Dolores
Below is the dds and the other file.
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 16:25:20.67 on Mon 04/18/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.197 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: McAfee VirusScan *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: McAfee Personal Firewall *Enabled*
.
============== Running Processes ===============
.
C:\windows\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\windows\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Netopia\C3kWEPn.exe
C:\Program Files\BellSouthWCC\McciTrayApp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
svchost.exe
C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Forefront Online Protection for Exchange Gateway\Microsoft.Forefront.Server.EhsGatewayService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\windows\system32\PSIService.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\windows\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\Wacom_Tablet.exe
C:\WINDOWS\System32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\System32\Wacom_Tablet.exe
C:\windows\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\windows\system32\msiexec.exe
C:\windows\system32\MsiExec.exe
C:\windows\explorer.exe
C:\Documents and Settings\Owner\My Documents\Downloads\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.mc1133.mail.yahoo.com/mc/welc ... 9kpqln8m81
mStart Page = hxxp://www.youcansearch.com
uInternet Connection Wizard,ShellNext = https://pbells.broadjump.com/wizlet/iw60/launch.htm
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: TTB000000 Class: {62960d20-6d0d-1ab4-4bf1-95b0b5b8783a} - c:\windows\COUPON~1.DLL
BHO: Browser Enhancer: {86ef8bd1-47f3-4322-923f-f29cdf477eb0} - c:\program files\caj media\browser enhancer\adxloader.dll
BHO: BrowserHelper Class: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - c:\program files\sgpsa\SearchAssistant.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Search Assistant: {f0626a63-410b-45e2-99a1-3f2475b2d695} - c:\program files\sgpsa\BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: CouponBar: {5bed3930-2e9e-76d8-bacc-80df2188d455} - c:\windows\CouponsBar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Sonic RecordNow!]
uRun: [Rainlendar2] c:\program files\rainlendar2\Rainlendar2.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [EPSON Stylus Photo R320 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /M "Stylus Photo R320" /EF "HKCU"
uRun: [{40E0B0D5-50AA-C637-C6C4-B99B40B4F4AB}] "c:\documents and settings\owner\application data\lebize\ulokz.exe"
uRun: [AdobeBridge]
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [{F2C7D944-FD36-49EB-E988-4B40B4DA5EF5}] "c:\documents and settings\owner\application data\imkui\cate.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\maxtor\schedule2\schedhlp.exe"
mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe
mRun: [C2kWep] c:\program files\netopia\C3kWEPn.exe
mRun: [BellSouthWCC_McciTrayApp] c:\program files\bellsouthwcc\McciTrayApp.exe
mRun: [EPSON Stylus Photo R320 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB002" /M "Stylus Photo R320"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [StorageGuard] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Corel File Shell Monitor] c:\program files\corel\corel paint shop pro photo x2\CorelIOMonitor.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel Photo Downloader.exe" -startup
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc2~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpobnz08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Trusted Zone: plaxo.com\www
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 7652113531
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\qs24tubu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/result ... EF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://us.mc1147.mail.yahoo.com/mc/welc ... kfptfb1nok
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\qs24tubu.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\qs24tubu.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\qs24tubu.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\qs24tubu.default\extensions\piclens@cooliris.com\components\cooliris.dll
FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\qs24tubu.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\yahoo!\browserplus\2.4.21\plugins\npybrowserplus_2.4.21.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\sony\media go\npmediago.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Cooliris: piclens@cooliris.com - %profile%\extensions\piclens@cooliris.com
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\all users\application data\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - c:\program files\google\google gears\Firefox
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: XULRunner: {6B31B409-EF8A-407F-8315-28E79CF30908} - c:\documents and settings\owner\local settings\application data\{6B31B409-EF8A-407F-8315-28E79CF30908}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\avast software\avast\webrep\FF
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-4 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-3-4 301528]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165264]
R1 MpKsl6e020cc5;MpKsl6e020cc5;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f966d45c-e501-4077-935d-9d2256863069}\MpKsl6e020cc5.sys [2011-4-18 28752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-3-4 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-3-4 42184]
R2 FopeGatewayService;Microsoft Forefront Online Protection for Exchange Gateway Management Service;c:\program files\microsoft forefront online protection for exchange gateway\Microsoft.Forefront.Server.EhsGatewayService.exe [2009-10-2 55160]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-12-23 88176]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-7-9 1373480]
R3 NTPASp50;NTPASp50 NDIS Protocol Driver;c:\windows\system32\drivers\NtpaSp50.sys [2009-7-7 17536]
S1 MpKsl11b7ff98;MpKsl11b7ff98;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\mpksl11b7ff98.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\MpKsl11b7ff98.sys [?]
S1 MpKsl1e0b8786;MpKsl1e0b8786;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\mpksl1e0b8786.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\MpKsl1e0b8786.sys [?]
S1 MpKsl67410063;MpKsl67410063;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\mpksl67410063.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\MpKsl67410063.sys [?]
S1 MpKsl677e764f;MpKsl677e764f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c742587d-0259-404e-acdb-3ec2d22258cd}\mpksl677e764f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c742587d-0259-404e-acdb-3ec2d22258cd}\MpKsl677e764f.sys [?]
S1 MpKsl72bbce1e;MpKsl72bbce1e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\mpksl72bbce1e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\MpKsl72bbce1e.sys [?]
S1 MpKslbb40661c;MpKslbb40661c;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f966d45c-e501-4077-935d-9d2256863069}\mpkslbb40661c.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f966d45c-e501-4077-935d-9d2256863069}\MpKslbb40661c.sys [?]
S1 MpKslc72f6af2;MpKslc72f6af2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\mpkslc72f6af2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\MpKslc72f6af2.sys [?]
S1 MpKslcf4854a6;MpKslcf4854a6;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a6803d7c-5cfb-4cfc-bb33-d91ab4f1c10b}\mpkslcf4854a6.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a6803d7c-5cfb-4cfc-bb33-d91ab4f1c10b}\MpKslcf4854a6.sys [?]
S1 MpKsle7bfff81;MpKsle7bfff81;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\mpksle7bfff81.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b471c179-3317-48d2-96c5-7185d288a901}\MpKsle7bfff81.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-27 133104]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-9-15 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-9-15 40552]
S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver;\??\c:\windows\system32\plcmpr5.sys --> c:\windows\system32\PLCMPR5.SYS [?]
S3 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;c:\windows\system32\PLCNDIS5.SYS [2009-7-19 17280]
S3 SWLD23U;Netopia 802.11b WLAN USB Adapter;c:\windows\system32\drivers\swld23u.sys [2009-7-7 82888]
S3 swlubtl;WLAN USB Boot Device;c:\windows\system32\drivers\swlubtl.sys [2009-7-7 53690]
.
=============== Created Last 30 ================
.
2011-04-18 18:53:35 28752 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{f966d45c-e501-4077-935d-9d2256863069}\MpKsl6e020cc5.sys
2011-04-11 23:02:05 6792528 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{f966d45c-e501-4077-935d-9d2256863069}\mpengine.dll
2011-04-11 22:46:19 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\PackageAware
2011-04-02 18:23:47 388096 ----a-r- c:\docume~1\owner\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-03-22 02:21:00 398760 ----a-r- c:\windows\system32\cpnprt2.cid
.
==================== Find3M ====================
.
2011-04-18 12:41:41 2516 --sha-w- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2011-02-23 15:04:21 40648 ----a-w- c:\windows\avastSS.scr
2011-02-02 22:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3500418AS rev.CC34 -> Harddisk0\DR0 -> \Device\Ide\IdePort1 P1T0L0-17
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86F35439]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x86f3b7b8]; MOV EAX, [0x86f3b834]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x86F85AB8]
3 CLASSPNP[0xF7617FD7] -> nt!IofCallDriver[0x804E37D5] -> [0x86F90550]
\Driver\atapi[0x86F813D0] -> IRP_MJ_CREATE -> 0x86F35439
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP1T0L0-17 -> \??\IDE#DiskST3500418AS_____________________________CC34____#5&2fdfe383&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x86F3527F
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 16:33:22.15 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 7/7/2009 9:18:43 PM
System Uptime: 4/18/2011 2:52:20 PM (2 hours ago)
.
Motherboard: Dell Computer Corp. | | 0N2828
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz | Microprocessor | 2660/533mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 351.283 GiB free.
D: is CDROM ()
E: is CDROM ()
G: is FIXED (FAT32) - 466 GiB total, 269.037 GiB free.
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_05DC&PID_B023\0000275458
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_05DC&PID_B023\0000275458
Service: USBSTOR
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_14F1&DEV_2702&SUBSYS_8D891028&REV_01\4&1C660DD6&0&08F0
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_14F1&DEV_2702&SUBSYS_8D891028&REV_01\4&1C660DD6&0&08F0
Service:
.
==== System Restore Points ===================
.
RP691: 1/16/2011 2:21:13 AM - Software Distribution Service 3.0
RP692: 1/17/2011 3:26:19 AM - Software Distribution Service 3.0
RP693: 1/18/2011 6:21:08 AM - System Checkpoint
RP694: 1/18/2011 3:51:26 PM - Software Distribution Service 3.0
RP695: 1/19/2011 3:51:18 PM - Software Distribution Service 3.0
RP696: 1/20/2011 4:45:42 PM - System Checkpoint
RP697: 1/20/2011 7:14:19 PM - Software Distribution Service 3.0
RP698: 1/21/2011 7:14:14 PM - Software Distribution Service 3.0
RP699: 1/22/2011 7:14:22 PM - Software Distribution Service 3.0
RP700: 1/23/2011 1:42:59 AM - Software Distribution Service 3.0
RP701: 1/23/2011 7:14:44 PM - Software Distribution Service 3.0
RP702: 1/24/2011 7:13:11 PM - Software Distribution Service 3.0
RP703: 1/25/2011 7:12:56 PM - Software Distribution Service 3.0
RP704: 1/26/2011 7:13:11 PM - Software Distribution Service 3.0
RP705: 1/27/2011 7:12:46 PM - Software Distribution Service 3.0
RP706: 1/28/2011 1:24:08 PM - Software Distribution Service 3.0
RP707: 1/28/2011 1:36:25 PM - Software Distribution Service 3.0
RP708: 1/29/2011 2:09:06 PM - System Checkpoint
RP709: 1/30/2011 2:14:53 AM - Software Distribution Service 3.0
RP710: 1/30/2011 1:31:58 PM - Software Distribution Service 3.0
RP711: 1/30/2011 10:04:13 PM - Installed Windows XP KB942288-v3.
RP712: 1/30/2011 10:04:36 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP713: 1/31/2011 1:32:20 PM - Software Distribution Service 3.0
RP714: 2/1/2011 1:32:12 PM - Software Distribution Service 3.0
RP715: 2/2/2011 1:32:19 PM - Software Distribution Service 3.0
RP716: 2/3/2011 1:32:38 PM - Software Distribution Service 3.0
RP717: 2/4/2011 1:36:18 PM - Software Distribution Service 3.0
RP718: 2/5/2011 1:32:40 PM - Software Distribution Service 3.0
RP719: 2/6/2011 2:14:46 AM - Software Distribution Service 3.0
RP720: 2/6/2011 1:32:38 PM - Software Distribution Service 3.0
RP721: 2/7/2011 8:35:55 PM - Software Distribution Service 3.0
RP722: 2/9/2011 4:54:44 AM - Software Distribution Service 3.0
RP723: 2/10/2011 3:00:16 AM - Software Distribution Service 3.0
RP724: 2/11/2011 3:00:22 AM - Software Distribution Service 3.0
RP725: 2/11/2011 3:30:07 AM - Software Distribution Service 3.0
RP726: 2/12/2011 3:24:56 AM - Software Distribution Service 3.0
RP727: 2/13/2011 2:18:55 AM - Software Distribution Service 3.0
RP728: 2/14/2011 2:22:18 AM - System Checkpoint
RP729: 2/14/2011 3:25:15 AM - Software Distribution Service 3.0
RP730: 2/15/2011 3:25:22 AM - Software Distribution Service 3.0
RP731: 2/16/2011 3:00:16 AM - Software Distribution Service 3.0
RP732: 2/16/2011 3:25:32 AM - Software Distribution Service 3.0
RP733: 2/17/2011 3:25:08 AM - Software Distribution Service 3.0
RP734: 2/18/2011 3:25:21 AM - Software Distribution Service 3.0
RP735: 2/19/2011 3:25:21 AM - Software Distribution Service 3.0
RP736: 2/20/2011 2:19:20 AM - Software Distribution Service 3.0
RP737: 2/21/2011 3:07:25 AM - System Checkpoint
RP738: 2/21/2011 3:25:08 AM - Software Distribution Service 3.0
RP739: 2/22/2011 9:50:41 PM - System Checkpoint
RP740: 2/23/2011 10:47:16 PM - System Checkpoint
RP741: 2/25/2011 10:19:51 AM - System Checkpoint
RP742: 2/26/2011 7:52:03 PM - System Checkpoint
RP743: 2/28/2011 1:37:28 PM - System Checkpoint
RP744: 3/2/2011 10:16:25 AM - System Checkpoint
RP745: 3/3/2011 4:34:23 PM - System Checkpoint
RP746: 3/5/2011 10:26:26 AM - System Checkpoint
RP747: 3/6/2011 10:49:47 AM - System Checkpoint
RP748: 3/7/2011 3:23:24 PM - System Checkpoint
RP749: 3/10/2011 1:11:30 PM - System Checkpoint
RP750: 3/11/2011 2:40:26 PM - System Checkpoint
RP751: 3/12/2011 10:53:08 PM - System Checkpoint
RP752: 3/13/2011 11:35:02 PM - System Checkpoint
RP753: 3/15/2011 7:02:53 AM - System Checkpoint
RP754: 3/16/2011 10:47:54 PM - System Checkpoint
RP755: 3/17/2011 11:49:48 PM - System Checkpoint
RP756: 3/20/2011 1:03:12 AM - System Checkpoint
RP757: 3/29/2011 10:43:35 PM - System Checkpoint
RP758: 3/31/2011 10:45:11 PM - System Checkpoint
RP759: 4/2/2011 9:07:44 AM - System Checkpoint
RP760: 4/10/2011 9:46:01 PM - System Checkpoint
RP761: 4/12/2011 12:47:01 AM - System Checkpoint
RP762: 4/13/2011 1:01:29 AM - System Checkpoint
RP763: 4/15/2011 11:31:24 AM - System Checkpoint
.
==== Installed Programs ======================
.
AccompanEase
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Reader 9.4.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
BellSouth Wireless Connection Tool
BellSouth Wireless LAN USB Adapter
Bonjour
BroadJump Client Foundation
Browser Enhancer
Calendar Creator 10
ClickArt® 300,000 Premier Image Pak
Compatibility Pack for the 2007 Office system
Corel MediaOne
Corel Paint Shop Pro Photo X2
Coupon Printer for Windows
CouponBar
Deep Zoom Composer
Dell ResourceCD
EMEA02
EPSON CardMonitor
EPSON PhotoCenter
EPSON PhotoStarter3.0
EPSON Print CD
EPSON Printer Software
EQ5
ESPR320 Reference Guide
EZ Fonts
Family Tree Maker 6.0
Fast Browser Search (My Tattoons)
FileOpen Client
FileZilla Client 3.3.5.1
Film Factory
GIMP 2.4.6
Google Chrome
Google Gears
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 2100 series
hp psc 2100 series
ImageSkill Background Remover 3
Intel(R) Extreme Graphics Driver
Intel(R) PRO Network Connections Drivers
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 7
Kaleider 4.4
Little Mermaid II Return to the Sea
Logitech Vid HD
Logitech Webcam Software
McAfee SiteAdvisor
Media Go
Metafile Companion 1.10
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Expression Blend 3
Microsoft Expression Blend 3 SDK
Microsoft Expression Design 3
Microsoft Expression Encoder 3
Microsoft Expression Web 3
Microsoft Expression Web 3 SP1
Microsoft Forefront Online Protection for Exchange Gateway
Microsoft FrontPage 2000
Microsoft Office XP Professional
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 3 Toolkit November 2009
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.52
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.16)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Paint Shop Pro 7
Photo Story 3 for Windows
Picasa 3
PlayStation(R)Network Downloader
PlayStation(R)Store
PlugLink 9650 Utility
QuickTime
QuiltAssistant
Rainlendar2 (remove only)
Scrapbook Flair
Search Toolbar
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Serif PhotoPlus 6.0
Shape Collage
Skype Toolbars
Skype™ 5.1
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SoundMAX
Spelling Dictionaries Support For Adobe Reader 9
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
VoiceOver Kit
Wacom Tablet
WebFldrs XP
Windows Driver Package - Camera Maker (MR97310_USB_DUAL_CAMERA) Image (05/02/2006 2.0.1.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
WinZip 12.1
WPF Toolkit June 2009 (Version 3.5.40619.1)
Yahoo! BrowserPlus
Yahoo! SiteBuilder
zFlick
.
==== Event Viewer Messages From Past Week ========
.
4/18/2011 2:48:32 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/18/2011 10:06:08 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
4/18/2011 10:06:08 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
4/18/2011 10:06:08 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
4/18/2011 10:06:08 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
4/18/2011 10:04:38 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x8007041d Error description: The service did not respond to the start or control request in a timely fashion.
4/17/2011 10:04:35 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x8007041d Error description: The service did not respond to the start or control request in a timely fashion.
4/16/2011 11:10:55 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
4/16/2011 10:08:59 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
4/16/2011 10:06:51 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x8007041d Error description: The service did not respond to the start or control request in a timely fashion.
4/16/2011 10:05:51 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/15/2011 10:02:01 AM, error: Service Control Manager [7022] - The WebClient service hung on starting.
4/14/2011 10:26:25 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
4/13/2011 10:25:59 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
4/12/2011 10:25:50 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1266.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
4/11/2011 7:01:43 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.691.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
4/11/2011 6:33:49 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
.
==== End Of File ===========================