Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HELP! I don't know what is wrong with my computer!


  • This topic is locked This topic is locked

#1
fatu94

fatu94

    New Member

  • Member
  • Pip
  • 3 posts
Everytime I turn on my computer a message comes up saying that windows/system33 is doing something illegal or some such. Even after i deleted system33 a new message popped up saying something I didn't quite understand. I also had a problem with the trojan mirc and followed a tip on this website to get rid of it but it didn't work and I ended up with this problem. Here is my log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:12:08 PM, on 4/29/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\Documents and Settings\Fatema Saifuddin\Application Data\iexplorer.exe
C:\Documents and Settings\Fatema Saifuddin\Application Data\teskmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Intel i386] C:\WINDOWS\system32\winamap.exe
O4 - HKLM\..\Run: [Microsotf] C:\Documents and Settings\Fatema Saifuddin\Application Data\teskmgr.exe
O4 - HKLM\..\Run: [Microsoft iexplorer] C:\Documents and Settings\Fatema Saifuddin\Application Data\iexplorer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Microsotf] C:\Documents and Settings\Fatema Saifuddin\Application Data\teskmgr.exe
O4 - HKCU\..\Run: [Microsoft iexplorer] C:\Documents and Settings\Fatema Saifuddin\Application Data\iexplorer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 7018 bytes
  • 0

Advertisements


#2
fatu94

fatu94

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
This is what the messages said when i opened my computer:

Windows- No Disk
Exception Processing Message c0000013 Parameters 75b6bf7c 4 75b6bf7c 75b6bf7c

16 bit MS-DOS Subsystem
C:\windows\system33.exe
The NTVDM CPU has encountered an illegal instruction.
CS:0550 IP:01a8 OP:63 6f 6e 74 65 Choose ‘Close’ to terminate the application.

Edited by fatu94, 30 April 2011 - 11:39 AM.

  • 0

#3
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi fatu94,

Sorry for the delay.

Welcome to Geekstogo. My name is Salagubang and I'll be helping you with this problem.

  • Please read all of my response through at least once before attempting to follow the procedures described. I would recommend printing them out, if you can, as you can check off each step as you complete it. If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you
  • English is not my first language, so please do not use slang or idioms, as this makes it difficult to understand for me.

+++++++++++++++++++++++++++++++++++++++++++

Posted ImageOTL
OTL is currently our primary tool for searching key areas of the registry and other system locations for the telltale signs of malware. It generates a comprehensive log, and offers an initial diagnosis.

Important note: HijackThis has been replaced by OTL in this guide. Since being acquired by TrendMicro, HijackThis has not been regularly updated. Many infections are now able to hide partly, or completely from a HijackThis scan. OTL is authored by one of our staff members (OldTimer). It includes all the scan locations of HijackThis and more. It's not only a more comprehensive scan tool, but also offers more powerful removal features.
  • Download OTL to your Desktop
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:

    netsvcs
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    /md5stop
    c:\windows\system32\*.dll /lockedfiles
    c:\windows\system32\drivers\*.sys /lockedfiles
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and paste them into your reply.
  • 0

#4
fatu94

fatu94

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Sorry for the late reply.

OTL.txt
OTL logfile created on: 5/7/2011 2:08:20 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Fatema Saifuddin\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.00 Mb Total Physical Memory | 116.00 Mb Available Physical Memory | 24.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 4000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72.90 Gb Total Space | 58.88 Gb Free Space | 80.76% Space Free | Partition Type: NTFS

Computer Name: SAIFUDDIN | User Name: Fatema Saifuddin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/07 14:07:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fatema Saifuddin\My Documents\Downloads\OTL.exe
PRC - [2011/05/07 10:35:01 | 000,038,912 | RHS- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\wleed.exe
PRC - [2011/05/06 21:41:18 | 000,044,036 | RHS- | M] (SaFroT) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\svchost.exe
PRC - [2011/05/02 23:17:54 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/05/14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/03/04 14:08:20 | 000,099,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/11 06:47:38 | 000,331,776 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2004/06/18 17:31:02 | 000,067,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


========== Modules (SafeList) ==========

MOD - [2011/05/07 14:07:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fatema Saifuddin\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/03/04 14:08:20 | 002,106,760 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2010/03/04 14:08:20 | 000,099,720 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2010/08/24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/02/17 16:52:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/02/17 16:52:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/02/17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/04/13 13:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/05 16:58:14 | 000,220,672 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/08/05 16:57:56 | 000,012,416 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/08/03 23:31:36 | 000,032,768 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/06/30 16:01:12 | 000,032,768 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/06/21 17:53:20 | 000,626,204 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 12:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/12/30 20:38:52 | 000,028,080 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\incdrm.sys -- (incdrm)
DRV - [2003/07/18 10:58:20 | 000,036,992 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2001/08/17 16:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=BBLN&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://www.bing.com/...TDF&PC=BBLN&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/02 23:18:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/02 23:18:00 | 000,000,000 | ---D | M]

[2011/02/19 23:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\Mozilla\Extensions
[2011/05/07 10:39:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\Mozilla\Firefox\Profiles\p108h6sc.default\extensions
[2011/04/09 16:52:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\Mozilla\Firefox\Profiles\p108h6sc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/11 22:56:52 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\Mozilla\Firefox\Profiles\p108h6sc.default\searchplugins\bing.xml
[2011/05/04 19:16:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/09 19:32:58 | 000,000,000 | ---D | M] (ScanQuery) -- C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}
[2010/10/11 21:33:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/27 15:39:20 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

O1 HOSTS File: ([2004/08/04 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Flash] C:\Documents and Settings\Fatema Saifuddin\Application Data\svchost.exe (SaFroT)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Real_Player] File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [Adobe Flash] C:\Documents and Settings\Fatema Saifuddin\Application Data\svchost.exe (SaFroT)
O4 - HKCU..\Run: [Real_Player] C:\Documents and Settings\Fatema Saifuddin\Application Data\wleed.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\Fatema Saifuddin\Application Data\uoagxd.exe) - C:\Documents and Settings\Fatema Saifuddin\Application Data\uoagxd.exe ()
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Fatema Saifuddin\Application Data\nygm.exe) - C:\Documents and Settings\Fatema Saifuddin\Application Data\nygm.exe (Mozilla Foundation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Fatema Saifuddin\Application Data\uoagxd.exe) - C:\Documents and Settings\Fatema Saifuddin\Application Data\uoagxd.exe ()
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Fatema Saifuddin\Application Data\pbiik.exe) - C:\Documents and Settings\Fatema Saifuddin\Application Data\pbiik.exe (TeamViewer GmbH)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Fatema Saifuddin\Application Data\psmout.exe) - C:\Documents and Settings\Fatema Saifuddin\Application Data\psmout.exe (Mozilla Foundation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\cisnet.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\cisnet.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/15 00:53:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Info.exe folder.htt 480 480
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2011/05/04 23:20:08 | 000,142,336 | RHS- | C] (Mozilla Foundation) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\nygm.exe
[2011/05/03 20:44:13 | 000,044,036 | RHS- | C] (SaFroT) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\svchost.exe
[2011/05/01 19:33:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fatema Saifuddin\Local Settings\Application Data\Temp
[2011/04/28 21:17:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/04/28 21:17:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/04/28 21:17:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ime
[2011/04/28 21:17:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/04/28 20:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/04/28 20:33:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fatema Saifuddin\Start Menu\Programs\HiJackThis
[2011/04/28 20:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fatema Saifuddin\Start Menu\Programs\CleanUp!
[2011/04/28 20:17:47 | 000,000,000 | ---D | C] -- C:\Program Files\CleanUp!
[2011/04/20 17:02:08 | 000,113,664 | RHS- | C] (Mozilla Foundation) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\Win7info.exe
[2011/04/19 17:46:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Fatema Saifuddin\My Documents\My Videos
[2011/04/10 19:40:42 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax
[2011/04/10 16:20:28 | 000,192,000 | RHS- | C] (TeamViewer GmbH) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\pbiik.exe
[2011/04/07 15:24:43 | 000,148,992 | RHS- | C] (Mozilla Foundation) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\psmout.exe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/07 13:40:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/07 10:35:01 | 000,038,912 | RHS- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\wleed.exe
[2011/05/07 10:35:01 | 000,038,912 | ---- | M] () -- C:\dsfiueeee.exe
[2011/05/07 10:29:19 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/07 10:28:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/06 21:41:18 | 000,044,036 | RHS- | M] (SaFroT) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\svchost.exe
[2011/05/05 15:02:52 | 000,138,240 | RHS- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\uoagxd.exe
[2011/05/03 20:49:47 | 000,046,084 | ---- | M] () -- C:\skjadhkjsa2.exe
[2011/05/02 23:16:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/01 19:14:15 | 000,041,476 | RHS- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\java.exe
[2011/05/01 19:14:15 | 000,041,476 | ---- | M] () -- C:\weijqw.exe
[2011/05/01 19:14:15 | 000,004,767 | ---- | M] () -- C:\WINDOWS\system33.exe
[2011/04/29 19:08:38 | 000,001,121 | ---- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Desktop\Shortcut to HiJackThis.lnk
[2011/04/28 20:27:26 | 000,000,134 | ---- | M] () -- C:\WINDOWS\System32\remote.ini
[2011/04/28 20:18:00 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Desktop\CleanUp!.lnk
[2011/04/28 17:09:44 | 000,036,250 | ---- | M] () -- C:\Documents and Settings\Fatema Saifuddin\My Documents\maryiam pic.JPG
[2011/04/25 15:24:10 | 000,000,009 | -HS- | M] () -- C:\WINDOWS\System32\system.acm
[2011/04/24 19:31:31 | 000,000,129 | ---- | M] () -- C:\WINDOWS\System32\298.reg
[2011/04/24 17:47:45 | 000,122,368 | RHS- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\teskmgr.exe
[2011/04/24 17:47:45 | 000,122,368 | ---- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Hifa7.exe
[2011/04/19 20:44:30 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/04/19 20:44:29 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/15 17:41:31 | 000,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/13 23:24:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/13 23:23:05 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/13 23:23:05 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/13 23:16:46 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011/04/11 14:57:13 | 000,192,000 | RHS- | M] (TeamViewer GmbH) -- C:\Documents and Settings\Fatema Saifuddin\Application Data\pbiik.exe
[2011/04/10 19:41:23 | 000,004,096 | ---- | M] () -- C:\WINDOWS\d3dx.dat
[2011/04/10 19:40:41 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/04/10 19:40:39 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/04/10 19:40:39 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/04/10 19:40:25 | 000,000,373 | ---- | M] () -- C:\WINDOWS\PowerReg.dat
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/07 10:35:06 | 000,038,912 | RHS- | C] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\wleed.exe
[2011/05/07 10:34:59 | 000,038,912 | ---- | C] () -- C:\dsfiueeee.exe
[2011/05/03 20:49:47 | 000,046,084 | ---- | C] () -- C:\skjadhkjsa2.exe
[2011/05/01 19:14:34 | 000,041,476 | RHS- | C] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\java.exe
[2011/05/01 19:14:14 | 000,041,476 | ---- | C] () -- C:\weijqw.exe
[2011/04/29 19:31:26 | 000,036,250 | ---- | C] () -- C:\Documents and Settings\Fatema Saifuddin\My Documents\maryiam pic.JPG
[2011/04/29 19:08:38 | 000,001,121 | ---- | C] () -- C:\Documents and Settings\Fatema Saifuddin\Desktop\Shortcut to HiJackThis.lnk
[2011/04/29 19:08:00 | 000,004,767 | ---- | C] () -- C:\WINDOWS\system33.exe
[2011/04/29 18:52:48 | 000,138,240 | RHS- | C] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\uoagxd.exe
[2011/04/28 20:18:00 | 000,000,687 | ---- | C] () -- C:\Documents and Settings\Fatema Saifuddin\Desktop\CleanUp!.lnk
[2011/04/25 15:24:10 | 000,000,009 | -HS- | C] () -- C:\WINDOWS\System32\system.acm
[2011/04/24 19:31:31 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\298.reg
[2011/04/24 17:48:06 | 000,122,368 | RHS- | C] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\teskmgr.exe
[2011/04/24 17:47:36 | 000,122,368 | ---- | C] () -- C:\Documents and Settings\Fatema Saifuddin\Hifa7.exe
[2011/04/13 23:16:46 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/04/10 19:41:23 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011/04/10 19:40:29 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2011/04/10 19:40:29 | 000,005,672 | ---- | C] () -- C:\WINDOWS\System32\quartz.vxd
[2011/04/10 19:40:09 | 000,000,373 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2011/03/26 02:54:12 | 000,000,134 | ---- | C] () -- C:\WINDOWS\System32\remote.ini
[2011/03/15 14:57:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Fatema Saifuddin\Application Data\chrtmp
[2011/02/21 20:07:44 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Fatema Saifuddin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/30 15:05:22 | 000,000,569 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2010/10/06 11:58:03 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/09/24 15:18:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/09/14 22:07:19 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2010/09/13 15:17:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/09/12 23:03:01 | 000,157,245 | ---- | C] () -- C:\WINDOWS\hphins26.dat
[2010/09/12 23:03:00 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl26.dat
[2010/09/12 19:01:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WinInit.ini
[2005/01/20 10:55:38 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2005/01/20 10:29:39 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/01/20 10:29:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/01/20 10:29:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/01/20 10:29:01 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/01/20 10:28:24 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/01/20 10:28:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/01/20 10:27:47 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/01/20 10:27:15 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/01/20 09:24:05 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\sis740.bin
[2005/01/20 09:24:05 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\sis650.bin
[2005/01/15 02:25:47 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/15 01:11:19 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/01/15 01:06:02 | 000,106,346 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005/01/15 01:05:55 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\sis760.bin
[2005/01/15 01:05:55 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\sis741.bin
[2005/01/15 01:05:55 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\sis660.bin
[2005/01/15 01:03:36 | 000,101,818 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2005/01/15 00:55:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/01/15 00:50:12 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/01/14 19:44:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/01/14 19:43:38 | 000,180,240 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/01/13 03:19:23 | 000,000,436 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/04 21:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 21:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/27 18:03:14 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\systemac.dll
[2002/04/20 03:03:52 | 000,004,514 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/04/20 03:03:48 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

========== LOP Check ==========

[2010/09/13 13:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2011/03/06 22:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2010/10/20 19:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VOWSoft
[2005/01/15 03:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fatema Saifuddin\Application Data\SampleView
[2011/03/05 01:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fatema Saifuddin\Application Data\ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: AGP440.SYS >
[2004/08/04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/09/28 12:30:43 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2010/09/28 12:30:43 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/09/28 12:30:43 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2010/09/28 12:30:43 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< c:\windows\system32\*.dll /lockedfiles >
[5 c:\windows\system32\*.tmp files -> c:\windows\system32\*.tmp -> ]

< c:\windows\system32\drivers\*.sys /lockedfiles >

< %systemroot%\*. /mp /s >

< End of report >


Extras.txt

OTL Extras logfile created on: 5/7/2011 2:08:20 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Fatema Saifuddin\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.00 Mb Total Physical Memory | 116.00 Mb Available Physical Memory | 24.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 4000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72.90 Gb Total Space | 58.88 Gb Free Space | 80.76% Space Free | Partition Type: NTFS

Computer Name: SAIFUDDIN | User Name: Fatema Saifuddin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Abid Saifuddin\Local Settings\Temporary Internet Files\Content.IE5\YP63F0ZM\MediaPlayerSetup[1].exe" = C:\Documents and Settings\Abid Saifuddin\Local Settings\Temporary Internet Files\Content.IE5\YP63F0ZM\MediaPlayerSetup[1].exe:*:Enabled:Video Player
"C:\Documents and Settings\Abid Saifuddin\Local Settings\Temporary Internet Files\Content.IE5\A7B9D4WM\VideoPlayerSetup[1].exe" = C:\Documents and Settings\Abid Saifuddin\Local Settings\Temporary Internet Files\Content.IE5\A7B9D4WM\VideoPlayerSetup[1].exe:*:Enabled:Video Player
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Documents and Settings\Abid Saifuddin\Local Settings\Temporary Internet Files\Content.IE5\QHN6BDLO\flv_player_setup[1].exe" = C:\Documents and Settings\Abid Saifuddin\Local Settings\Temporary Internet Files\Content.IE5\QHN6BDLO\flv_player_setup[1].exe:*:Enabled:Flash FLV Player
"C:\Program Files\aTube Catcher\yct.exe" = C:\Program Files\aTube Catcher\yct.exe:*:Enabled:aTube Catcher to download and convert videos. -- (DsNET)
"C:\WINDOWS\system32\winamap.exe" = C:\WINDOWS\system32\winamap.exe:*:Enabled:Windows Media Player
"C:\Documents and Settings\Fatema Saifuddin\My Documents\winamap.exe" = C:\Documents and Settings\Fatema Saifuddin\My Documents\winamap.exe:*:Disabled:Windows Media Player
"c:\dsfiueeee.exe" = c:\dsfiueeee.exe:*:Enabled:Real_Player -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00170409-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}" = HP Deskjet D1500 Printer Driver Software 10.0 Rel .3
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 22
"{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{38436888-9EAA-4cec-A56F-65B73D9D423C}" = D1500
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60C1AF18-EA45-7488-5C95-4EC64F93B727}" = ViiKii Desktop Plug-in
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{82C113AD-486F-4bd5-A2EA-2383AF57D084}" = D1500_Help
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B8240B3-891D-4965-AA51-8799622D44FF}" = DJ_SF_03_D1500_ProductContext
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B1421599-A42D-47ef-B512-B9B0317BD599}" = DJ_SF_03_D1500_Software
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"aTube Catcher" = aTube Catcher
"DivX Setup.divx.com" = DivX Setup
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"hp officejet 7100 series" = hp officejet 7100 series corporate driver
"hp officejet 7100 series 1284699562" = hp officejet 7100 series - 1
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"ie8" = Windows Internet Explorer 8
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"MRW!UninstallKey" = InCD EasyWrite Reader
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Shop for HP Supplies" = Shop for HP Supplies
"SiS VGA Driver" = SiS VGA Utilities
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"Ulead Photo Express 3.0 SE" = Ulead Photo Express 3.0 SE
"Uninstall_is1" = Uninstall 1.0.0.1
"ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1" = ViiKii Desktop Plug-in
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Software Update" = Yahoo! Software Update

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/19/2011 9:41:41 PM | Computer Name = SAIFUDDIN | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x03da9297.

Error - 4/20/2011 6:18:20 PM | Computer Name = SAIFUDDIN | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4095, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.

Error - 4/20/2011 6:20:12 PM | Computer Name = SAIFUDDIN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.4095, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/24/2011 8:32:05 PM | Computer Name = SAIFUDDIN | Source = Application Hang | ID = 1002
Description = Hanging application winamap.exe, version 6.0.1.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/24/2011 8:32:05 PM | Computer Name = SAIFUDDIN | Source = Application Hang | ID = 1002
Description = Hanging application winamap.exe, version 6.0.1.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/24/2011 8:32:12 PM | Computer Name = SAIFUDDIN | Source = Application Hang | ID = 1002
Description = Hanging application winamap.exe, version 6.0.1.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/24/2011 8:32:12 PM | Computer Name = SAIFUDDIN | Source = Application Hang | ID = 1002
Description = Hanging application winamap.exe, version 6.0.1.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/29/2011 8:24:24 PM | Computer Name = SAIFUDDIN | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 5/3/2011 12:18:05 AM | Computer Name = SAIFUDDIN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 5/3/2011 12:23:55 AM | Computer Name = SAIFUDDIN | Source = DCOM | ID = 10010
Description = The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register
with DCOM within the required timeout.

Error - 5/3/2011 12:38:03 AM | Computer Name = SAIFUDDIN | Source = DCOM | ID = 10010
Description = The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register
with DCOM within the required timeout.

Error - 5/3/2011 9:42:51 PM | Computer Name = SAIFUDDIN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 5/4/2011 1:54:43 AM | Computer Name = SAIFUDDIN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 5/4/2011 7:58:55 PM | Computer Name = SAIFUDDIN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 5/5/2011 4:02:40 PM | Computer Name = SAIFUDDIN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 5/6/2011 1:21:42 AM | Computer Name = SAIFUDDIN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 5/6/2011 10:40:10 PM | Computer Name = SAIFUDDIN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 5/7/2011 11:30:18 AM | Computer Name = SAIFUDDIN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.


< End of report >
  • 0

#5
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.

Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

#6
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP