I am having trouble getting GMER to complete it's scan it has rebooted my system 4 times now and locked it up once, my computer has a "history" of rebooting but normally it is RARE (once every few weeks) and i had just figured it was the power supply, this may or may not be the same issue.
I also notice upon rebooting i am getting a error box that says "getdrivelayout: createfile Fail" i figure that is what ever this malware/rootkit has done to the ATAPI has jacked up my via raid software.
the final issue i notice now is when opening firefox i no longer see my symantec endpoint protection saying it is blocking anything, but i do get an additional tab opened on firefox going to a random site suggesting i get windows xp antivirus.
here are the logs from DDS, i will keep attempting to get a complete log from GMER until otherwise notified by you,
Thank you
EDIT!! btw i noticed DDS picked up on a lot of info/issues dealing with my DC ANBF3, those shouldn't relate to my issue at all but the reason those errors exist is my DC has taken a dump past week had a 512memory chip go bad and i am afraid it corrupted some of the active directory files, so i am slowly rebuilding it from a ghost image.
DDS (Ver_10-03-17.01) - NTFSx86
Run by ninja at 4:18:26.33 on Sun 04/11/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1337 [GMT -5:00]
AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Endpoint Protection *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\VIA\RAID\vialogsv.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\ninja.ANBF\Desktop\dds.scr
============== Pseudo HJT Report ===============
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [\\anbf3\EPSON Stylus Photo R200 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2h1.exe /p38 "\\anbf3\EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
mRun: [OODefragTray] c:\windows\system32\oodtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [VIARaidUtl] c:\program files\via\raid\raid_tool.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
IE: &GET... - c:\nat32\htm\script3.htm
IE: &RAW... - c:\nat32\htm\script2.htm
IE: &Similar pages... - c:\nat32\htm\script.htm
IE: &URLs... - c:\nat32\htm\script1.htm
IE: Edit... - c:\nat32\htm\script5.htm
IE: Google... - c:\nat32\htm\script4.htm
IE: Scripts... - c:\nat32\htm\script6.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~2\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~2\INetRepl.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} -
hxxp://download.microsoft.com/download/ ... vc1dmo.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
hxxp://www.update.microsoft.com/windows ... 1037516921DPF: {7CF3E7C4-6112-4D72-A0CD-D0AD7EEB5467} -
hxxp://www.packetix.net/en/special/file ... vpnweb.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload2.macromedia.com/get/s ... wflash.cabmASetup: {621FCD24-4498-4324-A81E-07D331376EDF} - c:\program files\pixiepack codec pack\InstallerHelper.exe
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\ninja~1.anb\applic~1\mozilla\firefox\profiles\5a0zyz9q.default\
FF - prefs.js: browser.startup.homepage -
hxxp://go.microsoft.com/fwlink/?LinkId=69157FF - plugin: c:\documents and settings\ninja.anbf\local settings\application data\huludesktop\instances\0.9.2.1\npHDPlg.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R0 Pnp680;SiI 680 ATA Controller;c:\windows\system32\drivers\PnP680.sys [2007-11-14 71720]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-4-23 82200]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-10-30 108392]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-10-30 108392]
R2 NetProbe;NetProbe Packet Driver;c:\windows\system32\drivers\NetProbe.sys [2009-3-24 5365]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2009-10-30 2477304]
R2 VRAID Log Service;VRAID Log Service;c:\program files\via\raid\vialogsv.exe [2009-1-6 52888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-8-29 102448]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20100410.004\NAVENG.SYS [2010-4-10 84912]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20100410.004\NAVEX15.SYS [2010-4-10 1324720]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2010-2-3 115432]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\coh_mon.sys [2009-1-6 23888]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\drivers\neo_0103.sys [2009-1-4 22000]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2010-3-24 38976]
S3 Smcinst;Symantec Auto-upgrade Agent;c:\program files\symantec\symantec endpoint protection\smclu\setup\smcinst.exe --> c:\program files\symantec\symantec endpoint protection\smclu\setup\smcinst.exe [?]
S3 vpnclient;PacketiX VPN Client;c:\program files\packetix vpn client english\vpnclient.exe [2008-5-15 2478080]
S4 TwonkyMedia;TwonkyMedia;c:\program files\twonkymedia\twonkymediaserverwatchdog.exe -serviceversion 0 --> c:\program files\twonkymedia\twonkymediaserverwatchdog.exe -serviceversion 0 [?]
S4 vsdatant;vsdatant;a --> a [?]
=============== Created Last 30 ================
2010-04-11 09:17:10 0 ----a-w- c:\documents and settings\ninja.anbf\defogger_reenable
2010-04-11 06:39:20 96512 ----a-w- c:\windows\system32\drivers\tsk7.tmp
2010-04-11 06:39:20 36488 ----a-w- c:\windows\system32\drivers\klmdb.sys
2010-04-11 06:12:19 0 d-----w- c:\program files\Trend Micro
2010-04-11 04:40:37 0 d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-04-06 07:24:17 0 d-----w- c:\program files\ESET
2010-04-06 06:51:46 146432 -c--a-w- c:\windows\system32\dllcache\regedit.exe
2010-04-06 06:51:46 146432 ----a-w- c:\windows\regedit.exe
2010-04-06 06:43:45 98816 ----a-w- c:\windows\sed.exe
2010-04-06 06:43:45 77312 ----a-w- c:\windows\MBR.exe
2010-04-06 06:43:45 261632 ----a-w- c:\windows\PEV.exe
2010-04-06 06:43:45 161792 ----a-w- c:\windows\SWREG.exe
2010-04-06 05:02:31 452 --sha-r- c:\documents and settings\ninja.anbf\ntuser.pol
2010-04-06 03:53:18 0 d--h--w- c:\windows\system32\GroupPolicy
2010-04-06 03:47:55 0 d-----w- c:\docume~1\ninja~1.anb\applic~1\Malwarebytes
2010-04-06 03:39:36 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-06 03:39:31 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-04-06 03:35:44 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-06 03:35:44 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-06 03:17:02 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-04-06 03:17:02 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-04-06 03:16:53 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-04-06 03:16:53 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-04-06 03:16:49 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-04-06 03:16:49 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-04-06 02:51:03 0 d-----w- c:\docume~1\ninja~1.anb\applic~1\GameMill Entertainment
2010-03-25 07:55:20 209408 ----a-w- c:\windows\system32\Tabctl32.ocx
2010-03-25 07:55:20 203576 ----a-w- c:\windows\system32\RichTx32.ocx
2010-03-25 07:55:19 958224 ----a-w- c:\windows\system32\MsChart.ocx
2010-03-25 07:55:19 227600 ----a-w- c:\windows\system32\MsFlxGrd.ocx
2010-03-25 07:55:19 140288 ----a-w- c:\windows\system32\ComDlg32.ocx
2010-03-25 07:55:19 115016 ----a-w- c:\windows\system32\MsInet.ocx
2010-03-25 07:55:19 108336 ----a-w- c:\windows\system32\MsWinsck.ocx
2010-03-25 06:13:56 0 d-----w- c:\docume~1\alluse~1\applic~1\SolarWinds
2010-03-25 06:10:02 0 d-----w- c:\program files\SolarWinds
2010-03-24 09:30:18 0 d-----w- c:\program files\CommTraffic
2010-03-24 08:34:46 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys
2010-03-24 08:34:33 0 d-----w- c:\docume~1\alluse~1\applic~1\Paessler
2010-03-24 08:32:44 0 d-----w- c:\program files\PRTG Network Monitor
2010-03-24 07:29:16 0 d-----w- c:\program files\Network Probe 3
==================== Find3M ====================
2010-04-11 06:29:11 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-04-07 02:56:19 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2010-02-17 19:52:33 162048 ----a-w- c:\windows\system32\drivers\wpshelper.sys
============= FINISH: 4:20:21.79 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-03-17.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/2/2009 1:49:51 AM
System Uptime: 4/11/2010 1:28:27 AM (3 hours ago)
Motherboard: MSI | | MS-7008
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | Socket-1 | 3214/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 20 GiB total, 6.049 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 87.903 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is FIXED (NTFS) - 92 GiB total, 73.557 GiB free.
I: is Removable
M: is NetworkDisk (NTFS) - 186 GiB total, 114.433 GiB free.
S: is NetworkDisk (NTFS) - 211 GiB total, 97.012 GiB free.
T: is NetworkDisk (NTFS) - 233 GiB total, 48.154 GiB free.
U: is NetworkDisk (NTFS) - 699 GiB total, 62.259 GiB free.
V: is Removable
W: is Removable
X: is Removable
Y: is Removable
==== Disabled Device Manager Items =============
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: VIA Compatable Fast Ethernet Adapter
Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_C03C1462&REV_78\3&61AAA01&0&90
Manufacturer: VIA Technologies, Inc.
Name: VIA Compatable Fast Ethernet Adapter
PNP Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_C03C1462&REV_78\3&61AAA01&0&90
Service: FETNDIS
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: VPN Client Adapter - VPN
Device ID: ROOT\NET\0000
Manufacturer: SoftEther Corporation
Name: VPN Client Adapter - VPN
PNP Device ID: ROOT\NET\0000
Service: Neo_VPN
Class GUID: {ADE50D0F-E431-4CB2-AC42-04FD9E1E7C17}
Description: PortIO32 - Xbox 360 Device Driver
Device ID: ROOT\UNKNOWN\0000
Manufacturer: JungleFlasher
Name: PortIO32 - Xbox 360 Device Driver
PNP Device ID: ROOT\UNKNOWN\0000
Service: portio32
==== System Restore Points ===================
No restore point in system.
==== Installed Programs ======================
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1
Advertising Center
CloneCD
Compatibility Pack for the 2007 Office system
Convert FLV to MP3 1.0
Debugging Tools for Windows (x86)
DolbyFiles
DVD Decrypter (Remove Only)
DVD Shrink 3.2
EncVorbis 1.1
ESET Online Scanner v3
EVEREST Ultimate Edition v5.00
Fraps
Free Music Zilla
GameHouse
Giganews Accelerator
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
HuluDesktop
ImagXpress
iPrep v008.8
ISO Recorder
Java(TM) 6 Update 14
LiveUpdate 3.3 (Symantec Corporation)
Logitech Harmony Remote Software 7
Malwarebytes' Anti-Malware
Menu Templates - Starter Kit
Microsoft .NET Framework 2.0
Microsoft ActiveSync
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Premium
Microsoft Visual C++ 2005 Redistributable
Movie Templates - Starter Kit
Mozilla Firefox (3.6.3)
Nero 7 Ultra Edition
Nero 9
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero DiscSpeed
Nero DriveSpeed
Nero InfoTool
Nero Installer
Nero PhotoSnap
Nero Recode
Nero Rescue Agent
Nero ShowTime
Nero StartSmart
Nero Vision
Nero WaveEditor
NeroBurningROM
NeroExpress
neroxml
NetLimiter 2 Pro (remove only)
NewsBin Pro
NVIDIA Drivers
O&O Defrag Professional Edition
O&O DiskRecovery
Opti Drive Control 1.44
OpticFilm 7300
PacketiX VPN Client (English)
PixiePack Codec Pack
Platform
Power Sound Editor Free
Presto! ImageFolio 4
Presto! PageManager 7.10
QuickPar 0.9
Remote Control USB Driver
Runes of Magic
Sandboxie 3.44
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB952069)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
SilverFast UScan-SE 6.6.0r2
SoundTrax
Spybot - Search & Destroy
Symantec Endpoint Protection
Trillian
TwonkyMedia Manager
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VIA Platform Device Manager
VLC media player 0.9.9
VueScan
WebFldrs XP
Winamp
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format Runtime
WinRAR archiver
ZIP Password Recovery Magic v6.1.1.2
==== Event Viewer Messages From Past Week ========
4/6/2010 2:06:03 AM, error: NETLOGON [5719] - No Domain Controller is available for domain ANBF due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
4/6/2010 2:05:55 AM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
4/6/2010 2:05:55 AM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
4/6/2010 1:54:13 AM, error: Service Control Manager [7034] - The VRAID Log Service service terminated unexpectedly. It has done this 1 time(s).
4/6/2010 1:16:35 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/6/2010 1:13:33 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ViaIde
4/6/2010 1:13:33 AM, error: Service Control Manager [7023] - The Network Security service terminated with the following error: The specified module could not be found.
4/6/2010 1:13:18 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
4/5/2010 9:21:55 PM, error: System Error [1003] - Error code 0000001a, parameter1 00041284, parameter2 d97ca001, parameter3 000152ff, parameter4 c0c00000.
4/5/2010 10:28:22 PM, information: Windows File Protection [64004] - The protected system file regedit.exe could not be restored to its original, valid version. The file version of the bad file is unknown The specific error code is 0x000006ba [The RPC server is unavailable. ].
4/5/2010 10:26:38 PM, error: Service Control Manager [7034] - The NetLimiter service terminated unexpectedly. It has done this 1 time(s).
4/5/2010 10:22:51 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
4/5/2010 10:21:02 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
4/5/2010 10:17:25 PM, error: Service Control Manager [7000] - The USB Scanner Driver service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:24 PM, error: Service Control Manager [7000] - The USB Audio Driver (WDM) service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:23 PM, error: Service Control Manager [7000] - The Tunebite High-Speed Dubbing service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:22 PM, error: Service Control Manager [7000] - The Microsoft Kernel GS Wavetable Synthesizer service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:21 PM, error: Service Control Manager [7000] - The SRTSPL service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:20 PM, error: Service Control Manager [7000] - The Microsoft Kernel Audio Splitter service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:18 PM, error: Service Control Manager [7000] - The Secdrv service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:17 PM, error: Service Control Manager [7000] - The PSSDK42 service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:14 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file lbrtfdc.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.10.1.0.
4/5/2010 10:17:14 PM, error: Service Control Manager [7000] - The IPX Traffic Forwarder Driver service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:11 PM, error: Service Control Manager [7001] - The IPX Traffic Filter Driver service depends on the IPX Traffic Forwarder Driver service which failed to start because of the following error: The system cannot find the file specified.
4/5/2010 10:17:08 PM, error: Service Control Manager [7000] - The Microsoft Streaming Quality Manager Proxy service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:07 PM, error: Service Control Manager [7000] - The Microsoft Streaming Clock Proxy service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:03 PM, error: Service Control Manager [7000] - The Microsoft Streaming Service Proxy service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:02 PM, error: Service Control Manager [7000] - The IR Enumerator Service service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:01 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file i2omgmt.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.5512.
4/5/2010 10:17:01 PM, error: Service Control Manager [7000] - The IP Network Address Translator service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:17:00 PM, error: Service Control Manager [7000] - The IP in IP Tunnel Driver service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:59 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file changer.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.5512.
4/5/2010 10:16:59 PM, error: Service Control Manager [7000] - The IP Traffic Filter Driver service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:58 PM, error: Service Control Manager [7000] - The IPv6 Windows Firewall Driver service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:54 PM, error: Service Control Manager [7000] - The i8042 Keyboard and PS/2 Mouse Port Driver service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:54 PM, error: Service Control Manager [7000] - The i2omgmt service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:53 PM, error: Service Control Manager [7000] - The Microsoft Kernel DRM Audio Descrambler service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:52 PM, error: Service Control Manager [7000] - The Microsoft Kernel DLS Syntheiszer service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:50 PM, error: Service Control Manager [7000] - The COH_Mon service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:47 PM, error: Service Control Manager [7000] - The Bluetooth Network Filter service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:45 PM, error: Service Control Manager [7000] - The Bluetooth USB For Bluetooth Service service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:44 PM, error: Service Control Manager [7000] - The MAC Bridge service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:44 PM, error: Service Control Manager [7000] - The MAC Bridge Miniport service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:43 PM, error: Service Control Manager [7000] - The RAS Asynchronous Media Driver service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:43 PM, error: Service Control Manager [7000] - The ATM ARP Client Protocol service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:16:42 PM, error: Service Control Manager [7000] - The Microsoft Kernel Acoustic Echo Canceller service failed to start due to the following error: The system cannot find the file specified.
4/5/2010 10:15:59 PM, error: Service Control Manager [7023] - The 6to4 service terminated with the following error: The specified module could not be found.
4/5/2010 10:15:26 PM, information: Windows File Protection [64001] - File replacement was attempted on the protected system file c:\windows\system32\drwtsn32.exe. This file was restored to the original version to maintain system stability. The file version of the bad file is 5.1.2600.0, the version of the system file is 5.1.2600.0.
4/11/2010 12:29:50 AM, error: NetBT [4321] - The name "ANBF :1d" could not be registered on the Interface with IP address 192.168.100.10. The machine with the IP address 192.168.100.11 did not allow the name to be claimed by this machine.
4/11/2010 1:39:30 AM, error: NETLOGON [5783] - The session setup to the Windows NT or Windows 2000 Domain Controller \\anbf3.ANBF.LOCAL for the domain ANBF is not responsive. The current RPC call from Netlogon on \\NINJA2ND to \\anbf3.ANBF.LOCAL has been cancelled.
==== End Of File ===========================