Run by User at 20:15:43.31 on Thu 01/13/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.255 [GMT -5:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
E:\instructions\dds.scr
============== Pseudo HJT Report ===============
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [InstallIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun
uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"
mRun: [UpdatePPShortCut] "c:\program files\cyberlink\powerproducer\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerproducer" updatewithcreateonce "software\cyberlink\powerproducer\5.0"
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [<NO NAME>]
dRun: [<NO NAME>]
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: microsoft.com\www.update
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupda ... 3112092955
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 3121114453
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\8yl4eucn.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox ... S:official
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\user\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: WebNotes Toolbar: webnotestoolbar@webnotes.net - %profile%\extensions\webnotestoolbar@webnotes.net
FF - Ext: TinEye Reverse Image Search: tineye@ideeinc.com - %profile%\extensions\tineye@ideeinc.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Bloody Red: {2458abc0-f443-11dd-87af-0800200c9a66} - %profile%\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
FF - Ext: Oskar: {5b175400-2368-11de-8c30-0800200c9a66} - %profile%\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
FF - Ext: FastestFox: smarterwiki@wikiatic.com - %profile%\extensions\smarterwiki@wikiatic.com
FF - Ext: Long URL Please: longurlplease@darragh.curran - %profile%\extensions\longurlplease@darragh.curran
FF - Ext: Full Fullscreen: {bfe3406c-6f31-4789-86d5-efa50e12c9eb} - %profile%\extensions\{bfe3406c-6f31-4789-86d5-efa50e12c9eb}
FF - Ext: Yet Another Smooth Scrolling: yetanothersmoothscrolling@kataho - %profile%\extensions\yetanothersmoothscrolling@kataho
FF - Ext: Locationbar²: locationbar2@design-noir.de - %profile%\extensions\locationbar2@design-noir.de
FF - Ext: Omnibar: omnibar@ajitk.com - %profile%\extensions\omnibar@ajitk.com
FF - Ext: Mouse Gestures Redox: {FFA36170-80B1-4535-B0E3-A4569E497DD0} - %profile%\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Download Manager Tweak: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB} - %profile%\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
FF - Ext: Test Pilot: testpilot@labs.mozilla.com - %profile%\extensions\testpilot@labs.mozilla.com
FF - Ext: View Source Chart: {68836a21-fc7d-4ea1-a065-7efabd99d414} - %profile%\extensions\{68836a21-fc7d-4ea1-a065-7efabd99d414}
============= SERVICES / DRIVERS ===============
S3 ASTRA32;ASTRA32;c:\windows\system32\drivers\astra32.sys [2005-6-2 24544]
S3 EL98x;3Com EtherLink 10/100 PCI;c:\windows\system32\drivers\el98xn5.sys [2005-6-2 70174]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2002-8-29 14336]
=============== Created Last 30 ================
2011-01-12 15:49:47 2855 ----a-w- c:\windows\system32\services.PIF
2011-01-12 03:21:20 -------- d-sha-r- C:\cmdcons
2011-01-12 03:17:53 98816 ----a-w- c:\windows\sed.exe
2011-01-12 03:17:53 89088 ----a-w- c:\windows\MBR.exe
2011-01-12 03:17:53 256512 ----a-w- c:\windows\PEV.exe
2011-01-12 03:17:53 161792 ----a-w- c:\windows\SWREG.exe
2011-01-09 22:33:12 -------- d-----w- c:\program files\trend micro
2011-01-09 17:49:06 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-06 03:06:51 -------- d-----w- c:\windows\system32\CatRoot_bak
2011-01-06 03:03:07 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-01-06 02:37:57 52296 ------w- c:\windows\system32\drivers\PROCMON20.SYS
2011-01-05 03:06:29 388096 ----a-r- c:\docume~1\user\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-12-31 03:02:20 -------- d-----w- c:\windows\system32\appmgmt
2010-12-30 18:28:53 -------- d-----w- c:\windows\ShellNew
2010-12-30 18:28:52 -------- d-----w- c:\program files\AutoHotkey
2010-12-26 21:30:47 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-26 21:29:16 45568 -c----w- c:\windows\system32\dllcache\wab.exe
==================== Find3M ====================
2011-01-09 17:48:49 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-01 21:03:25 176128 ----a-w- c:\windows\system32\winmm.dll
2010-12-03 06:07:00 12315136 ----a-w- c:\windows\system32\ffmpeg.exe
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-24 15:18:29 16384 ----a-w- c:\windows\system32\lgfwunis.exe
2010-10-24 15:12:25 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-10-24 15:12:22 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-24 15:12:22 353576 ----a-w- c:\windows\system32\msvcr71.dll
============= FINISH: 20:16:34.18 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/28/2006 10:06:43 AM
System Uptime: 1/13/2011 8:11:45 PM (0 hours ago)
Motherboard: Compaq | | 07E4h
Processor: Intel(R) Pentium(R) 4 CPU 2.00GHz | XU1 PROCESSOR | 1994/400mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 35 GiB total, 20.095 GiB free.
D: is CDROM ()
E: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP49: 10/14/2010 9:37:41 PM - System Checkpoint
RP50: 10/14/2010 9:24:09 PM - Software Distribution Service 3.0
RP51: 10/15/2010 2:55:59 PM - Software Distribution Service 3.0
RP52: 10/15/2010 2:57:42 PM - Software Distribution Service 3.0
RP53: 10/15/2010 3:02:50 PM - Software Distribution Service 3.0
RP54: 10/15/2010 3:15:20 PM - Software Distribution Service 3.0
RP55: 10/15/2010 3:18:12 PM - Software Distribution Service 3.0
RP56: 10/15/2010 9:13:02 PM - Software Distribution Service 3.0
RP57: 10/16/2010 4:26:02 PM - Software Distribution Service 3.0
RP58: 10/17/2010 11:36:24 AM - Software Distribution Service 3.0
RP59: 10/17/2010 3:47:46 PM - Installed Java(TM) 6 Update 22
RP60: 10/17/2010 9:32:48 PM - Software Distribution Service 3.0
RP61: 10/19/2010 3:09:00 PM - Software Distribution Service 3.0
RP62: 10/19/2010 7:47:48 PM - Software Distribution Service 3.0
RP63: 10/20/2010 3:00:16 AM - Software Distribution Service 3.0
RP64: 10/20/2010 9:08:18 PM - Installed BOINC
RP65: 10/21/2010 6:20:43 PM - Software Distribution Service 3.0
RP66: 10/22/2010 3:00:21 AM - Software Distribution Service 3.0
RP67: 10/22/2010 10:03:17 PM - Software Distribution Service 3.0
RP68: 10/23/2010 10:10:28 AM - Software Distribution Service 3.0
RP69: 10/23/2010 10:50:04 PM - Software Distribution Service 3.0
RP70: 10/24/2010 11:06:58 AM - Installed Suite
RP71: 10/24/2010 1:05:49 PM - Software Distribution Service 3.0
RP72: 10/24/2010 2:50:14 PM - Software Distribution Service 3.0
RP73: 10/26/2010 3:20:33 PM - Software Distribution Service 3.0
RP74: 10/26/2010 3:24:58 PM - Software Distribution Service 3.0
RP75: 10/27/2010 3:00:19 AM - Software Distribution Service 3.0
RP76: 10/28/2010 3:00:18 AM - Software Distribution Service 3.0
RP77: 10/29/2010 7:53:21 PM - System Checkpoint
RP78: 10/30/2010 3:00:15 AM - Software Distribution Service 3.0
RP79: 10/31/2010 3:00:18 AM - Software Distribution Service 3.0
RP80: 11/1/2010 3:00:16 AM - Software Distribution Service 3.0
RP81: 11/6/2010 4:18:57 PM - Software Distribution Service 3.0
RP82: 11/7/2010 2:00:17 AM - Software Distribution Service 3.0
RP83: 11/7/2010 3:00:15 AM - Software Distribution Service 3.0
RP84: 11/8/2010 3:00:16 AM - Software Distribution Service 3.0
RP85: 11/9/2010 7:18:58 PM - System Checkpoint
RP86: 11/9/2010 9:24:46 PM - Software Distribution Service 3.0
RP87: 11/11/2010 4:45:20 PM - System Checkpoint
RP88: 11/12/2010 3:00:20 AM - Software Distribution Service 3.0
RP89: 11/13/2010 3:00:17 AM - Software Distribution Service 3.0
RP90: 11/14/2010 3:17:26 AM - System Checkpoint
RP91: 11/15/2010 4:17:26 AM - System Checkpoint
RP92: 11/16/2010 5:17:26 AM - System Checkpoint
RP93: 11/17/2010 6:17:26 AM - System Checkpoint
RP94: 11/18/2010 6:17:26 AM - System Checkpoint
RP95: 11/19/2010 8:17:26 AM - System Checkpoint
RP96: 12/5/2010 10:54:56 AM - Software Distribution Service 3.0
RP97: 12/6/2010 3:00:18 AM - Software Distribution Service 3.0
RP98: 12/7/2010 3:00:15 AM - Software Distribution Service 3.0
RP99: 12/8/2010 3:57:10 AM - System Checkpoint
RP100: 12/9/2010 5:57:10 AM - System Checkpoint
RP101: 12/10/2010 6:57:10 AM - System Checkpoint
RP102: 12/11/2010 6:57:10 AM - System Checkpoint
RP103: 12/12/2010 6:57:10 AM - System Checkpoint
RP104: 12/26/2010 4:23:36 PM - Software Distribution Service 3.0
RP105: 12/27/2010 10:53:03 AM - Software Distribution Service 3.0
RP106: 12/30/2010 1:04:29 PM - Software Distribution Service 3.0
RP107: 12/30/2010 10:02:12 PM - Removed BOINC
RP108: 12/31/2010 12:17:46 PM - Software Distribution Service 3.0
RP109: 12/31/2010 4:11:23 PM - Software Distribution Service 3.0
RP110: 1/1/2011 4:02:23 PM - Software Distribution Service 3.0
RP111: 1/1/2011 4:24:43 PM - Restore Operation
RP112: 1/3/2011 6:50:28 AM - Software Distribution Service 3.0
RP113: 1/3/2011 6:51:50 AM - Software Distribution Service 3.0
RP114: 1/4/2011 10:06:26 PM - Installed HiJackThis
RP115: 1/5/2011 8:54:59 PM - Software Distribution Service 3.0
RP116: 1/5/2011 9:00:15 PM - Installed Kaspersky Anti-Virus 2011.
RP117: 1/5/2011 9:30:09 PM - Removed Kaspersky Anti-Virus 2011.
RP118: 1/9/2011 12:02:30 PM - Software Distribution Service 3.0
RP119: 1/9/2011 12:47:52 PM - Removed Java(TM) 6 Update 21
RP120: 1/9/2011 12:48:42 PM - Installed Java(TM) 6 Update 23
RP121: 1/11/2011 10:12:13 PM - Software Distribution Service 3.0
RP122: 1/12/2011 10:26:35 AM - Software Distribution Service 3.0
RP123: 1/13/2011 8:13:57 PM - Software Distribution Service 3.0
==== Installed Programs ======================
7-Zip 4.65
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0
Apple Application Support
Apple Software Update
AutoHotkey 1.0.91.01
CodeBlocks
Easy CD Creator 5 Basic
ERUNT 1.1j
Free File Viewer 2010
GIMP 2.6.11
Google Chrome
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
InstallIQ Updater
Intel(R) Extreme Graphics Driver
Intel(R) PRO Ethernet Adapter and Software
Intel(R) PROSet II
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 23
Just Great Software EditPad Lite 6.6.4
Leopard
LG CyberLink LabelPrint
LG CyberLink Power2Go
LG CyberLink PowerBackup
LG CyberLink PowerDVD
LG CyberLink PowerProducer
LG CyberLink YouCam
LG ODD Auto Firmware Update
LG Power Tools
LightScribe System Software
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework Client Profile
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser
Mozilla Firefox (3.6.13)
Notepad++
Paint.NET v3.5.5
PowerDVD
QuickTime
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982664)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Wordlist Wizard
==== Event Viewer Messages From Past Week ========
1/9/2011 12:02:56 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007054f: Security Update for Windows XP (KB956572).
1/9/2011 12:02:43 PM, error: NtServicePack [4373] - Windows XP KB956572 installation failed.
An internal error occurred.
1/13/2011 8:14:28 PM, error: NtServicePack [4373] - Windows XP KB956572 installation failed.
An internal error occurred.
1/12/2011 10:28:07 AM, error: NtServicePack [4373] - Windows XP KB956572 installation failed.
An internal error occurred.
1/11/2011 10:39:10 PM, error: PlugPlayManager [11] - The device Root\LEGACY_PROCMON20\0000 disappeared from the system without first being prepared for removal.
1/11/2011 10:13:27 PM, error: NtServicePack [4373] - Windows XP KB956572 installation failed.
An internal error occurred.
==== End Of File ===========================
McAfee thinks ComboFix is a trojan. I assume it's not?
it was named
ARTEMIS!
and then a random string of numbers.
Somewhere in that log it mentions the removal of PROCMON. I think one of your tools removed it. Process Monitor must seem like malware, since it gets so much information.
I hadn't noticed services.pif before.