Hello there. My CPU is running very slow, browser and programs opens really late and running slow. I already ran the steps in the Guideline post and here is the logs from the programs I ran. 1. MBAM log, 2. OTL.txt, 3. Extrax.txt, 4. checkup.txt.
Thank you
Zoldan
-MBAM log------------------------------
Malwarebytes' Anti-Malware 1.41
Database version: 2844
Windows 5.1.2600 Service Pack 2
22.9.2009 21:15:28
mbam-log-2009-09-22 (21-15-28).txt
Scan type: Quick Scan
Objects scanned: 106133
Time elapsed: 19 minute(s), 9 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 2
Registry Keys Infected: 94
Registry Values Infected: 3
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 129
Memory Processes Infected:
C:\WINDOWS\TEMP\_ex-68.exe (Trojan.Dropper) -> Unloaded process successfully.
Memory Modules Infected:
C:\WINDOWS\system32\crypts.dll (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\system32\acluiu.dll (Trojan.Vundo) -> Delete on reboot.
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b782ede4-ccb3-4e3e-981f-96c68116f38c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b782ede4-ccb3-4e3e-981f-96c68116f38c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\A2SERVICE.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ArcaCheck.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arcavir.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashEnhcd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcls.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avz.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avz_se.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avz4.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdAgent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdinit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\caav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\caavguiscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CASecurityCENTER.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpupdat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmdAgent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwadins.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drweb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fameh32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\filemon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPAVSERVER.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fpscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPWIN.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSGK32ST.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsma32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFRing3.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KavStart.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapw32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navigator.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navstub.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navwnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\niu.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nvcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ollydbg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\preupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pskdr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regtool.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SfFnUp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Vba32arkit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vba32ldr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Zanda.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Zlh.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonealarm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zoneband.dll (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AlerterALG (Trojan.Downloader) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\promoreg (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RList (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\MyID (Malware.Trace) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\System32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\crypts.dll (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\system32\acluiu.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\aaclientd.exe (Trojan.Dropper) -> Delete on reboot.
C:\WINDOWS\system32\drivers\4654123e.sys (Rootkit.Rustock) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\e11a5ff1.sys (Rootkit.Rustock) -> Delete on reboot.
C:\WINDOWS\system32\drivers\b494ec3c.sys (Rootkit.Rustock) -> Delete on reboot.
C:\WINDOWS\system32\drivers\be8e3a.sys (Rootkit.Rustock) -> Delete on reboot.
C:\WINDOWS\TEMP\119F.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\21B7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\2F62.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\3056.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\34F6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\3BE1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\BB6F.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\BC48.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\BC7A.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\BC87.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\BD10.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\BD6F.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\BE5F.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\BFC2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C38C.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C43E.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C44C.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C47A.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C5C9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C603.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C629.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C7EF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C91F.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C940.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C9B4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\C9FB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\CBF6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\CC11.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\CFF6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\wpv471239013964.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\663A.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\6A3B.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\6C55.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\6C79.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\6CB9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\6DC3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\7464.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\7490.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\75E1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\75F7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\8869.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\8E56.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\923F462B.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\9486.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\96C7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\9B2F.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\A346.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\A39B.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\A928.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\AF14.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\B52E.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\B6AE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\B6D9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\B72D.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\B74F.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\B8D2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\B9D6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\3FD1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\6335.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\BB36.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E0EA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E181.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E232.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E27B.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E3B7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E419.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E62F.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E70F.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E87A.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E8F4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D065.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D06D.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D20A.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D2C9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D3AF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D3DF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D430.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D4AC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D510.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D5EC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D679.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D88B.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\D9FD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\DA02.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\DAB2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\DBDB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\DC05.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\DC86.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\E035.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F16C.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F2A5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F3BA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F3EB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F498.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F56B.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F62C.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F747.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F813.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\F9EF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\FB75.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\FD55.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\FE75.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\EA7C.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\EB27.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\EBA7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\EBB7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\EDBB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\43E7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\48C.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\4C78.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\4F73.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\5C78.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\5DBD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\5E7B.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\5EC4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\5F1C.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\owner\Local Settings\Temp\TMP47.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\owner\Local Settings\Temp\wJQs.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\owner\Local Settings\Temp\pdfupd.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\digiwet.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\_ex-68.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\wpv691240228083.exe (Trojan.Agent) -> Quarantined and deleted successfully.
-OTL.txt-----------------------------
OTL logfile created on: 22.9.2009 21:39:59 - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\owner\My Documents\Niğurhal
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040F | Country: Iceland | Language: ISL | Date Format: d.M.yyyy
511,36 Mb Total Physical Memory | 148,27 Mb Available Physical Memory | 29,00% Memory free
1,22 Gb Paging File | 0,93 Gb Available in Paging File | 76,01% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 14,74 Gb Free Space | 39,56% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC241342958011
Current User Name: owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2004.05.15 18:27:50 | 00,397,312 | ---- | M] () -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2004.08.04 00:56:50 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2004.06.29 08:06:38 | 00,088,363 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
PRC - [2003.04.25 05:00:00 | 00,327,680 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2004.10.06 17:35:36 | 00,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004.10.06 17:35:36 | 00,688,218 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2002.12.17 19:40:22 | 00,049,152 | R--- | M] () -- C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
PRC - [2003.05.23 03:55:38 | 00,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\hphmon05.exe
PRC - [2005.08.10 12:49:20 | 00,163,840 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\VSO\mcvsshld.exe
PRC - [2005.08.11 22:02:44 | 00,053,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\VSO\oasclnt.exe
PRC - [2005.09.22 18:29:08 | 00,303,104 | ---- | M] (McAfee, Inc) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2005.11.11 17:00:56 | 01,005,096 | ---- | M] (McAfee Security) -- C:\Program Files\McAfee.com\Personal Firewall\MpfTray.exe
PRC - [2004.04.26 14:26:12 | 00,295,001 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\Thomson SpeedTouch\SpeedTouch 110g Wireless PC Card Monitor\PRISMSVR.EXE
PRC - [2006.08.16 01:12:00 | 00,024,576 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2006.09.06 17:01:00 | 00,032,768 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0230Mon.exe
PRC - [2005.07.08 18:16:16 | 00,483,328 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\VSO\McVSEscn.exe
PRC - [2009.01.06 13:06:36 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009.07.25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2006.09.06 09:42:00 | 00,143,360 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
PRC - [2006.10.18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
PRC - [2008.11.07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007.02.22 18:32:12 | 00,118,784 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
PRC - [2008.12.12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2003.04.06 00:37:10 | 00,323,646 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
PRC - [2003.04.06 01:06:58 | 00,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2009.07.25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2004.05.20 17:11:02 | 00,303,104 | ---- | M] () -- C:\Program Files\Thomson SpeedTouch\SpeedTouch 110g Wireless PC Card Monitor\st110g.exe
PRC - [2005.10.13 19:56:16 | 00,126,976 | ---- | M] (McAfee, Inc) -- c:\program files\mcafee.com\agent\mcdetect.exe
PRC - [2003.04.06 00:45:10 | 00,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
PRC - [2005.08.10 11:22:02 | 00,221,184 | ---- | M] (McAfee Inc.) -- c:\Program Files\McAfee.com\VSO\McShield.exe
PRC - [2005.08.24 16:01:04 | 00,122,368 | ---- | M] (McAfee, Inc) -- c:\Program Files\McAfee.com\Agent\McTskshd.exe
PRC - [2005.11.11 16:43:04 | 00,548,864 | ---- | M] (McAfee Corporation) -- C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe
PRC - [2002.09.21 00:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2009.01.06 13:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2003.05.14 20:45:04 | 00,065,795 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
PRC - [2005.11.11 16:42:12 | 00,524,288 | ---- | M] (McAfee Security) -- C:\Program Files\McAfee.com\Personal Firewall\MpfAgent.exe
PRC - [2003.04.06 00:55:04 | 00,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
PRC - [2009.09.11 10:41:49 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.09.22 21:38:25 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\owner\My Documents\Niğurhal\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2008.11.07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2004.07.15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2004.05.15 18:27:50 | 00,397,312 | ---- | M] () -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2008.12.12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2004.08.04 00:56:46 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009.01.06 13:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2004.08.04 00:56:44 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2009.07.25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (javaquickstarterservice [Auto | Running])
SRV - [2005.10.13 19:56:16 | 00,126,976 | ---- | M] (McAfee, Inc) -- c:\program files\mcafee.com\agent\mcdetect.exe -- (McDetect.exe [Auto | Running])
SRV - [2005.08.10 11:22:02 | 00,221,184 | ---- | M] (McAfee Inc.) -- c:\Program Files\McAfee.com\VSO\McShield.exe -- (McShield [Auto | Running])
SRV - [2005.08.24 16:01:04 | 00,122,368 | ---- | M] (McAfee, Inc) -- c:\Program Files\McAfee.com\Agent\McTskshd.exe -- (McTskshd.exe [Auto | Running])
SRV - [2005.07.01 19:22:50 | 00,245,760 | ---- | M] (McAfee, Inc) -- C:\Program Files\McAfee.com\Agent\mcupdmgr.exe -- (mcupdmgr.exe [On_Demand | Stopped])
SRV - [2005.11.11 16:43:04 | 00,548,864 | ---- | M] (McAfee Corporation) -- C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe -- (MpfService [Auto | Running])
SRV - [2003.07.28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2003.05.14 20:45:04 | 00,065,795 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Running])
SRV - File not found -- -- (RpcSsmcupdmgr.exe [Auto | Stopped])
SRV - [2001.08.14 07:18:36 | 00,054,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService [Auto | Stopped])
SRV - [2002.09.21 00:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default) [Auto | Running])
SRV - [2005.01.28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])
SRV - [2006.10.18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Stopped])
========== Driver Services (SafeList) ==========
DRV - [2003.03.13 18:34:48 | 00,100,224 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running])
DRV - [2004.10.08 01:16:04 | 00,035,840 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K [System | Running])
DRV - [2004.06.29 08:07:18 | 01,268,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2004.05.15 18:29:12 | 00,701,952 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2003.09.23 08:40:00 | 00,052,664 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB [On_Demand | Stopped])
DRV - [2007.11.08 16:59:01 | 00,136,704 | ---- | M] () -- C:\WINDOWS\catchme.exe -- (catchme [On_Demand | Stopped])
DRV - [2008.09.19 21:57:32 | 00,009,336 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp [System | Running])
DRV - [2008.09.19 21:57:32 | 00,009,464 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k [System | Running])
DRV - [2003.06.27 08:21:22 | 00,259,328 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp [System | Running])
DRV - [2003.06.27 08:21:24 | 00,021,993 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K [On_Demand | Stopped])
DRV - [2008.04.17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2002.11.19 02:20:44 | 00,030,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gv3.sys -- (gv3 [On_Demand | Running])
DRV - [2003.05.14 20:19:52 | 00,051,056 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
DRV - [2003.05.14 20:19:54 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
DRV - [2003.05.14 20:17:54 | 00,021,488 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
DRV - [2008.09.26 18:01:00 | 00,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard [On_Demand | Stopped])
DRV - [2006.09.08 19:29:34 | 00,015,781 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\mdc8021x.sys -- (MDC8021X [Auto | Running])
DRV - [2003.06.27 08:21:24 | 00,022,745 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K [On_Demand | Running])
DRV - [2005.11.11 16:43:52 | 00,080,640 | ---- | M] (McAfee) -- C:\WINDOWS\System32\Drivers\MpFirewall.sys -- (MPFIREWL [System | Running])
DRV - [2005.08.10 11:22:10 | 00,114,464 | ---- | M] (McAfee Inc.) -- C:\WINDOWS\System32\drivers\naiavf5x.sys -- (NaiAvFilter1 [On_Demand | Running])
DRV - [2002.11.12 20:00:00 | 00,066,816 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20021113.004\NAVENG.SYS -- (NAVENG [On_Demand | Stopped])
DRV - [2002.11.12 20:00:00 | 00,518,464 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20021113.004\NAVEX15.SYS -- (NAVEX15 [On_Demand | Stopped])
DRV - [2007.11.15 20:30:48 | 00,034,064 | ---- | M] (CACE Technologies) -- C:\WINDOWS\System32\drivers\npf.sys -- (npf [Auto | Running])
DRV - [2004.05.10 09:11:14 | 00,385,920 | R--- | M] (Thomson SpeedTouch) -- C:\WINDOWS\System32\DRIVERS\O4I01A.sys -- (O4I01A [On_Demand | Running])
DRV - [2003.03.31 19:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2003.06.27 08:21:24 | 00,118,409 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k [System | Running])
DRV - [2008.09.19 21:57:32 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2003.03.31 19:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
DRV - [2003.10.07 11:42:40 | 00,067,200 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys -- (RTL8023 [On_Demand | Running])
DRV - [2003.03.19 02:00:02 | 00,046,976 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\R8139n51.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2002.07.26 06:28:48 | 00,235,184 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SAVRT.SYS -- (SAVRT [On_Demand | Stopped])
DRV - [2002.07.26 06:28:54 | 00,034,992 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SAVRTPEL.SYS -- (SAVRTPEL [Auto | Running])
DRV - [2003.03.31 19:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2001.08.17 07:10:28 | 00,035,913 | ---- | M] (SMC) -- C:\WINDOWS\System32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Running])
DRV - [2003.05.28 01:05:42 | 00,578,304 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2002.11.14 00:46:50 | 00,073,480 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Stopped])
DRV - [2002.08.24 23:00:20 | 00,015,640 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV [On_Demand | Stopped])
DRV - [2002.08.24 23:00:24 | 00,181,400 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI [Auto | Running])
DRV - [2004.10.06 17:35:34 | 00,185,824 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2007.08.01 22:47:26 | 00,102,664 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm [Auto | Running])
DRV - [2003.06.27 08:21:24 | 00,213,120 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp [System | Running])
DRV - [2006.03.23 17:00:00 | 00,006,272 | R--- | M] (EyePower Games Pte. Ltd.) -- C:\WINDOWS\System32\DRIVERS\V0230Vfx.sys -- (V0230Vfx [On_Demand | Stopped])
DRV - [2006.09.28 17:01:00 | 00,500,480 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\V0230VID.sys -- (V0230VID [On_Demand | Stopped])
DRV - [2006.04.07 17:06:38 | 00,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\WINDOWS\System32\DRIVERS\VNUSB.sys -- (VNUSB [On_Demand | Stopped])
DRV - [2004.07.28 14:14:54 | 03,147,776 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\w22n51.sys -- (w22n51 [On_Demand | Stopped])
DRV - [2003.04.16 09:38:40 | 02,379,776 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\DRIVERS\w70n51.sys -- (w70n51 [On_Demand | Running])
DRV - [2003.05.06 19:46:38 | 00,026,240 | ---- | M] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\Drivers\WBSD.SYS -- (WBSD [On_Demand | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Update_Check_Page = http://www.microsoft.com/isapi/redir.dll?P...mp;Ar=ie5update
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mbl.is/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - URLSearchHook: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://mbl.is"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..network.proxy.no_proxies_on: "localho,t,127.0.0.1,*.local"
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.02.09 21:46:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\mozilla firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.09.11 12:00:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\mozilla firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.09.11 10:42:07 | 00,000,000 | ---D | M]
[2009.08.01 22:47:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\mozilla\Extensions
[2009.08.01 22:47:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.08.01 22:47:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\mozilla\Firefox\Profiles\tprrysgr.default\extensions
[2009.09.22 18:43:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.09.11 10:42:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.08.29 16:35:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.09.11 10:41:48 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.09.11 10:41:48 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009.07.25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009.09.11 10:41:53 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009.07.15 19:00:50 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009.07.15 19:00:50 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009.07.15 19:00:50 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009.07.15 19:00:50 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009.07.15 19:00:50 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009.07.15 19:00:50 | 00,001,718 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leit-is.xml
[2009.07.15 19:00:50 | 00,001,184 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-is.xml
[2009.07.15 19:00:50 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (290724 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100-- The nicest hobby on Earth ;) --links.com
O1 - Hosts: 127.0.0.1 100-- The nicest hobby on Earth ;) --links.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10015 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Softonic English Toolbar) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Softonic English Toolbar) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee VirusScan) - {BA52B914-B692-46c4-B683-905236F6F655} - c:\Program Files\McAfee.com\VSO\mcvsshl.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic English Toolbar) - {930F1200-F5F1-4870-BAC6-E233EC8E7023} - C:\Program Files\Softonic_English\tbSof1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe ()
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe ()
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MCAgentExe] c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc)
O4 - HKLM..\Run: [MCUpdateExe] C:\Program Files\McAfee.com\Agent\mcupdate.exe (McAfee, Inc)
O4 - HKLM..\Run: [MPFExe] C:\Program Files\McAfee.com\Personal Firewall\MpfTray.exe (McAfee Security)
O4 - HKLM..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PRISMSVR.EXE] C:\Program Files\Thomson SpeedTouch\SpeedTouch 110g Wireless PC Card Monitor\PRISMSVR.EXE (Conexant Systems, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe (McAfee, Inc.)
O4 - HKLM..\Run: [VSOCheckTask] C:\Program Files\McAfee.com\VSO\mcmnhdlr.exe (McAfee, Inc.)
O4 - HKCU..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SpeedTouch 110g Wireless PC Card Monitor.lnk = C:\Program Files\Thomson SpeedTouch\SpeedTouch 110g Wireless PC Card Monitor\st110g.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Back = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Forward = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Stop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Refresh = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Search = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_History = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Favorites = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Media = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Folders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_MailNews = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Size = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Discussions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_PrintPreview = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.com/v5co...b?1095071816354 (WUWebControl Class)
O16 - DPF: {8ad9c840-044e-11d1-b3e9-00805f499d93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {cafeefac-0016-0000-0015-abcdeffedcba} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {cafeefac-ffff-ffff-ffff-abcdeffedcba} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {e2883e8f-472f-4fb0-9522-ac9bf37916a7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O29 - HKLM SecurityProviders - (digiwet.dll) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.12 17:04:54 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{499f4b10-2dd5-11de-803f-0030f1e393e6}\Shell - "" = AutoRun
O33 - MountPoints2\{499f4b10-2dd5-11de-803f-0030f1e393e6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{499f4b10-2dd5-11de-803f-0030f1e393e6}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009.09.22 20:47:23 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.09.22 20:47:20 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.09.22 20:47:17 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.09.22 20:47:16 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.08.29 16:35:02 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009.08.29 16:35:02 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009.08.29 16:35:02 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009.05.24 21:57:22 | 00,095,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\b494ec3c.sys
[2009.05.03 11:50:21 | 00,103,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\be8e3a.sys
[2009.04.27 11:06:32 | 00,093,308 | ---- | C] () -- C:\WINDOWS\System32\drivers\e11a5ff1.sys
[2009.01.18 23:23:03 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.01.09 00:13:15 | 00,000,102 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.09.19 21:57:34 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.09.19 21:55:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008.09.19 21:55:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008.09.19 21:54:18 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008.05.20 23:51:13 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32.dll
[2008.02.06 23:27:40 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\OdiOlDVR.dll
[2008.02.06 23:27:40 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\OdiAPI.dll
[2007.11.14 00:38:14 | 00,000,411 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007.11.12 20:07:16 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\mabad.dll
[2006.12.28 21:30:42 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.11.29 00:12:27 | 00,000,073 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006.09.08 21:41:54 | 00,561,152 | R--- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2006.04.22 23:00:10 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004.05.15 18:27:54 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003.11.27 21:57:24 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2003.11.27 21:54:42 | 00,000,137 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003.11.27 21:41:54 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003.11.27 21:40:42 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003.06.19 15:18:18 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003.06.19 15:08:46 | 00,000,658 | ---- | C] () -- C:\WINDOWS\win.ini
[2003.06.19 08:00:44 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003.03.31 19:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003.01.07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== Files - Modified Within 30 Days ==========
[5 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009.09.22 21:46:15 | 00,103,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\be8e3a.sys
[2009.09.22 21:46:15 | 00,095,936 | ---- | M] () -- C:\WINDOWS\System32\drivers\b494ec3c.sys
[2009.09.22 21:46:15 | 00,093,308 | ---- | M] () -- C:\WINDOWS\System32\drivers\e11a5ff1.sys
[2009.09.22 21:18:46 | 00,122,464 | ---- | M] () -- C:\WINDOWS\System32\Status.MPF
[2009.09.22 21:18:30 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.09.22 21:17:57 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.09.22 21:17:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.09.22 21:17:52 | 53,626,8800 | -HS- | M] () -- C:\hiberfil.sys
[2009.09.22 20:47:23 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.09.22 20:39:54 | 00,000,488 | ---- | M] () -- C:\hpfr5550.xml
[2009.09.16 10:38:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009.09.14 20:16:26 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009.09.14 12:31:35 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\Microsoft Office Word 2003.lnk
[2009.09.10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.09.10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.09.07 10:47:25 | 00,000,487 | --S- | M] () -- C:\WINDOWS\System32\2819856828.dat
========== LOP Check ==========
[2009.07.28 09:41:15 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009.02.08 15:38:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2006.09.08 19:02:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2007.11.21 00:05:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2006.09.08 19:30:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Prism
[2009.01.18 23:18:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009.08.03 17:07:22 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\owner\Application Data
[2008.12.07 15:13:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\dvdcss
[2006.09.08 19:16:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\InterVideo
[2009.05.25 14:14:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\Move Networks
[2007.12.23 18:07:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\MSN6
[2007.11.21 00:19:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\muvee Technologies
[2009.08.03 17:07:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\Thunderbird
[2009.09.16 10:38:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2003.03.31 02:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2006.12.11 21:53:52 | 00,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1157752344.job
[2009.09.22 21:17:57 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4829695F
< End of report >
Extras.txt-----------------------------------------------------------
OTL Extras logfile created on: 22.9.2009 21:40:00 - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\owner\My Documents\Niğurhal
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040F | Country: Iceland | Language: ISL | Date Format: d.M.yyyy
511,36 Mb Total Physical Memory | 148,27 Mb Available Physical Memory | 29,00% Memory free
1,22 Gb Paging File | 0,93 Gb Available in Paging File | 76,01% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 14,74 Gb Free Space | 39,56% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC241342958011
Current User Name: owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = SafariHTML] -- C:\Program Files\Safari\Safari.exe (Apple Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Safari\Safari.exe" -url "%1" (Apple Inc.)
https [open] -- "C:\Program Files\Safari\Safari.exe" -url "%1" (Apple Inc.)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\mcafeeantivirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\mcafeefirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\SightSpeed\SightSpeed.exe" = C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed -- (SightSpeed Inc.)
"C:\Documents and Settings\owner\Desktop\STHIWupgradeBeta\STHIWupgradeBeta\STHIWupgradeBeta\upgradeST.exe" = C:\Documents and Settings\owner\Desktop\STHIWupgradeBeta\STHIWupgradeBeta\STHIWupgradeBeta\upgradeST.exe:*:Enabled:SpeedTouch Setup Wizard -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 15
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery DesignPro
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}" = Easy CD & DVD Creator 6
"{582D2A53-F426-4C5E-A2E6-43C1AB36B907}" = Safari
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{6FA269F8-38CB-4DF7-AA0D-36E3CE789485}" = HP Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{76B78008-3832-42FD-AE55-C8F946ED3C7E}" = muvee autoProducer 4.1
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BBD57D6-09B1-4CC3-9664-A0D53EE25247}" = PSShortcutsP
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91A2AE33-EED3-4069-9C11-E1D35141A35C}" = SpeedTouch 110g Wireless PC Card
"{93FB47FB-4FDF-4131-B5FD-7A37883868E7}" = hp psc 2170 series
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F419D20A-7719-4639-8E30-C073A040D878}" = HP Deskjet Preloaded Printer Drivers
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{FB91E774-867B-4567-ACE7-8144EF036068}" = Olympus Digital Wave Player
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"adobe flash player activex" = Adobe Flash Player 10 ActiveX
"adobe flash player plugin" = Adobe Flash Player 10 Plugin
"Advanced Video FX Engine" = Advanced Video FX Engine
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"ATI Display Driver" = ATI Display Driver
"AU7_is1" = Advanced Uninstaller PRO 2006 - version 7
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Creative Live! Cam Video IM Pro User's Guide English" = Creative Live! Cam Video IM Pro User's Guide (English)
"Creative Photo Calendar" = Creative Photo Calendar
"Creative Photo Manager" = Creative Photo Manager
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0230" = Creative Live! Cam Video IM Pro Driver (1.01.03.0928)
"HP PSC 2170 Series" = HP Photo and Imaging 2.0 - hp psc 2170 series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{91A2AE33-EED3-4069-9C11-E1D35141A35C}" = SpeedTouch 110g Wireless Cardbus Adapter
"InterActual Player" = InterActual Player
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"malwarebytes' anti-malware_is1" = Malwarebytes' Anti-Malware
"McAfee Personal Firewall Plus" = McAfee Personal Firewall Plus
"Mcafee SecurityCenter" = McAfee SecurityCenter
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"mozilla firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SightSpeed" = SightSpeed (remove only)
"Siminn" = Siminn
"Softonic_English Toolbar" = Softonic_English Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SysInfo" = Creative System Information
"VirusScan Online" = McAfee VirusScan
"VLC media player" = VLC media player 0.9.6
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.9.2009 15:04:23 | Computer Name = PC241342958011 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3802, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 21.9.2009 15:04:59 | Computer Name = PC241342958011 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3523, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 21.9.2009 15:06:23 | Computer Name = PC241342958011 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3523, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 22.9.2009 14:32:00 | Computer Name = PC241342958011 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3802, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 22.9.2009 14:32:40 | Computer Name = PC241342958011 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3523, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 22.9.2009 15:13:14 | Computer Name = PC241342958011 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3802, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 22.9.2009 15:16:01 | Computer Name = PC241342958011 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3802, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 22.9.2009 15:19:44 | Computer Name = PC241342958011 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3802, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 22.9.2009 15:20:47 | Computer Name = PC241342958011 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3802, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 22.9.2009 16:27:18 | Computer Name = PC241342958011 | Source = Application Error | ID = 1000
Description = Faulting application hposts08.exe, version 4.2.0.20, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00043345.
[ System Events ]
Error - 21.9.2009 14:32:03 | Computer Name = PC241342958011 | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 21.9.2009 14:33:20 | Computer Name = PC241342958011 | Source = WMPNetworkSvc | ID = 866293
Description = Service 'WMPNetworkSvc' did not start correctly because QueryService
encountered error '0x80004002'. In Windows Media Player, turn off media sharing,
and then turn it back on.
Error - 21.9.2009 15:08:26 | Computer Name = PC241342958011 | Source = WMPNetworkSvc | ID = 866293
Description = Service 'WMPNetworkSvc' did not start correctly because QueryService
encountered error '0x80004002'. In Windows Media Player, turn off media sharing,
and then turn it back on.
Error - 21.9.2009 15:08:31 | Computer Name = PC241342958011 | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 21.9.2009 15:09:53 | Computer Name = PC241342958011 | Source = WMPNetworkSvc | ID = 866293
Description = Service 'WMPNetworkSvc' did not start correctly because QueryService
encountered error '0x80004002'. In Windows Media Player, turn off media sharing,
and then turn it back on.
Error - 22.9.2009 13:51:11 | Computer Name = PC241342958011 | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 22.9.2009 13:51:15 | Computer Name = PC241342958011 | Source = WMPNetworkSvc | ID = 866293
Description = Service 'WMPNetworkSvc' did not start correctly because QueryService
encountered error '0x80004002'. In Windows Media Player, turn off media sharing,
and then turn it back on.
Error - 22.9.2009 13:53:12 | Computer Name = PC241342958011 | Source = WMPNetworkSvc | ID = 866293
Description = Service 'WMPNetworkSvc' did not start correctly because QueryService
encountered error '0x80004002'. In Windows Media Player, turn off media sharing,
and then turn it back on.
Error - 22.9.2009 17:18:23 | Computer Name = PC241342958011 | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 22.9.2009 17:18:25 | Computer Name = PC241342958011 | Source = WMPNetworkSvc | ID = 866293
Description = Service 'WMPNetworkSvc' did not start correctly because QueryService
encountered error '0x80004002'. In Windows Media Player, turn off media sharing,
and then turn it back on.
< End of report >
checkup.txt--------------------------------------------
Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 2
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
McAfee VirusScan
McAfee Personal Firewall Plus
McAfee SecurityCenter
Antivirus out of date!
``````````````````````````````
Anti-malware/Other Utilities Check:
Java™ 6 Update 15
Java 2 Runtime Environment, SE v1.4.2
Adobe Flash Player 10
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
`````````End of Log```````````