I haven't had a chance to use the computer since the scan of kaspersky this morning but it restarted itself right before downloading kaspersky this morning.
Here are the scans
OTL:
OTL logfile created on: 8/25/2011 8:28:03 PM - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Customer\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1015.36 Mb Total Physical Memory | 642.85 Mb Available Physical Memory | 63.31% Memory free
2.39 Gb Paging File | 2.14 Gb Available in Paging File | 89.54% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 30.19 Gb Free Space | 81.03% Space Free | Partition Type: NTFS
Computer Name: ASHTON | User Name: Customer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Customer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
========== Modules (No Company Name) ========== MOD - C:\Program Files\AVAST Software\Avast\defs\11082501\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\11082501\aswRep.dll ()
MOD - C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll ()
MOD - C:\Program Files\Intel\Wireless\Bin\acAuth.dll ()
========== Win32 Services (SafeList) ========== SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (PEVSystemStart) -- C:\ComboFix\pev.3XE ()
SRV - (WLANKEEPER) Intel® -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)
========== Driver Services (SafeList) ========== DRV - (59503609) -- C:\WINDOWS\system32\DRIVERS\59503609.sys (Kaspersky Lab ZAO)
DRV - (2782296drv) -- C:\WINDOWS\2782296drv.spi ()
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (CAMTHWDM) -- C:\WINDOWS\system32\drivers\CAMTHWDM.sys ()
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) Intel® -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (GTIPCI21) -- C:\WINDOWS\system32\drivers\gtipci21.sys (Texas Instruments)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (STAC97) -- C:\WINDOWS\system32\drivers\STAC97.sys (SigmaTel, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
http://us.rd.yahoo.c...rch/search.html IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1757981266-261903793-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.comIE - HKU\S-1-5-21-1757981266-261903793-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.87
FF - prefs.js..extensions.enabledItems:
[email protected]:7.6.1
FF - prefs.js..keyword.URL: "
http://www.google.co...ient&gfns=1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/16 09:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2009/05/13 18:15:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Customer\Application Data\Mozilla\Extensions
[2010/08/26 20:11:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Customer\Application Data\Mozilla\Firefox\Profiles\ljzjdp4i.default\extensions
[2010/08/13 13:32:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Customer\Application Data\Mozilla\Firefox\Profiles\ljzjdp4i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/23 16:06:54 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Customer\Application Data\Mozilla\Firefox\Profiles\ljzjdp4i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/13 13:32:43 | 000,000,000 | ---D | M] ("FoxFilter") -- C:\Documents and Settings\Customer\Application Data\Mozilla\Firefox\Profiles\ljzjdp4i.default\extensions\
[email protected][2009/07/05 06:58:20 | 000,009,941 | ---- | M] () -- C:\Documents and Settings\Customer\Application Data\Mozilla\Firefox\Profiles\ljzjdp4i.default\searchplugins\mywebsearch.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\CUSTOMER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LJZJDP4I.DEFAULT\EXTENSIONS\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
File not found (No name found) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
O1 HOSTS File: ([2011/08/23 10:28:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-261903793-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1757981266-261903793-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Customer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Customer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/11 18:48:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2011/08/25 20:25:25 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Customer\Desktop\OTL.exe
[2011/08/25 10:19:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/08/25 10:19:17 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\59503609.sys
[2011/08/25 08:08:37 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/08/25 07:16:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/08/25 07:16:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/08/25 07:16:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/08/25 07:16:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/08/25 07:16:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/25 07:13:38 | 004,182,373 | R--- | C] (Swearware) -- C:\Documents and Settings\Customer\Desktop\ComboFix.exe
[2011/08/23 14:02:05 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/08/23 13:55:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Customer\Start Menu\Programs\Administrative Tools
[2011/08/23 10:28:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/23 10:17:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/08/23 10:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/08/23 10:13:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/08/23 10:12:47 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Customer\Desktop\erunt-setup.exe
[2011/08/23 07:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/08/23 07:25:55 | 000,000,000 | ---D | C] -- C:\rsit
[2011/08/22 15:48:36 | 001,406,768 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Customer\Desktop\TDSSKiller.exe
[2011/08/16 09:51:24 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Customer\Desktop\TFC.exe
[2011/08/16 09:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Customer\Application Data\Google
[2011/08/16 09:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2011/08/16 09:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/08/16 09:18:34 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/08/16 09:18:33 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/08/16 09:18:29 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/08/16 09:18:27 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/08/16 09:18:27 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/08/16 09:18:25 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/08/16 09:18:25 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/08/16 09:18:25 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/08/16 09:17:18 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/08/16 09:17:15 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/08/16 09:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/16 09:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/08/16 08:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/16 08:20:05 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/08/16 08:19:59 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/16 08:16:27 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/08/16 07:48:03 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/08/15 22:13:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Customer\Application Data\Malwarebytes
[2011/08/15 22:12:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/08/15 22:12:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/15 22:04:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/08/15 21:57:10 | 000,000,000 | ---D | C] -- C:\031658ccde2af0c7440900ba
[2011/08/15 21:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe(2)
========== Files - Modified Within 30 Days ========== [2011/08/25 20:25:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Customer\Desktop\OTL.exe
[2011/08/25 13:56:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/25 13:56:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/25 11:40:28 | 000,107,114 | ---- | M] () -- C:\Documents and Settings\Customer\My Documents\avz_sysinfo.htm
[2011/08/25 11:40:28 | 000,040,401 | ---- | M] () -- C:\Documents and Settings\Customer\My Documents\avz_sysinfo.xml
[2011/08/25 11:10:02 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\59503609.sys
[2011/08/25 10:47:04 | 000,000,324 | -HS- | M] () -- C:\WINDOWS\2782296drv.spi
[2011/08/25 10:18:36 | 103,994,600 | ---- | M] () -- C:\Documents and Settings\Customer\Desktop\setup_11.0.0.1245.x01_2011_08_25_11_10.exe
[2011/08/25 10:05:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/25 10:05:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/25 07:13:51 | 004,182,373 | R--- | M] (Swearware) -- C:\Documents and Settings\Customer\Desktop\ComboFix.exe
[2011/08/24 07:37:36 | 001,406,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Customer\Desktop\TDSSKiller.exe
[2011/08/24 07:36:42 | 001,390,139 | ---- | M] () -- C:\Documents and Settings\Customer\Desktop\tdsskiller.zip
[2011/08/24 07:32:53 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Customer\My Documents\Look.bat
[2011/08/23 14:02:17 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/08/23 10:28:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/08/23 10:13:50 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Customer\Desktop\NTREGOPT.lnk
[2011/08/23 10:13:50 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Customer\Desktop\ERUNT.lnk
[2011/08/23 10:12:48 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Customer\Desktop\erunt-setup.exe
[2011/08/23 07:25:20 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Customer\Desktop\RSIT.exe
[2011/08/23 07:23:07 | 000,172,286 | ---- | M] () -- C:\Documents and Settings\Customer\My Documents\ReportRK
[2011/08/23 07:14:01 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Customer\Desktop\RKUnhookerLE.EXE
[2011/08/17 03:17:25 | 000,463,166 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/17 03:17:25 | 000,080,188 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/17 03:09:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/16 09:51:32 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Customer\Desktop\TFC.exe
[2011/08/16 09:18:35 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/08/16 09:18:26 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/08/16 08:20:06 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/16 08:16:28 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ========== [2011/08/25 11:40:28 | 000,107,114 | ---- | C] () -- C:\Documents and Settings\Customer\My Documents\avz_sysinfo.htm
[2011/08/25 11:40:28 | 000,040,401 | ---- | C] () -- C:\Documents and Settings\Customer\My Documents\avz_sysinfo.xml
[2011/08/25 10:33:39 | 000,000,324 | -HS- | C] () -- C:\WINDOWS\2782296drv.spi
[2011/08/25 10:15:24 | 103,994,600 | ---- | C] () -- C:\Documents and Settings\Customer\Desktop\setup_11.0.0.1245.x01_2011_08_25_11_10.exe
[2011/08/25 07:16:55 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/08/25 07:16:55 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/08/25 07:16:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/08/25 07:16:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/08/25 07:16:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/08/24 07:34:58 | 001,390,139 | ---- | C] () -- C:\Documents and Settings\Customer\Desktop\tdsskiller.zip
[2011/08/24 07:32:52 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Customer\My Documents\Look.bat
[2011/08/23 14:02:17 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/08/23 14:02:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/08/23 10:13:50 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Customer\Desktop\NTREGOPT.lnk
[2011/08/23 10:13:50 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Customer\Desktop\ERUNT.lnk
[2011/08/23 07:25:19 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Customer\Desktop\RSIT.exe
[2011/08/23 07:23:07 | 000,172,286 | ---- | C] () -- C:\Documents and Settings\Customer\My Documents\ReportRK
[2011/08/23 07:13:14 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Customer\Desktop\RKUnhookerLE.EXE
[2011/08/16 09:18:35 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/08/16 08:20:06 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/22 21:47:49 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/08/30 00:56:15 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Customer\Local Settings\Application Data\PUTTY.RND
[2009/07/04 04:16:09 | 001,051,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/06/19 00:27:41 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Customer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/04 18:53:16 | 000,000,007 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2009/06/03 20:50:55 | 000,061,440 | ---- | C] () -- C:\WINDOWS\wnUninstall.exe
[2009/05/30 04:22:12 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/05/13 18:15:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/05/12 00:26:07 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll
[2009/05/11 18:51:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/05/11 18:45:21 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/05/11 11:39:13 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/05/11 11:37:50 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/13 22:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/12/31 00:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001/08/23 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 05:00:00 | 000,463,166 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 05:00:00 | 000,080,188 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 05:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: ATAPI.SYS >[2008/04/13 22:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/13 19:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EXPLORER.EXE >[2008/04/13 22:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 22:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/04/13 22:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/13 22:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >[2008/04/13 22:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 22:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2008/04/13 22:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 22:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WMILIB.SYS >[2001/08/23 05:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=2F31B7F954BED437F2C75026C65CAF7B -- C:\WINDOWS\system32\dllcache\wmilib.sys
[2001/08/23 05:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=2F31B7F954BED437F2C75026C65CAF7B -- C:\WINDOWS\system32\drivers\wmilib.sys
< %systemroot%\*. /mp /s >< End of report >
EXTRAS:
OTL Extras logfile created on: 8/25/2011 8:28:03 PM - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Customer\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1015.36 Mb Total Physical Memory | 642.85 Mb Available Physical Memory | 63.31% Memory free
2.39 Gb Paging File | 2.14 Gb Available in Paging File | 89.54% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 30.19 Gb Free Space | 81.03% Space Free | Partition Type: NTFS
Computer Name: ASHTON | User Name: Customer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-1757981266-261903793-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe"
https [open] -- "C:\Program Files\Opera\opera.exe"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0E0479F8-180F-4054-B4F7-17EE657F90BF}" = TIPCI
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ATT-RC" = ATT-RC Self Support Tool
"avast" = avast! Free Antivirus
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"ERUNT_is1" = ERUNT 1.1j
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{0E0479F8-180F-4054-B4F7-17EE657F90BF}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"ProInst" = Intel® PROSet/Wireless Software
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >