Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
     
 
 Closed TopicStart new topic
Win32/Adware.Virtumonde and Win32/PrivacyRemover.m64 [CLOSED]
JudyPhx
post Sep 1 2008, 10:53 AM
Post #1


New Member
*
Posts: 9
OS: XP
Hello,

The PC kept shutting down and a window announcing those spyware/virus files kept showing up. By reading the info on this forum I believe I have eliminated the initial problem. Thanks so much for the info you provide here.
I ran ATF Cleaner
Created system restore point
I dowloaded ERUNT
I ran anti-malware
I cleaned out all temp files, etc.
Updated Windows
I uninstalled and then reinstalled McAfee.

At this point the computer doesn't reboot itself anymore, but it sometimes takes several times of manual rebooting to get it to load up properly, and when it does it is incredilbly slow.

So here's my log. Thanks for any assistance you can provide.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:41:06 AM, on 9/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\JupitCo.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MozyHome\mozystat.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://phoenix.about.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;0uzry;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: scriptproxy - {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [USB SECURITY DEVICE CoInstaller] JupitCo.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: (no name) - {9239E4EC-C9A6-11D2-A844-00C04F68D538} - (no file)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...96/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (mcnasvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (mcods) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (mcproxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (mcshield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (mcsysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Unknown owner - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: McAfee Personal Firewall Service (mpfservice) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - http://www.mich.com/~donson/pg164.jpg

--
End of file - 8103 bytes
Go to the top of the page
 
+Quote Post
SpySentinel
post Sep 5 2008, 03:45 PM
Post #2


Trusted Helper
Group Icon
Posts: 1,894
From: The United States
OS: Windows XP SP2
Hey JudyPhx,

Welcome to Geeks to Go! My name is SpySentinel and I will be helping you fix your computer problem.

Sorry for the delay, we have been really busy lately.

Take note that I'm still in training, and my posts will have to be checked by an expert. This may cause delays in between my responses, I ask for your patience. Please stick with me until we get your computer cleaned up.

I'm currently analyzing your log now, and I'll post back with a fix ASAP. Thanks for your patience.
Go to the top of the page
 
+Quote Post
JudyPhx
post Sep 5 2008, 04:06 PM
Post #3


New Member
*
Posts: 9
OS: XP
No problem. I appreciate that you are taking a look.
Go to the top of the page
 
+Quote Post
SpySentinel
post Sep 5 2008, 04:44 PM
Post #4


Trusted Helper
Group Icon
Posts: 1,894
From: The United States
OS: Windows XP SP2
Hey JudyPhx, your HJT log looks ok, lets dry to dig a bit deeper:

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Go to the top of the page
 
+Quote Post
JudyPhx
post Sep 5 2008, 06:05 PM
Post #5


New Member
*
Posts: 9
OS: XP
Hey SpySentinel,

I can't do it. I tried a couple of times.

AutoIt Error
Line: -1
Error: Recursion level has been exceeded. AutoIt will quit to prevent stack overflow.

What else ya got??
Go to the top of the page
 
+Quote Post
SpySentinel
post Sep 6 2008, 03:15 PM
Post #6


Trusted Helper
Group Icon
Posts: 1,894
From: The United States
OS: Windows XP SP2
Lets try this:


Download OTViewIt to your desktop.
  • Close all windows and open it
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
  • You may need to use two posts to get it all on the forum
Go to the top of the page
 
+Quote Post
JudyPhx
post Sep 6 2008, 05:50 PM
Post #7


New Member
*
Posts: 9
OS: XP
Thanks. Here ya go:

OTViewIt logfile created on: 9/6/2008 4:45:57 PM - Run 1
OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Judy\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

253.98 Mb Total Physical Memory | 52.72 Mb Available Physical Memory | 20.76% Memory free
624.99 Mb Paging File | 273.93 Mb Available in Paging File | 43.83% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 21.88 Gb Free Space | 58.80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JUDYPC
Current User Name: Judy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On

===== Processes - Non-Microsoft Only =====

[10/15/2007 12:22 PM | 00,087,344 | ---- | M] () - C:\Program Files\MozyHome\mozybackup.exe
[08/13/2003 09:27 AM | 00,028,672 | ---- | M] (Dell - Advanced Desktop Engineering) - C:\WINDOWS\SYSTEM32\DSentry.exe
[05/27/2004 08:05 PM | 00,323,584 | ---- | M] (Dell) - C:\Program Files\Common Files\Dell\EUSW\Support.exe
[11/21/2002 09:50 AM | 00,037,888 | ---- | M] (Logitech Inc.) - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
[03/14/2002 08:04 PM | 00,028,672 | ---- | M] (Prolific Technology Inc.) - C:\WINDOWS\SYSTEM32\JupitCo.exe
[07/03/2001 09:17 AM | 00,065,536 | ---- | M] () - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
[10/07/2003 04:20 PM | 00,352,256 | ---- | M] ( ) - C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
[07/14/2008 08:26 AM | 02,311,472 | ---- | M] () - C:\Program Files\MozyHome\mozystat.exe

===== Win32 Services - Non-Microsoft Only =====

(mozybackup) MozyHome Backup Service [Auto | Running]
[10/15/2007 12:22 PM | 00,087,344 | ---- | M] () - C:\Program Files\MozyHome\mozybackup.exe

===== Driver Services - Non-Microsoft Only =====

(45a9f0aa) 45a9f0aa [System | Stopped]
[08/24/2008 05:16 PM | 00,000,000 | ---- | M] () - C:\WINDOWS\SYSTEM32\DRIVERS\45a9f0aa.sys

(6d9cba3) 6d9cba3 [System | Stopped]
[08/24/2008 05:16 PM | 00,000,000 | ---- | M] () - C:\WINDOWS\SYSTEM32\DRIVERS\6d9cba3.sys

(CoachUsb) Dual Mode Digital Camera on USB [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\DRIVERS\CoachUsb.sys

(Dual Mode) Dual Mode Video Capture [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\DRIVERS\CoachVc.sys

(iAimTV2) iAimTV2 [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\DRIVERS\wATV03nt.sys

(JUPITER) USB SECURITY DEVICE [Auto | Stopped]
[04/23/2002 02:04 PM | 00,006,528 | ---- | M] () - C:\WINDOWS\SYSTEM32\DRIVERS\Jupiter.sys

(L8042pr2) Logitech PS/2 Mouse Filter Driver [On_Demand | Stopped]
[11/08/2002 02:50 AM | 00,052,238 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\L8042pr2.Sys

(LHidFlt2) Logitech HID/USB Mouse Filter Driver [On_Demand | Running]
[11/08/2002 02:50 AM | 00,023,838 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\LHIDFLT2.SYS

(LMouFlt2) Logitech Mouse Class Filter Driver [On_Demand | Running]
[11/08/2002 02:50 AM | 00,070,238 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\LMouFlt2.Sys

(mozyFilter) mozyFilter [System | Running]
[07/14/2008 08:25 AM | 00,053,752 | ---- | M] (Mozy, Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\mozy.sys

(mraid35x) mraid35x [Disabled | Stopped]
[08/17/2001 12:52 PM | 00,017,280 | ---- | M] (American Megatrends Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS

(Sparrow) Sparrow [Disabled | Stopped]
[08/17/2001 01:07 PM | 00,019,072 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\SPARROW.SYS

(wanatw) WAN Miniport (ATW) [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\DRIVERS\wanatw4.sys

(Wdm1) USB Bridge Cable Driver [On_Demand | Stopped]
[11/09/2001 05:48 PM | 00,015,576 | ---- | M] () - C:\WINDOWS\SYSTEM32\DRIVERS\usbbc.sys

========== Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DeviceDiscovery" = C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe [05/21/2003 06:37 PM | 00,229,437 | ---- | M] (Hewlett-Packard)
"dla" = C:\WINDOWS\system32\dla\tfswctrl.exe [08/06/2003 12:04 AM | 00,114,741 | ---- | M] (Sonic Solutions)
"DVDSentry" = C:\WINDOWS\System32\DSentry.exe [08/13/2003 09:27 AM | 00,028,672 | ---- | M] (Dell - Advanced Desktop Engineering)
"DwlClient" = C:\Program Files\Common Files\Dell\EUSW\Support.exe [05/27/2004 08:05 PM | 00,323,584 | ---- | M] (Dell)
"HP Component Manager" = "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [05/12/2004 03:18 PM | 00,241,664 | ---- | M] (Hewlett-Packard Company)
"HP Software Update" = "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [06/25/2003 11:24 AM | 00,049,152 | ---- | M] (Hewlett-Packard)
"HPDJ Taskbar Utility" = C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [01/05/2004 12:30 AM | 00,176,128 | ---- | M] (HP)
"igfxhkcmd" = C:\WINDOWS\system32\hkcmd.exe [09/20/2005 09:32 AM | 00,077,824 | ---- | M] (Intel Corporation)
"igfxpers" = C:\WINDOWS\system32\igfxpers.exe [09/20/2005 09:36 AM | 00,114,688 | ---- | M] (Intel Corporation)
"igfxtray" = C:\WINDOWS\system32\igfxtray.exe [09/20/2005 09:35 AM | 00,094,208 | ---- | M] (Intel Corporation)
"iTunesHelper" = "C:\Program Files\iTunes\iTunesHelper.exe" [06/02/2008 11:13 AM | 00,267,048 | ---- | M] (Apple Inc.)
"Logitech Utility" = Logi_MwX.Exe [11/08/2002 02:50 AM | 00,019,968 | ---- | M] (Logitech Inc.)
"mcagent_exe" = C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [11/01/2007 07:12 PM | 00,582,992 | ---- | M] (McAfee, Inc.)
"PCMService" = "C:\Program Files\Dell\Media Experience\PCMService.exe" [08/26/2003 06:47 PM | 00,204,800 | ---- | M] (CyberLink Corp.)
"QuickTime Task" = "C:\Program Files\QuickTime\QTTask.exe" -atboottime [05/27/2008 10:50 AM | 00,413,696 | ---- | M] (Apple Inc.)
"Share-to-Web Namespace Daemon" = C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [07/03/2001 09:11 AM | 00,057,344 | ---- | M] (Hewlett-Packard)
"TkBellExe" = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [12/13/2003 05:30 PM | 00,151,597 | ---- | M] (RealNetworks, Inc.)
"UpdateManager" = "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r [08/19/2003 01:01 AM | 00,110,592 | ---- | M] (Sonic Solutions)
"USB SECURITY DEVICE CoInstaller" = JupitCo.exe [03/14/2002 08:04 PM | 00,028,672 | ---- | M] (Prolific Technology Inc.)
"UserFaultCheck" = %systemroot%\system32\dumprep 0 -u File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.

========== Startup Folders ==========

[All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
[09/16/2003 05:19 AM | 00,237,568 | ---- | M] (Hewlett-Packard Co.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[07/14/2008 08:26 AM | 02,311,472 | ---- | M] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe

[Judy Startup Folder - C:\Documents and Settings\Judy\Start Menu\Programs\Startup]

========== BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
HKLM CLSID: (AcroIEHlprObj Class) - [11/03/2003 02:17 PM | 00,054,248 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
HKLM CLSID: (DriveLetterAccess) - [08/06/2003 12:04 AM | 00,106,548 | ---- | M] (Sonic Solutions) C:\WINDOWS\SYSTEM32\dla\tfswshx.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7db2d5a0-7241-4e79-b68d-6309f01c5231}]
HKLM CLSID: (scriptproxy) - [11/09/2007 12:09 PM | 00,058,688 | ---- | M] (McAfee, Inc.) C:\Program Files\McAfee\VirusScan\scriptsn.dll

========== Toolbars ==========

========== AppInit_Dlls ==========

========== HKLM Security Providers ==========

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
= Explorer.exe
>Explorer.exe - [06/13/2007 03:23 AM | 01,033,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
= C:\WINDOWS\system32\userinit.exe,
>C:\WINDOWS\system32\userinit.exe - [08/04/2004 12:56 AM | 00,024,576 | ---- | M] (Microsoft Corporation) C:\WINDOWS\SYSTEM32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
= logonui.exe
>logonui.exe - [08/04/2004 12:56 AM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\SYSTEM32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
= rundll32 shell32,Control_RunDLL "sysdm.cpl"
>rundll32 shell32 - [10/25/2007 08:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\SYSTEM32\shell32.dll
>Control_RunDLL "sysdm.cpl" - [08/04/2004 12:56 AM | 00,298,496 | ---- | M] (Microsoft Corporation) C:\WINDOWS\SYSTEM32\sysdm.cpl

========== User's Winlogon Settings ==========

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
"DllName" = C:\WINDOWS\SYSTEM32\igfxdev.dll [09/20/2005 09:31 AM | 00,135,168 | ---- | M] (Intel Corporation)

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
Unable to open key or key not present!


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"NoDispBackgroundPage" = 0
"NoDispScrSavPage" = 0

========== Lsa Authentication Packages ==========

========== Lsa Security Packages ==========

========== Desktop Components ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"FriendlyName" = ""
"Source" = "http://www.mich.com/~donson/pg164.jpg"
"SubscribedURL" = "http://www.mich.com/~donson/pg164.jpg"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"FriendlyName" = "My Current Home Page"
"Source" = "About:Home"
"SubscribedURL" = "About:Home"

========== Safeboot Options ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

========== Disabled MsConfig Items ==========
Unable to open key or key not present!


========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[09/03/2002 07:59 AM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb5c8f8-3fc4-11dc-89ee-000d567f5ab0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10e50b22-bb89-11d9-8661-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65b34588-9f21-11d9-8626-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75b660a2-7d04-11dc-8a47-000d567f5ab0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f11446d-db57-11d8-8479-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8392bffc-3455-11d9-8529-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9b7e67b3-5009-11da-86fd-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa8c95f3-4378-11d8-836f-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa8c95f4-4378-11d8-836f-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa8c95f5-4378-11d8-836f-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa8c95f6-4378-11d8-836f-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bea154f0-42b5-11d8-8366-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{efff148e-485b-11d8-837b-00038a000015}\Shell]
"" = None

========== DNS Name Servers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{6E0FF0AA-E2A7-42AE-9F10-5CCA127348FB}]
Servers: | Description: Broadcom 440x 10/100 Integrated Controller

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{F9EF799D-8327-491C-9F9E-3D467FE25B9B}]
Servers: | Description:

========== Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost



========== Files/Folders - Created Within 30 days ==========

[09/05/2008 04:16 PM | ---D | C] - C:\rsit
[08/22/2008 02:45 PM | 00,000,000 | ---- | C] () - C:\WINDOWS\System32\drivers\6d9cba3.sys
[08/22/2008 03:09 PM | 00,000,000 | ---- | C] () - C:\WINDOWS\System32\drivers\45a9f0aa.sys
[1 C:\WINDOWS\System32\*.tmp files]
[08/22/2008 05:31 PM | 00,008,073 | ---- | C] () - C:\WINDOWS\System32\Config.MPF
[09/03/2008 11:17 AM | ---D | C] - C:\WINDOWS\System32\CatRoot_bak
[2 C:\WINDOWS\*.tmp files]
[08/22/2008 04:43 PM | ---D | C] - C:\WINDOWS\ERDNT
[08/22/2008 05:26 PM | 00,000,330 | ---- | C] () - C:\WINDOWS\tasks\McQcTask.job
[08/22/2008 05:26 PM | 00,000,338 | ---- | C] () - C:\WINDOWS\tasks\McDefragTask.job
[08/22/2008 04:00 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[08/22/2008 04:00 PM | ---D | C] - C:\Documents and Settings\Judy\Application Data\Malwarebytes
[08/22/2008 04:00 PM | 00,000,696 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[08/22/2008 05:30 PM | 00,000,671 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[08/22/2008 04:41 PM | 00,791,393 | ---- | C] (Lars Hederer ) - C:\Documents and Settings\Judy\Desktop\erunt_setup.exe
[08/22/2008 04:42 PM | 00,000,592 | ---- | C] () - C:\Documents and Settings\Judy\Desktop\ERUNT.lnk
[09/01/2008 09:40 AM | 00,001,734 | ---- | C] () - C:\Documents and Settings\Judy\Desktop\HijackThis.lnk
[09/05/2008 04:41 PM | 00,304,189 | ---- | C] () - C:\Documents and Settings\Judy\Desktop\RSIT.exe
[08/22/2008 05:23 PM | ---D | C] - C:\Program Files\Common Files\McAfee
[08/22/2008 03:13 PM | ---D | C] - C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[08/22/2008 04:00 PM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware
[08/22/2008 04:42 PM | ---D | C] - C:\Program Files\ERUNT
[08/22/2008 05:00 PM | 00,000,336 | ---- | C] () - C:\Program Files\temp995.bat
[08/22/2008 05:23 PM | ---D | C] - C:\Program Files\McAfee
[09/01/2008 09:40 AM | ---D | C] - C:\Program Files\Trend Micro

========== Files - Modified Within 30 days ==========

[09/06/2008 04:39 PM | 26,639,1552 | -HS- | M] () - C:\hiberfil.sys
[08/24/2008 05:16 PM | 00,000,000 | ---- | M] () - C:\WINDOWS\System32\drivers\45a9f0aa.sys
[08/24/2008 05:16 PM | 00,000,000 | ---- | M] () - C:\WINDOWS\System32\drivers\6d9cba3.sys
[1 C:\WINDOWS\System32\*.tmp files]
[09/05/2008 03:31 PM | 00,001,170 | ---- | M] () - C:\WINDOWS\System32\WPA.DBL
[09/06/2008 04:43 PM | 00,008,073 | ---- | M] () - C:\WINDOWS\System32\Config.MPF
[2 C:\WINDOWS\*.tmp files]
[08/12/2008 08:30 PM | 00,001,374 | ---- | M] () - C:\WINDOWS\imsins.BAK
[08/29/2008 11:02 PM | 00,001,446 | ---- | M] () - C:\WINDOWS\mozy.flt
[08/29/2008 11:02 PM | 00,003,034 | ---- | M] () - C:\WINDOWS\mozy.blk
[09/06/2008 03:06 PM | 27,911,8848 | ---- | M] () - C:\WINDOWS\outlook.pst
[09/06/2008 04:39 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\BOOTSTAT.DAT
[08/18/2008 08:36 AM | 00,000,284 | ---- | M] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/22/2008 05:26 PM | 00,000,330 | ---- | M] () - C:\WINDOWS\tasks\McQcTask.job
[08/22/2008 05:26 PM | 00,000,338 | ---- | M] () - C:\WINDOWS\tasks\McDefragTask.job
[09/06/2008 04:40 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT
[08/28/2008 05:25 PM | 00,011,776 | ---- | M] () - C:\Documents and Settings\Judy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[09/06/2008 03:06 PM | 07,096,636 | -H-- | M] () - C:\Documents and Settings\Judy\Local Settings\Application Data\IconCache.db
[08/22/2008 04:00 PM | 00,000,696 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[08/22/2008 05:30 PM | 00,000,671 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[08/22/2008 04:42 PM | 00,000,592 | ---- | M] () - C:\Documents and Settings\Judy\Desktop\ERUNT.lnk
[08/22/2008 04:42 PM | 00,791,393 | ---- | M] (Lars Hederer ) - C:\Documents and Settings\Judy\Desktop\erunt_setup.exe
[09/01/2008 09:40 AM | 00,001,734 | ---- | M] () - C:\Documents and Settings\Judy\Desktop\HijackThis.lnk
[09/05/2008 04:41 PM | 00,304,189 | ---- | M] () - C:\Documents and Settings\Judy\Desktop\RSIT.exe
[08/14/2008 04:44 PM | 00,000,642 | ---- | M] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk

< End of report >


EXTRAS


OTViewIt Extras logfile created on: 9/6/2008 4:45:57 PM - Run 1
OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Judy\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

253.98 Mb Total Physical Memory | 52.72 Mb Available Physical Memory | 20.76% Memory free
624.99 Mb Paging File | 273.93 Mb Available in Paging File | 43.83% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 21.88 Gb Free Space | 58.80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\mcafeeantivirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[08/04/2004 12:56 AM | 00,140,800 | ---- | M] (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[10/10/2006 05:44 AM | 00,557,568 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[08/04/2004 12:56 AM | 00,140,800 | ---- | M] (Microsoft Corporation)

"C:\Program Files\WS_FTP Pro\ftp95pro.exe" = C:\Program Files\WS_FTP Pro\ftp95pro.exe:*:Enabled:WS_FTP 95
[08/16/1999 11:03 AM | 00,534,016 | ---- | M] (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)

"C:\WINDOWS\SYSTEM32\mshta.exe" = C:\WINDOWS\SYSTEM32\mshta.exe:*:Enabled:Microsoft ® HTML Application host
[08/13/2007 06:32 PM | 00,045,568 | ---- | M] (Microsoft Corporation)

"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client
[02/15/2005 10:36 AM | 00,565,248 | ---- | M] (Hewlett-Packard)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[10/10/2006 05:44 AM | 00,557,568 | ---- | M] (Microsoft Corporation)

"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax
[03/05/2008 11:29 PM | 10,343,712 | ---- | M] (Intuit, Inc.)

"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager
[10/22/2007 06:56 PM | 03,597,600 | ---- | M] (Intuit, Inc.)

"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[06/02/2008 11:13 AM | 20,638,504 | ---- | M] (Apple Inc.)

"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
[01/25/2008 01:38 AM | 02,458,128 | ---- | M] (McAfee, Inc.)

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] - "%1" %*
.cmd [@ = cmdfile] - "%1" %*
.com [@ = comfile] - "%1" %*
.exe [@ = exefile] - "%1" %*
.pif [@ = piffile] - "%1" %*
.scr [@ = scrfile] - "%1" %*

========== Winsock2 Catalogs ==========

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


========== HKEY_CURRENT_USER Protocol Defaults ==========


========== Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

cetihpz:{CF184AD3-CDCB-4168-A3F7-8E447D129300} [HKLM - CZipHandler Object]
[05/12/2004 03:18 PM | 00,081,920 | ---- | M] (Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
ipp: [HKLM - No CLSID value]
msdaipp: [HKLM - No CLSID value]

========== Protocol Filters ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Camera Window DS
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{0FABD3D7-3036-4e78-B29D-58957ADB0A12}" = HP PSC & OfficeJet 3.5
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{133CD5EF-A4A1-442a-8D50-910B5DEF76BD}" = 4200_Help
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{24C8FBF7-26C6-48ca-834B-A4E5C09E362F}" = AiO_Scan
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2E877A9F-7584-416E-9271-63F3B1D8F27B}" = TaxCut Arizona 2007
"{300D9EF4-2721-4cb4-A6C3-FB2337CFEA2D}" = AIOMinimal
"{34611BCF-3157-405b-A34E-879C7DC79142}" = 4200
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{37477865-A3F1-4772-AD43-AAFC6BCFF99F}" = MSXML 4.0 SP2 (KB927978)
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{43FCA273-9534-40DB-B7C5-D7758875616A}" = Dell Support
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{468190DA-FB4C-45BA-8E40-4B165FF1A939}" = BACS
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Camera Window DVC
"{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8}" = Quicken 2004
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.75
"{595D0DE8-C38A-4432-B851-47DECC1A99BD}" = HP Unload DLL Patch
"{63F2408D-A675-4d97-A256-70EACB6B9B4A}" = AiOSoftware
"{663E217E-FC26-4249-9E8E-F190CD63E737}" = TaxCut Premium + State 2007
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A2A8FC-2CA0-4b6c-BE09-CC7ABE2A8DDC}" = 4200Trb
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Camera Window MC
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7EB597B1-9F63-4CA7-9CC5-1DADF9FFC8CD}" = USB-Flash Driver
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}" = PhotoStitch
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Camera Access Library
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{9A0DCD97-9648-45ed-A52C-133C728AB2FF}" = 4200Tour
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9B79DCB0-AAD7-456B-8D07-433C936FA24B}" = DS21Patch
"{9F70BF98-003C-491D-81FC-FF9792206AF0}" = iTunes
"{A1D0D14A-B776-4907-BC00-5149F2298086}" = Camera Support Core Library
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Camera Window DVC
"{A4004E8B-6A95-4FA4-AA05-731FC6510474}" = Family Tree Maker 2005
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AF226123-1A6F-4ec1-8DEF-E35E7A0D0127}" = Fax
"{B147DC1B-49B3-4368-8A01-5AD9992CD58D}" = MovieEdit Task
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}" = Canon PhotoRecord
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181)
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX (E)
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{D186329B-1B4D-408D-ABEC-EA5CE1F182C9}" = Overland
"{E0828692-FD9D-459F-9312-C645C3CA6650}" = HP Photo and Imaging 2.0 - Deskjet Series
"{E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A}" = PhotoGallery
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"{FEDA56C4-82F3-46DD-8B50-FC592BBE1C0D}" = hp deskjet 5100
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"AdobeESD" = Adobe Download Manager 1.2 (Remove Only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2702" = Conexant SmartHSFi V.9x 56K DF PCI Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"erunt_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"hp deskjet 5100 series_driver" = hp deskjet 5100 series
"hp officejet 5100 series 1073679498" = hp officejet 5100 series
"hp officejet 5100 series 1094597273" = hp officejet 5100 series - 2
"HP Photo & Imaging" = HP Image Zone 3.5
"HP Photo Printing Software" = HP Photo Printing Software
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Canon Camera Window DSLR 5 for ZoomBrowser EX
"InstallShield_{468190DA-FB4C-45BA-8E40-4B165FF1A939}" = Broadcom Advanced Control Suite
"InstallShield_{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"InstallShield_{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Canon Camera Window MC 6 for ZoomBrowser EX
"InstallShield_{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Canon Camera Access Library
"InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}" = Canon Camera Support Core Library
"InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"InstallShield_{B147DC1B-49B3-4368-8A01-5AD9992CD58D}" = Canon MovieEdit Task for ZoomBrowser EX
"KB834707" = Windows XP Hotfix - KB834707
"KB867282" = Windows XP Hotfix - KB867282
"KB870669" = Microsoft Data Access Components KB870669
"KB873333" = Windows XP Hotfix - KB873333
"KB873339" = Windows XP Hotfix - KB873339
"KB883939" = Security Update for Windows XP (KB883939)
"KB885250" = Windows XP Hotfix - KB885250
"KB885835" = Windows XP Hotfix - KB885835
"KB885836" = Windows XP Hotfix - KB885836
"KB886185" = Windows XP Hotfix - KB886185
"KB887472" = Windows XP Hotfix - KB887472
"KB887742" = Windows XP Hotfix - KB887742
"KB888113" = Windows XP Hotfix - KB888113
"KB888302" = Windows XP Hotfix - KB888302
"KB890046" = Security Update for Windows XP (KB890046)
"KB890047" = Windows XP Hotfix - KB890047
"KB890175" = Windows XP Hotfix - KB890175
"KB890859" = Windows XP Hotfix - KB890859
"KB890923" = Windows XP Hotfix - KB890923
"KB891781" = Windows XP Hotfix - KB891781
"KB892130" = Windows Genuine Advantage Validation Tool (KB892130)
"KB893066" = Windows XP Hotfix - KB893066
"KB893086" = Windows XP Hotfix - KB893086
"KB893756" = Security Update for Windows XP (KB893756)
"KB893803" = Windows Installer 3.1 (KB893803)
"KB893803v2" = Windows Installer 3.1 (KB893803)
"KB894391" = Update for Windows XP (KB894391)
"KB896358" = Security Update for Windows XP (KB896358)
"KB896422" = Security Update for Windows XP (KB896422)
"KB896423" = Security Update for Windows XP (KB896423)
"KB896424" = Security Update for Windows XP (KB896424)
"KB896428" = Security Update for Windows XP (KB896428)
"KB896688" = Security Update for Windows XP (KB896688)
"KB896727" = Update for Windows XP (KB896727)
"KB898458" = Security Update for Step By Step Interactive Training (KB898458)
"KB898461" = Update for Windows XP (KB898461)
"KB899587" = Security Update for Windows XP (KB899587)
"KB899588" = Security Update for Windows XP (KB899588)
"KB899591" = Security Update for Windows XP (KB899591)
"KB900485" = Update for Windows XP (KB900485)
"KB900725" = Security Update for Windows XP (KB900725)
"KB901017" = Security Update for Windows XP (KB901017)
"KB901214" = Security Update for Windows XP (KB901214)
"KB902400" = Security Update for Windows XP (KB902400)
"KB903235" = Security Update for Windows XP (KB903235)
"KB904706" = Security Update for Windows XP (KB904706)
"KB904942" = Update for Windows XP (KB904942)
"KB905414" = Security Update for Windows XP (KB905414)
"KB905749" = Security Update for Windows XP (KB905749)
"KB905915" = Security Update for Windows XP (KB905915)
"KB908519" = Security Update for Windows XP (KB908519)
"KB908531" = Security Update for Windows XP (KB908531)
"KB910437" = Update for Windows XP (KB910437)
"KB911280" = Update for Windows XP (KB911280)
"KB911562" = Security Update for Windows XP (KB911562)
"KB911564" = Security Update for Windows Media Player (KB911564)
"KB911565" = Security Update for Windows Media Player 10 (KB911565)
"KB911567" = Security Update for Windows XP (KB911567)
"KB911927" = Security Update for Windows XP (KB911927)
"KB912812" = Security Update for Windows XP (KB912812)
"KB912919" = Security Update for Windows XP (KB912919)
"KB913446" = Security Update for Windows XP (KB913446)
"KB913580" = Security Update for Windows XP (KB913580)
"KB914388" = Security Update for Windows XP (KB914388)
"KB914389" = Security Update for Windows XP (KB914389)
"KB914440" = Hotfix for Windows XP (KB914440)
"KB915865" = Hotfix for Windows XP (KB915865)
"KB916281" = Security Update for Windows XP (KB916281)
"KB916595" = Update for Windows XP (KB916595)
"KB917159" = Security Update for Windows XP (KB917159)
"KB917344" = Security Update for Windows XP (KB917344)
"KB917422" = Security Update for Windows XP (KB917422)
"KB917734_WMP10" = Security Update for Windows Media Player 10 (KB917734)
"KB917953" = Security Update for Windows XP (KB917953)
"KB918118" = Security Update for Windows XP (KB918118)
"KB918439" = Security Update for Windows XP (KB918439)
"KB918899" = Security Update for Windows XP (KB918899)
"KB919007" = Security Update for Windows XP (KB919007)
"KB920213" = Security Update for Windows XP (KB920213)
"KB920214" = Security Update for Windows XP (KB920214)
"KB920670" = Security Update for Windows XP (KB920670)
"KB920683" = Security Update for Windows XP (KB920683)
"KB920685" = Security Update for Windows XP (KB920685)
"KB920872" = Update for Windows XP (KB920872)
"KB921398" = Security Update for Windows XP (KB921398)
"KB921503" = Security Update for Windows XP (KB921503)
"KB921883" = Security Update for Windows XP (KB921883)
"KB922582" = Update for Windows XP (KB922582)
"KB922616" = Security Update for Windows XP (KB922616)
"KB922760" = Security Update for Windows XP (KB922760)
"KB922819" = Security Update for Windows XP (KB922819)
"KB923191" = Security Update for Windows XP (KB923191)
"KB923414" = Security Update for Windows XP (KB923414)
"KB923689" = Security Update for Windows XP (KB923689)
"KB923694" = Security Update for Windows XP (KB923694)
"KB923723" = Security Update for Step By Step Interactive Training (KB923723)
"KB923980" = Security Update for Windows XP (KB923980)
"KB924191" = Security Update for Windows XP (KB924191)
"KB924270" = Security Update for Windows XP (KB924270)
"KB924496" = Security Update for Windows XP (KB924496)
"KB924667" = Security Update for Windows XP (KB924667)
"KB925398_WMP64" = Security Update for Windows Media Player 6.4 (KB925398)
"KB925454" = Security Update for Windows XP (KB925454)
"KB925486" = Security Update for Windows XP (KB925486)
"KB925902" = Security Update for Windows XP (KB925902)
"KB926255" = Security Update for Windows XP (KB926255)
"KB926436" = Security Update for Windows XP (KB926436)
"KB927779" = Security Update for Windows XP (KB927779)
"KB927802" = Security Update for Windows XP (KB927802)
"KB927891" = Update for Windows XP (KB927891)
"KB928090" = Security Update for Windows XP (KB928090)
"KB928255" = Security Update for Windows XP (KB928255)
"KB928843" = Security Update for Windows XP (KB928843)
"KB929123" = Security Update for Windows XP (KB929123)
"KB929338" = Update for Windows XP (KB929338)
"KB929969" = Security Update for Windows XP (KB929969)
"KB930178" = Security Update for Windows XP (KB930178)
"KB930916" = Update for Windows XP (KB930916)
"KB931261" = Security Update for Windows XP (KB931261)
"KB931768" = Security Update for Windows XP (KB931768)
"KB931784" = Security Update for Windows XP (KB931784)
"KB931836" = Update for Windows XP (KB931836)
"KB932168" = Security Update for Windows XP (KB932168)
"KB932823-v3" = Update for Windows XP (KB932823-v3)
"KB933360" = Update for Windows XP (KB933360)
"KB933566" = Security Update for Windows XP (KB933566)
"KB933729" = Security Update for Windows XP (KB933729)
"KB935839" = Security Update for Windows XP (KB935839)
"KB935840" = Security Update for Windows XP (KB935840)
"KB936021" = Security Update for Windows XP (KB936021)
"KB936357" = Update for Windows XP (KB936357)
"KB936782_WMP10" = Security Update for Windows Media Player 10 (KB936782)
"KB937143" = Security Update for Windows XP (KB937143)
"KB938127" = Security Update for Windows XP (KB938127)
"KB938127-IE7" = Security Update for Windows Internet Explorer 7 (KB938127)
"KB938828" = Update for Windows XP (KB938828)
"KB938829" = Security Update for Windows XP (KB938829)
"KB939653" = Security Update for Windows XP (KB939653)
"KB941202" = Security Update for Windows XP (KB941202)
"KB941568" = Security Update for Windows XP (KB941568)
"KB941569" = Security Update for Windows XP (KB941569)
"KB941644" = Security Update for Windows XP (KB941644)
"KB941693" = Security Update for Windows XP (KB941693)
"KB942615-IE7" = Security Update for Windows Internet Explorer 7 (KB942615)
"KB942763" = Update for Windows XP (KB942763)
"KB943055" = Security Update for Windows XP (KB943055)
"KB943460" = Security Update for Windows XP (KB943460)
"KB943485" = Security Update for Windows XP (KB943485)
"KB944533-IE7" = Security Update for Windows Internet Explorer 7 (KB944533)
"KB944653" = Security Update for Windows XP (KB944653)
"KB945553" = Security Update for Windows XP (KB945553)
"KB946026" = Security Update for Windows XP (KB946026)
"KB946648" = Security Update for Windows XP (KB946648)
"KB947864-IE7" = Hotfix for Windows Internet Explorer 7 (KB947864)
"KB948590" = Security Update for Windows XP (KB948590)
"KB948881" = Security Update for Windows XP (KB948881)
"KB950749" = Security Update for Windows XP (KB950749)
"KB950759-IE7" = Security Update for Windows Internet Explorer 7 (KB950759)
"KB950760" = Security Update for Windows XP (KB950760)
"KB950762" = Security Update for Windows XP (KB950762)
"KB950974" = Security Update for Windows XP (KB950974)
"KB951066" = Security Update for Windows XP (KB951066)
"KB951072-v2" = Update for Windows XP (KB951072-v2)
"KB951376" = Security Update for Windows XP (KB951376)
"KB951376-v2" = Security Update for Windows XP (KB951376-v2)
"KB951698" = Security Update for Windows XP (KB951698)
"KB951748" = Security Update for Windows XP (KB951748)
"KB952287" = Hotfix for Windows XP (KB952287)
"KB952954" = Security Update for Windows XP (KB952954)
"KB953838-IE7" = Security Update for Windows Internet Explorer 7 (KB953838)
"KB953839" = Security Update for Windows XP (KB953839)
"M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366)
"malwarebytes' anti-malware_is1" = Malwarebytes' Anti-Malware
"Map Maker" = Map Maker
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"mozy_is1" = MozyHome 1.8.10.0
"msc" = McAfee SecurityCenter
"MSN Music Assistant" = MSN Music Assistant
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 6.0" = RealOne Player
"Shockwave" = Shockwave
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SkyCaddieDesktop" = SkyCaddie Desktop
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"WGA" = Windows Genuine Advantage Validation Tool (KB892130)
"WgaNotify" = Windows Genuine Advantage Notifications (KB905474)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 2

========== HKEY_CURRENT_USER Uninstall List ==========


========== Last 10 Event Log Errors ==========


[ Application Events ]
Error - 8/29/2008 8:21:22 PM - Computer Name = JUDYPC - User Name = NT AUTHORITY\SYSTEM - Source = McLogEvent
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 3224 (0xc98) Thread address : 0x7C90EB94 Thread message : Build VSCORE.14.0.0.349
/ 5200.2160 Object being scanned = \Device\HarddiskVolume2\WINDOWS\SYSTEM32\NTVDM.EXE

by C:\WINDOWS\System32\svchost.exe 17018(0)(0) 17017(0)(2) 7007(0)(0) 5006(0)(0)

5004(0)(0) 5003(0)(0) 5002(0)(1) 15002(0)(0)

Error - 8/29/2008 8:37:38 PM - Computer Name = JUDYPC - User Name = NT AUTHORITY\SYSTEM - Source = McLogEvent
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 2676 (0xa74) Thread address : 0x7C90EB94 Thread message : Build VSCORE.14.0.0.349
/ 5200.2160 Object being scanned = \Device\HarddiskVolume2\WINDOWS\system32\REGAPI.dll

by C:\WINDOWS\system32\svchost.exe 17018(0)(0) 17017(0)(2) 7007(0)(0) 5006(0)(0)

5004(0)(0) 5003(0)(0) 5002(0)(1) 15002(0)(0)

Error - 8/29/2008 8:37:38 PM - Computer Name = JUDYPC - User Name = NT AUTHORITY\SYSTEM - Source = McLogEvent
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 2668 (0xa6c) Thread address : 0x7C90EB94 Thread message : Build VSCORE.14.0.0.349
/ 5200.2160 Object being scanned = \Device\HarddiskVolume2\WINDOWS\TEMP\mcafee_aIIxXWHKF5OQMWP

by C:\Program Files\McAfee\MPF\MPFSrv.exe 17018(0)(0) 17017(0)(2) 7007(0)(0) 5006(0)(0)

5004(0)(0) 5003(0)(0) 5002(0)(1) 15002(0)(0)

Error - 8/30/2008 12:59:53 AM - Computer Name = JUDYPC - User Name = User SID not found - Source = crypt32
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 8/30/2008 12:59:54 AM - Computer Name = JUDYPC - User Name = User SID not found - Source = crypt32
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 8/30/2008 12:59:56 AM - Computer Name = JUDYPC - User Name = User SID not found - Source = crypt32
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 8/30/2008 12:59:56 AM - Computer Name = JUDYPC - User Name = User SID not found - Source = crypt32
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 9/1/2008 4:19:43 PM - Computer Name = JUDYPC - User Name = NT AUTHORITY\SYSTEM - Source = McLogEvent
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 3252 (0xcb4) Thread address : 0x7C90EB94 Thread message : Build VSCORE.14.0.0.349
/ 5200.2160 Object being scanned = \Device\HarddiskVolume2\WINDOWS\system32 by
C:\Program Files\iPod\bin\iPodService.exe 17018(0)(0) 17017(0)(2) 7007(0)(0) 5006(0)(0)

5004(0)(0) 5003(0)(0) 5002(0)(1) 15002(0)(0)

Error - 9/4/2008 9:02:00 PM - Computer Name = JUDYPC - User Name = NT AUTHORITY\SYSTEM - Source = McLogEvent
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 3100 (0xc1c) Thread address : 0x7C90EB94 Thread message : Build VSCORE.14.0.0.349
/ 5200.2160 Object being scanned = \Device\HarddiskVolume2\Program Files\Common
Files\Logitech\Scrolling\LgMsgHk.dll by C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe

17018(0)(0) 17017(0)(2) 7007(0)(0) 5006(0)(0) 5004(0)(0) 5003(0)(0) 5002(0)(1)
15002(0)(0)

Error - 9/4/2008 9:02:00 PM - Computer Name = JUDYPC - User Name = NT AUTHORITY\SYSTEM - Source = McLogEvent
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 3108 (0xc24) Thread address : 0x7C90EB94 Thread message : Build VSCORE.14.0.0.349
/ 5200.2160 Object being scanned = \Device\HarddiskVolume2\WINDOWS\system32\Msctf.dll

by \??\C:\WINDOWS\system32\winlogon.exe 17018(0)(0) 17017(0)(2) 7007(0)(0) 5006(0)(0)

5004(0)(0) 5003(0)(0) 5002(0)(1) 15002(0)(0)


[ Internet Explorer Events ]

[ Security Events ]

[ System Events ]
Error - 9/4/2008 8:59:29 PM - Computer Name = JUDYPC - User Name = NT AUTHORITY\SYSTEM - Source = DCOM
Description = The server {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} did not register
with DCOM within the required timeout.

Error - 9/4/2008 9:00:15 PM - Computer Name = JUDYPC - User Name = User SID not found - Source = Service Control Manager
Description = The USB SECURITY DEVICE service failed to start due to the following
error: %%1058

Error - 9/4/2008 9:00:42 PM - Computer Name = JUDYPC - User Name = NT AUTHORITY\SYSTEM - Source = DCOM
Description = The server {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} did not register
with DCOM within the required timeout.

Error - 9/4/2008 9:16:24 PM - Computer Name = JUDYPC - User Name = User SID not found - Source = Service Control Manager
Description = The USB SECURITY DEVICE service failed to start due to the following
error: %%1058

Error - 9/5/2008 3:24:12 PM - Computer Name = JUDYPC - User Name = User SID not found - Source = Service Control Manager
Description = The USB SECURITY DEVICE service failed to start due to the following
error: %%1058

Error - 9/5/2008 4:12:42 PM - Computer Name = JUDYPC - User Name = User SID not found - Sourc