Additional scan result of Farbar Recovery Scan Tool (x86) Version:16-04-2016 01
Ran by al (2016-04-19 22:39:26)
Running from C:\Documents and Settings\al\Desktop\virus_et_al\April_2016
Microsoft Windows XP Professional Service Pack 3 (X86) (2004-02-17 23:44:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3960577219-1813400529-1317427278-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
al (S-1-5-21-3960577219-1813400529-1317427278-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\al
ASPNET (S-1-5-21-3960577219-1813400529-1317427278-1008 - Limited - Enabled)
Guest (S-1-5-21-3960577219-1813400529-1317427278-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-3960577219-1813400529-1317427278-1005 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-3960577219-1813400529-1317427278-1002 - Limited - Enabled)
SUPPORT_3f151ab9 (S-1-5-21-3960577219-1813400529-1317427278-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acronis Drive Monitor (HKLM\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Acronis True Image (HKLM\...\{7F129516-73AD-4232-8FD0-C7BC2508B274}) (Version: 9.0.3647 - Acronis)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.100 - NOS Microsystems Ltd.)
Adobe Download Manager 1.2 (Remove Only) (HKLM\...\AdobeESD) (Version: - )
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop Album 2.0 Starter Edition (HKLM\...\{11B569C2-4BF6-4ED0-9D17-A4273943CB24}) (Version: 2.00.000 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AnswerWorks 4.0 Runtime - English (HKLM\...\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}) (Version: 4.0.101 - Vantage Software Technologies)
Apple Software Update (HKLM\...\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}) (Version: 2.0.2.92 - Apple Inc.)
ArcSoft Software Suite (HKLM\...\{497A1721-088F-41EF-8876-B43C9DA5528B}) (Version: 1.0 - ArcSoft)
Banctec Service Agreement (Version: 1.00.00 - Dell) Hidden
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version: - )
Belkin SOHO Networking Utilities (HKLM\...\{E03969E7-3AFB-4672-8259-991B5F618D5A}) (Version: 1.1 - Belkin Components)
Belkin Wireless Access Point Manager (HKLM\...\{A2284436-0CA3-4880-B8D1-E79E64A46EB3}) (Version: - )
Brother HL-5340D (HKLM\...\{653F3899-8CC4-43DB-AFD8-E9D829504138}) (Version: 1.00 - Brother)
Canon i250 (HKLM\...\CANONBJ_Deinstall_CNMCP50.DLL) (Version: - )
Cartes du Ciel V3.8 (HKLM\...\{A261F28E-6053-4414-9B84-AA8FE5F47AD4}_is1) (Version: - )
Celestron MCupdate (HKLM\...\Celestron MCupdate) (Version: 2.2.5 - Celestron)
Chanalyzer 2.1.7 (HKLM\...\{FD736238-55EB-420B-9BFC-B8A9983B21C9}) (Version: 2.1.7 - MetaGeek, LLC)
Core FTP LE 1.3c (HKLM\...\Core FTP LE 1.3c) (Version: - )
CyberLink Media Suite 10 (HKLM\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - )
Dell Media Experience (HKLM\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: - )
Dell Networking Guide (Version: 1.00.0001 - Dell) Hidden
Dell ResourceCD (HKLM\...\{D78653C3-A8FF-415F-92E6-D774E634FF2D}) (Version: - )
Dell Solution Center (HKLM\...\{11F1920A-56A2-4642-B6E0-3B31A12C9288}) (Version: 1.00.0000 - Dell)
Dell Support (HKLM\...\{43FCA273-9534-40DB-B7C5-D7758875616A}) (Version: 2.1.0.0 - Dell)
Digi Port Authority - Remote (HKLM\...\Digi Port Authority - Remote) (Version: - )
DS21Patch (Version: 1.00.0000 - Dell) Hidden
DVDSentry (HKLM\...\{98DF85D9-96C0-4F57-A92E-C3539477EF5E}) (Version: 1.00.0000 - Dell)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Eudora (HKLM\...\{268C1DB7-02FA-45F2-93EC-0D4DDCA91AB8}) (Version: 7.0 - )
ExamDiff Pro 3.4.2 (HKLM\...\ExamDiff Pro_is1) (Version: - PrestoSoft)
G4FON Koch Method Morse Trainer (HKLM\...\G4FON Koch Method Morse Trainer) (Version: - )
getPlus(R) (HKLM\...\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}) (Version: 1.5.2.19 - NOS Microsystems Ltd.)
Google Chrome (HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\Google Chrome) (Version: 8.0.552.224 - Google Inc.)
Google Earth (HKLM\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google)
Google Gears (Version: 0.4.24.0 - Google) Hidden
Google Update Helper (Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.2.940.34809 - Google Inc.)
Help and Support Customization (Version: 1.00.0000 - Dell) Hidden
honestechDVR 2.5 (HKLM\...\{D8410ADD-CB92-46B6-AB7C-AF4907A803A2}) (Version: 2.5 - honestech)
honestechDVR 2.5 (Version: 2.5 - honestech) Hidden
Inssider (HKLM\...\{B5915379-1885-4220-BEB5-A602A368D581}) (Version: 1.0.3 - MetaGeek)
Intel(R) Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4396 - )
Intel(R) PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
Intel(R) PROSet (HKLM\...\{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}) (Version: 6.05.2001 - Intel)
Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
IsoBuster 2.8.5 (HKLM\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
IZArc 4.1.6 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
J2SE Runtime Environment 5.0 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150060}) (Version: 1.5.0.60 - Sun Microsystems, Inc.)
Jasc Paint Shop Photo Album (HKLM\...\{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}) (Version: 4.0.3 - Jasc Software, Inc.)
Jasc Paint Shop Pro 8 Dell Edition (HKLM\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.0000 - Jasc Software Inc)
Java(TM) 6 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Jupiter 2.0.7.1 (HKLM\...\{22C070B6-BEC2-4B4B-8324-08DE6F168B9C}_is1) (Version: - Sylvain Rondi)
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - )
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
MallinCam Control (HKLM\...\{32091497-B2FA-4091-B733-64A2DC30566C}) (Version: 1.2 - Pro-Com Electronics)
MallinCam Control (HKLM\...\{DF207EA2-675D-47C8-9D51-3F9F14EDAD5F}) (Version: 1.0.0 - Pro-Com Electronics)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET Web Matrix (HKLM\...\{DCBE96DF-822C-401C-8DD2-0F3539637ADE}) (Version: 0.6.812.0 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
Microsoft Encarta Encyclopedia Standard 2004 (HKLM\...\{04410044-9149-45C6-A806-F2BF9CFCE762}) (Version: 2004 - Microsoft Corporation)
Microsoft Money 2004 (HKLM\...\{1D643CD7-4DD6-11D7-A4E0-000874180BB3}) (Version: 12.0.50 - Microsoft)
Microsoft Money 2004 System Pack (HKLM\...\{8C64E145-54BA-11D6-91B1-00500462BE80}) (Version: 12.0.80 - Microsoft)
Microsoft Office 97, Professional Edition (HKLM\...\Office8.0) (Version: - )
Microsoft Office XP Professional (HKLM\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft SAPI 5.1 Voices for Windows XP (HKLM\...\{8F194222-199F-11D6-B163-AA8310157D2E}) (Version: 1.0.0.0 - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.3 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 6.0 Professional Edition (HKLM\...\Visual C++ 6.0 Professional Edition) (Version: - )
Microsoft Visual Studio 2008 Standard Edition - ENU (HKLM\...\Microsoft Visual Studio 2008 Standard Edition - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Standard Edition - ENU Service Pack 1 (KB945140) (HKLM\...\{F434F50E-7614-3EA8-9008-2FB866B697DA}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu (HKLM\...\{05EC21B8-4593-3037-A781-A6B5AFFCB19D}) (Version: 3.5.21022 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{64c5b887-b5ee-42b8-8596-78905a6b5f1f}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Tools (HKLM\...\{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}) (Version: 6.1.5294.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools (HKLM\...\{B268E9A1-04A9-40D0-9866-846BE2B74BA7}) (Version: 6.1.5294.17011 - Microsoft Corporation)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: - )
Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSDN Library - Visual Studio 6.0 (HKLM\...\Microsoft Developer Network - Visual Studio 6.0) (Version: - )
MSDN Library for Visual Studio 2008 - ENU (HKLM\...\MSDN Library for Visual Studio 2008 - ENU) (Version: 9.0 - Microsoft)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0.21022 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
MUSICMATCH® Jukebox (HKLM\...\{45EBDA59-D33B-433A-956E-B2F236468B56}) (Version: - )
NexRemote (HKLM\...\NexRemote) (Version: 1.7.22 - Celestron)
PHD Guiding 1.10.0 (HKLM\...\PHD Guiding_is1) (Version: - Stark Labs)
PHOTOfunSTUDIO (HKLM\...\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}) (Version: 3.00.000 - Panasonic)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
Qualxserve Service Agreement (Version: 1.00.0004 - Dell) Hidden
QuickTime (HKLM\...\{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}) (Version: 7.4.5.67 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RSpec Version 1.7 (Build:19) (HKLM\...\{A08319DE-E83E-4B07-B4E5-69F2489D6B45}_is1) (Version: - Field Tested Systems)
Shockwave (HKLM\...\Shockwave) (Version: - )
SlickEdit 2007 (HKLM\...\{B598851F-6498-48CF-B61F-5074B889773B}) (Version: 12.0.0.0 - SlickEdit Inc.)
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.50 - Sonic Solutions)
Sonic MyDVD (HKLM\...\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}) (Version: - )
Sonic RecordNow! (HKLM\...\{9541FED0-327F-4DF0-8B96-EF57EF622F19}) (Version: 6.5.0 - Sonic Solutions)
SQL Server System CLR Types (HKLM\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
StartupMonitor (HKLM\...\{76EFAC4F-1712-401F-B2AE-590B170C9BCE}) (Version: 1.0.2.0 - Mike Lin)
Stellarium 0.10.4 (HKLM\...\Stellarium_is1) (Version: - )
Timex Trainer (HKLM\...\{96AF99D4-F7E8-4333-AB16-F9F4B91DBFBE}) (Version: 1.0.202 - Timex Corporation)
Update for 2007 Microsoft Office System (KB2284654) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB Video/Audio Device Driver (HKLM\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - EETI)
Virtual Moon Atlas Pro 5.0 (HKLM\...\{3EB7A19B-690F-49BA-B494-CADA547D0DB9}_is1) (Version: - )
Visual C++ 2008 IA64 Runtime - v9.0.30729.01 (HKLM\...\{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.01 (HKLM\...\{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.4148 (HKLM\...\{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}.vc_x64runtime_30729_4148) (Version: 9.0.30729.4148 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.6161 (HKLM\...\{E7E58A3A-D9BD-3D4B-9475-AE757454AD82}.vc_x64runtime_30729_6161) (Version: 9.0.30729.6161 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.4148 (HKLM\...\{7B33F480-496D-334A-BAC2-205DEC0CBC2D}.vc_x86runtime_30729_4148) (Version: 9.0.30729.4148 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.6161 (HKLM\...\{3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E}.vc_x86runtime_30729_6161) (Version: 9.0.30729.6161 - Microsoft Corporation)
VNC Free Edition 4.1.2 (HKLM\...\RealVNC_is1) (Version: 4.1.2 - RealVNC Ltd.)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.59 - VSO Software)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Where is M13? version 2.3 (HKLM\...\Where is M13?_is1) (Version: - Think Astronomy)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinJUPOS 10.0.16 (HKLM\...\WinJUPOS 10.0.16_is1) (Version: 10.0.16 - Grischa Hahn, Germany)
WordPerfect Office 11 (HKLM\...\{54F90B55-BEB3-4F0D-8802-228822FA5921}) (Version: 11.0 - Corel Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
YouCam (Version: 3.1.5324 - CyberLink Corp.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Documents and Settings\al\Local Settings\Application Data\Google\Update\1.2.183.39\goopdate.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\al\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B}\InprocServer32 -> C:\Documents and Settings\al\Local Settings\Application Data\Google\Update\1.2.131.27\goopdate.dll = (the data entry has 9 more characters).
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{4536918A-95A8-498F-B542-CB906C561A43}\InprocServer32 -> C:\Documents and Settings\al\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{D800E6DE-AFD1-4A47-9342-18426F9A50D3}\InprocServer32 -> D:\vs_2008_proj\polygon\polygon\Debug\polygon.dll (TODO: <Company name>)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\A l e r t s.job => C:\PROGRA~1\Dell\Support\bin\Support.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3960577219-1813400529-1317427278-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3960577219-1813400529-1317427278-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Visual Studio 2008\Visual Studio Tools\Visual Studio 2008 Command Prompt.lnk -> C:\WINDOWS\SYSTEM32\cmd.exe (Microsoft Corporation) -> /k ""c:\Program Files\Microsoft Visual Studio 9.0\VC\vcvarsall.bat"" x86
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Visual Studio 2008\Visual Studio Tools\Visual Studio 2008 x64 Cross Tools Command Prompt.lnk -> C:\WINDOWS\SYSTEM32\cmd.exe (Microsoft Corporation) -> /k ""c:\Program Files\Microsoft Visual Studio 9.0\VC\vcvarsall.bat"" x86_amd64
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Brother\HL-5340D\User's Guides in PDF format.lnk -> C:\Program Files\Brother\BRHL5340\WEBLINK.exe () -> hxxp://solutions.brother.com/cgi-bin/solutions.cgi?MDL=prn046&LNG=en&SRC=DOC
==================== Loaded Modules (Whitelisted) ==============
2014-07-04 02:05 - 2014-07-04 02:05 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2010-12-14 17:58 - 2010-12-08 18:27 - 00208440 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\locales\en-US.dll
2010-12-14 17:58 - 2010-12-08 18:28 - 04050488 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\pdf.dll
2010-12-14 17:58 - 2010-12-08 18:26 - 01840200 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\avcodec-52.dll
2010-12-14 17:58 - 2010-12-08 18:26 - 00105032 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\avutil-50.dll
2010-12-14 17:58 - 2010-12-08 18:26 - 00201800 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\avformat-52.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\.DEFAULT\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\.DEFAULT\...\132.com -> www.132.com
IE restricted site: HKU\.DEFAULT\...\136136.net -> down.136136.net
IE restricted site: HKU\.DEFAULT\...\139mm.com -> www.139mm.com
IE restricted site: HKU\.DEFAULT\...\163.com -> www.163.com
IE restricted site: HKU\.DEFAULT\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\.DEFAULT\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\.DEFAULT\...\171203.com -> 171203.com
There are 4007 more sites.
IE restricted site: HKU\S-1-5-19\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-19\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-19\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-19\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-19\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-19\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-19\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-19\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\S-1-5-19\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\S-1-5-19\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-19\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-19\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-19\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\S-1-5-19\...\132.com -> www.132.com
IE restricted site: HKU\S-1-5-19\...\136136.net -> down.136136.net
IE restricted site: HKU\S-1-5-19\...\139mm.com -> www.139mm.com
IE restricted site: HKU\S-1-5-19\...\163.com -> www.163.com
IE restricted site: HKU\S-1-5-19\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\S-1-5-19\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\S-1-5-19\...\171203.com -> 171203.com
There are 4007 more sites.
IE restricted site: HKU\S-1-5-20\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-20\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-20\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-20\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-20\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-20\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-20\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-20\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\S-1-5-20\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\S-1-5-20\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-20\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-20\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-20\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\S-1-5-20\...\132.com -> www.132.com
IE restricted site: HKU\S-1-5-20\...\136136.net -> down.136136.net
IE restricted site: HKU\S-1-5-20\...\139mm.com -> www.139mm.com
IE restricted site: HKU\S-1-5-20\...\163.com -> www.163.com
IE restricted site: HKU\S-1-5-20\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\S-1-5-20\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\S-1-5-20\...\171203.com -> 171203.com
There are 4007 more sites.
IE trusted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\turbotax.com -> hxxps://turbotax.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\132.com -> www.132.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\136136.net -> down.136136.net
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\139mm.com -> www.139mm.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\163.com -> www.163.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\171203.com -> 171203.com
There are 4005 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-19 09:19 - 2015-03-26 00:37 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 209.172.0.5 - 209.172.0.8
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Earth\client\googleearth.exe] => Disabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Program Files\Adobe\Acrobat.com\Acrobat.com.exe] => Disabled:Acrobat.com
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled
xpsp2res.dll,-22019
StandardProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Disabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\WINDOWS\SYSTEM32\mmc.exe] => Enabled:Microsoft Management Console
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Earth\plugin\geplugin.exe] => Enabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\al\Desktop\winvnc4.exe] => Enabled:VNC Server Free Edition for Win32
StandardProfile\AuthorizedApplications: [C:\Program Files\RealVNC\VNC4\winvnc4.exe] => Enabled:VNC Server Free Edition for Win32
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabledxpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabledxpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabledxpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabledxpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabledxpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabledxpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabledxpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabledxpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabledxpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabledxpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [3:TCP] => :LocalSubNet:Enabled:e-sys
StandardProfile\GloballyOpenPorts: [3389:TCP] => Disabledxpsp2res.dll,-22009
==================== Restore Points =========================
31-03-2016 11:30:22 System Checkpoint
01-04-2016 11:48:28 System Checkpoint
02-04-2016 12:46:23 System Checkpoint
02-04-2016 21:35:48 Software Distribution Service 3.0
03-04-2016 23:26:12 System Checkpoint
04-04-2016 09:36:55 Software Distribution Service 3.0
05-04-2016 09:45:48 System Checkpoint
05-04-2016 19:17:46 Software Distribution Service 3.0
06-04-2016 19:26:54 Software Distribution Service 3.0
07-04-2016 19:21:45 Software Distribution Service 3.0
07-04-2016 20:12:38 Software Distribution Service 3.0
08-04-2016 12:07:30 Software Distribution Service 3.0
09-04-2016 14:26:42 Software Distribution Service 3.0
10-04-2016 13:27:01 Software Distribution Service 3.0
11-04-2016 09:47:56 Software Distribution Service 3.0
12-04-2016 10:39:32 System Checkpoint
13-04-2016 13:28:15 Software Distribution Service 3.0
14-04-2016 13:38:06 System Checkpoint
15-04-2016 11:53:08 Software Distribution Service 3.0
15-04-2016 11:54:07 Software Distribution Service 3.0
15-04-2016 12:28:27 Software Distribution Service 3.0
16-04-2016 21:31:52 Software Distribution Service 3.0
16-04-2016 21:34:27 Software Distribution Service 3.0
17-04-2016 20:20:05 JRT Pre-Junkware Removal
18-04-2016 22:47:41 System Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/18/2016 02:02:55 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (04/18/2016 02:02:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (04/16/2016 10:00:59 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The connection with the server was terminated abnormally
Error: (04/16/2016 09:57:53 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
Error: (04/16/2016 09:57:52 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The connection with the server was terminated abnormally
Error: (04/05/2016 07:17:16 PM) (Source: ESENT) (EventID: 492) (User: )
Description: wuauclt (1720) The logfile sequence in "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\" has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart or restore from backup.
Error: (04/05/2016 07:17:16 PM) (Source: ESENT) (EventID: 413) (User: )
Description: wuauclt (1720) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1022.
Error: (04/05/2016 07:17:16 PM) (Source: ESENT) (EventID: 486) (User: )
Description: wuauclt (1720) An attempt to move the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" to "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" failed with system error 183 (0x000000b7): "Cannot create a file when that file already exists. ". The move file operation will fail with error -1022 (0xfffffc02).
Error: (03/15/2016 09:24:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application adwcleaner_4.113.exe, version 4.1.1.3, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
System errors:
=============
Error: (04/19/2016 09:15:02 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
Error: (04/19/2016 09:14:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The helpsvc service failed to start due to the following error:
%%2
Error: (04/19/2016 12:19:54 AM) (Source: ipnathlp) (EventID: 31008) (User: )
Description: The DNS proxy agent was unable to read the local list of name-resolution
servers from the registry.
The data is the error code.
Error: (04/18/2016 09:59:12 PM) (Source: ipnathlp) (EventID: 31008) (User: )
Description: The DNS proxy agent was unable to read the local list of name-resolution
servers from the registry.
The data is the error code.
Error: (04/18/2016 04:14:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 2 time(s).
Error: (04/18/2016 03:56:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
Error: (04/18/2016 01:54:46 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
Error: (04/18/2016 12:13:44 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
Error: (04/18/2016 09:19:51 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
Error: (04/17/2016 11:13:17 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz
Percentage of memory in use: 30%
Total physical RAM: 2557.98 MB
Available physical RAM: 1772.42 MB
Total Virtual: 3173.07 MB
Available Virtual: 2622.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.47 GB) (Free:4.59 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (New Volume) (Fixed) (Total:111.79 GB) (Free:40.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: DBBDF0DD)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 03C16DE5)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by al (2016-04-19 22:39:26)
Running from C:\Documents and Settings\al\Desktop\virus_et_al\April_2016
Microsoft Windows XP Professional Service Pack 3 (X86) (2004-02-17 23:44:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3960577219-1813400529-1317427278-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
al (S-1-5-21-3960577219-1813400529-1317427278-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\al
ASPNET (S-1-5-21-3960577219-1813400529-1317427278-1008 - Limited - Enabled)
Guest (S-1-5-21-3960577219-1813400529-1317427278-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-3960577219-1813400529-1317427278-1005 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-3960577219-1813400529-1317427278-1002 - Limited - Enabled)
SUPPORT_3f151ab9 (S-1-5-21-3960577219-1813400529-1317427278-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acronis Drive Monitor (HKLM\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Acronis True Image (HKLM\...\{7F129516-73AD-4232-8FD0-C7BC2508B274}) (Version: 9.0.3647 - Acronis)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.100 - NOS Microsystems Ltd.)
Adobe Download Manager 1.2 (Remove Only) (HKLM\...\AdobeESD) (Version: - )
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop Album 2.0 Starter Edition (HKLM\...\{11B569C2-4BF6-4ED0-9D17-A4273943CB24}) (Version: 2.00.000 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AnswerWorks 4.0 Runtime - English (HKLM\...\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}) (Version: 4.0.101 - Vantage Software Technologies)
Apple Software Update (HKLM\...\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}) (Version: 2.0.2.92 - Apple Inc.)
ArcSoft Software Suite (HKLM\...\{497A1721-088F-41EF-8876-B43C9DA5528B}) (Version: 1.0 - ArcSoft)
Banctec Service Agreement (Version: 1.00.00 - Dell) Hidden
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version: - )
Belkin SOHO Networking Utilities (HKLM\...\{E03969E7-3AFB-4672-8259-991B5F618D5A}) (Version: 1.1 - Belkin Components)
Belkin Wireless Access Point Manager (HKLM\...\{A2284436-0CA3-4880-B8D1-E79E64A46EB3}) (Version: - )
Brother HL-5340D (HKLM\...\{653F3899-8CC4-43DB-AFD8-E9D829504138}) (Version: 1.00 - Brother)
Canon i250 (HKLM\...\CANONBJ_Deinstall_CNMCP50.DLL) (Version: - )
Cartes du Ciel V3.8 (HKLM\...\{A261F28E-6053-4414-9B84-AA8FE5F47AD4}_is1) (Version: - )
Celestron MCupdate (HKLM\...\Celestron MCupdate) (Version: 2.2.5 - Celestron)
Chanalyzer 2.1.7 (HKLM\...\{FD736238-55EB-420B-9BFC-B8A9983B21C9}) (Version: 2.1.7 - MetaGeek, LLC)
Core FTP LE 1.3c (HKLM\...\Core FTP LE 1.3c) (Version: - )
CyberLink Media Suite 10 (HKLM\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - )
Dell Media Experience (HKLM\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: - )
Dell Networking Guide (Version: 1.00.0001 - Dell) Hidden
Dell ResourceCD (HKLM\...\{D78653C3-A8FF-415F-92E6-D774E634FF2D}) (Version: - )
Dell Solution Center (HKLM\...\{11F1920A-56A2-4642-B6E0-3B31A12C9288}) (Version: 1.00.0000 - Dell)
Dell Support (HKLM\...\{43FCA273-9534-40DB-B7C5-D7758875616A}) (Version: 2.1.0.0 - Dell)
Digi Port Authority - Remote (HKLM\...\Digi Port Authority - Remote) (Version: - )
DS21Patch (Version: 1.00.0000 - Dell) Hidden
DVDSentry (HKLM\...\{98DF85D9-96C0-4F57-A92E-C3539477EF5E}) (Version: 1.00.0000 - Dell)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Eudora (HKLM\...\{268C1DB7-02FA-45F2-93EC-0D4DDCA91AB8}) (Version: 7.0 - )
ExamDiff Pro 3.4.2 (HKLM\...\ExamDiff Pro_is1) (Version: - PrestoSoft)
G4FON Koch Method Morse Trainer (HKLM\...\G4FON Koch Method Morse Trainer) (Version: - )
getPlus(R) (HKLM\...\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}) (Version: 1.5.2.19 - NOS Microsystems Ltd.)
Google Chrome (HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\Google Chrome) (Version: 8.0.552.224 - Google Inc.)
Google Earth (HKLM\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google)
Google Gears (Version: 0.4.24.0 - Google) Hidden
Google Update Helper (Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.2.940.34809 - Google Inc.)
Help and Support Customization (Version: 1.00.0000 - Dell) Hidden
honestechDVR 2.5 (HKLM\...\{D8410ADD-CB92-46B6-AB7C-AF4907A803A2}) (Version: 2.5 - honestech)
honestechDVR 2.5 (Version: 2.5 - honestech) Hidden
Inssider (HKLM\...\{B5915379-1885-4220-BEB5-A602A368D581}) (Version: 1.0.3 - MetaGeek)
Intel(R) Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4396 - )
Intel(R) PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
Intel(R) PROSet (HKLM\...\{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}) (Version: 6.05.2001 - Intel)
Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
IsoBuster 2.8.5 (HKLM\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
IZArc 4.1.6 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
J2SE Runtime Environment 5.0 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150060}) (Version: 1.5.0.60 - Sun Microsystems, Inc.)
Jasc Paint Shop Photo Album (HKLM\...\{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}) (Version: 4.0.3 - Jasc Software, Inc.)
Jasc Paint Shop Pro 8 Dell Edition (HKLM\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.0000 - Jasc Software Inc)
Java(TM) 6 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Jupiter 2.0.7.1 (HKLM\...\{22C070B6-BEC2-4B4B-8324-08DE6F168B9C}_is1) (Version: - Sylvain Rondi)
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - )
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
MallinCam Control (HKLM\...\{32091497-B2FA-4091-B733-64A2DC30566C}) (Version: 1.2 - Pro-Com Electronics)
MallinCam Control (HKLM\...\{DF207EA2-675D-47C8-9D51-3F9F14EDAD5F}) (Version: 1.0.0 - Pro-Com Electronics)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET Web Matrix (HKLM\...\{DCBE96DF-822C-401C-8DD2-0F3539637ADE}) (Version: 0.6.812.0 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
Microsoft Encarta Encyclopedia Standard 2004 (HKLM\...\{04410044-9149-45C6-A806-F2BF9CFCE762}) (Version: 2004 - Microsoft Corporation)
Microsoft Money 2004 (HKLM\...\{1D643CD7-4DD6-11D7-A4E0-000874180BB3}) (Version: 12.0.50 - Microsoft)
Microsoft Money 2004 System Pack (HKLM\...\{8C64E145-54BA-11D6-91B1-00500462BE80}) (Version: 12.0.80 - Microsoft)
Microsoft Office 97, Professional Edition (HKLM\...\Office8.0) (Version: - )
Microsoft Office XP Professional (HKLM\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft SAPI 5.1 Voices for Windows XP (HKLM\...\{8F194222-199F-11D6-B163-AA8310157D2E}) (Version: 1.0.0.0 - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.3 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 6.0 Professional Edition (HKLM\...\Visual C++ 6.0 Professional Edition) (Version: - )
Microsoft Visual Studio 2008 Standard Edition - ENU (HKLM\...\Microsoft Visual Studio 2008 Standard Edition - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Standard Edition - ENU Service Pack 1 (KB945140) (HKLM\...\{F434F50E-7614-3EA8-9008-2FB866B697DA}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu (HKLM\...\{05EC21B8-4593-3037-A781-A6B5AFFCB19D}) (Version: 3.5.21022 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{64c5b887-b5ee-42b8-8596-78905a6b5f1f}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Tools (HKLM\...\{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}) (Version: 6.1.5294.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools (HKLM\...\{B268E9A1-04A9-40D0-9866-846BE2B74BA7}) (Version: 6.1.5294.17011 - Microsoft Corporation)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: - )
Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSDN Library - Visual Studio 6.0 (HKLM\...\Microsoft Developer Network - Visual Studio 6.0) (Version: - )
MSDN Library for Visual Studio 2008 - ENU (HKLM\...\MSDN Library for Visual Studio 2008 - ENU) (Version: 9.0 - Microsoft)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0.21022 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
MUSICMATCH® Jukebox (HKLM\...\{45EBDA59-D33B-433A-956E-B2F236468B56}) (Version: - )
NexRemote (HKLM\...\NexRemote) (Version: 1.7.22 - Celestron)
PHD Guiding 1.10.0 (HKLM\...\PHD Guiding_is1) (Version: - Stark Labs)
PHOTOfunSTUDIO (HKLM\...\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}) (Version: 3.00.000 - Panasonic)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
Qualxserve Service Agreement (Version: 1.00.0004 - Dell) Hidden
QuickTime (HKLM\...\{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}) (Version: 7.4.5.67 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RSpec Version 1.7 (Build:19) (HKLM\...\{A08319DE-E83E-4B07-B4E5-69F2489D6B45}_is1) (Version: - Field Tested Systems)
Shockwave (HKLM\...\Shockwave) (Version: - )
SlickEdit 2007 (HKLM\...\{B598851F-6498-48CF-B61F-5074B889773B}) (Version: 12.0.0.0 - SlickEdit Inc.)
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.50 - Sonic Solutions)
Sonic MyDVD (HKLM\...\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}) (Version: - )
Sonic RecordNow! (HKLM\...\{9541FED0-327F-4DF0-8B96-EF57EF622F19}) (Version: 6.5.0 - Sonic Solutions)
SQL Server System CLR Types (HKLM\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
StartupMonitor (HKLM\...\{76EFAC4F-1712-401F-B2AE-590B170C9BCE}) (Version: 1.0.2.0 - Mike Lin)
Stellarium 0.10.4 (HKLM\...\Stellarium_is1) (Version: - )
Timex Trainer (HKLM\...\{96AF99D4-F7E8-4333-AB16-F9F4B91DBFBE}) (Version: 1.0.202 - Timex Corporation)
Update for 2007 Microsoft Office System (KB2284654) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB Video/Audio Device Driver (HKLM\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - EETI)
Virtual Moon Atlas Pro 5.0 (HKLM\...\{3EB7A19B-690F-49BA-B494-CADA547D0DB9}_is1) (Version: - )
Visual C++ 2008 IA64 Runtime - v9.0.30729.01 (HKLM\...\{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.01 (HKLM\...\{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.4148 (HKLM\...\{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}.vc_x64runtime_30729_4148) (Version: 9.0.30729.4148 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.6161 (HKLM\...\{E7E58A3A-D9BD-3D4B-9475-AE757454AD82}.vc_x64runtime_30729_6161) (Version: 9.0.30729.6161 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.4148 (HKLM\...\{7B33F480-496D-334A-BAC2-205DEC0CBC2D}.vc_x86runtime_30729_4148) (Version: 9.0.30729.4148 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.6161 (HKLM\...\{3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E}.vc_x86runtime_30729_6161) (Version: 9.0.30729.6161 - Microsoft Corporation)
VNC Free Edition 4.1.2 (HKLM\...\RealVNC_is1) (Version: 4.1.2 - RealVNC Ltd.)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.59 - VSO Software)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Where is M13? version 2.3 (HKLM\...\Where is M13?_is1) (Version: - Think Astronomy)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinJUPOS 10.0.16 (HKLM\...\WinJUPOS 10.0.16_is1) (Version: 10.0.16 - Grischa Hahn, Germany)
WordPerfect Office 11 (HKLM\...\{54F90B55-BEB3-4F0D-8802-228822FA5921}) (Version: 11.0 - Corel Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
YouCam (Version: 3.1.5324 - CyberLink Corp.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Documents and Settings\al\Local Settings\Application Data\Google\Update\1.2.183.39\goopdate.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\al\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B}\InprocServer32 -> C:\Documents and Settings\al\Local Settings\Application Data\Google\Update\1.2.131.27\goopdate.dll = (the data entry has 9 more characters).
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{4536918A-95A8-498F-B542-CB906C561A43}\InprocServer32 -> C:\Documents and Settings\al\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006_Classes\CLSID\{D800E6DE-AFD1-4A47-9342-18426F9A50D3}\InprocServer32 -> D:\vs_2008_proj\polygon\polygon\Debug\polygon.dll (TODO: <Company name>)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\A l e r t s.job => C:\PROGRA~1\Dell\Support\bin\Support.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3960577219-1813400529-1317427278-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3960577219-1813400529-1317427278-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Visual Studio 2008\Visual Studio Tools\Visual Studio 2008 Command Prompt.lnk -> C:\WINDOWS\SYSTEM32\cmd.exe (Microsoft Corporation) -> /k ""c:\Program Files\Microsoft Visual Studio 9.0\VC\vcvarsall.bat"" x86
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Visual Studio 2008\Visual Studio Tools\Visual Studio 2008 x64 Cross Tools Command Prompt.lnk -> C:\WINDOWS\SYSTEM32\cmd.exe (Microsoft Corporation) -> /k ""c:\Program Files\Microsoft Visual Studio 9.0\VC\vcvarsall.bat"" x86_amd64
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Brother\HL-5340D\User's Guides in PDF format.lnk -> C:\Program Files\Brother\BRHL5340\WEBLINK.exe () -> hxxp://solutions.brother.com/cgi-bin/solutions.cgi?MDL=prn046&LNG=en&SRC=DOC
==================== Loaded Modules (Whitelisted) ==============
2014-07-04 02:05 - 2014-07-04 02:05 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2010-12-14 17:58 - 2010-12-08 18:27 - 00208440 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\locales\en-US.dll
2010-12-14 17:58 - 2010-12-08 18:28 - 04050488 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\pdf.dll
2010-12-14 17:58 - 2010-12-08 18:26 - 01840200 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\avcodec-52.dll
2010-12-14 17:58 - 2010-12-08 18:26 - 00105032 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\avutil-50.dll
2010-12-14 17:58 - 2010-12-08 18:26 - 00201800 _____ () C:\Documents and Settings\al\Local Settings\Application Data\Google\Chrome\Application\8.0.552.224\avformat-52.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\.DEFAULT\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\.DEFAULT\...\132.com -> www.132.com
IE restricted site: HKU\.DEFAULT\...\136136.net -> down.136136.net
IE restricted site: HKU\.DEFAULT\...\139mm.com -> www.139mm.com
IE restricted site: HKU\.DEFAULT\...\163.com -> www.163.com
IE restricted site: HKU\.DEFAULT\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\.DEFAULT\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\.DEFAULT\...\171203.com -> 171203.com
There are 4007 more sites.
IE restricted site: HKU\S-1-5-19\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-19\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-19\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-19\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-19\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-19\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-19\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-19\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\S-1-5-19\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\S-1-5-19\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-19\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-19\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-19\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\S-1-5-19\...\132.com -> www.132.com
IE restricted site: HKU\S-1-5-19\...\136136.net -> down.136136.net
IE restricted site: HKU\S-1-5-19\...\139mm.com -> www.139mm.com
IE restricted site: HKU\S-1-5-19\...\163.com -> www.163.com
IE restricted site: HKU\S-1-5-19\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\S-1-5-19\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\S-1-5-19\...\171203.com -> 171203.com
There are 4007 more sites.
IE restricted site: HKU\S-1-5-20\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-20\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-20\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-20\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-20\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-20\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-20\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-20\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\S-1-5-20\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\S-1-5-20\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-20\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-20\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-20\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\S-1-5-20\...\132.com -> www.132.com
IE restricted site: HKU\S-1-5-20\...\136136.net -> down.136136.net
IE restricted site: HKU\S-1-5-20\...\139mm.com -> www.139mm.com
IE restricted site: HKU\S-1-5-20\...\163.com -> www.163.com
IE restricted site: HKU\S-1-5-20\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\S-1-5-20\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\S-1-5-20\...\171203.com -> 171203.com
There are 4007 more sites.
IE trusted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\turbotax.com -> hxxps://turbotax.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\132.com -> www.132.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\136136.net -> down.136136.net
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\139mm.com -> www.139mm.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\163.com -> www.163.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\...\171203.com -> 171203.com
There are 4005 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-19 09:19 - 2015-03-26 00:37 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3960577219-1813400529-1317427278-1006\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 209.172.0.5 - 209.172.0.8
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Earth\client\googleearth.exe] => Disabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Program Files\Adobe\Acrobat.com\Acrobat.com.exe] => Disabled:Acrobat.com
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled
xpsp2res.dll,-22019StandardProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Disabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\WINDOWS\SYSTEM32\mmc.exe] => Enabled:Microsoft Management Console
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Earth\plugin\geplugin.exe] => Enabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\al\Desktop\winvnc4.exe] => Enabled:VNC Server Free Edition for Win32
StandardProfile\AuthorizedApplications: [C:\Program Files\RealVNC\VNC4\winvnc4.exe] => Enabled:VNC Server Free Edition for Win32
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled
xpsp2res.dll,-22004DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled
xpsp2res.dll,-22005DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled
xpsp2res.dll,-22001DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled
xpsp2res.dll,-22002StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled
xpsp2res.dll,-22004StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled
xpsp2res.dll,-22005StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled
xpsp2res.dll,-22001StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled
xpsp2res.dll,-22002StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled
xpsp2res.dll,-22007StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled
xpsp2res.dll,-22008StandardProfile\GloballyOpenPorts: [3:TCP] => :LocalSubNet:Enabled:e-sys
StandardProfile\GloballyOpenPorts: [3389:TCP] => Disabled
xpsp2res.dll,-22009==================== Restore Points =========================
31-03-2016 11:30:22 System Checkpoint
01-04-2016 11:48:28 System Checkpoint
02-04-2016 12:46:23 System Checkpoint
02-04-2016 21:35:48 Software Distribution Service 3.0
03-04-2016 23:26:12 System Checkpoint
04-04-2016 09:36:55 Software Distribution Service 3.0
05-04-2016 09:45:48 System Checkpoint
05-04-2016 19:17:46 Software Distribution Service 3.0
06-04-2016 19:26:54 Software Distribution Service 3.0
07-04-2016 19:21:45 Software Distribution Service 3.0
07-04-2016 20:12:38 Software Distribution Service 3.0
08-04-2016 12:07:30 Software Distribution Service 3.0
09-04-2016 14:26:42 Software Distribution Service 3.0
10-04-2016 13:27:01 Software Distribution Service 3.0
11-04-2016 09:47:56 Software Distribution Service 3.0
12-04-2016 10:39:32 System Checkpoint
13-04-2016 13:28:15 Software Distribution Service 3.0
14-04-2016 13:38:06 System Checkpoint
15-04-2016 11:53:08 Software Distribution Service 3.0
15-04-2016 11:54:07 Software Distribution Service 3.0
15-04-2016 12:28:27 Software Distribution Service 3.0
16-04-2016 21:31:52 Software Distribution Service 3.0
16-04-2016 21:34:27 Software Distribution Service 3.0
17-04-2016 20:20:05 JRT Pre-Junkware Removal
18-04-2016 22:47:41 System Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/18/2016 02:02:55 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (04/18/2016 02:02:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (04/16/2016 10:00:59 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The connection with the server was terminated abnormally
Error: (04/16/2016 09:57:53 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
Error: (04/16/2016 09:57:52 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The connection with the server was terminated abnormally
Error: (04/05/2016 07:17:16 PM) (Source: ESENT) (EventID: 492) (User: )
Description: wuauclt (1720) The logfile sequence in "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\" has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart or restore from backup.
Error: (04/05/2016 07:17:16 PM) (Source: ESENT) (EventID: 413) (User: )
Description: wuauclt (1720) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1022.
Error: (04/05/2016 07:17:16 PM) (Source: ESENT) (EventID: 486) (User: )
Description: wuauclt (1720) An attempt to move the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" to "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" failed with system error 183 (0x000000b7): "Cannot create a file when that file already exists. ". The move file operation will fail with error -1022 (0xfffffc02).
Error: (03/15/2016 09:24:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application adwcleaner_4.113.exe, version 4.1.1.3, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
System errors:
=============
Error: (04/19/2016 09:15:02 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
Error: (04/19/2016 09:14:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The helpsvc service failed to start due to the following error:
%%2
Error: (04/19/2016 12:19:54 AM) (Source: ipnathlp) (EventID: 31008) (User: )
Description: The DNS proxy agent was unable to read the local list of name-resolution
servers from the registry.
The data is the error code.
Error: (04/18/2016 09:59:12 PM) (Source: ipnathlp) (EventID: 31008) (User: )
Description: The DNS proxy agent was unable to read the local list of name-resolution
servers from the registry.
The data is the error code.
Error: (04/18/2016 04:14:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 2 time(s).
Error: (04/18/2016 03:56:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
Error: (04/18/2016 01:54:46 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
Error: (04/18/2016 12:13:44 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
Error: (04/18/2016 09:19:51 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
Error: (04/17/2016 11:13:17 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz
Percentage of memory in use: 30%
Total physical RAM: 2557.98 MB
Available physical RAM: 1772.42 MB
Total Virtual: 3173.07 MB
Available Virtual: 2622.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.47 GB) (Free:4.59 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (New Volume) (Fixed) (Total:111.79 GB) (Free:40.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: DBBDF0DD)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 03C16DE5)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
