MRT.exe is eating my CPU. It comes and goes as a running process. I'm running XP, as you'll see below.
I don't believe it is the malware removal tool, b/c of the CPU issues.
Thanks for looking.
Here's my OTL.txt log and the extra.txt log.
================
OTL.txt
================
OTL logfile created on: 6/13/2012 3:44:34 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
638.48 Mb Total Physical Memory | 213.41 Mb Available Physical Memory | 33.42% Memory free
1.53 Gb Paging File | 1.03 Gb Available in Paging File | 67.73% Paging File free
Paging file location(s): c:\pagefile.sys 960 1920 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 28.60 Gb Total Space | 12.58 Gb Free Space | 43.98% Space Free | Partition Type: NTFS
Drive I: | 1.27 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive J: | 465.76 Gb Total Space | 347.25 Gb Free Space | 74.56% Space Free | Partition Type: NTFS
Computer Name: DELL-XP-BOX | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/13 15:44:04 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2012/06/13 07:14:57 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/05/18 11:37:40 | 000,780,184 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/05/18 11:37:40 | 000,116,632 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/04/26 12:28:28 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/12 13:04:12 | 000,268,640 | ---- | M] (LeapFrog Enterprises, Inc.) -- J:\Storage\LeapPad\LeapFrog Connect\Monitor.exe
PRC - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) -- J:\Storage\LeapPad\LeapFrog Connect\CommandService.exe
PRC - [2011/09/08 07:50:41 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2009/01/27 16:21:32 | 002,143,232 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoServer.exe
PRC - [2009/01/27 16:18:12 | 000,425,472 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoNotify.exe
PRC - [2009/01/27 16:05:46 | 000,315,392 | ---- | M] (TiVo Inc.) -- C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
PRC - [2009/01/27 16:03:54 | 000,520,192 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TranscodingService.exe
PRC - [2008/04/14 05:42:42 | 000,196,608 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/03 02:37:32 | 000,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2005/10/17 16:02:54 | 000,139,264 | ---- | M] (MXI) -- C:\Program Files\Common Files\MXI\SSDService.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/30 23:49:51 | 008,797,856 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/05/18 11:37:40 | 000,780,184 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012/05/18 11:37:40 | 000,116,632 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
MOD - [2012/04/26 12:28:27 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/09/14 10:19:06 | 008,500,224 | ---- | M] () -- J:\Storage\LeapPad\LeapFrog Connect\QtGui4.dll
MOD - [2011/09/14 10:19:06 | 002,348,544 | ---- | M] () -- J:\Storage\LeapPad\LeapFrog Connect\QtCore4.dll
MOD - [2010/11/17 14:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/01/27 16:07:12 | 000,259,584 | ---- | M] () -- C:\Program Files\TiVo\Desktop\Id3Lib.dll
MOD - [2008/12/22 14:54:24 | 000,425,984 | ---- | M] () -- C:\Program Files\TiVo\Desktop\libmatroska.dll
MOD - [2008/12/22 13:49:50 | 000,188,416 | ---- | M] () -- C:\Program Files\TiVo\Desktop\libebml.dll
MOD - [2008/12/22 13:43:04 | 000,684,032 | ---- | M] () -- C:\Program Files\TiVo\Desktop\LibEay32.dll
MOD - [2008/12/22 13:43:04 | 000,155,648 | ---- | M] () -- C:\Program Files\TiVo\Desktop\SslEay32.dll
MOD - [2008/12/22 13:41:48 | 000,716,800 | ---- | M] () -- C:\Program Files\TiVo\Desktop\loudmouth.dll
MOD - [2008/04/14 05:42:42 | 000,196,608 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE
MOD - [2008/04/14 05:42:10 | 000,214,528 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\wbemcomn.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/03/28 06:20:50 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBKPP5C.DLL
MOD - [2003/02/11 10:56:20 | 000,049,152 | ---- | M] () -- C:\Program Files\Lexmark X1100 Series\ConvDIB.dll
MOD - [2003/01/30 06:04:00 | 000,618,496 | ---- | M] () -- C:\Program Files\TiVo\Desktop\StlpMt45.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\iijwrg.dll -- (NATServices)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/31 00:04:29 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/18 11:37:40 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/04/26 12:28:28 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- J:\Storage\LeapPad\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/09/08 07:50:41 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2007/08/03 02:37:32 | 000,364,629 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2005/10/17 16:02:54 | 000,139,264 | ---- | M] (MXI) [Auto | Running] -- C:\Program Files\Common Files\MXI\SSDService.exe -- (SSDSDKService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\OCDE.sys -- (OCDE)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ntcdrdrv.sys -- (ntcdrdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011/11/12 12:18:10 | 000,033,792 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btblan.sys -- (Leapfrog-USBLAN)
DRV - [2011/09/08 07:50:30 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/08 07:50:29 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/05/22 16:42:52 | 000,017,296 | ---- | M] (Mobile Stream) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\easytthr.sys -- (easytether)
DRV - [2010/06/09 18:13:25 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/07/13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUsb)
DRV - [2007/07/26 13:19:22 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007/07/03 19:46:22 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2007/06/15 10:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2005/09/08 16:24:46 | 000,065,152 | ---- | M] (Memory Experts Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SSDADM.sys -- (USBSSDADM)
DRV - [2005/01/21 13:31:44 | 000,069,810 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FLMckUSB.sys -- (FLMCKUSB) AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000)
DRV - [2005/01/10 18:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 18:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/11/29 16:53:18 | 000,258,560 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (WLAN(WLAN)) 802.11b+g USB Wireless LAN Adapter Driver(WLAN)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/06/04 14:12:10 | 000,379,488 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111nd5.sys -- (wg111nd5)
DRV - [2004/01/14 11:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)
DRV - [2003/06/30 18:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/02/26 11:40:24 | 000,058,224 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80308
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...id=80308&lng=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://lawson.hhsys.../lawson/portal/
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {C04B7D22-5AEC-4561-8F49-27F6269208F6}
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80308&lng=en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
========== FireFox ==========
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.selectedEngine: "Inbox Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.12.2.44172
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: [email protected]:3.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.2
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://toolbar.inbox...nguage=en&qkw="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Owner\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/26 12:28:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/13 10:43:59 | 000,000,000 | ---D | M]
[2008/06/21 10:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2012/06/13 09:11:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\p0080x4r.default\extensions
[2010/06/20 09:38:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\p0080x4r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/03/23 16:40:49 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\p0080x4r.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2012/03/29 16:40:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\p0080x4r.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/06/13 07:21:52 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\p0080x4r.default\extensions\[email protected]
[2009/05/29 19:57:59 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\p0080x4r.default\extensions\[email protected]
[2012/02/11 12:23:35 | 000,000,000 | ---D | M] (Cooliris) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\p0080x4r.default\extensions\[email protected]
[2009/01/06 11:51:38 | 000,001,447 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\p0080x4r.default\searchplugins\userlogos.xml
[2012/06/13 10:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/13 10:44:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/06/13 09:11:03 | 000,030,312 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\P0080X4R.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI
[2012/01/05 19:44:24 | 000,634,964 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\P0080X4R.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/06/13 10:43:37 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/04/26 12:28:29 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/25 16:30:45 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/01/25 16:30:45 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/07/28 11:20:04 | 000,124,200 | ---- | M] (DeLorme) -- C:\Program Files\mozilla firefox\plugins\nppnplugin.dll
[2008/09/15 12:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2012/04/26 12:28:22 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/26 12:28:22 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2008/05/29 23:12:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DeLorme Send To GPS) - {FBAAD182-3C7A-4BC4-A5E9-207B8E0F02FD} - C:\Program Files\DeLorme\SendToGPS\PNPluginForIE.dll (DeLorme)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [Monitor] J:\Storage\LeapPad\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKCU..\Run: [EasyTether] C:\Program Files\Mobile Stream\EasyTether\easytthr.exe (Mobile Stream)
O4 - HKCU..\Run: [QuickenScheduledUpdates] C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [TivoNotify] C:\Program Files\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)
O4 - HKCU..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
O4 - HKCU..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\TranscodingService.exe (TiVo Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: download.microsoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: update.microsoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: update.microsoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.microsoft.com ([]http in Trusted sites)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.1.30.43 69.1.30.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CECA0B80-1704-429D-9B90-8CD211B037D9}: DhcpNameServer = 69.1.30.43 69.1.30.42
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/08 18:25:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/05/25 13:36:19 | 000,000,111 | R--- | M] () - I:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{f3dc2d28-ed2e-11dc-a1ac-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{f3dc2d28-ed2e-11dc-a1ac-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f3dc2d28-ed2e-11dc-a1ac-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Click_Here_to_Install_LeapPad_LFConnect.html
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/13 07:14:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/05/31 00:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2012/05/31 00:22:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2012/05/31 00:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Mobility
[2012/05/30 23:22:01 | 000,000,000 | ---D | C] -- C:\Temp
[2012/05/30 23:22:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Motorola Mobility
[2012/05/30 23:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2012/05/30 23:19:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Motorola
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/13 15:36:30 | 000,441,890 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/13 15:36:30 | 000,071,700 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/13 15:29:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/13 15:04:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/13 14:59:18 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/13 13:32:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/06/13 07:12:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/13 07:12:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/31 00:56:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012/05/31 00:55:42 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/05/31 00:25:37 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/05/31 00:25:37 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/05/31 00:22:10 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2012/05/30 23:53:51 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/31 00:56:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012/05/31 00:22:10 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2012/05/30 23:49:53 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
========== LOP Check ==========
[2008/09/11 18:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnGenius
[2008/08/05 23:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2011/12/21 08:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2009/01/17 17:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2009/05/03 11:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TiVo
[2011/02/16 00:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/01/25 16:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Catalina Marketing Corp
[2010/06/01 21:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Facebook
[2012/03/11 12:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Fisher-Price
[2009/04/27 23:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FotoWire
[2008/03/08 21:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterTrust
[2008/11/20 01:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2012/05/30 23:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Motorola
[2012/05/30 23:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Motorola Mobility
[2009/04/19 15:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MP3Rocket
[2010/11/23 15:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2009/03/02 21:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Snapfish
========== Purity Check ==========
< End of report >
==================
extras.txt
==================
OTL Extras logfile created on: 6/13/2012 3:44:34 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
638.48 Mb Total Physical Memory | 213.41 Mb Available Physical Memory | 33.42% Memory free
1.53 Gb Paging File | 1.03 Gb Available in Paging File | 67.73% Paging File free
Paging file location(s): c:\pagefile.sys 960 1920 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 28.60 Gb Total Space | 12.58 Gb Free Space | 43.98% Space Free | Partition Type: NTFS
Drive I: | 1.27 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive J: | 465.76 Gb Total Space | 347.25 Gb Free Space | 74.56% Space Free | Partition Type: NTFS
Computer Name: DELL-XP-BOX | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL %1,%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL %1,%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5353:UDP" = 5353:UDP:LocalSubNet:Enabled:mDNS-SD/Bonjour
"7288:TCP" = 7288:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7288
"7289:TCP" = 7289:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7289
"7290:TCP" = 7290:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7290
"7291:TCP" = 7291:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7291
"7292:TCP" = 7292:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7292
"7293:TCP" = 7293:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7293
"7294:TCP" = 7294:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7294
"7295:TCP" = 7295:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7295
"7296:TCP" = 7296:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7296
"7297:TCP" = 7297:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7297
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"J:\Storage\LeapPad\LeapFrog Connect\LeapFrogConnect.exe" = J:\Storage\LeapPad\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" = C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe:LocalSubNet:Enabled:TiVo Transfer Service -- (TiVo Inc.)
"C:\Program Files\TiVo\Desktop\TiVoServer.exe" = C:\Program Files\TiVo\Desktop\TiVoServer.exe:LocalSubNet:Enabled:TiVo Server Service -- (TiVo Inc.)
"C:\Program Files\TiVo\Desktop\TiVoDesktop.exe" = C:\Program Files\TiVo\Desktop\TiVoDesktop.exe:LocalSubNet:Enabled:TiVo Desktop User Interface -- (TiVo Inc.)
"C:\Program Files\TiVo\Desktop\curl.exe" = C:\Program Files\TiVo\Desktop\curl.exe:LocalSubNet:Enabled:TiVo Curl Service -- ()
"C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe" = C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe:*:Enabled:AllShare
"C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe" = C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe:*:Enabled:PCSM_http_ss_win_pro
"J:\Storage\LeapPad\LeapFrog Connect\LeapFrogConnect.exe" = J:\Storage\LeapPad\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B8FF60F-C012-4459-AADF-A3AD4E3757DE}" = Dell Picture Studio - Dell Image Expert
"{0F60FD8E-3E58-4F8E-BF2C-DFA4C9987AE2}_is1" = DeLorme Send To GPS 1.2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1A2DDF67-3FA4-451C-8BF1-21CA4E546AEF}" = Motorola Device Software Update
"{243E9065-1DA0-4786-B3BD-B8030277F214}" = Logitech Harmony Remote Software 7
"{26A24AE4-039D-4CA4-87B4-2F83216015F0}" = Java 6 Update 15
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java 6 Update 33
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = EnGenius Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35EAEF3F-6FCA-4150-A872-33EAF6F06080}" = MXI ACCESS Client 5.0
"{44170B31-F47A-4FF9-9D77-382D1FE2A728}" = FP3 Player
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E839090-3B68-436A-B3CF-A2A08C38DD26}" = TiVo Desktop 2.7
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.09
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{581CE7EA-A30D-0000-1211-088635773309}" = 802.11b+g USB Wireless LAN Adapter
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3FAE73B-4474-4A1D-A343-2FE248F05265}" = EasyTether
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AE7AAFD1-C631-4B60-B62E-434F0A435317}" = Motorola Mobile Drivers Installation 5.6.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C73A3AB4-99A4-45E5-B77F-09A3065E0D6A}" = Microsoft IntelliType Pro 6.1
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{E07B7A31-E160-466D-A003-3BB7B8989D52}" = Full Tilt Poker.Net
"{EBC91840-41E1-4CC3-AC11-0B889546223C}" = Microsoft IntelliPoint 5.5
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect
"{FE5ED1C0-A340-4EAC-B4BE-FA0AB173436C}" = LeapFrog LeapPad Explorer Plugin
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Athena" = WebCam for MSN Messenger
"CCleaner" = CCleaner
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Device Control" = Device Control
"EAXSet" = Creative EAX Settings
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"GoZone iSync" = GoZone iSync
"HijackThis" = HijackThis 2.0.2
"Hijackthis_is1" = Hijackthis 1.99.1
"InstallShield_{44170B31-F47A-4FF9-9D77-382D1FE2A728}" = FP3 Player
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"IrfanView" = IrfanView (remove only)
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.8.5
"LeapPadExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
"Lexmark X1100 Series" = Lexmark X1100 Series
"LimeWire" = LimeWire 4.12.14
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate1.7" = LiveUpdate 1.7 (Symantec Corporation)
"Logitech Print Service" = Logitech Print Service
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MWSnap 3" = MWSnap 3
"PokerStars.net" = PokerStars.net
"Recover Files_is1" = Recover Files 2.0
"Savings Bond Wizard" = Savings Bond Wizard
"SPEAKER" = Creative Speaker Settings
"TiVo Desktop 2.7" = TiVo Desktop 2.7
"UPCShell" = LeapFrog Connect
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0200" = Microsoft WinUsb 2.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"TiVo Photos 2.0" = TiVo Photos 2.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11/9/2009 11:28:24 AM | Computer Name = DELL-XP-BOX | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/16/2009 5:48:17 PM | Computer Name = DELL-XP-BOX | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3593, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/16/2009 5:52:09 PM | Computer Name = DELL-XP-BOX | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3593, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 12/3/2009 8:58:45 PM | Computer Name = DELL-XP-BOX | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: An internal certificate chaining error has occurred.
Error - 12/13/2009 3:07:31 PM | Computer Name = DELL-XP-BOX | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x00180ff3.
Error - 12/13/2009 9:15:49 PM | Computer Name = DELL-XP-BOX | Source = Application Hang | ID = 1002
Description = Hanging application wireshark.exe, version 1.2.4.30978, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 12/13/2009 9:15:51 PM | Computer Name = DELL-XP-BOX | Source = Application Hang | ID = 1002
Description = Hanging application wireshark.exe, version 1.2.4.30978, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 1/5/2010 8:36:04 PM | Computer Name = DELL-XP-BOX | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 9.0.0.4503, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 1/14/2010 8:46:15 PM | Computer Name = DELL-XP-BOX | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 1/30/2010 5:10:54 PM | Computer Name = DELL-XP-BOX | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 9.0.0.4503, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 4/25/2012 5:08:21 PM | Computer Name = DELL-XP-BOX | Source = Service Control Manager | ID = 7034
Description = The LeapFrog Connect Device Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 5/3/2012 11:30:45 AM | Computer Name = DELL-XP-BOX | Source = Service Control Manager | ID = 7023
Description = The NATServicesware service terminated with the following error: %%126
Error - 5/12/2012 1:01:20 PM | Computer Name = DELL-XP-BOX | Source = Service Control Manager | ID = 7023
Description = The NATServicesware service terminated with the following error: %%126
Error - 5/12/2012 1:01:26 PM | Computer Name = DELL-XP-BOX | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 5/12/2012 1:01:26 PM | Computer Name = DELL-XP-BOX | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 5/13/2012 5:05:27 PM | Computer Name = DELL-XP-BOX | Source = Print | ID = 6161
Description = The document Coupon Print 000017297374-210016174 owned by Owner failed
to print on printer HP LaserJet 4P. Data type: NT EMF 1.008. Size of the spool
file in bytes: 0. Number of bytes printed: 0. Total number of pages in the document:
1. Number of pages printed: 0. Client machine: \\DELL-XP-BOX. Win32 error code
returned by the print processor: 259 (0x103).
Error - 5/31/2012 12:47:03 AM | Computer Name = DELL-XP-BOX | Source = Service Control Manager | ID = 7023
Description = The NATServicesware service terminated with the following error: %%126
Error - 5/31/2012 9:22:41 AM | Computer Name = DELL-XP-BOX | Source = Service Control Manager | ID = 7023
Description = The NATServicesware service terminated with the following error: %%126
Error - 6/13/2012 8:12:48 AM | Computer Name = DELL-XP-BOX | Source = Service Control Manager | ID = 7023
Description = The NATServicesware service terminated with the following error: %%126
Error - 6/13/2012 4:31:46 PM | Computer Name = DELL-XP-BOX | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on
Windows Server 2003 and Windows XP x86 (KB2656369).
< End of report >