dds.txt
DDS (Ver_09-10-26.01) - NTFSx86
Run by Frank & Liz at 19:35:21.89 on Fri 11/06/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.226 [GMT -5:00]
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall Plus *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Documents and Settings\Frank & Liz\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page =
hxxp://www.google.com/webhpuSearch Page =
hxxp://www.google.comuSearch Bar =
hxxp://www.google.com/ieuDefault_Page_URL =
hxxp://www.google.com/ig/dell?hl=en&cli ... channel=usuSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext =
hxxp://www.google.com/ig/dell?hl=en&cli ... channel=usuSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
mSearchAssistant =
hxxp://www.google.com/ieBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: McAfee AntiPhishing Filter: {41d68ed8-4cff-4115-88a6-6ebb8af19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
TB: McAfee VirusScan: {ba52b914-b692-46c4-b683-905236f6f655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [VSOCheckTask] "c:\progra~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
mRun: [MCAgentExe] c:\progra~1\mcafee.com\agent\mcagent.exe
mRun: [MCUpdateExe] c:\progra~1\mcafee.com\agent\mcupdate.exe
mRun: [MSKDetectorExe] c:\progra~1\mcafee\spamki~1\MSKDetct.exe /startup
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [MSKAGENTEXE] c:\progra~1\mcafee\spamki~1\MskAgent.exe
mRun: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
mRun: [MPFExe] c:\progra~1\mcafee.com\person~1\MpfTray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [voseliselo] Rundll32.exe "roliwiza.dll",s
mRun: [vukubewel] Rundll32.exe "c:\windows\system32\lepekisu.dll",a
StartupFolder: c:\docume~1\frank&~1\startm~1\programs\startup\ding!.lnk - c:\program files\southwest airlines\ding\Ding.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc2~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpobnz08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
IE: RemindU -
file://c:\documents and settings\frank & liz\application data\upromise__remindu\uprot\uproC5.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - {7DD73374-7187-4103-8F29-622AA25E7C40} - c:\program files\mcafee\spamkiller\mcapfbho.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: musicmatch.com\online
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} -
hxxp://download.macromedia.com/pub/shoc ... tor/sw.cabDPF: {26B2A5DA-BFD6-422F-A89A-28A54C74B12B} -
hxxp://www.costcophotocenter.com/upload ... ontrol.cabDPF: {406B5949-7190-4245-91A9-30A17DE16AD0} -
hxxp://www.costcophotocenter.com/CostcoActivia.cabDPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} -
hxxps://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} -
hxxp://web1.shutterfly.com/downloads/Uploader.cabDPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} -
hxxp://java.sun.com/products/plugin/aut ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload.macromedia.com/get/sh ... wflash.cabDPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} -
hxxp://www.costcophotocenter.com/upload ... ontrol.cabHandler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: lolanayo.dll c:\windows\system32\lepekisu.dll
SSODL: feyamuhob - {60aa7119-cdb3-41a8-9a99-3f5d04a95ce6} - c:\windows\system32\lepekisu.dll
STS: mujuzedij: {60aa7119-cdb3-41a8-9a99-3f5d04a95ce6} - c:\windows\system32\lepekisu.dll
LSA: Notification Packages = scecli roliwiza.dll lolanayo.dll
============= SERVICES / DRIVERS ===============
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-9-27 133104]
=============== Created Last 30 ================
2009-11-05 14:06:06 90112 --sh--w- c:\windows\system32\zujevuho.dll
2009-11-04 02:45:03 37888 --sh--w- c:\windows\system32\vuboduje.dll
2009-11-03 22:15:49 0 d-----w- c:\program files\Trend Micro
2009-10-25 17:20:27 0 d-----w- c:\windows\system32\wbem\Repository
==================== Find3M ====================
2009-10-13 00:09:44 3350 -csha-w- c:\windows\system32\KGyGaAvL.sys
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-08-28 10:28:59 70656 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-28 10:28:59 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2009-08-27 05:18:44 634648 ------w- c:\windows\system32\dllcache\iexplore.exe
2009-08-27 05:18:41 161792 ------w- c:\windows\system32\dllcache\ieakui.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\dllcache\strmdll.dll
2009-08-13 15:16:05 512000 ------w- c:\windows\system32\dllcache\jscript.dll
2009-07-28 13:30:33 38400 --sha-w- c:\windows\system32\bihorugi.dll
2009-08-06 02:05:47 89088 --sha-w- c:\windows\system32\botapovu.dll
2009-08-05 14:05:42 38912 --sha-w- c:\windows\system32\degejiba.dll
2009-07-30 01:30:49 38400 --sha-w- c:\windows\system32\difebebu.dll
2009-08-02 14:44:31 38912 --sha-w- c:\windows\system32\fareruta.dll
2009-08-01 00:06:55 37888 --sha-w- c:\windows\system32\febefiya.dll
2009-07-29 13:31:08 90112 --sha-w- c:\windows\system32\gavulowe.dll
2009-08-03 14:44:21 37888 --sha-w- c:\windows\system32\guromome.dll
2009-07-30 19:45:09 61440 --sha-w- c:\windows\system32\jebufijo.dll
2009-08-06 02:05:47 37888 --sha-w- c:\windows\system32\jibogosu.dll
2009-07-29 01:30:11 38912 --sha-w- c:\windows\system32\kimapuge.dll
2009-07-29 13:31:08 38400 --sha-w- c:\windows\system32\lefopase.dll
2009-08-06 20:17:33 89088 --sha-w- c:\windows\system32\lepekisu.dll
2009-07-27 12:12:14 51712 --sha-w- c:\windows\system32\lolanayo.dll
2009-08-03 02:44:15 38912 --sha-w- c:\windows\system32\lugibifi.dll
2009-07-28 00:11:08 37888 --sha-w- c:\windows\system32\luvigaki.dll
2009-07-27 12:12:14 51712 --sha-w- c:\windows\system32\nivunaso.dll
2009-07-26 21:57:17 87552 --sha-w- c:\windows\system32\pemejilo.dll
2009-07-30 19:45:09 38912 --sha-w- c:\windows\system32\popezaho.dll
2009-07-31 12:06:53 37888 --sha-w- c:\windows\system32\puyepidu.dll
2009-08-04 20:29:52 38400 --sha-w- c:\windows\system32\raferafo.dll
2009-08-01 14:05:55 38912 --sha-w- c:\windows\system32\rogiwezu.dll
2009-07-27 12:12:14 51712 --sha-w- c:\windows\system32\roliwiza.dll
2009-07-27 12:11:39 84480 --sha-w- c:\windows\system32\sirifiwi.dll
2009-07-30 01:30:49 90112 --sha-w- c:\windows\system32\tifileze.dll
2009-08-02 02:05:48 38912 --sha-w- c:\windows\system32\tihugole.dll
2009-07-26 21:57:17 173056 --sha-w- c:\windows\system32\wepejapu.dll
2009-08-06 20:17:33 38400 --sha-w- c:\windows\system32\zazovera.dll
2009-07-27 12:11:40 51712 --sha-w- c:\windows\system32\zetoyago.dll
2008-09-27 15:25:37 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092720080928\index.dat
============= FINISH: 19:36:07.43 ===============
attach.txt
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-10-26.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 6/7/2006 7:41:52 PM
System Uptime: 11/6/2009 8:32:35 PM (-1 hours ago)
Motherboard: Dell Inc. | | 0JC474
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/800mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 51 GiB total, 27.995 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 18.517 GiB free.
E: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_1064&SUBSYS_01C41028&REV_04\4&10BD256C&0&40F0
Manufacturer: Intel
Name: Intel(R) PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_1064&SUBSYS_01C41028&REV_04\4&10BD256C&0&40F0
Service: E100B
==== System Restore Points ===================
RP692: 8/14/2009 8:53:08 AM - System Checkpoint
RP693: 8/15/2009 12:04:19 AM - Software Distribution Service 3.0
RP694: 8/16/2009 9:08:47 AM - System Checkpoint
RP695: 8/17/2009 9:50:21 AM - System Checkpoint
RP696: 8/18/2009 10:04:24 AM - System Checkpoint
RP697: 8/19/2009 9:05:27 PM - System Checkpoint
RP698: 8/21/2009 10:29:33 AM - System Checkpoint
RP699: 8/23/2009 9:57:29 PM - System Checkpoint
RP700: 8/24/2009 10:01:22 PM - System Checkpoint
RP701: 8/25/2009 10:24:39 PM - System Checkpoint
RP702: 8/26/2009 5:04:13 PM - Software Distribution Service 3.0
RP703: 8/27/2009 5:17:07 PM - System Checkpoint
RP704: 8/28/2009 5:49:43 PM - System Checkpoint
RP705: 8/29/2009 7:27:56 PM - System Checkpoint
RP706: 8/31/2009 9:48:08 AM - System Checkpoint
RP707: 9/1/2009 10:46:19 AM - System Checkpoint
RP708: 9/2/2009 5:40:46 PM - System Checkpoint
RP709: 9/3/2009 6:42:32 PM - System Checkpoint
RP710: 9/5/2009 8:08:13 AM - System Checkpoint
RP711: 9/6/2009 9:26:13 AM - System Checkpoint
RP712: 9/7/2009 7:47:14 PM - System Checkpoint
RP713: 9/8/2009 9:05:01 PM - System Checkpoint
RP714: 9/9/2009 9:17:32 PM - System Checkpoint
RP715: 9/9/2009 9:51:50 PM - Software Distribution Service 3.0
RP716: 9/11/2009 2:37:06 PM - System Checkpoint
RP717: 9/12/2009 2:37:58 PM - System Checkpoint
RP718: 9/13/2009 8:46:22 PM - System Checkpoint
RP719: 9/14/2009 9:18:43 PM - System Checkpoint
RP720: 9/15/2009 10:15:49 PM - System Checkpoint
RP721: 9/17/2009 8:55:03 AM - System Checkpoint
RP722: 9/18/2009 9:55:49 AM - System Checkpoint
RP723: 9/19/2009 10:28:49 AM - System Checkpoint
RP724: 9/20/2009 10:54:53 AM - System Checkpoint
RP725: 9/21/2009 4:08:16 PM - System Checkpoint
RP726: 9/22/2009 6:03:31 PM - System Checkpoint
RP727: 9/23/2009 6:59:39 PM - System Checkpoint
RP728: 9/24/2009 8:06:46 PM - System Checkpoint
RP729: 9/25/2009 8:20:57 PM - System Checkpoint
RP730: 9/26/2009 10:29:26 PM - System Checkpoint
RP731: 9/27/2009 11:08:51 PM - System Checkpoint
RP732: 9/29/2009 9:07:13 AM - System Checkpoint
RP733: 9/29/2009 10:02:04 PM - Installed Nancy Drew: Legend of the Crystal Skull
RP734: 10/1/2009 9:30:10 AM - System Checkpoint
RP735: 10/2/2009 4:40:13 PM - System Checkpoint
RP736: 10/3/2009 10:03:38 PM - System Checkpoint
RP737: 10/5/2009 7:19:11 AM - System Checkpoint
RP738: 10/6/2009 8:16:36 AM - System Checkpoint
RP739: 10/7/2009 10:19:19 AM - System Checkpoint
RP740: 10/8/2009 3:36:50 PM - System Checkpoint
RP741: 10/9/2009 5:27:50 PM - System Checkpoint
RP742: 10/10/2009 6:35:20 PM - System Checkpoint
RP743: 10/11/2009 9:23:25 PM - System Checkpoint
RP744: 10/13/2009 10:09:16 AM - System Checkpoint
RP745: 10/14/2009 4:39:06 PM - System Checkpoint
RP746: 10/14/2009 9:46:53 PM - Software Distribution Service 3.0
RP747: 10/16/2009 9:39:03 AM - System Checkpoint
RP748: 10/17/2009 10:11:02 AM - System Checkpoint
RP749: 10/18/2009 11:07:42 AM - System Checkpoint
RP750: 10/19/2009 8:27:38 PM - System Checkpoint
RP751: 10/20/2009 9:45:00 PM - System Checkpoint
RP752: 10/22/2009 4:07:00 PM - System Checkpoint
RP753: 10/23/2009 5:31:25 PM - System Checkpoint
RP754: 10/24/2009 6:38:48 PM - System Checkpoint
RP755: 10/25/2009 1:19:19 PM - Restore Operation
RP756: 10/26/2009 2:53:56 PM - System Checkpoint
RP757: 10/27/2009 3:28:05 PM - System Checkpoint
RP758: 10/28/2009 5:03:47 PM - System Checkpoint
RP759: 10/29/2009 7:00:30 PM - System Checkpoint
RP760: 10/30/2009 7:14:15 PM - System Checkpoint
RP761: 10/31/2009 8:09:58 PM - System Checkpoint
RP762: 11/1/2009 8:14:21 PM - System Checkpoint
RP763: 11/2/2009 8:54:15 PM - System Checkpoint
RP764: 11/3/2009 9:46:49 PM - System Checkpoint
RP765: 11/4/2009 10:22:15 PM - System Checkpoint
RP766: 11/6/2009 6:20:53 PM - System Checkpoint
RP767: 11/6/2009 8:28:29 PM - Removed Norton Ghost 10.0
==== Installed Programs ======================
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Shockwave Player
Amazon3
AOLIcon
Apple Software Update
Banctec Service Agreement
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Carmen Sandiego Math Detective
CCScore
ClueFinders 4th Grade Adventures
ClueFinders Mystery Mansion Arcade
Conexant D850 56K V.9x DFVc Modem
Corel Photo Album 6
Coupon Printer for Windows
Curious George ABCs
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Game Console
Dell Support Center
Dell System Restore
DellConnect
DellSupport
Digital Content Portal
Digital Line Detect
DING!
Documentation & Support Launcher
EarthLink setup files
EducateU
ELIcon
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
fflink
Games, Music, & Photos Launcher
GemMaster Mystic
Get High Speed Internet!
Google Earth
Google Update Helper
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
HP Memories Disc
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 2100 series
hp psc 2100 series
Intel RSX 3D
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
Internet Service Offers Launcher
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 6
Java(TM) 6 Update 7
JumpStart Spelling v1.0
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
Learn2 Player (Uninstall Only)
McAfee Uninstaller
MCU
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Modem Helper
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Musicmatch for Windows Media Player
Musicmatch® Jukebox
MyPublisher
netbrdg
NetWaiting
OfotoXMI
OpenOffice.org Installer 1.0
Otto
Polar Bowler
QuickTime
RealPlayer Basic
Roxio DLA
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Search Assist
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SFR
SHASTA
skin0001
SKINXSDK
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
staticcr
tooltips
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Upromise remindU
URL Assistant
Viewpoint Media Player
VPRINTOL
WebCyberCoach 3.2 Dell
WebFldrs XP
WildTangent Web Driver
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WIRELESS
WordPerfect Office 12
==== Event Viewer Messages From Past Week ========
11/6/2009 8:22:44 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/1/2009 2:14:42 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee SpamKiller Server service to connect.
11/1/2009 2:14:42 PM, error: Service Control Manager [7000] - The McAfee SpamKiller Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/1/2009 2:14:41 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service MskService with arguments "" in order to run the server: {5109B8D8-73AF-4C41-A70E-73707E1F908A}
==== End Of File ===========================
gmer.txt
GMER 1.0.15.15163 -
http://www.gmer.netRootkit scan 2009-11-06 21:50:47
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\FRANK&~1\LOCALS~1\Temp\uxtdypog.sys
---- User code sections - GMER 1.0.15 ----
.text C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe[504] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 01773E00 c:\progra~1\mcafee.com\vso\McVSSkt.dll (McAfee VirusScan Winsock Helper DLL/McAfee, Inc.)
.text C:\WINDOWS\Explorer.EXE[864] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00FC3E00 c:\progra~1\mcafee.com\vso\McVSSkt.dll (McAfee VirusScan Winsock Helper DLL/McAfee, Inc.)
.text C:\WINDOWS\system32\hkcmd.exe[1228] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 01503E00 c:\progra~1\mcafee.com\vso\McVSSkt.dll (McAfee VirusScan Winsock Helper DLL/McAfee, Inc.)
.text C:\PROGRA~1\mcafee.com\agent\mcagent.exe[1384] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 01D93E00 c:\progra~1\mcafee.com\vso\McVSSkt.dll (McAfee VirusScan Winsock Helper DLL/McAfee, Inc.)
.text C:\WINDOWS\system32\igfxpers.exe[1412] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 01553E00 c:\progra~1\mcafee.com\vso\McVSSkt.dll (McAfee VirusScan Winsock Helper DLL/McAfee, Inc.)
.text ...
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs naiavf5x.sys (Anti-Virus File System Filter Driver/McAfee Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip MpFirewall.sys (McAfee Personal Firewall Driver/McAfee)
AttachedDevice \Driver\Tcpip \Device\Ip ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp MpFirewall.sys (McAfee Personal Firewall Driver/McAfee)
AttachedDevice \Driver\Tcpip \Device\Tcp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\USB_RNDIS \Device\{33E641A0-041C-4814-8650-47D12F229E9B} RNDISMP.SYS (Remote NDIS Miniport/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp MpFirewall.sys (McAfee Personal Firewall Driver/McAfee)
AttachedDevice \Driver\Tcpip \Device\Udp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp MpFirewall.sys (McAfee Personal Firewall Driver/McAfee)
AttachedDevice \Driver\Tcpip \Device\RawIp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat A8258D20
AttachedDevice \FileSystem\Fastfat \Fat naiavf5x.sys (Anti-Virus File System Filter Driver/McAfee Inc.)
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
---- EOF - GMER 1.0.15 ----
i think i did ther gmer scan correctly, i did not recieve notice of possible rootkit activity, so i clicked the scan button