Hi Render,
Infected file deleted. OTL Log and Extras Log attached.
OTL logfile created on: 6/20/2012 10:37:13 PM - Run 4
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Documents and Settings\JCP\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.50 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 50.98% Memory free
2.85 Gb Paging File | 2.26 Gb Available in Paging File | 79.36% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 23.92 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Computer Name: JCP-4FEKSWW7IOP | User Name: JCP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/06/20 22:34:56 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JCP\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/08/28 14:01:22 | 000,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
========== Modules (No Company Name) ========== MOD - [2003/08/28 14:01:22 | 000,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
MOD - [2003/05/12 16:02:32 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBKPP5C.DLL
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/03/03 15:53:08 | 000,033,176 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper) getPlus®
SRV - [2003/08/28 14:01:22 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe -- (spkrmon)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JCP\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/06/20 22:28:06 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C43A269-4DE7-4293-A51A-277DEA2E7416}\MpKsl0c86cc7c.sys -- (MpKsl0c86cc7c)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/06/30 00:32:04 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/06/30 00:31:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2007/06/15 03:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2006/03/19 18:08:41 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2005/09/14 11:40:00 | 000,003,502 | ---- | M] (BSI SA
http://www.bsi.gr) [Kernel | Auto | Running] -- C:\WINDOWS\system32\cmostime.sys -- (CmosTime)
DRV - [2005/01/10 11:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 11:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/12/22 12:58:14 | 000,008,704 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Pfmodnt.sys -- (PfModNT)
DRV - [2004/10/11 14:08:00 | 000,012,062 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2004/08/25 10:28:46 | 000,787,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/04/29 18:55:42 | 000,186,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/03/24 08:12:44 | 000,004,272 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2001/12/03 16:11:14 | 000,160,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Icam4USB.sys -- (Icam4USB)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\..\SearchScopes,DefaultScope = {4EBAC7C1-A5EA-48F0-824E-70909D4D724A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}IE - HKLM\..\SearchScopes\{4EBAC7C1-A5EA-48F0-824E-70909D4D724A}: "URL" =
http://www.google.co...g}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1078081533-492894223-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.com/IE - HKU\S-1-5-21-1078081533-492894223-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-1078081533-492894223-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1078081533-492894223-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.cnn.com/IE - HKU\S-1-5-21-1078081533-492894223-725345543-1004\..\SearchScopes,DefaultScope = {4EBAC7C1-A5EA-48F0-824E-70909D4D724A}
IE - HKU\S-1-5-21-1078081533-492894223-725345543-1004\..\SearchScopes\{4EBAC7C1-A5EA-48F0-824E-70909D4D724A}: "URL" =
http://www.google.co...1I7GGHP_enUS438IE - HKU\S-1-5-21-1078081533-492894223-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\JCP\Application Data\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\
[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\JCP\Application Data\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/11 22:29:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/11 22:31:49 | 000,000,000 | ---D | M]
[2010/02/28 21:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JCP\Application Data\Mozilla\Extensions
[2010/02/28 21:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JCP\Application Data\Mozilla\Extensions\
[email protected][2012/06/18 21:16:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JCP\Application Data\Mozilla\Firefox\Profiles\2fgisvab.default\extensions
[2011/03/23 12:35:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\JCP\Application Data\Mozilla\Firefox\Profiles\2fgisvab.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/19 12:17:55 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Documents and Settings\JCP\Application Data\Mozilla\Firefox\Profiles\2fgisvab.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2009/12/11 23:07:16 | 000,000,000 | ---D | M] ("SearchStatus") -- C:\Documents and Settings\JCP\Application Data\Mozilla\Firefox\Profiles\2fgisvab.default\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}
[2010/01/12 22:41:53 | 000,000,000 | ---D | M] ("PPC Web Spy Toolbar") -- C:\Documents and Settings\JCP\Application Data\Mozilla\Firefox\Profiles\2fgisvab.default\extensions\{ec9CEB59-8266-438b-91D9-82F56D595E15}
[2010/08/08 10:59:37 | 000,000,000 | ---D | M] ("SEO For Firefox") -- C:\Documents and Settings\JCP\Application Data\Mozilla\Firefox\Profiles\2fgisvab.default\extensions\
[email protected][2011/02/19 12:18:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/16 21:33:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2011/02/19 14:09:18 | 000,000,684 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (no name) - Disabled:{5CA3D70E-1895-11CF-8E15-001234567890} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-492894223-725345543-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-492894223-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-492894223-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-492894223-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1078081533-492894223-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKU\S-1-5-21-1078081533-492894223-725345543-1004\..Trusted Domains: microsoft.com ([]* in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85}
http://download.micr...helpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {3253534D-9980-0010-8000-00AA00389B71}
http://download.micr...980/wms9dmo.cab (Reg Error: Key error.)
O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71}
http://download.micr...C4D/mp43dmo.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://v5.windowsupd...b?1113472843562 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.micros...b?1237780016078 (MUWebControl Class)
O16 - DPF: {70647AB5-18FD-4142-82B0-5852478DD0D4}
http://xms.keynote.c...torLauncher.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
http://messenger.msn...pDownloader.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553555000}
http://fpdownload.ma...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BAE0579-CA1B-43EC-811F-F00EEBEC21E4}: NameServer = 68.94.156.1 68.94.157.1
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\ic32pp {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll ()
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx ()
O18 - Protocol\Filter\AutorunsDisabled - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\JCP\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\JCP\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/13 23:07:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
System Restore Service not available.
========== Files/Folders - Created Within 30 Days ========== [2012/06/20 22:34:42 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\JCP\Desktop\OTL.exe
[2012/06/20 22:29:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/06/18 22:08:56 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\JCP\Desktop\aswMBR.exe
[2012/06/16 15:29:04 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/16 15:29:04 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/15 01:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JCP\AppData
[2012/06/15 01:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/15 01:02:19 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/14 21:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/06/14 21:09:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JCP\Local Settings\Application Data\PCHealth
[2012/06/14 21:05:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/06/14 00:40:02 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/06/13 22:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/06/13 21:25:21 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/06/11 22:28:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2012/06/05 22:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\Market Samurai
[2012/06/02 07:38:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JCP\Application Data\CuteRank
[2012/06/02 07:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JCP\Start Menu\Programs\CuteRank
[2012/06/02 07:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\CuteRank
[2012/06/02 07:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JCP\Desktop\RAnkerizer
[2012/06/01 21:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JCP\Application Data\Rankerizer
[2012/06/01 21:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JCP\Start Menu\Programs\Rankerizer
[2012/06/01 21:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\Rankerizer
[37 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/06/20 22:46:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/20 22:36:58 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/06/20 22:34:56 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JCP\Desktop\OTL.exe
[2012/06/20 22:26:55 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/20 22:26:52 | 000,013,668 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/20 22:26:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/18 22:09:01 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\JCP\Desktop\aswMBR.exe
[2012/06/17 17:10:59 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\JCP\Desktop\tarp.csv
[2012/06/16 15:36:31 | 000,000,286 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2012/06/16 15:29:05 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/16 15:29:04 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/16 09:09:22 | 000,506,990 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/16 09:09:22 | 000,088,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/15 16:20:23 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\JCP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/15 01:02:29 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/14 21:18:46 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/06/14 00:35:06 | 000,138,056 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/13 21:46:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/11 21:23:01 | 000,017,439 | ---- | M] () -- C:\Documents and Settings\JCP\Desktop\jp2.jpg
[2012/06/11 21:22:10 | 000,031,632 | ---- | M] () -- C:\Documents and Settings\JCP\Desktop\jp.jpg
[2012/06/03 21:01:07 | 000,530,929 | ---- | M] () -- C:\Documents and Settings\JCP\Desktop\part2.pdf
[2012/06/03 20:55:46 | 000,238,869 | ---- | M] () -- C:\Documents and Settings\JCP\Desktop\part1.pdf
[2012/06/03 20:09:08 | 022,577,759 | ---- | M] () -- C:\Documents and Settings\JCP\Desktop\affiliatemindset.mp3
[2012/06/02 21:13:14 | 000,000,044 | ---- | M] () -- C:\WINDOWS\2pic.ini
[2012/06/02 15:19:44 | 000,022,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2012/06/02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2012/06/02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2012/06/02 15:19:38 | 000,219,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2012/06/02 15:19:38 | 000,210,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2012/06/02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2012/06/02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2012/06/02 15:19:34 | 000,053,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2012/06/02 15:19:34 | 000,015,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2012/06/02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2012/06/02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2012/06/02 15:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2012/06/02 15:18:58 | 000,275,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012/06/02 15:18:58 | 000,017,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012/06/02 07:38:01 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\JCP\Desktop\CuteRank.lnk
[2012/06/01 21:10:26 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\JCP\Desktop\Rankerizer.lnk
[2012/06/01 21:09:44 | 003,356,794 | ---- | M] () -- C:\Documents and Settings\JCP\Desktop\Rankerizer_Setup.exe
[2012/05/31 06:22:09 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[37 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/06/17 17:07:58 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\JCP\Desktop\tarp.csv
[2012/06/15 01:42:48 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2012/06/15 01:02:29 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/14 21:28:32 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/06/14 21:18:33 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/06/11 21:23:13 | 000,017,439 | ---- | C] () -- C:\Documents and Settings\JCP\Desktop\jp2.jpg
[2012/06/11 21:22:26 | 000,031,632 | ---- | C] () -- C:\Documents and Settings\JCP\Desktop\jp.jpg
[2012/06/05 22:08:37 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Market Samurai.lnk
[2012/06/03 21:00:58 | 000,530,929 | ---- | C] () -- C:\Documents and Settings\JCP\Desktop\part2.pdf
[2012/06/03 20:55:44 | 000,238,869 | ---- | C] () -- C:\Documents and Settings\JCP\Desktop\part1.pdf
[2012/06/03 20:09:05 | 022,577,759 | ---- | C] () -- C:\Documents and Settings\JCP\Desktop\affiliatemindset.mp3
[2012/06/02 07:38:01 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\JCP\Desktop\CuteRank.lnk
[2012/06/01 22:39:51 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2012/06/01 21:10:26 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\JCP\Desktop\Rankerizer.lnk
[2012/06/01 21:09:32 | 003,356,794 | ---- | C] () -- C:\Documents and Settings\JCP\Desktop\Rankerizer_Setup.exe
[2012/05/25 22:18:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/05/25 22:18:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2010/09/10 22:39:08 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/09/10 22:39:08 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/10 22:39:08 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/10 22:39:08 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/09/10 22:39:08 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/02 23:49:19 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\JCP\Local Settings\Application Data\housecall.guid.cache
[2008/04/14 06:41:26 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{5254dd4f-251d-fda9-5da5-70186e54383f}\@
[2008/04/14 06:41:26 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\JCP\Local Settings\Application Data\{5254dd4f-251d-fda9-5da5-70186e54383f}\@
========== LOP Check ========== [2006/12/14 20:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2007/12/28 11:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/09/19 20:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2007/10/04 22:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2007/03/26 23:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/05/09 16:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2007/03/30 18:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/03/19 17:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\ACD Systems
[2010/01/17 22:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Affilorama
[2009/11/20 01:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Any Video Converter
[2010/07/31 23:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\AusLogics
[2012/06/02 08:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\CuteRank
[2010/04/07 23:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\DomainSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2010/08/07 21:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\FreeVideoConverter
[2010/01/07 22:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\gtk-2.0
[2007/09/19 20:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\iolo
[2005/08/22 22:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Keynote Systems
[2011/07/23 14:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\KompoZer
[2007/07/07 19:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Leadertech
[2009/01/24 23:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2010/04/29 21:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\NCH Swift Sound
[2008/02/11 23:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Nvu
[2007/07/22 23:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Quest Software-Funnelweb
[2012/06/01 22:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Rankerizer
[2010/01/23 00:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Search Settings
[2008/09/27 08:34:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\StumbleUpon
[2010/07/30 13:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Uniblue
[2011/02/19 14:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Windows Desktop Search
[2011/07/23 22:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Windows Search
[2009/11/20 01:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JCP\Application Data\Xilisoft Corporation
[2010/06/13 15:43:57 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\photostageShakeIcon.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 00:56:49 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\explorer.exe
< MD5 for: SVCHOST.EXE >[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/14 06:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 06:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 00:56:57 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/04 00:56:57 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\userinit.exe
[2008/04/14 06:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 06:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2004/08/04 00:56:57 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\winlogon.exe
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %systemroot%\*. /mp /s > < %Temp%\smtmp\*.* /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2010/08/08 11:13:52 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2010/08/08 11:13:52 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2010/08/08 11:13:52 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2010/08/08 11:13:39 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2010/08/08 11:13:39 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2010/08/08 11:13:39 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/05/11 04:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/05/11 04:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/05/11 04:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2010/08/08 11:13:52 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2010/08/08 11:13:52 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2010/08/08 11:13:52 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2010/08/08 11:13:39 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2010/08/08 11:13:39 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2010/08/08 11:13:39 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/05/11 04:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/05/11 04:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/05/11 04:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)
< > < > ========== Alternate Data Streams ========== @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
< End of report >
OTL Extras logfile created on: 6/20/2012 10:37:13 PM - Run 4
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Documents and Settings\JCP\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.50 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 50.98% Memory free
2.85 Gb Paging File | 2.26 Gb Available in Paging File | 79.36% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 23.92 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Computer Name: JCP-4FEKSWW7IOP | User Name: JCP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C04D433-2EDF-4AFB-B31B-C0B13065092F}" = MagicTune3.6_Client_pivot
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java™ 6 Update 20
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{787A9F66-C7FF-0004-DFA8-ED8CB444EF06}" = Market Samurai
"{8BA15725-96FD-41E1-9678-BDF8ACDF9A1D}" = MSXML installer
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600777}" = MSN Messenger 7.0
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"2 Pic" = 2 Pic
"7-Zip" = 7-Zip 4.57
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"ATT-PRT22" = ATT-PRT22
"CCleaner" = CCleaner
"Concord Telephony Translation" = Concord Telephony Translation
"CTIAPI32" = CTIAPI32 (remove only)
"CtiLogC" = CtiLogC (remove only)
"CuteRank" = CuteRank 3.5.1
"Dell AIO Printer A920" = Dell AIO Printer A920
"FLV Player" = FLV Player 2.0 (build 25)
"GOM Player" = GOM Player
"IAWP" = IAWP
"ie8" = Windows Internet Explorer 8
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Market Tool" = Market Tool
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"Photilla" = Photilla Photo Album Software
"PhotoPad" = PhotoPad Image Editor
"PhotoStage" = PhotoStage Slideshow Producer
"Q903235" = Internet Explorer Q903235
"ST5UNST #1" = FaxDrive
"ToolBox" = NCH Toolbox
"Traffic Travis_is1" = Traffic Travis 3.2.8
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinGTK-2_is1" = GTK+ 2.8.9 runtime environment
"Wisdom-soft ScreenHunter 5.1 Free" = Wisdom-soft ScreenHunter 5.1 Free
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 2.9.6
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WordFlood 2.0" = WordFlood 2.0 (remove only)
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XHeader" = XHeader
"XHeader Bonus Download" = XHeader Bonus Download
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1078081533-492894223-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.5.0.457
"Move Media Player" = Move Media Player
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 5/26/2012 2:10:39 AM | Computer Name = JCP-4FEKSWW7IOP | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.0.1526.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 5/26/2012 2:24:36 AM | Computer Name = JCP-4FEKSWW7IOP | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
Error - 5/26/2012 2:26:42 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/26/2012 5:43:05 PM | Computer Name = JCP-4FEKSWW7IOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JCP\RECENT\WEB.LNK> in the hash
map cannot be updated. Context: Application, SystemIndex Catalog Details: A device
attached to the system is not functioning. (0x8007001f)
Error - 5/26/2012 5:43:05 PM | Computer Name = JCP-4FEKSWW7IOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JCP\RECENT\WEB.LNK> in the hash
map cannot be updated. Context: Application, SystemIndex Catalog Details: A device
attached to the system is not functioning. (0x8007001f)
Error - 6/5/2012 12:35:53 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Application Hang | ID = 1002
Description = Hanging application Dreamweaver.exe, version 4.0.1064.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 6/6/2012 3:05:08 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JCP\DESKTOP\GOOG-ADSENSE-VIEWS.CSV>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 6/6/2012 3:05:08 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JCP\DESKTOP\GOOG-ADSENSE-VIEWS.CSV>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 6/7/2012 12:15:53 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JCP\DESKTOP\CAR CANOPY OPTIONS
ANALYSIS.TXT> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 6/7/2012 12:15:53 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\JCP\DESKTOP\CAR CANOPY OPTIONS
ANALYSIS.TXT> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
[ System Events ]
Error - 6/14/2012 3:41:56 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 6/14/2012 3:41:56 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 6/14/2012 3:41:56 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 6/14/2012 3:41:56 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 6/14/2012 3:41:56 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 6/14/2012 3:41:56 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 6/14/2012 3:41:56 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 6/15/2012 12:01:48 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
Error - 6/15/2012 12:08:15 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
Error - 6/15/2012 4:38:49 AM | Computer Name = JCP-4FEKSWW7IOP | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
< End of report >
This topic is locked
Sign In
Create Account
