space Free | Partition Type: NTFS
Drive D: | 30.38 Gb Total Space | 28.46 Gb Free Space | 93.68% Space Free | Partition Type: NTFS

Computer Name: FARNSLEYHOME | User Name: Karla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Karla\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe (Digital Delivery Networks, Inc.)
PRC - C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe (Digital Delivery Networks, Inc.)
PRC - C:\Program Files (x86)\AT&T Global Network Client\NetLogSvc.exe (AT&T)
PRC - C:\Program Files (x86)\AT&T Global Network Client\netcfgsvr.exe (AT&T)
PRC - C:\Program Files (x86)\AT&T Global Network Client\NetClientSvc.exe (AT&T)
PRC - C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\Lenovo Desktop Navigator\DesktopNavigator.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
PRC - C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
PRC - C:\Windows\SysWOW64\IgrsSvcs.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Lexmark 7300 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Program Files (x86)\Lexmark 7300 Series\lxcimon.exe (Lexmark International, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Karla\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DKService.exe (Diskeeper Corporation)
SRV:64bit: - (System_Repair_UpdateMonitor) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe (Lenovo Group Limited)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (lxci_device) -- C:\Windows\SysNative\lxcicoms.exe ()
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (DDNIService) -- C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe (Digital Delivery Networks, Inc.)
SRV - (DDNIMSGService) -- C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe (Digital Delivery Networks, Inc.)
SRV - (NetLogSvc) -- C:\Program Files (x86)\AT&T Global Network Client\NetLogSvc.exe (AT&T)
SRV - (netcfgsvr) -- C:\Program Files (x86)\AT&T Global Network Client\netcfgsvr.exe (AT&T)
SRV - (NetClientSvc) -- C:\Program Files (x86)\AT&T Global Network Client\NetClientSvc.exe (AT&T)
SRV - (IAANTMON) Intel® -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe (WildTangent, Inc.)
SRV - (IncSvc) -- C:\Windows\SysWow64\IgrsSvcs.exe (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (lxci_device) -- C:\Windows\SysWow64\lxcicoms.exe ( )


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys ()
DRV:64bit: - (agnfilt) -- C:\Windows\SysNative\DRIVERS\agnfilt.sys ()
DRV:64bit: - (avpnnic) -- C:\Windows\SysNative\DRIVERS\avpnnic.sys ()
DRV:64bit: - (enecir) -- C:\Windows\SysNative\DRIVERS\enecir.sys ()
DRV:64bit: - (NETw5v64) Intel® -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys ()
DRV:64bit: - (usbsmi) -- C:\Windows\SysNative\DRIVERS\SMIksdrv.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys ()
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\DRIVERS\AcpiVpc.sys ()
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS ()
DRV:64bit: - (IntcHdmiAddService) Intel® -- C:\Windows\SysNative\drivers\IntcHdmi.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys ()
DRV:64bit: - (tvtumon) -- C:\Windows\SysNative\DRIVERS\tvtumon.sys ()
DRV:64bit: - (swmsflt) -- C:\Windows\SysNative\drivers\swmsflt.sys ()
DRV:64bit: - (k57nd60a) Broadcom NetLink ™ -- C:\Windows\SysNative\DRIVERS\k57nd60a.sys ()
DRV:64bit: - (WSVD) -- C:\Windows\SysNative\drivers\WSVD.sys ()
DRV:64bit: - (enecirhid) -- C:\Windows\SysNative\DRIVERS\enecirhid.sys ()
DRV:64bit: - (enecirhidma) -- C:\Windows\SysNative\DRIVERS\enecirhidma.sys ()
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\RootMdm.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys ()
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys ()
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys ()
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\DRIVERS\wimfltr.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\4.4\dealioToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=374563"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: [email protected]:4.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:4.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..keyword.URL: "http://search.yahoo....type=374563&p="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/17 12:37:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/17 12:37:53 | 000,000,000 | ---D | M]

[2009/05/28 14:58:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karla\AppData\Roaming\Mozilla\Extensions
[2010/02/03 15:01:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karla\AppData\Roaming\Mozilla\eclipse1\extensions
[2011/06/29 19:43:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karla\AppData\Roaming\Mozilla\Firefox\Profiles\rvc5zbhi.default\extensions
[2011/03/08 21:01:39 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Users\Karla\AppData\Roaming\Mozilla\Firefox\Profiles\rvc5zbhi.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/10/03 18:07:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Karla\AppData\Roaming\Mozilla\Firefox\Profiles\rvc5zbhi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/26 12:31:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Karla\AppData\Roaming\Mozilla\Firefox\Profiles\rvc5zbhi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/29 21:50:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/17 16:45:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/23 21:13:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/30 00:25:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/05/29 21:50:18 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM
[2011/05/29 21:50:18 | 000,000,000 | ---D | M] (Dealio Toolbar) -- C:\PROGRAM FILES (X86)\DEALIO TOOLBAR\FF
[2009/05/28 23:06:56 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\KARLA\APPDATA\ROAMING\MOVE NETWORKS
[2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll

O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\4.4\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files (x86)\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\4.4\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files (x86)\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files (x86)\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 7300 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [LXCICATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCItime.DLL ()
O4:64bit: - HKLM..\Run: [lxcimon.exe] C:\Program Files (x86)\Lexmark 7300 Series\lxcimon.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Unattend0000000001{2F0CCE2D-26B0-45A0-90A2-BEE09B5FC562}] File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [IdeaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [OnekeyDM] C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKCU..\Run: [DW6] File not found
O4 - HKCU..\Run: [NetSP - restore settings on power failure] C:\Program Files (x86)\AT&T Global Network Client\NetSP.exe (AT&T)
O4 - HKCU..\Run: [ReadyComm] C:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Karla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: &Windows Live Search - C:\Program Files (x86)\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: &Windows Live Search - C:\Program Files (x86)\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.72.134 68.87.77.134
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll ()
O24 - Desktop WallPaper: C:\Users\Karla\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Karla\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{54235e29-24b0-11df-a5f0-00235a6ef02c}\Shell\AutoRun\command - "" = E:\FileViewer.exe
O34 - HKLM BootExecute: (autocheck autochk /p \??\C:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/29 19:39:34 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2011/06/29 19:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2011/06/07 09:44:54 | 000,000,000 | ---D | C] -- C:\Users\Karla\AppData\Local\Downloaded Installations
[2009/06/14 19:24:19 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxciserv.dll
[2009/06/14 19:24:19 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxciusb1.dll
[2009/06/14 19:24:19 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcihbn3.dll
[2009/06/14 19:24:19 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcicomc.dll
[2009/06/14 19:24:19 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcipmui.dll
[2009/06/14 19:24:19 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcilmpm.dll
[2009/06/14 19:24:19 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcicoms.exe
[2009/06/14 19:24:19 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcicomm.dll
[2009/06/14 19:24:19 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxciinpa.dll
[2009/06/14 19:24:19 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxciiesc.dll
[2009/06/14 19:24:19 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxciih.exe
[2009/06/14 19:24:19 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcicfg.exe
[2009/06/14 19:24:19 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcippls.exe
[2009/06/14 19:24:19 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxciprox.dll
[2009/06/14 19:24:19 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcipplc.dll
[2009/01/12 09:00:35 | 001,526,576 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax9f.exe
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Karla\AppData\Local\*.tmp files -> C:\Users\Karla\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/29 19:51:26 | 000,000,456 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{878A6B74-34F7-45AC-8FEC-A0D5E5567103}.job
[2011/06/29 19:41:41 | 000,008,823 | ---- | M] () -- C:\Users\Karla\Documents\mgadtlog.rtf
[2011/06/29 19:38:34 | 000,756,644 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/29 19:38:34 | 000,642,392 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/29 19:38:34 | 000,118,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/29 19:32:12 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/29 19:32:09 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo
[2011/06/29 19:32:03 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 19:32:03 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 19:31:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/29 19:22:01 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
[2011/06/29 19:15:12 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/26 10:35:12 | 000,030,070 | ---- | M] () -- C:\Users\Karla\Documents\Employment Search information.odt
[2011/06/26 09:49:53 | 000,018,893 | ---- | M] () -- C:\Users\Karla\Documents\Unemployment Account Balances.ods
[2011/06/23 20:02:25 | 000,021,590 | ---- | M] () -- C:\Users\Karla\Documents\Balance of Dad's cash.ods
[2011/06/20 21:41:07 | 000,013,239 | ---- | M] () -- C:\Users\Karla\Documents\Letter to Residence At McCormicks regarding payment.odt
[2011/06/07 15:51:54 | 000,035,270 | ---- | M] () -- C:\Users\Karla\Documents\Journal of our Myrtle Beach Vacation.odt
[2011/06/01 15:09:04 | 000,010,147 | ---- | M] () -- C:\Users\Karla\Documents\Directions to Myrtle Beach SC from home.odt
[2011/05/31 23:58:14 | 000,009,847 | ---- | M] () -- C:\Users\Karla\Documents\Things to pack for Myrtle Beach trip.odt
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Karla\AppData\Local\*.tmp files -> C:\Users\Karla\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/29 19:41:41 | 000,008,823 | ---- | C] () -- C:\Users\Karla\Documents\mgadtlog.rtf
[2011/06/20 21:21:09 | 000,013,239 | ---- | C] () -- C:\Users\Karla\Documents\Letter to Residence At McCormicks regarding payment.odt
[2011/06/04 00:06:57 | 000,035,270 | ---- | C] () -- C:\Users\Karla\Documents\Journal of our Myrtle Beach Vacation.odt
[2010/01/07 22:22:53 | 000,012,288 | ---- | C] () -- C:\Users\Karla\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/12 08:51:18 | 000,217,942 | ---- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/06/14 19:54:22 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\IPPCPUID.DLL
[2009/06/14 19:53:30 | 000,028,672 | ---- | C] () -- C:\Windows\hookdllX.dll
[2009/06/14 19:53:14 | 000,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll
[2009/06/14 19:24:19 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxcicomx.dll
[2009/06/14 19:24:19 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxciinst.dll
[2009/05/15 16:22:30 | 002,101,248 | ---- | C] () -- C:\Windows\SysWow64\Apblend.dll
[2009/05/15 16:22:01 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll
[2009/05/15 16:21:51 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll
[2009/05/15 16:11:28 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\SBarHook.DLL
[2009/05/15 15:55:05 | 002,026,604 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/05/15 15:55:02 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2009/05/15 15:55:00 | 000,445,796 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/01/12 08:28:33 | 000,708,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/01/12 08:04:07 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/01/12 08:04:07 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/08/27 21:29:00 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\OnekeyDM.dll
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 22:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2009/06/15 21:13:47 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\EasyCapture
[2011/03/08 21:02:21 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\GARMIN
[2009/10/03 22:43:06 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\Home Sweet Home
[2009/05/28 14:17:48 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\Lenovo
[2009/05/28 14:17:55 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\LenovoDesktopNavigator
[2011/03/08 21:27:26 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\NewSoft
[2009/09/15 20:53:25 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\OpenOffice.org
[2010/03/11 23:01:44 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\PlayFirst
[2010/04/29 18:19:21 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\Sammsoft
[2010/02/03 11:17:13 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\Sierra Wireless
[2010/01/31 18:34:01 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\SmartDraw
[2009/05/28 15:00:33 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\WildTangent
[2010/04/21 22:46:14 | 000,000,000 | ---D | M] -- C:\Users\Karla\AppData\Roaming\Worldwinner
[2011/06/29 19:22:01 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
[2011/06/29 19:30:25 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/29 19:51:26 | 000,000,456 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{878A6B74-34F7-45AC-8FEC-A0D5E5567103}.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
HunterAce

HunterAce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
For what its worth, this windows activation error keeps popping up on the screen now. Once every hour or so it appears.
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, sorry for the delay could you do the following please :

Download to your desktop the latest version of Avast, links are for all three flavours
Free AV: http://files.avast.c...tup_av_free.exe
Pro AV: http://files.avast.c...etup_av_pro.exe
IS: http://files.avast.c...8/setup_ais.exe

Download to your desktop ASWClear

Download SP2 to your desktop

Disconnect from the internet

Uninstall Avast via programmes and features
Reboot
Run ASWClear
Reboot
Install SP2
Reboot
Install Avast

There is a problem evidently with some Vista systems

Vista is very sensitive about injections to its "antipiracy" process (slsvc.exe). You touch the process, and it starts yelling. Obviously, MS has re-architected that in W7 though.

and both SP2 and the Avast update should negate this problem

Once this is complete could you let me know if it resolves the problem
  • 0

#4
HunterAce

HunterAce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
This seems to have fixed the issue. It has been two days without any more of these popups. I will continue to monitor and open a new report if it re-appears. Thanks for your help!
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I have been following this on the Avast forum and it was fixed oin the last programme update a day or so ago... So all should be well now

I saw no apparent malware :)
  • 0

#6
HunterAce

HunterAce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Wonderful. Thanks again!!!
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP