Thank you Gammo for respond and my apology for my slow respond.
just one thing now. I read in the bottom of your reply says " In the upper right hand corner of the topic you will see a button called Options "
I don't see the options button ?
any way, now I can connect to Internet with the infected pc, in fact i'm writing the topic from the same pc. I just restart the pc in safe mode and try to Clare all temp files and re start the pc. I also run the OTL Run Fix and add the same report note file from OTL and Now it start to connect to Internet and i can browse. just with limited functions, like on ebay site, I CAN'T open pictures and add items to my watch list. In my yahoo I can perform like normal so far.
on the pc, there is also one thins i discover now, if i open any photo from my camera memory or even from saved photos from NAS . it show the photo corrupted or you could say broken picture. put the photo it self is nothing wrong with it. you can see it on other pc or laptop in perfect way.
my main issue is if I need to install any program or download .exe .zip it will show corrupted after download completed.
also I can't update this security file from windows update site [Windows-KB890830-V4.7.exe] it show file corrupt.
I apologize for my bad English.
Thanks for your help. Hussain.
OTL logfile created on: 10-5-12 11:10:30 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\root\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-M-yy
3.00 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 67.51% Memory free
4.84 Gb Paging File | 4.01 Gb Available in Paging File | 82.72% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.29 Gb Total Space | 6.69 Gb Free Space | 36.57% Space Free | Partition Type: FAT32
Drive D: | 96.71 Gb Total Space | 71.25 Gb Free Space | 73.67% Space Free | Partition Type: FAT32
Drive L: | 465.75 Gb Total Space | 463.25 Gb Free Space | 99.46% Space Free | Partition Type: NTFS
Drive M: | 68.36 Gb Total Space | 35.10 Gb Free Space | 51.34% Space Free | Partition Type: NTFS
Computer Name: TYANS2469 | User Name: root | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ==========
PRC - [2012-05-06 18:49:02 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\root\Desktop\OTL.exe
PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2010-06-21 13:52:26 | 000,388,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2009-12-30 13:21:02 | 000,065,536 | ---- | M] (Lexar Media, Inc.) -- C:\WINDOWS\system32\LxrSII1s.exe
PRC - [2009-12-17 20:10:00 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\root\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
PRC - [2009-10-24 03:47:58 | 000,409,096 | ---- | M] (LSI) -- C:\Program Files\AMCC\3DM2\WinAVAlarm.exe
PRC - [2009-10-22 08:07:10 | 001,354,248 | ---- | M] (LSI) -- C:\Program Files\AMCC\3DM2\3dm2.exe
PRC - [2009-10-16 18:39:28 | 000,431,456 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2009-10-16 18:37:22 | 001,325,936 | ---- | M] (Seagate) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
PRC - [2009-03-25 15:32:18 | 000,102,400 | ---- | M] (LSI) -- C:\Program Files\MegaRAID Storage Manager\MegaPopup\popup.exe
PRC - [2009-03-25 13:47:00 | 000,475,136 | ---- | M] () -- C:\Program Files\MegaRAID Storage Manager\MegaMonitor\mrmonitor.exe
PRC - [2009-03-02 11:27:10 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\MegaRAID Storage Manager\JRE\bin\javaw.exe
PRC - [2008-08-29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008-04-13 17:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-05 20:43:38 | 000,072,800 | ---- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\VivaldiFramework.exe
PRC - [2007-01-31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2002-10-15 18:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe
PRC - [2000-04-05 16:03:10 | 000,388,096 | ---- | M] (Meikel.com) -- C:\Program Files\FreeMem Standard\freemem.exe
========== Modules (No Company Name) ==========
MOD - [2010-03-15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009-12-17 20:10:00 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\root\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
MOD - [2009-03-25 13:47:00 | 000,475,136 | ---- | M] () -- C:\Program Files\MegaRAID Storage Manager\MegaMonitor\mrmonitor.exe
MOD - [2008-11-17 12:11:04 | 000,138,296 | R--- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\CIMPlugin.dll
MOD - [2008-11-17 12:11:00 | 002,034,792 | R--- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\pegcommon.dll
MOD - [2008-11-17 12:11:00 | 000,273,512 | R--- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\pegclient.dll
MOD - [2008-11-17 12:11:00 | 000,146,544 | R--- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\pegslp_client.dll
MOD - [2008-11-17 12:11:00 | 000,089,200 | R--- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\pegexportserver.dll
MOD - [2008-11-17 12:11:00 | 000,068,712 | R--- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\peglistener.dll
MOD - [2008-11-17 12:10:58 | 000,138,336 | R--- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\storelibirjni.dll
MOD - [2008-11-17 12:10:54 | 000,142,432 | R--- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\storelibjni.dll
MOD - [2008-11-17 12:10:52 | 000,068,704 | R--- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\Authenticate.dll
MOD - [2008-05-12 19:52:06 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\AlertStrings.dll
MOD - [2008-04-05 20:43:38 | 000,072,800 | ---- | M] () -- C:\Program Files\MegaRAID Storage Manager\Framework\VivaldiFramework.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\UPS\upsman\upsman.exe -- (UPSMan)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\svrwsc.exe -- (SvrWsc)
SRV - [2012-04-17 20:10:22 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2009-12-30 13:21:02 | 000,065,536 | ---- | M] (Lexar Media, Inc.) [Auto | Running] -- C:\WINDOWS\system32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2009-10-22 08:07:10 | 001,354,248 | ---- | M] () [Auto | Running] -- C:\Program Files\AMCC\3DM2/3dm2.exe -- (3DM2)
SRV - [2009-10-16 18:39:28 | 000,431,456 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009-03-25 13:47:00 | 000,475,136 | ---- | M] () [Auto | Running] -- C:\Program Files\MegaRAID Storage Manager\MegaMonitor\mrmonitor.exe -- (MegaMonitorSrv)
SRV - [2008-08-29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008-04-05 20:43:38 | 000,072,800 | ---- | M] () [Auto | Running] -- C:\Program Files\MegaRAID Storage Manager\Framework\VivaldiFramework.exe -- (MSMFramework)
SRV - [2007-01-31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2003-03-03 13:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- c:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\Mach3.sys -- (Mach3)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\root\LOCALS~1\Temp\AMDPCI.sys -- (AMDPCI)
DRV - [2011-04-19 17:06:32 | 000,167,584 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2011-04-01 21:30:32 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2011-04-01 21:30:32 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2011-04-01 21:30:14 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2010-06-02 16:05:02 | 000,109,184 | R--- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (Symmpi)
DRV - [2009-12-30 10:36:56 | 000,063,448 | ---- | M] (Lexar Media, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2009-06-01 13:36:34 | 000,082,432 | ---- | M] (AMCC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\3wareDrv.sys -- (3wareDrv)
DRV - [2009-05-06 08:59:12 | 004,069,376 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-02-20 19:09:16 | 000,044,032 | R--- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GigasetGenericUSB.sys -- (GigasetGenericUSB)
DRV - [2008-04-13 11:56:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008-04-13 11:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-01-02 11:07:06 | 001,404,544 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2007-07-20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2006-11-22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004-06-29 14:25:26 | 000,007,680 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dontgo.sys -- (dontgo)
DRV - [2004-06-24 18:37:52 | 000,826,752 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmudau.sys -- (cmudau)
DRV - [2002-11-18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2002-09-16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2001-08-17 12:49:00 | 000,075,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.ebay.com/...www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://login.yahoo....erify2?&.src=ym
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2A696BCE-44CF-45a4-B905-59CDFA08531A}: "URL" =
http://del.icio.us/s...Terms}&type=all
IE - HKCU\..\SearchScopes\{7B3A7E4E-375E-41FE-B8EC-8D9CCE30AE37}: "URL" =
http://search.avg.co...}&ychte=aa&nt=1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 184.72.147.41:3128
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.222.111
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: D:\canon prog\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2011-02-17 00:52:34 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2004-08-04 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - No CLSID value found.
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [C-Media Speaker Configuration] F:\Cmi8738-6ch\Setup.exe /SPEAKER File not found
O4 - HKLM..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Popup] C:\Program Files\MegaRAID Storage Manager\MegaPopup\Popup.exe (LSI)
O4 - HKLM..\Run: [PRONoMgr.exe] c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe (Intel® Corporation)
O4 - HKLM..\Run: [WinAVAlarm] C:\Program Files\AMCC\3DM2\WinAVAlarm.exe (LSI)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [FreeMem Pro] C:\Program Files\FreeMem Standard\freemem.exe (Meikel.com)
O4 - HKCU..\Run: [LxrAutorun] C:\Documents and Settings\root\Local Settings\Application Data\Lexar Media\LxrAutorun.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range2 ([http] in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range3 ([http] in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 196.1.69.98 196.1.69.99
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAC6870A-D985-48FE-9B39-E7D3F8DC8A21}: DhcpNameServer = 196.1.69.98 196.1.69.99
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-06-15 07:41:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{192b5aee-5310-11e0-98da-00e081250736}\Shell - "" = AutoRun
O33 - MountPoints2\{192b5aee-5310-11e0-98da-00e081250736}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{192b5aee-5310-11e0-98da-00e081250736}\Shell\AutoRun\command - "" = E:\Windows\CHECK\DriveNavigator.exe
O33 - MountPoints2\{6647fc20-7c91-11df-9298-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{6647fc20-7c91-11df-9298-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6647fc20-7c91-11df-9298-806d6172696f}\Shell\AutoRun\command - "" = F:\TYANCD.exe
O33 - MountPoints2\{b7cc7a56-7892-11df-acf6-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b7cc7a56-7892-11df-acf6-806d6172696f}\Shell\AutoRun\command - "" = selomoje\\sranje.exe
O33 - MountPoints2\{b7cc7a56-7892-11df-acf6-806d6172696f}\Shell\explore\command - "" = selomoje\\\sranje.exe
O33 - MountPoints2\{b7cc7a56-7892-11df-acf6-806d6172696f}\Shell\open\command - "" = selomoje\\\sranje.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 90 Days ==========
[2012-05-09 23:11:01 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\root\Desktop\OTL.exe
[2012-05-09 03:19:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\root\Recent
[2012-05-04 21:05:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\root\My Documents\Powerpuff_Girls3_files
[2012-04-24 23:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012-04-23 00:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2012-04-23 00:30:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-04-23 00:30:17 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012-04-23 00:30:17 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012-04-23 00:30:17 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012-04-23 00:30:17 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012-04-23 00:30:17 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012-04-23 00:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-21 19:23:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\root\Application Data\ZoomBrowser EX
[2012-04-21 15:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PhotoStitch
[2012-04-21 15:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
[2012-04-18 23:46:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\root\Local Settings\Application Data\CANON_INC
[2012-04-18 21:52:20 | 015,659,960 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\root\My Documents\Windows-KB890830-V4.7.exe
[2012-04-13 00:18:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012-04-11 01:13:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012-04-06 09:51:41 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-04-05 00:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\FreeMem Standard
[2012-04-05 00:33:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\root\Start Menu\Programs\FreeMem Standard
[2012-04-01 00:07:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\root\Local Settings\Application Data\Identities
[2012-03-29 21:10:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\root\Desktop\for bahzad
[2012-03-29 00:19:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\root\Start Menu\Programs\Nissin Di866
[2012-03-29 00:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\root\Local Settings\Application Data\Deployment
[2012-03-29 00:00:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\root\Local Settings\Application Data\Adobe
[2012-03-23 20:19:09 | 000,909,088 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\root\Desktop\JavaSetup6u31.exe
[2012-03-20 23:32:53 | 000,060,928 | ---- | C] (Totusoft) -- C:\Documents and Settings\root\My Documents\LAN_SpeedTest.exe
[2012-03-14 10:23:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012-02-29 17:10:16 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imagehlp.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2012-05-10 23:10:02 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-05-10 22:19:24 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8026D239-1350-4C1B-8AE9-20B85C68D34B}.job
[2012-05-09 03:28:56 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012-05-09 03:19:34 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-05-09 03:18:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-05-09 03:18:52 | 000,178,544 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2012-05-09 03:18:48 | 000,101,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-05-08 17:55:46 | 029,570,446 | ---- | M] () -- C:\Documents and Settings\root\Desktop\eos5dmkiii-im2-c-en.pdf
[2012-05-07 19:40:22 | 000,000,070 | ---- | M] () -- C:\Documents and Settings\root\default.pls
[2012-05-07 19:40:18 | 000,000,230 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-05-06 18:49:02 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\root\Desktop\OTL.exe
[2012-05-06 07:52:44 | 000,001,919 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012-05-05 14:05:36 | 010,964,035 | ---- | M] () -- C:\Documents and Settings\root\Desktop\190O0065.JPG
[2012-05-04 21:14:26 | 000,034,919 | ---- | M] () -- C:\Documents and Settings\root\Desktop\print1_cwlke.pdf
[2012-05-04 21:11:26 | 000,026,065 | ---- | M] () -- C:\Documents and Settings\root\Desktop\Snoopy001_18_zacld.pdf
[2012-05-04 21:06:10 | 000,054,725 | ---- | M] () -- C:\Documents and Settings\root\Desktop\powerpuff_girls1_yfjcs.pdf
[2012-05-04 21:05:36 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\root\My Documents\Powerpuff_Girls3.htm
[2012-05-02 00:03:44 | 001,556,821 | ---- | M] () -- C:\Documents and Settings\root\My Documents\ecb350.pdf
[2012-05-01 22:26:52 | 002,012,180 | ---- | M] () -- C:\Documents and Settings\root\My Documents\Clik%202011%20Gear%20Set%20Print.pdf
[2012-04-28 03:36:50 | 002,957,829 | ---- | M] () -- C:\Documents and Settings\root\My Documents\EOS-1Ds-MkII-Whitepaper.pdf
[2012-04-23 00:30:10 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012-04-23 00:30:10 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012-04-23 00:30:10 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012-04-23 00:30:10 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012-04-23 00:30:10 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012-04-21 15:06:36 | 000,000,594 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZoomBrowser EX.lnk
[2012-04-21 15:06:14 | 000,000,461 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picture Style Editor.lnk
[2012-04-21 07:22:26 | 004,515,558 | ---- | M] () -- C:\Documents and Settings\root\My Documents\canon EOS_1Ds_MarkII user guide.pdf
[2012-04-21 07:15:00 | 009,150,824 | ---- | M] () -- C:\Documents and Settings\root\My Documents\Digital Cameras, Canon EOS-1Ds Mark II Digital Camera Test Image.mht
[2012-04-20 16:42:06 | 000,009,830 | ---- | M] () -- C:\Documents and Settings\root\Desktop\exefix_1.reg
[2012-04-18 23:43:02 | 000,393,808 | ---- | M] () -- C:\Documents and Settings\root\Desktop\pattern.jpg
[2012-04-18 23:40:12 | 000,000,443 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EOS Utility.lnk
[2012-04-18 21:52:22 | 015,659,960 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\root\My Documents\Windows-KB890830-V4.7.exe
[2012-04-17 20:10:20 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-04-17 20:10:20 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-04-17 07:15:10 | 000,337,174 | ---- | M] () -- C:\Documents and Settings\root\My Documents\bookmark 2012-4-17 s2469.htm
[2012-04-15 23:17:24 | 000,019,454 | ---- | M] () -- C:\Documents and Settings\root\My Documents\cc_20120415_231710.reg
[2012-04-13 00:31:20 | 001,742,408 | ---- | M] () -- C:\WINDOWS\System32\MRT.exe
[2012-04-12 22:58:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\vpd.properties
[2012-04-11 16:14:42 | 002,148,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2012-04-11 16:14:42 | 002,148,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012-04-11 16:12:06 | 001,862,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2012-04-11 16:12:06 | 001,862,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2012-04-11 16:10:58 | 002,192,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012-04-11 15:35:52 | 002,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012-04-11 15:35:52 | 002,026,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012-04-11 15:35:52 | 002,026,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2012-04-11 01:08:14 | 032,966,016 | ---- | M] (CANON INC.) -- C:\Documents and Settings\root\My Documents\eu281en.exe
[2012-04-06 22:40:40 | 000,103,936 | ---- | M] () -- C:\Documents and Settings\root\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-30 02:55:50 | 000,019,952 | ---- | M] () -- C:\Documents and Settings\root\My Documents\cc_20120330_025543.reg
[2012-03-28 08:02:42 | 008,191,178 | ---- | M] () -- C:\Documents and Settings\root\Desktop\dslrp232.exe
[2012-03-26 23:03:46 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2012-03-23 20:21:20 | 000,909,088 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\root\Desktop\JavaSetup6u31.exe
[2012-03-23 02:32:00 | 034,066,685 | ---- | M] () -- C:\Documents and Settings\root\Desktop\Canon EOS Utility 2.5.1.1.exe
[2012-03-20 23:32:54 | 000,060,928 | ---- | M] (Totusoft) -- C:\Documents and Settings\root\My Documents\LAN_SpeedTest.exe
[2012-03-02 06:01:32 | 011,082,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012-03-01 14:01:32 | 005,978,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2012-03-01 14:01:32 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012-03-01 14:01:32 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2012-03-01 14:01:32 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2012-03-01 14:01:32 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2012-03-01 14:01:32 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2012-03-01 14:01:32 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012-03-01 14:01:32 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2012-03-01 14:01:32 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2012-03-01 14:01:32 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2012-03-01 14:01:32 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012-03-01 14:01:32 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2012-03-01 14:01:32 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2012-03-01 14:01:32 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2012-03-01 14:01:32 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2012-03-01 14:01:32 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2012-03-01 14:01:32 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2012-03-01 14:01:32 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2012-03-01 14:01:32 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2012-03-01 14:01:32 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2012-03-01 14:01:32 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012-03-01 14:01:32 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2012-03-01 14:01:32 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2012-03-01 14:01:32 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2012-03-01 14:01:32 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2012-02-29 17:10:16 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2012-02-29 17:10:16 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imagehlp.dll
[2012-02-29 15:17:40 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2012-02-29 15:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2012-02-29 15:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012-05-08 17:51:01 | 029,570,446 | ---- | C] () -- C:\Documents and Settings\root\Desktop\eos5dmkiii-im2-c-en.pdf
[2012-05-08 06:39:06 | 010,964,035 | ---- | C] () -- C:\Documents and Settings\root\Desktop\190O0065.JPG
[2012-05-04 21:14:27 | 000,034,919 | ---- | C] () -- C:\Documents and Settings\root\Desktop\print1_cwlke.pdf
[2012-05-04 21:11:28 | 000,026,065 | ---- | C] () -- C:\Documents and Settings\root\Desktop\Snoopy001_18_zacld.pdf
[2012-05-04 21:06:15 | 000,054,725 | ---- | C] () -- C:\Documents and Settings\root\Desktop\powerpuff_girls1_yfjcs.pdf
[2012-05-04 21:05:33 | 000,002,521 | ---- | C] () -- C:\Documents and Settings\root\My Documents\Powerpuff_Girls3.htm
[2012-05-02 00:03:43 | 001,556,821 | ---- | C] () -- C:\Documents and Settings\root\My Documents\ecb350.pdf
[2012-05-01 22:26:51 | 002,012,180 | ---- | C] () -- C:\Documents and Settings\root\My Documents\Clik%202011%20Gear%20Set%20Print.pdf
[2012-04-28 03:36:48 | 002,957,829 | ---- | C] () -- C:\Documents and Settings\root\My Documents\EOS-1Ds-MkII-Whitepaper.pdf
[2012-04-25 00:00:56 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012-04-24 23:51:03 | 000,001,919 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012-04-24 23:50:57 | 000,001,651 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012-04-21 15:06:34 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZoomBrowser EX.lnk
[2012-04-21 15:06:12 | 000,000,461 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picture Style Editor.lnk
[2012-04-21 07:22:25 | 004,515,558 | ---- | C] () -- C:\Documents and Settings\root\My Documents\canon EOS_1Ds_MarkII user guide.pdf
[2012-04-21 07:14:58 | 009,150,824 | ---- | C] () -- C:\Documents and Settings\root\My Documents\Digital Cameras, Canon EOS-1Ds Mark II Digital Camera Test Image.mht
[2012-04-20 16:43:08 | 000,009,830 | ---- | C] () -- C:\Documents and Settings\root\Desktop\exefix_1.reg
[2012-04-18 23:43:00 | 000,393,808 | ---- | C] () -- C:\Documents and Settings\root\Desktop\pattern.jpg
[2012-04-18 23:40:11 | 000,000,443 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EOS Utility.lnk
[2012-04-17 07:15:04 | 000,337,174 | ---- | C] () -- C:\Documents and Settings\root\My Documents\bookmark 2012-4-17 s2469.htm
[2012-04-15 23:17:13 | 000,019,454 | ---- | C] () -- C:\Documents and Settings\root\My Documents\cc_20120415_231710.reg
[2012-04-06 09:51:41 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-04-05 00:33:28 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\GkSui16.EXE
[2012-03-30 02:55:46 | 000,019,952 | ---- | C] () -- C:\Documents and Settings\root\My Documents\cc_20120330_025543.reg
[2012-03-28 08:02:31 | 008,191,178 | ---- | C] () -- C:\Documents and Settings\root\Desktop\dslrp232.exe
[2012-03-23 02:30:26 | 034,066,685 | ---- | C] () -- C:\Documents and Settings\root\Desktop\Canon EOS Utility 2.5.1.1.exe
[2012-03-23 00:08:57 | 040,378,518 | ---- | C] () -- C:\Documents and Settings\root\Desktop\big_buck_bunny_240_stereo_x264.mp4
[2012-02-16 06:51:36 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-02-16 06:51:36 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2011-07-12 09:27:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011-06-27 19:30:52 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011-06-26 14:35:48 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\5B3206E10A.sys
[2010-11-11 11:45:58 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\ScsiOat.dll
[2010-10-08 20:16:46 | 000,000,093 | ---- | C] () -- C:\WINDOWS\WFT-E5Utility.INI
[2010-10-03 10:18:19 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-09-22 05:24:26 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ICOMP.EXE
[2010-09-11 09:41:26 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-08-22 23:02:09 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010-08-19 16:47:18 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\root\Application Data\$_hpcst$.hpc
[2010-08-18 23:39:52 | 000,000,171 | ---- | C] () -- C:\Documents and Settings\root\Application Data\default.rss
[2010-08-18 23:39:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\root\Application Data\downloads.m3u
[2010-08-17 20:52:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\CMRMDRV3.dll
[2010-08-15 07:04:35 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2010-08-15 07:03:21 | 000,479,232 | ---- | C] () -- C:\WINDOWS\System32\Cmeaupci.exe
[2010-08-15 07:03:21 | 000,000,379 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2010-08-15 07:02:57 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\CmiInstallResAll.dll
[2010-08-15 07:02:57 | 000,003,091 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2010-08-15 07:02:57 | 000,000,215 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.imi
[2010-08-15 07:02:56 | 000,000,779 | ---- | C] () -- C:\WINDOWS\cmudax3.ini
[2010-08-10 18:37:14 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2010-07-11 18:20:38 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CmiUSB2Uninstall.exe
[2010-06-30 21:03:01 | 000,000,230 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-27 01:35:33 | 000,002,162 | ---- | C] () -- C:\WINDOWS\Cmudau.ini
[2010-06-27 01:05:53 | 000,000,057 | ---- | C] () -- C:\WINDOWS\iexplore.ini
[2010-06-24 23:16:10 | 000,232,840 | ---- | C] () -- C:\WINDOWS\System32\cmdrvrmu.exe
[2010-06-24 23:16:10 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\cmdrvrmu.dll
[2010-06-24 20:51:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010-06-24 15:49:37 | 000,001,150 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2010-06-23 23:58:29 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2010-06-23 22:53:12 | 000,000,112 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2010-06-23 22:53:12 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2010-06-23 22:52:05 | 000,000,246 | ---- | C] () -- C:\WINDOWS\System32\dl.exe
[2010-06-23 07:48:52 | 000,103,936 | ---- | C] () -- C:\Documents and Settings\root\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 23:06:43 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-06-22 23:06:43 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-06-16 00:27:49 | 001,742,408 | ---- | C] () -- C:\WINDOWS\System32\MRT.exe
[2010-06-15 07:46:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-06-15 07:38:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-06-15 07:30:34 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-06-15 07:29:30 | 000,101,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== LOP Check ==========
[2010-07-01 23:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010-07-18 19:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gigaset QuickSync
[2010-07-18 20:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2010-08-10 13:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010-09-14 21:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grass Valley
[2010-09-14 21:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canopus
[2010-10-10 08:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010-10-16 12:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AMCC
[2011-02-08 17:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011-02-17 00:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2011-03-15 08:19:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011-03-17 22:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolarWinds
[2011-04-01 21:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011-10-05 22:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ClubSanDisk
[2011-10-23 00:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PassMark
[2012-04-21 15:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoStitch
[2010-11-23 06:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\root\Application Data\HD Tune Pro
[2011-01-06 21:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\root\Application Data\Eye-Fi
[2011-01-06 21:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\root\Application Data\fi.eye.center.E430518E652B889A80EC0E8A6E532C09FF36DF62.1
[2011-07-06 20:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\root\Application Data\AVG9
[2012-05-10 22:19:24 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{8026D239-1350-4C1B-8AE9-20B85C68D34B}.job
----------
OTL Extras logfile created on: 10-5-12 11:10:30 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\root\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-M-yy
3.00 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 67.51% Memory free
4.84 Gb Paging File | 4.01 Gb Available in Paging File | 82.72% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.29 Gb Total Space | 6.69 Gb Free Space | 36.57% Space Free | Partition Type: FAT32
Drive D: | 96.71 Gb Total Space | 71.25 Gb Free Space | 73.67% Space Free | Partition Type: FAT32
Drive L: | 465.75 Gb Total Space | 463.25 Gb Free Space | 99.46% Space Free | Partition Type: NTFS
Drive M: | 68.36 Gb Total Space | 35.10 Gb Free Space | 51.34% Space Free | Partition Type: NTFS
Computer Name: TYANS2469 | User Name: root | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 4
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\System32\mmc.exe" = C:\WINDOWS\System32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"D:\Program Files\Nero\Nero 9\Nero ShowTime\ShowTime.exe" = D:\Program Files\Nero\Nero 9\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero Software AG)
"E:\e\Program Files\Phone\Skype.exe" = E:\e\Program Files\Phone\Skype.exe:*:Enabled:Skype
"C:\Program Files\MegaRAID Storage Manager\MegaPopup\popup.exe" = C:\Program Files\MegaRAID Storage Manager\MegaPopup\popup.exe:*:Enabled:popup -- (LSI)
"C:\Program Files\MegaRAID Storage Manager\JRE\bin\javaw.exe" = C:\Program Files\MegaRAID Storage Manager\JRE\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Eye-Fi\Helper\EyeFiHelper.exe" = C:\Program Files\Eye-Fi\Helper\EyeFiHelper.exe:*:Enabled:Eye-Fi Helper -- (Eye-Fi, Inc.)
"C:\Program Files\Go2PC Anywhere\Go2PCAnywhere.exe" = C:\Program Files\Go2PC Anywhere\Go2PCAnywhere.exe:*:Enabled:Go2PC Anywhere
"D:\Program Files\Phone\Skype.exe" = D:\Program Files\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2C4E30D8-38B5-479A-B996-956655FA8ED7}" = Eye-Fi Helper 3.2
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{49235EC7-BC4F-45A7-9F65-3486AC03E45E}" = MegaRAID Storage Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5BFB8A64-70EA-DE36-6BC3-7039D2E00F75}" = Eye-Fi Center
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62369F2F77534556AEF4C58152E3BDE5}" = Dr.DivX
"{69ca421c-df86-4f53-bb4e-d8c821382179}" = Nero 9
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D01427-57EC-4179-815C-18ED0D461107}" = ATI AVIVO Codecs
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{7b7e564b-0c70-4506-9ab6-b7a2044425ab}" = Gigaset QuickSync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AC76BA86-7AD7-5A76-5A64-7E8A45000001}" = Adobe Reader Japanese Fonts
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B2C85224-88C1-4ED2-8ECC-EF7362D9F63B}" = Movie Templates - Pack 1
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"32fsu32_is1" = File Scavenger 3.2 (English)
"358CC050FAD9417859342EF624B40681F89D2C54" = Windows Driver Package - LSI Logic System (11/14/2002 6.2.0)
"8c793da9f0aa7e94d3b4faba721006ff-1001563592" = 3ware Disk Management Tools
"99411784F82301A93B4435816C2D5BB25134E603" = Windows Driver Package - LSI Logic (SYMMPI) SCSIAdapter (08/16/2005 1.21.03.00)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Bulk Rename Utility_is1" = Bulk Rename Utility 2.7.1.2
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"C-Media PCI Sound" = C-Media PCI Audio
"C-Media USB Sound" = 510EX USB 5.1 SOUND EXPERT EXTERNAL
"CSCLIB" = Canon Camera Support Core Library
"Di866 DM Startup" = Di866 DM Startup 1.0
"DivX Setup.divx.com" = DivX Setup
"divxh264_is1" = DivX H.264 decoder 8.2.0.26
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DPP" = Canon Utilities Digital Photo Professional 3.9
"EOS Utility" = Canon Utilities EOS Utility
"EPC_DeinstKey" = Saab EPC
"ffdshow_is1" = ffdshow v1.1.3562 [2010-09-07]
"fi.eye.center.E430518E652B889A80EC0E8A6E532C09FF36DF62.1" = Eye-Fi Center
"FreeMem Standard" = FreeMem Standard
"HD Tune_is1" = HD Tune 2.55
"HP Deskjet 6500 Series_Driver" = HP Deskjet 6500 Series
"ie8" = Windows Internet Explorer 8
"InstallShield_{49235EC7-BC4F-45A7-9F65-3486AC03E45E}" = MegaRAID Storage Manager v2.92-02
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA Driver
"LanSpy_is1" = LanSpy
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = Nero Digital
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PCI Audio Driver" = PCI Audio Driver
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PROSet" = Intel® PRO Network Adapters and Drivers
"QueTek File Scavenger 3.2 (en)" = File Scavenger 3.2 (en)
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"ST6UNST #1" = FileSync
"VLC media player" = VLC media player 1.1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"71cdbdf800bad043" = Nissin Di866
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 06-5-12 12:52:35 AM | Computer Name = TYANS2469 | Source = Microsoft Security Client | ID = 5000
Description =
Error - 06-5-12 12:52:43 AM | Computer Name = TYANS2469 | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF11 Description:. 0x8004FF11.
Error - 06-5-12 12:52:43 AM | Computer Name = TYANS2469 | Source = Microsoft Security Client | ID = 5000
Description =
Error - 06-5-12 8:38:23 AM | Computer Name = TYANS2469 | Source = Application Error | ID = 1000
Description = Faulting application msconfig.exe, version 5.1.2600.5512, faulting
module comctl32.dll, version 6.0.2900.6028, fault address 0x00007901.
Error - 06-5-12 8:38:31 AM | Computer Name = TYANS2469 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Error - 06-5-12 8:40:53 AM | Computer Name = TYANS2469 | Source = Microsoft Security Client | ID = 5000
Description =
Error - 06-5-12 8:45:32 AM | Computer Name = TYANS2469 | Source = Application Error | ID = 1000
Description = Faulting application msconfig.exe, version 5.1.2600.5512, faulting
module comctl32.dll, version 6.0.2900.6028, fault address 0x00007901.
Error - 06-5-12 8:45:37 AM | Computer Name = TYANS2469 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Error - 06-5-12 10:25:17 AM | Computer Name = TYANS2469 | Source = Microsoft Security Client | ID = 5000
Description =
Error - 06-5-12 7:10:17 PM | Computer Name = TYANS2469 | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerUpdateService.exe, version 11.2.202.233,
faulting module FlashPlayerUpdateService.exe, version 11.2.202.233, fault address
0x0000abfc.
[ System Events ]
Error - 09-5-12 2:16:57 AM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%854
Source
Path:
http://go.microsoft....5D-99752CCA7094
Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital
signature of the object did not verify.
Error - 09-5-12 2:16:57 AM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%854
Source
Path:
http://go.microsoft....5D-99752CCA7094
Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital
signature of the object did not verify.
Error - 09-5-12 12:45:40 PM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%859 Update Stage: %%853
Source
Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM
Current
Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description:
The program can't check for definition updates.
Error - 09-5-12 12:45:40 PM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%859 Update Stage: %%853
Source
Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM
Current
Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description:
The program can't check for definition updates.
Error - 09-5-12 8:33:06 PM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%859 Update Stage: %%853
Source
Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM
Current
Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description:
The program can't check for definition updates.
Error - 09-5-12 8:33:06 PM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%859 Update Stage: %%853
Source
Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM
Current
Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description:
The program can't check for definition updates.
Error - 09-5-12 8:36:28 PM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%854
Source
Path:
http://go.microsoft....5D-99752CCA7094
Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital
signature of the object did not verify.
Error - 09-5-12 8:36:28 PM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%854
Source
Path:
http://go.microsoft....5D-99752CCA7094
Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital
signature of the object did not verify.
Error - 09-5-12 8:36:28 PM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%854
Source
Path:
http://go.microsoft....5D-99752CCA7094
Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital
signature of the object did not verify.
Error - 09-5-12 8:36:28 PM | Computer Name = TYANS2469 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%854
Source
Path:
http://go.microsoft....5D-99752CCA7094
Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital
signature of the object did not verify.
< End of report >