Thank you for the help in advance!
ComboFix 11-06-30.03 - Administrator 07/04/2011 11:38:46.3.2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2037.1368 [GMT -12:00]
Running from: e:\downloads\ComboFix.exe
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
.
.
((((((((((((((((((((((((( Files Created from 2011-06-04 to 2011-07-04 )))))))))))))))))))))))))))))))
.
.
2011-07-04 01:59 . 2011-07-04 02:09 47 ----a-w- c:\windows\SOLOSCAN.BAT
2011-07-04 01:58 . 2011-07-04 01:59 -------- d-----w- C:\SRN Micro
2011-07-04 01:54 . 2011-07-04 01:55 -------- d-----w- c:\windows\system32\wbem\Repository
2011-07-04 01:13 . 2011-07-04 01:13 -------- d-----w- c:\windows\system32\drivers\Avg(2)
2011-07-04 01:13 . 2011-07-04 01:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\AVGTOOLBAR
2011-07-01 23:36 . 2011-07-01 23:36 71880 ----a-w- c:\windows\system32\PxSecure.dll-upgrade672578.tmp
2011-07-01 23:36 . 2011-07-01 23:36 -------- d-----w- c:\documents and settings\All Users\Application Data\PrevxCSI
2011-07-01 05:25 . 2009-04-05 11:36 -------- d-----w- C:\SmitfraudFix
2011-07-01 03:51 . 2011-07-01 03:51 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2011-07-01 03:50 . 2011-05-29 21:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-01 03:50 . 2011-07-01 03:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-07-01 03:50 . 2011-05-29 21:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-30 23:33 . 2011-06-30 23:33 -------- d-----w- C:\FOUND.001
2011-06-30 06:53 . 2011-06-30 06:53 -------- d-----w- C:\FOUND.000
2011-06-29 22:15 . 2011-06-30 23:37 40448 ----a-w- c:\windows\system32\Slsvcx.exe
2011-06-29 01:14 . 2011-06-29 22:14 92672 --sh--w- c:\windows\system32\tcpwalalib.exe
2011-06-29 01:13 . 2011-06-29 01:13 -------- d-----w- c:\windows\system32\X
2011-06-23 06:40 . 2011-06-23 06:40 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-23 06:40 . 2011-06-23 06:40 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-06-22 22:22 . 2004-08-25 23:56 24576 ----a-w- c:\windows\system32\GsiNdi32.dll
2011-06-22 22:22 . 2011-06-22 22:22 -------- d-----w- c:\program files\Huawei
2011-06-13 00:00 . 2011-06-13 00:00 -------- d-----w- c:\documents and settings\Administrator\Application Data\ImTOO Software Studio
2011-06-05 23:49 . 2011-06-05 23:49 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ImTOO
2011-06-05 23:44 . 2011-06-05 23:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\ImTOO
2011-06-05 23:44 . 2011-06-05 23:44 -------- d-----w- c:\documents and settings\All Users\Application Data\ImTOO
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-27 22:08 . 2011-05-27 22:08 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-23 06:40 . 2011-03-24 22:44 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2004-08-04 . A3886230C2B22BF4D3C452B90B1C45CB . 359808 . . [5.1.2600.2892] . . c:\windows\system32\drivers\tcpip.sys
[7] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-07-04_02.47.40 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-08-24 00:00 . 2011-07-04 02:00 94040 c:\windows\system32\perfc009.dat
+ 2001-08-24 00:00 . 2011-07-04 22:33 94040 c:\windows\system32\perfc009.dat
- 2001-08-24 00:00 . 2011-07-04 02:00 505318 c:\windows\system32\perfh009.dat
+ 2001-08-24 00:00 . 2011-07-04 22:33 505318 c:\windows\system32\perfh009.dat
- 2004-08-03 22:56 . 2004-08-03 22:56 792064 c:\windows\system32\dllcache\comres.dll
+ 2004-08-03 22:56 . 2009-04-08 05:58 792064 c:\windows\system32\dllcache\comres.dll
- 2004-08-03 22:56 . 2004-08-03 22:56 792064 c:\windows\system32\comres.dll
+ 2004-08-03 22:56 . 2009-04-08 05:58 792064 c:\windows\system32\comres.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 792064 c:\windows\system32\comres BACKUP.dll
- 2004-08-04 10:56 . 2004-08-04 10:56 792064 c:\windows\system32\COMRES backup.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus CX1500 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3V1.EXE" [2004-06-01 99840]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-06 2260480]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-01-30 3179952]
"WOSB"="f:\softwares\WakeupOnStandBy\wosb.exe" [2011-03-22 1272320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"egui"="e:\new folder\nod32\egui.exe" [2009-02-07 2021400]
"Malwarebytes' Anti-Malware"="e:\new folder\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
"SoloSentry"="e:\newfol~1\SRNMIC~1\SOLOSENT.EXE" [2010-08-27 77824]
"SoloSchedule"="c:\srnmic~1\SOLOCFG.EXE" [2010-08-27 303104]
"SoloSysCheck"="c:\srnmic~1\SYSCHECK.COM" [2010-08-27 237568]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Registration Prince of Persia Warrior Within.LNK]
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\Registration Prince of Persia Warrior Within.LNK
backup=c:\windows\pss\Registration Prince of Persia Warrior Within.LNKStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk
backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Security Update.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Security Update.lnk
backup=c:\windows\pss\Security Update.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-05 00:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 16:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- e:\new folder\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DSLAGENTEXE]
2004-08-25 23:56 65536 ------w- c:\program files\Huawei\MT841\dslagent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-09-05 09:13 141848 ----a-r- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 18:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-06-16 18:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mapper]
2008-09-05 07:17 40960 ----a-w- c:\program files\Home Browsing\IE Internet Helper\maper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 23:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-09-05 09:13 137752 ----a-r- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-02-13 06:31 16857600 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-06 04:07 2260480 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Nikon Transfer Monitor"=c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
"DSLAGENTEXE"=c:\program files\Huawei\MT841\dslagent.exe
"EPSON Stylus CX1500 Series"=c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3V1.EXE /P26 "EPSON Stylus CX1500 Series" /O6 "USB001" /M "Stylus CX1500"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Huawei\\MT841\\DSLAGENT.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"e:\\New Folder\\gigaget\\Gigaget.exe"=
"e:\\New Folder\\flashget\\flashget.exe"=
"c:\\Tally\\tally72.exe"=
"c:\\Tally\\TALLY9.EXE"=
"h:\\BackUp of Tally\\Tally\\tally9.exe"=
"f:\\Tally\\tally72.exe"=
"e:\\New Folder\\bitt\\BitTorrent.exe"=
"e:\\New Folder\\Free Download Manager\\fdm.exe"=
"e:\\New Folder\\VLC\\vlc.exe"=
"e:\\New Folder\\java\\bin\\javaw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8000:UDP"= 8000:UDP:Express Talk RTP Incoming Audio (UDP)
"8001:UDP"= 8001:UDP:Express Talk RTP Incoming Audio (UDP)
"8002:UDP"= 8002:UDP:Express Talk RTP Incoming Audio (UDP)
"8003:UDP"= 8003:UDP:Express Talk RTP Incoming Audio (UDP)
"8004:UDP"= 8004:UDP:Express Talk RTP Incoming Audio (UDP)
"8005:UDP"= 8005:UDP:Express Talk RTP Incoming Audio (UDP)
"8006:UDP"= 8006:UDP:Express Talk RTP Incoming Audio (UDP)
"8007:UDP"= 8007:UDP:Express Talk RTP Incoming Audio (UDP)
"8008:UDP"= 8008:UDP:Express Talk RTP Incoming Audio (UDP)
"8009:UDP"= 8009:UDP:Express Talk RTP Incoming Audio (UDP)
"7606:TCP"= 7606:TCP:enzunljc
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2/6/2009 2:23 PM 106208]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [7/11/2003 1:22 AM 14912]
R2 ekrn;ESET Service;e:\new folder\nod32\ekrn.exe [2/6/2009 2:23 PM 727720]
R2 WalaSvc;Windows Infomation Actioning;c:\windows\system32\tcpwalalib.exe [6/28/2011 1:14 PM 92672]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [3/25/2011 6:48 PM 218688]
S3 illreqpim;illreqpim;\??\c:\windows\system32\02.tmp --> c:\windows\system32\02.tmp [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/30/2011 3:50 PM 22712]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\ztemtusbser.sys --> c:\windows\system32\DRIVERS\ztemtusbser.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WUAUSERV
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
cvjpechd
.
Contents of the 'Scheduled Tasks' folder
.
2010-11-05 c:\windows\Tasks\firefox.job
- c:\program files\Mozilla Firefox\firefox.exe [2009-11-26 06:40]
.
2011-07-04 c:\windows\Tasks\Free Download Manager.job
- e:\new folder\Free Download Manager\fdm.exe [2011-02-16 11:28]
.
2011-06-19 c:\windows\Tasks\prismShakeIcon.job
- c:\program files\NCH Software\Prism\prism.exe [2010-12-08 00:08]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
IE: &Download All by Gigaget - e:\new folder\gigaget\getallurl.htm
IE: &Download All with FlashGet - e:\new folder\flashget\jc_all.htm
IE: &Download by Gigaget - e:\new folder\gigaget\geturl.htm
IE: &Download with FlashGet - e:\new folder\flashget\jc_link.htm
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download all with Free Download Manager - file://e:\new folder\Free Download Manager\dlall.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download selected with Free Download Manager - file://e:\new folder\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://e:\new folder\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://e:\new folder\Free Download Manager\dllink.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Download with ImTOO Download YouTube Video - e:\new folder\Download YouTube Video\upod_link.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{05621D6F-D130-41FF-8E8C-4399A56A1976}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{19A8216A-C872-4E9F-A357-7C54AC89B671}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{63DF77B5-46A8-4A74-8B36-84A9F91AEBF7}: NameServer = 8.8.4.4,8.8.8.8
TCP: Interfaces\{8F58A87F-8FAD-43E8-BCF6-8E6238938FD9}: NameServer = 218.248.241.3 218.248.255.177
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\i2fob4tv.default\
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-04 11:41
Windows 5.1.2600 Service Pack 2 FAT NTAPI
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
EPSON Stylus CX1500 Series = c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3V1.EXE /P26 "EPSON Stylus CX1500 Series" /M "Stylus CX1500" /EF "HKCU"?6?????6?????D????????????h?w?? ?????????????????????????????<????h?w????????????????????????h???-??w???????????????w????????8???)??|????T??
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\illreqpim]
"ImagePath"="\??\c:\windows\system32\02.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cvjpechd]
"ServiceDll"="c:\windows\system32\gnbpbgl.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(11892)
e:\new folder\flashget\fgmgr.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-07-04 11:43:43
ComboFix-quarantined-files.txt 2011-07-04 23:43
ComboFix2.txt 2011-07-04 22:35
ComboFix3.txt 2011-07-04 02:54
.
Pre-Run: 3,096,690,688 bytes free
Post-Run: 3,084,271,616 bytes free
.
- - End Of File - - F68F10D62E215F95D96A93E6967BB8D2
OTL Extras logfile created on: 7/4/2011 12:33:27 PM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = E:\downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 49.37% Memory free
3.84 Gb Paging File | 1.24 Gb Available in Paging File | 32.36% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.62 Gb Total Space | 2.88 Gb Free Space | 15.44% Space Free | Partition Type: FAT32
Drive E: | 48.82 Gb Total Space | 23.81 Gb Free Space | 48.77% Space Free | Partition Type: FAT32
Drive F: | 97.64 Gb Total Space | 0.64 Gb Free Space | 0.65% Space Free | Partition Type: FAT32
Drive G: | 97.64 Gb Total Space | 12.67 Gb Free Space | 12.97% Space Free | Partition Type: FAT32
Drive H: | 97.64 Gb Total Space | 14.16 Gb Free Space | 14.50% Space Free | Partition Type: FAT32
Drive I: | 99.49 Gb Total Space | 0.20 Gb Free Space | 0.20% Space Free | Partition Type: FAT32
Computer Name: COMPUTER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = SafariHTML] -- C:\Program Files\Safari\Safari.exe (Apple Inc.)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-329068152-73586283-725345543-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = AutoCADScriptFile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Safari\Safari.exe" -url "%1" (Apple Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1" %*
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\New Folder\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\New Folder\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"8000:UDP" = 8000:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8001:UDP" = 8001:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8002:UDP" = 8002:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8003:UDP" = 8003:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8004:UDP" = 8004:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8005:UDP" = 8005:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8006:UDP" = 8006:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8007:UDP" = 8007:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8008:UDP" = 8008:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8009:UDP" = 8009:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"7606:TCP" = 7606:TCP:*:Enabled:enzunljc
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06F04C1E-79EA-4563-A4BB-E51C532245F3}_is1" = Internet Download Manager 5.18.8.0
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{109D28C7-FB38-483A-9C91-001CB59E2699}" = EPSON CardMonitor
"{1CBE3804-20DF-48DA-B048-895C206E80A5}" = Microsoft SQL Server VSS Writer
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java 6 Update 23
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2ACA65CD-11E1-4502-B3BC-A3CAA8EEADB1}" = EPSON Scan Tool Light 1.0
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4097ADD8-7890-4CBD-953A-1187EF2C6FA5}_is1" = JPEG to PDF 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52816561-C35E-4A47-9AE1-4B084D0806DA}" = eTimeTrack
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5783F2D7-5001-0409-0002-0060B0CE6BBA}" = AutoCAD 2007 - English
"{5B88B667-D3AF-4750-A2AE-B60D66B5249E}" = IE Internet Helper
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}" = PIF DESIGNER2.1
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8FA16D6E-8173-4340-A339-43D7AA4A3F23}" = Tally 9
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91CB1F7A-3C16-4782-8084-706A04C18CDF}_is1" = Epic 1.2
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A4512736-8D63-4298-9271-5329931FA46B}" = Microsoft SQL Server Management Studio Express
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD65CAC7-6D63-4D56-BED0-B610281256DF}" = CorelDRAW Graphics Suite 12 Setup Files
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{BF251EAF-8697-4E89-BF09-C998F97BBC40}" = Microsoft SQL Server Native Client
"{C3AE9DA1-2E44-4F11-803E-20977F0FE6B9}" = Safari
"{C48817E7-AA05-4151-A99D-1E1E550CE801}" = EPSON PhotoStarter3.1
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{EE0D2D03-B346-48D5-B841-E5362B1C1167}" = AVEO USB2.0 PC Camera(S5HVTV1P10814)
"{EE5BC0BB-9EDA-423C-8276-48857B735D68}" = Prince of Persia Warrior Within
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3E2505F-AA57-476B-9F67-F8C5E3938080}" = ESET Smart Security
"{F5491CFE-A8A8-4894-A7D4-1D6A9BC26C98}" = Image to PDF v2.2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"AutoGK" = Auto Gordian Knot 2.55
"AviSynth" = AviSynth 2.5
"Baraha 9.1_is1" = Baraha 9.1
"BitTorrent" = BitTorrent
"Canon LBP2900" = Canon LBP2900
"Convert XLS_is1" = Convert XLS
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dassault Systemes B16_0" = Dassault Systemes Software B16
"DivXLand Media Subtitler" = DivXLand Media Subtitler
"doPDF 7 printer_is1" = doPDF 7.1 printer
"EPSON Printer and Utilities" = EPSON Printer Software
"FlashGet" = FlashGet 1.9.6.1073
"FormatFactory" = FormatFactory 2.30
"Free Download Manager_is1" = Free Download Manager 3.0 Bittorrent plugin
"gigaget_is1" = Gigaget
"HDMI" = Intel® Graphics Media Accelerator Driver
"Huawei MT841" = Huawei MT841
"ImTOO 3GP Video Converter 6" = ImTOO 3GP Video Converter 6
"ImTOO AVI to MOV Converter 6" = ImTOO AVI to MOV Converter 6
"ImTOO Download YouTube Video" = ImTOO Download YouTube Video
"ImTOO HD Video Converter 6" = ImTOO HD Video Converter 6
"ImTOO Video Converter Ultimate 6" = ImTOO Video Converter Ultimate 6
"Java 2 SDK Standard Edition v1.3.0_02" = Java 2 SDK Standard Edition v1.3.0_02
"JRE 1.3.0_02" = Java 2 Runtime Environment Standard Edition v1.3.0_02
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nudi 4.0" = Nudi 4.0
"Prism" = Prism Video File Converter
"Project IGI" = Project IGI
"SoloAV_is1" = Solo Antivirus 10.0
"Switch" = Switch
"uTorrent" = µTorrent
"VCD Cutter_is1" = VCD Cutter 1.0
"VLC media player" = VLC media player 1.1.7
"VobSub" = VobSub v2.23 (Remove Only)
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/3/2011 8:30:20 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 11321
Description = Product: ESET Smart Security -- Error 1321. The Installer has insufficient
privileges to modify this file: E:\New Folder\nod32\PPESET.dll.
Error - 7/3/2011 8:30:20 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 11321
Description = Product: ESET Smart Security -- Error 1321. The Installer has insufficient
privileges to modify this file: E:\New Folder\nod32\PPESET.dll.
Error - 7/3/2011 8:30:20 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 11321
Description = Product: ESET Smart Security -- Error 1321. The Installer has insufficient
privileges to modify this file: E:\New Folder\nod32\PPESET.dll.
Error - 7/3/2011 8:30:21 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 11321
Description = Product: ESET Smart Security -- Error 1321. The Installer has insufficient
privileges to modify this file: E:\New Folder\nod32\PPESET.dll.
Error - 7/3/2011 8:30:23 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 11321
Description = Product: ESET Smart Security -- Error 1321. The Installer has insufficient
privileges to modify this file: E:\New Folder\nod32\mfc80u.dll.
Error - 7/3/2011 8:49:50 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 1013
Description = Product: ESET Smart Security -- A more recent version of ESET Smart
Security is already installed on this computer.
Error - 7/3/2011 9:11:10 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 11404
Description = Product: ESET Smart Security -- Error 1404. Could not delete key \Software\ESET\ESET
Security\CurrentVersion\Plugins\01000103\Profiles\@My profile. System error .
Verify that you have sufficient access to that key, or contact your support personnel.
Error - 7/3/2011 9:11:10 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 11404
Description = Product: ESET Smart Security -- Error 1404. Could not delete key \Software\ESET\ESET
Security\CurrentVersion\Plugins\01000103\Profiles\@My profile. System error .
Verify that you have sufficient access to that key, or contact your support personnel.
Error - 7/3/2011 9:11:13 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 11404
Description = Product: ESET Smart Security -- Error 1404. Could not delete key \Software\ESET\ESET
Security. System error . Verify that you have sufficient access to that key,
or contact your support personnel.
Error - 7/3/2011 9:11:13 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 11404
Description = Product: ESET Smart Security -- Error 1404. Could not delete key \Software\ESET\ESET
Security. System error . Verify that you have sufficient access to that key,
or contact your support personnel.
[ System Events ]
Error - 7/2/2011 6:21:40 PM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7031
Description = The Windows Infomation Actioning service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 7/2/2011 6:21:55 PM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7031
Description = The Windows Infomation Actioning service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 7/2/2011 6:22:52 PM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7031
Description = The Windows Infomation Actioning service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 7/2/2011 8:25:37 PM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7031
Description = The Windows Infomation Actioning service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 7/2/2011 8:31:15 PM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7031
Description = The Windows Infomation Actioning service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 7/2/2011 10:28:35 PM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = The Installer Manager service terminated with the following error:
%%126
Error - 7/2/2011 10:28:36 PM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7028
Description = The cvjpechd Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 7/3/2011 1:38:17 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = The Installer Manager service terminated with the following error:
%%126
Error - 7/3/2011 1:38:17 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7028
Description = The cvjpechd Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 7/3/2011 1:38:17 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7028
Description = The cvjpechd Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
< End of report >