Maxi,
Thank you for your reply. I'm ready for you to help in any way you can.
Here are the copies of the DDS logs. Looking forward to the next step.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Run by Jake at 11:02:13 on 2011-09-17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.995 [GMT -5:00]
.
AV: Windows Enterprise Suite *Enabled/Updated* {1DBA0708-0BCF-45A2-8603-7745FEBAD1D0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: Windows Enterprise Suite *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\ihzp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\igfxsrvc.exe
.
============== Pseudo HJT Report ===============
.
uStart Page =
https://cffc.peak.aecium.com/uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [CardScan AutoSync]
mRun: [SpeechExec Startup] c:\program files\common files\philips speech shared\components\PSP.SpeechExec.StartupApp.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [<NO NAME>]
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 4.0\apdproxy.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [cftmon] c:\windows\system32\ihzp.exe
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: aecium.com\cffc.peak
DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} -
hxxp://www.trendsecure.com/framework/co ... mHcmsX.CABDPF: {2A59CE46-2E9E-4B00-BC9B-A183638E8D4E} -
hxxps://cffc.peak.aecium.com/Green/live ... werApp.CABDPF: {300FE705-8D95-41F4-93C0-621F927379D0} -
hxxps://cffc.peak.aecium.com/Green/live ... dPrint.CABDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
hxxp://v5.windowsupdate.microsoft.com/v ... 2434139265DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -
hxxp://update.microsoft.com/microsoftup ... 2655706359DPF: {88DD90B6-C770-4CFF-B7A4-3AFD16BB8824} -
hxxps://cffc.peak.aecium.com/aspnet_cli ... ontrol.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {C8FE369D-3517-490E-8EB5-256CA6C73236} -
hxxps://cffc.peak.aecium.com/Green/live ... corder.CABDPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} -
hxxp://java.sun.com/products/plugin/aut ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {E6C4B65B-FD06-46F8-A031-34237B31B299} -
hxxps://cffc.peak.aecium.com/Green/live ... aching.CABDPF: {E856B973-45FD-4559-8F82-EAB539144667} -
hxxp://pccheckup.dellfix.com/rel/41/ins ... downde.cabTCP: DhcpNameServer = 76.85.229.110 76.85.229.111
TCP: Interfaces\{6A47E9CA-BAB3-4A84-B05E-B13B5B1F3A8A} : DhcpNameServer = 76.85.229.110 76.85.229.111
Notify: igfxcui - igfxdev.dll
Notify: LMIinit - LMIinit.dll
Notify: TPSvc - TPSvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rdiadmin\application data\mozilla\firefox\profiles\ihzdbp9d.default\
FF - prefs.js: browser.startup.homepage -
hxxp://news.google.comFF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-11-12 64288]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 MpKsleb6ff3d0;MpKsleb6ff3d0;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{97671e43-57ee-41aa-92a7-96b58ba192cd}\MpKsleb6ff3d0.sys [2011-9-17 28752]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-8-11 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-12-16 47640]
RUnknown szkg5;szkg5; [x]
RUnknown szkgfs;szkgfs; [x]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-12 136176]
S3 EraserUtilDrvI2;EraserUtilDrvI2;\??\c:\program files\common files\symantec shared\eengine\eraserutildrvi2.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrvI2.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-12 136176]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-9-23 2152152]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-9-23 15232]
S3 Orex02;Orex Ver(2000)(M) 4.1.04;c:\windows\system32\drivers\Orex02.sys [2004-12-6 70608]
S4 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-10-1 374152]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
S4 Onyx-RAD Image Server;Onyx-RAD Image Server;f:\onyx-rad\bin\onyximageserver.exe --> f:\onyx-rad\bin\OnyxImageServer.exe [?]
S4 Onyx-RAD Space-Management Server;Onyx-RAD Space-Management Server;f:\onyx-rad\bin\onyxspacemanagementserver.exe --> f:\onyx-rad\bin\OnyxSpaceManagementServer.exe [?]
UnknownUnknown is3srv;is3srv; [x]
.
=============== Created Last 30 ================
.
2011-09-17 15:35:55 479232 ----a-w- c:\windows\system32\ihzp.exe
2011-09-17 15:25:28 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{97671e43-57ee-41aa-92a7-96b58ba192cd}\MpKsleb6ff3d0.sys
2011-09-17 02:00:34 388096 ----a-r- c:\documents and settings\rdiadmin\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-17 02:00:33 -------- d-----w- c:\program files\Trend Micro
2011-09-15 01:38:27 -------- d-----w- c:\documents and settings\all users\application data\STOPzilla!
2011-09-13 20:45:05 7152464 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{97671e43-57ee-41aa-92a7-96b58ba192cd}\mpengine.dll
2011-09-12 21:20:28 -------- d-----w- c:\documents and settings\rdiadmin\local settings\application data\{E9DECDB4-9526-4D09-BB01-DE80920BEB97}
2011-09-11 16:29:44 0 ----a-w- c:\windows\Plitevul.bin
2011-09-11 16:29:43 -------- d-----w- c:\documents and settings\rdiadmin\local settings\application data\{D69C9FCF-9CA3-487D-86A3-37CCBCC8CC78}
2011-09-11 14:09:11 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-11 14:09:04 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-11 14:09:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-10 05:49:14 296074 ----a-w- c:\windows\system32\shimg.dll
2011-09-03 10:17:37 599040 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
==================== Find3M ====================
.
2011-09-07 12:37:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-03 10:17:37 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-29 18:57:01 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer,
http://www.gmer.netWindows 5.1.2600 Disk: ST3160023AS rev.8.05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x89ACB4D0]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x89ad17d0]; MOV EAX, [0x89ad184c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x89B89030]
3 CLASSPNP[0xF76E7FD7] -> nt!IofCallDriver[0x804E37D5] -> [0x89AE4C70]
\Driver\atapi[0x89B7C3C8] -> IRP_MJ_CREATE -> 0x89ACB4D0
error: Read A device attached to the system is not functioning.
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x89ACB31B
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 11:04:24.26 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 12/14/2009 7:11:08 PM
System Uptime: 9/17/2011 10:24:52 AM (1 hours ago)
.
Motherboard: Dell Computer Corp. | | 0U2575
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/533mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 89.485 GiB free.
D: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_017A1028&REV_02\4&1C660DD6&0&40F0
Manufacturer: Intel
Name: Intel(R) PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_017A1028&REV_02\4&1C660DD6&0&40F0
Service: E100B
.
==== System Restore Points ===================
.
RP23: 6/19/2011 10:37:04 AM - Printer Driver LogMeIn Printer Driver Installed
RP24: 6/19/2011 10:46:37 AM - Software Distribution Service 3.0
RP25: 6/20/2011 8:37:54 PM - Software Distribution Service 3.0
RP26: 6/21/2011 10:31:53 PM - System Checkpoint
RP27: 6/21/2011 11:34:09 PM - Software Distribution Service 3.0
RP28: 6/23/2011 7:26:33 PM - Software Distribution Service 3.0
RP29: 6/24/2011 8:05:34 PM - System Checkpoint
RP30: 6/25/2011 12:14:27 PM - Software Distribution Service 3.0
RP31: 6/26/2011 2:22:21 PM - System Checkpoint
RP32: 6/27/2011 7:00:56 PM - Software Distribution Service 3.0
RP33: 6/28/2011 7:57:08 PM - System Checkpoint
RP34: 6/28/2011 11:18:27 PM - Software Distribution Service 3.0
RP35: 6/29/2011 1:56:16 PM - Software Distribution Service 3.0
RP36: 6/30/2011 7:50:35 PM - Software Distribution Service 3.0
RP37: 7/1/2011 8:13:40 PM - Software Distribution Service 3.0
RP38: 7/3/2011 10:30:15 AM - Software Distribution Service 3.0
RP39: 7/4/2011 4:17:53 PM - Software Distribution Service 3.0
RP40: 7/5/2011 8:28:19 PM - Software Distribution Service 3.0
RP41: 7/6/2011 8:47:32 PM - System Checkpoint
RP42: 7/7/2011 9:31:46 PM - Software Distribution Service 3.0
RP43: 7/8/2011 9:42:58 PM - System Checkpoint
RP44: 7/9/2011 9:57:47 AM - Software Distribution Service 3.0
RP45: 7/10/2011 8:18:13 PM - Software Distribution Service 3.0
RP46: 7/11/2011 8:58:53 PM - System Checkpoint
RP47: 7/11/2011 9:02:03 PM - Software Distribution Service 3.0
RP48: 7/12/2011 8:58:59 PM - Software Distribution Service 3.0
RP49: 7/13/2011 8:52:16 PM - Software Distribution Service 3.0
RP50: 7/15/2011 2:34:35 PM - Software Distribution Service 3.0
RP51: 7/15/2011 6:02:40 PM - Installed %1 %2.
RP52: 7/16/2011 3:34:01 PM - Software Distribution Service 3.0
RP53: 7/17/2011 3:45:00 PM - Software Distribution Service 3.0
RP54: 7/18/2011 9:00:47 PM - Software Distribution Service 3.0
RP55: 7/19/2011 10:27:28 PM - Software Distribution Service 3.0
RP56: 7/21/2011 3:52:04 PM - Software Distribution Service 3.0
RP57: 7/24/2011 3:35:43 PM - Software Distribution Service 3.0
RP58: 7/25/2011 8:55:06 PM - Software Distribution Service 3.0
RP59: 7/26/2011 10:00:06 PM - Software Distribution Service 3.0
RP60: 7/27/2011 10:14:48 PM - System Checkpoint
RP61: 7/28/2011 7:13:43 PM - Software Distribution Service 3.0
RP62: 7/29/2011 11:36:17 PM - System Checkpoint
RP63: 7/29/2011 11:39:00 PM - Software Distribution Service 3.0
RP64: 7/31/2011 10:16:08 AM - Removed Evernote v. 4.3.1
RP65: 7/31/2011 10:16:35 AM - Software Distribution Service 3.0
RP66: 8/1/2011 8:30:06 PM - Software Distribution Service 3.0
RP67: 8/2/2011 8:59:16 PM - System Checkpoint
RP68: 8/2/2011 9:47:48 PM - Software Distribution Service 3.0
RP69: 8/4/2011 8:21:48 AM - Software Distribution Service 3.0
RP70: 8/5/2011 11:16:32 AM - Software Distribution Service 3.0
RP71: 8/14/2011 9:12:17 PM - Software Distribution Service 3.0
RP72: 8/14/2011 10:25:12 PM - Software Distribution Service 3.0
RP73: 8/15/2011 8:20:33 PM - Software Distribution Service 3.0
RP74: 8/15/2011 10:00:32 PM - Software Distribution Service 3.0
RP75: 8/17/2011 12:24:48 AM - Software Distribution Service 3.0
RP76: 8/18/2011 8:25:00 PM - Software Distribution Service 3.0
RP77: 8/20/2011 12:22:17 AM - Software Distribution Service 3.0
RP78: 8/21/2011 12:48:35 AM - System Checkpoint
RP79: 8/21/2011 2:33:02 AM - Software Distribution Service 3.0
RP80: 8/21/2011 11:53:51 AM - Software Distribution Service 3.0
RP81: 8/22/2011 8:08:59 PM - Software Distribution Service 3.0
RP82: 8/23/2011 10:37:36 PM - Software Distribution Service 3.0
RP83: 8/24/2011 3:03:33 PM - Software Distribution Service 3.0
RP84: 8/25/2011 6:56:34 AM - Software Distribution Service 3.0
RP85: 8/27/2011 3:14:10 PM - Software Distribution Service 3.0
RP86: 8/28/2011 3:28:10 PM - System Checkpoint
RP87: 8/29/2011 4:48:28 PM - Software Distribution Service 3.0
RP88: 8/30/2011 8:54:37 PM - Software Distribution Service 3.0
RP89: 8/31/2011 9:49:34 PM - System Checkpoint
RP90: 9/1/2011 6:14:59 PM - Software Distribution Service 3.0
RP91: 9/6/2011 4:12:52 PM - Software Distribution Service 3.0
RP92: 9/7/2011 8:00:24 AM - Software Distribution Service 3.0
RP93: 9/7/2011 5:22:10 PM - Software Distribution Service 3.0
RP94: 9/8/2011 5:24:07 PM - System Checkpoint
RP95: 9/9/2011 3:19:59 PM - Software Distribution Service 3.0
RP96: 9/11/2011 12:47:11 AM - System Checkpoint
RP97: 9/13/2011 3:44:54 PM - Software Distribution Service 3.0
RP98: 9/14/2011 6:35:47 PM - System Checkpoint
RP99: 9/14/2011 8:38:10 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP100: 9/16/2011 7:40:45 PM - System Checkpoint
RP101: 9/16/2011 9:00:31 PM - Installed HiJackThis
RP102: 9/17/2011 12:43:23 AM - Software Distribution Service 3.0
RP103: 9/17/2011 10:38:05 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
.
==== Installed Programs ======================
.
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Help Center 2.0
Adobe Photoshop Elements 4.0
Adobe Reader 9.4.6
Any Password 1.44
APC PowerChute Personal Edition
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.3.7 (Unicode)
AxCrypt 1.7.2126.0
BACS
Bonjour
Broadcom Advanced Control Suite
Carbonite
CardScan 7.0.5
CDBurnerXP
Compatibility Pack for the 2007 Office system
DiMAGE Scan Elite5400 2 ver.1.0
Dragon NaturallySpeaking 10
Eclipsys PeakPractice Client Tools for 1095
Epocrates Essentials
FreeMind
Google Earth Plug-in
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Image Resizer Powertoy for Windows XP
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 17
Java(TM) 6 Update 7
LogMeIn
Malwarebytes' Anti-Malware version 1.51.1.1800
Melloware PlacesBar Editor
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 6.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
ODIR
QuickTime
RealPlayer
SeaTools for Windows
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SpeechExec Pro Dictate
Spybot - Search & Destroy
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ Runtime for Dragon NaturallySpeaking
WD Diagnostics
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
9/17/2011 12:50:19 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2003 (KB2584052).
9/17/2011 12:49:56 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Excel 2003 (KB2553072).
9/17/2011 12:48:48 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office Outlook 2003 Junk Email Filter (KB2553111).
9/17/2011 10:37:27 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the szserver service.
9/17/2011 10:36:48 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.2117.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
9/17/2011 10:25:37 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 sisagp Sparrow symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde
9/16/2011 3:29:55 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/16/2011 3:27:48 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: abp480n5 adpu160m AFD agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o Fips hpn i2omp ini910u IntelIde intelppm IPSec MpFilter mraid35x MRxSmb NetBIOS NetBT OMCI perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 RasAcd Rdbss sisagp Sparrow symc8xx sym_hi sym_u3 Tcpip TosIde ultra viaagp ViaIde
9/16/2011 3:27:48 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Lavasoft Ad-Aware Service service to connect.
9/16/2011 3:27:48 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
9/16/2011 3:27:48 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/16/2011 3:27:48 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/16/2011 3:27:48 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
9/16/2011 3:27:48 PM, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/16/2011 3:18:21 PM, error: Service Control Manager [7034] - The STOPzilla Service service terminated unexpectedly. It has done this 1 time(s).
9/16/2011 3:17:41 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.2117.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
9/15/2011 4:33:26 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.2117.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
9/14/2011 8:30:26 PM, error: Service Control Manager [7034] - The Adobe Active File Monitor V4 service terminated unexpectedly. It has done this 1 time(s).
9/14/2011 6:29:09 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.2117.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
9/14/2011 6:18:12 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service CarboniteService with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}
9/14/2011 6:18:11 PM, error: UPS [2481] - The UPS service is not configured correctly.
9/14/2011 6:18:11 PM, error: Service Control Manager [7023] - The Uninterruptible Power Supply service terminated with the following error: %%2481
9/14/2011 6:18:00 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service LMIGuardianSvc with arguments "" in order to run the server: {D4258A22-CF85-489D-83AE-49FCD0DFAD29}
9/10/2011 3:35:19 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.1858.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
.
==== End Of File ===========================