About 3 weeks ago, I got the False virus alert virus and it hid all my files. I thought I had cleaned it up using McAfee and MalwareBytes. To restore the hidden files I unhid everything. Well the virus reappeared today. I found your forum and I have to say you guys sure appear to be the best out there! Please help.
Let me first say before I found your forum today, I ran McAfee and MalwareBytes(i have the logs if you want them) and it appeared to remove the false alerts, but that is when I found the hijacked links.
I have since found you and followed your 5 steps and attached the logs below
Thanks in advance for your assistance.
mbam log
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Database version: 6886
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
6/18/2011 11:56:37 PM
mbam-log-2011-06-18 (23-56-37).txt
Scan type: Full scan (C:\|)
Objects scanned: 328002
Time elapsed: 2 hour(s), 3 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER Log:
GMER 1.0.15.15640 - http://www.gmer.net
Rootkit quick scan 2011-06-19 00:09:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 HITACHI_ rev.PC3Z
Running: mq02i124.exe; Driver: C:\DOCUME~1\MIKERE~1\LOCALS~1\Temp\awdcapow.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\WINDOWS\system32\Drivers\Crypto.sys (SafeNet Crypto Driver/SafeNet) ZwEnumerateKey [0x99BABCB2]
SSDT \??\C:\WINDOWS\system32\Drivers\Crypto.sys (SafeNet Crypto Driver/SafeNet) ZwEnumerateValueKey [0x99BABCF2]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xB9DF0DB7]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xB9DF0E0E]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenProcess [0xB9DF0D34]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenThread [0xB9DF0D48]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwRenameKey [0xB9DF0DA1]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetSecurityObject [0xB9DF0DE4]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0xB9DF0E3B]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0xB9DF0DF8]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenProcess
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenThread
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetSecurityObject
---- Devices - GMER 1.0.15 ----
Device \Driver\iaStor \Device\Ide\iaStor0 8AD7B1ED
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 8AD7B1ED
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-1 8AD7B1ED
AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
---- Threads - GMER 1.0.15 ----
Thread System [4:208] 8AD7FE7A
Thread System [4:212] 8AD82008
---- EOF - GMER 1.0.15 ----
DDS Logs:
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Mike Reilly at 0:12:04 on 2011-06-19
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2937.1100 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
C:\Program Files\Juniper\NetScreen-Remote\IPSecMon.exe
C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\intersystems\cache\bin\cservice.exe
C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
C:\Program Files\DDNI\DIBS\DDNIService.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
c:\program files\lenovo\system update\suservice.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110606075706.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AROReminder] c:\program files\aro 2011\aro.exe -rem
mRun: [TPFNF7] c:\program files\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [<NO NAME>]
mRun: [TpShocks] TpShocks.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe
mRun: [LENOVO.TPFNF6R] c:\program files\lenovo\hotkey\TPFNF6R.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe
mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatchTray10.exe"
mRun: [RoxioDragToDisc] "c:\program files\lenovo\drag-to-disc\DrgToDsc.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Message Center Plus] c:\program files\lenovo\message center plus\MCPLaunch.exe /start
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [IdeaNotesUser] c:\program files\ddni\lenovo idea notes\DDNIMSGUser.exe
mRun: [CreateLMBCShortCut] "c:\program files\lenovo\mobile broadband connect\UserShortcutCreator.exe"
mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe
mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe
mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [SpybotSnD] "c:\program files\spybot - search & destroy\SpybotSD.exe"
mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\mikere~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\mike reilly\application data\dropbox\bin\Dropbox.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {9C5FFF8F-0FE6-47AC-A0E6-85EF424F9D32} - hxxps://ftp.firstbanks.com/COM/MOVEitUploadWizard6.0.0.ocx
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6138/mcfscan.cab
TCP: DhcpNameServer = 192.168.15.1
TCP: Interfaces\{8E2FEB0E-8564-4463-865E-BD3A8B11CC45} : DhcpNameServer = 192.168.15.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: ACNotify - ACNotify.dll
Notify: igfxcui - igfxdev.dll
Notify: tpfnf2 - c:\program files\lenovo\hotkey\notifyf2.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli ACGina
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-1-15 459728]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-3-4 20520]
R1 IPSECDRV;SafeNet IPSec Plugin;c:\windows\system32\drivers\IpSecDrv.sys [2010-7-29 139832]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2009-7-16 13480]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-1-15 89368]
R2 Cache_c-_intersystems_cache;Caché Controller for CACHE;c:\intersystems\cache\bin\cservice.exe [2010-10-5 73728]
R2 Crypto;Crypto;c:\windows\system32\drivers\Crypto.sys [2010-7-29 536634]
R2 DDNIMSGService;DDNIMSGService;c:\program files\ddni\lenovo idea notes\DDNIMSGService.exe [2009-6-23 171872]
R2 DDNIService;DDNIService;c:\program files\ddni\dibs\DDNIService.exe [2010-6-27 163680]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2009-10-5 45424]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-1-15 165000]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-1-15 159832]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-1-15 148520]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2010-9-16 80896]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-6-27 53248]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2009-10-5 62320]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2008-11-24 520192]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-1-15 57432]
R3 DniVap;SafeNet WAN Miniport (VA);c:\windows\system32\drivers\vap.sys [2010-7-29 29184]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2010-6-27 110080]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2010-6-27 119256]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-1-15 179248]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-1-15 59288]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-1-15 337912]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2011-1-15 83688]
R3 NETw1x32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETw1x32.sys [2010-6-27 5929216]
RUnknown SASDIFSV;SASDIFSV; [x]
RUnknown SASKUTIL;SASKUTIL; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-24 136176]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-10-27 366640]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\roxio\digital home 10\RoxioUpnpService10.exe [2008-4-25 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2008-4-25 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2008-4-25 166384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-6-27 1684736]
S3 CACHEhttpd;Web Server for CACHE;c:\intersystems\cache\httpd\bin\httpd.exe [2010-10-5 20541]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-24 136176]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-4-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-22 21248]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2011-1-15 83688]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-1-15 85984]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\roxio\digital home 10\RoxioUPnPRenderer10.exe [2008-4-25 313840]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-4-25 1120752]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 McOobeSv;McAfee OOBE Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
.
=============== Created Last 30 ================
.
2011-05-29 15:56:51 -------- d-----w- c:\documents and settings\mike reilly\application data\Sammsoft
2011-05-29 15:56:35 -------- d-----w- c:\program files\ARO 2011
2011-05-29 08:55:05 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-05-28 23:50:50 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-05-28 23:50:50 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-05-28 11:43:08 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-05-28 11:43:08 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2011-06-07 15:05:19 72080 ----a-w- c:\documents and settings\mike reilly\g2mdlhlpx.exe
2011-05-29 13:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-02 15:31:52 692736 ------w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19:43 456320 ------w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11:11 43520 ------w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ------w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ------w- c:\windows\system32\drivers\mup.sys
.
============= FINISH: 0:13:08.12 ===============
Attach Log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/29/2010 4:57:58 AM
System Uptime: 6/18/2011 10:26:00 AM (14 hours ago)
.
Motherboard: LENOVO | | 28479WU
Processor: Intel Pentium III Xeon processor | U2E1 | 1193/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 292 GiB total, 217.233 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP244: 3/20/2011 10:07:59 AM - System Checkpoint
RP245: 3/21/2011 4:52:35 PM - System Checkpoint
RP246: 3/22/2011 5:05:27 PM - System Checkpoint
RP247: 3/23/2011 3:00:15 AM - Software Distribution Service 3.0
RP248: 3/24/2011 3:00:15 AM - Software Distribution Service 3.0
RP249: 3/25/2011 4:03:41 AM - System Checkpoint
RP250: 3/26/2011 6:43:26 AM - System Checkpoint
RP251: 3/27/2011 11:25:48 AM - System Checkpoint
RP252: 3/28/2011 12:58:19 PM - System Checkpoint
RP253: 3/29/2011 8:17:14 PM - System Checkpoint
RP254: 3/30/2011 8:39:13 PM - System Checkpoint
RP255: 3/31/2011 11:43:43 PM - System Checkpoint
RP256: 4/1/2011 11:48:21 PM - System Checkpoint
RP257: 4/3/2011 12:01:06 AM - System Checkpoint
RP258: 4/4/2011 12:52:50 PM - System Checkpoint
RP259: 4/5/2011 6:54:03 PM - System Checkpoint
RP260: 4/6/2011 4:14:17 PM - Removed Microsoft Office Suite Activation Assistant.
RP261: 4/6/2011 4:20:04 PM - Removed 2007 Microsoft Office system
RP262: 4/6/2011 4:27:40 PM - Removed Microsoft Office 2003 Web Components
RP263: 4/6/2011 4:31:40 PM - Removed Microsoft Visio Premium 2010
RP264: 4/7/2011 9:04:20 PM - System Checkpoint
RP265: 4/9/2011 12:40:39 AM - System Checkpoint
RP266: 4/10/2011 1:42:54 AM - System Checkpoint
RP267: 4/10/2011 8:33:41 AM - Installed HTC Sync.
RP268: 4/11/2011 5:22:24 AM - Software Distribution Service 3.0
RP269: 4/12/2011 1:35:14 PM - System Checkpoint
RP270: 4/13/2011 3:43:23 PM - System Checkpoint
RP271: 4/13/2011 6:31:43 PM - Software Distribution Service 3.0
RP272: 4/14/2011 10:49:30 PM - System Checkpoint
RP273: 4/15/2011 6:03:22 AM - Software Distribution Service 3.0
RP274: 4/16/2011 7:12:24 AM - System Checkpoint
RP275: 4/17/2011 8:23:33 AM - System Checkpoint
RP276: 4/18/2011 7:03:37 PM - System Checkpoint
RP277: 4/19/2011 7:18:01 PM - System Checkpoint
RP278: 4/20/2011 10:40:34 PM - System Checkpoint
RP279: 4/21/2011 3:00:15 AM - Software Distribution Service 3.0
RP280: 4/22/2011 4:19:30 AM - System Checkpoint
RP281: 4/23/2011 5:39:31 AM - System Checkpoint
RP282: 4/24/2011 7:50:05 AM - System Checkpoint
RP283: 4/25/2011 8:45:16 AM - System Checkpoint
RP284: 4/26/2011 6:20:58 PM - System Checkpoint
RP285: 4/27/2011 3:00:15 AM - Software Distribution Service 3.0
RP286: 4/28/2011 3:48:38 AM - System Checkpoint
RP287: 4/29/2011 4:43:09 AM - System Checkpoint
RP288: 4/30/2011 9:01:09 AM - System Checkpoint
RP289: 5/1/2011 9:14:46 AM - System Checkpoint
RP290: 5/2/2011 5:24:51 PM - System Checkpoint
RP291: 5/3/2011 7:59:24 PM - System Checkpoint
RP292: 5/4/2011 8:54:59 PM - System Checkpoint
RP293: 5/5/2011 10:36:45 PM - System Checkpoint
RP294: 5/7/2011 12:15:52 AM - System Checkpoint
RP295: 5/8/2011 12:26:21 AM - System Checkpoint
RP296: 5/9/2011 12:40:40 AM - System Checkpoint
RP297: 5/10/2011 2:24:00 AM - System Checkpoint
RP298: 5/11/2011 3:00:23 AM - Software Distribution Service 3.0
RP299: 5/12/2011 4:04:20 AM - System Checkpoint
RP300: 5/13/2011 4:21:59 AM - System Checkpoint
RP301: 5/14/2011 6:04:06 AM - System Checkpoint
RP302: 5/15/2011 7:35:13 AM - System Checkpoint
RP303: 5/16/2011 6:28:49 PM - System Checkpoint
RP304: 5/17/2011 10:23:54 PM - System Checkpoint
RP305: 5/19/2011 12:09:54 AM - System Checkpoint
RP306: 5/20/2011 12:15:02 AM - System Checkpoint
RP307: 5/21/2011 2:14:26 AM - System Checkpoint
RP308: 5/22/2011 2:39:47 AM - System Checkpoint
RP309: 5/23/2011 4:38:42 AM - System Checkpoint
RP310: 5/24/2011 10:41:28 AM - System Checkpoint
RP311: 5/25/2011 1:21:27 PM - System Checkpoint
RP312: 5/26/2011 4:30:00 PM - System Checkpoint
RP313: 5/27/2011 4:40:54 PM - System Checkpoint
RP314: 5/28/2011 7:39:56 AM - Restore Operation
RP315: 5/28/2011 6:07:59 PM - Restore Operation
RP316: 5/28/2011 7:09:54 PM - Restore Operation
RP317: 5/29/2011 4:56:59 AM - Restore Operation
RP318: 5/29/2011 5:00:52 AM - Restore Operation
RP319: 5/29/2011 11:56:31 AM - ARO 2011 - Before Installation
RP320: 5/29/2011 11:57:01 AM - ARO 2011 - FIRST RUN
RP321: 5/30/2011 2:12:18 PM - System Checkpoint
RP322: 5/31/2011 6:48:01 PM - System Checkpoint
RP323: 6/1/2011 8:37:13 PM - System Checkpoint
RP324: 6/2/2011 9:32:28 PM - System Checkpoint
RP325: 6/3/2011 11:58:30 PM - System Checkpoint
RP326: 6/5/2011 12:20:32 AM - System Checkpoint
RP327: 6/6/2011 2:36:45 AM - System Checkpoint
RP328: 6/7/2011 6:21:50 PM - System Checkpoint
RP329: 6/8/2011 6:54:40 PM - System Checkpoint
RP330: 6/9/2011 7:36:59 PM - System Checkpoint
RP331: 6/10/2011 10:49:27 PM - System Checkpoint
RP332: 6/12/2011 12:38:14 AM - System Checkpoint
RP333: 6/13/2011 12:50:50 AM - System Checkpoint
RP334: 6/14/2011 1:14:54 AM - System Checkpoint
RP335: 6/15/2011 3:29:49 AM - System Checkpoint
RP336: 6/15/2011 8:38:04 AM - Software Distribution Service 3.0
RP337: 6/16/2011 3:00:20 AM - Software Distribution Service 3.0
RP338: 6/17/2011 3:47:52 AM - System Checkpoint
RP339: 6/17/2011 9:27:23 PM - Removed HTC Sync.
RP340: 6/17/2011 9:27:55 PM - Installed HTC Sync.
.
==== Installed Programs ======================
.
Access Help
ACH Origination Application
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.4
Adobe SVG Viewer 3.0
ARO 2011
Artiva Manager
Artiva Studio
Artiva Workstation
AT&T Service Activation
BufferChm
Business Contact Manager for Outlook 2007 SP2
Caché in C:\InterSystems\Cache
Client Security - Password Manager
Crystal Reports 11
CT Term GUI
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DIBS
Drag-to-Disc
Dropbox
eSupportQFolder
Google Chrome
Google Update Helper
GoToMeeting 4.8.0.723
Help Center
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB949764)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970685)
Hotfix for Windows XP (KB981793)
HP Deskjet 5400 series
HP Imaging Device Functions 5.0
HP Software Update
HP Solution Center & Imaging Support Tools 5.0
HPDeskjet5400Series
HPProductAssistant
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless WiFi Software
Intel® Matrix Storage Manager
InterSystems ODBC Driver
InterVideo WinDVD 8
Ipswitch WS_FTP Professional 2007
Java Auto Updater
Java(TM) 6 Update 21
JMicron Flash Media Controller Driver
Junk Mail filter update
Lenovo Central
Lenovo Idea Notes
Lenovo Registration
Lenovo System Interface Driver
Lenovo System Toolbox
Lenovo Welcome
Malwarebytes' Anti-Malware version 1.51.0.1200
McAfee AntiVirus Plus
McAfee Virtual Technician
Message Center
Message Center Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mobile Broadband Connect
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6.0 Parser
NetScreen-Remote
Network Recording Player
Notepad++
OGA Notifier 2.0.0048.0
On Screen Display
OnDemand Desktop Publisher
Online Data Backup
Pidgin
PokerStars
Presentation Director
Productivity Center Supplement for ThinkPad
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Rescue and Recovery
Roxio Activation Module
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Creator Small Business Edition
Roxio Express Labeler 3
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SolutionCenter
Sonic CinePlayer Decoder Pack
Sonic Icons for Lenovo
Status
System Update
TextPad 5
ThinkPad FullScreen Magnifier
ThinkPad Hotkey Features Setup
ThinkPad PC Card Power Policy
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad UltraNav Driver
ThinkPad UltraNav Utility
ThinkVantage Access Connections
ThinkVantage Active Protection System
ThinkVantage Productivity Center
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Outlook 2007 Junk Email Filter (KB2536413)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Veetle TV 0.9.18
Verizon Wireless Mobile Broadband Self Activation
VNC Free Edition 4.1.3
vShare Plugin
Wallpapers
WebEx
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Connect
Windows Media Format Runtime
Windows Media Player 10
Windows Search 4.0
Xcelsius 2008
XP Themes
.
==== Event Viewer Messages From Past Week ========
.
6/18/2011 8:15:54 AM, error: Service Control Manager [7000] - The IP Traffic Filter Driver service failed to start due to the following error: The system cannot find the file specified.
6/18/2011 10:27:56 AM, error: Service Control Manager [7024] - The Web Server for CACHE service terminated with service-specific error 1 (0x1).
6/18/2011 10:27:06 AM, error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.
6/18/2011 10:27:06 AM, error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.
6/15/2011 9:19:27 AM, error: Dhcp [1002] - The IP address lease 10.0.50.105 for the Network Card with network address 0026C748FFEA has been denied by the DHCP server 10.1.47.11 (The DHCP Server sent a DHCPNACK message).
6/15/2011 9:19:03 AM, error: ACPIEC [1] - \Device\ACPIEC: The embedded controller (EC) hardware didn't respond within the timeout period. This may indicate an error in the EC hardware or firmware, or possibly a poorly designed BIOS which accesses the EC in an unsafe manner. The EC driver will retry the failed transaction if possible.
6/15/2011 4:07:09 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer KEVINNIEDBALSKI that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8E2FEB0E-856. The master browser is stopping or an election is being forced.
6/14/2011 8:42:27 AM, error: Dhcp [1002] - The IP address lease 10.0.50.159 for the Network Card with network address 0026C748FFEA has been denied by the DHCP server 10.1.47.11 (The DHCP Server sent a DHCPNACK message).
6/13/2011 9:08:30 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer AGGREY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8E2FEB0E-8564-4463. The master browser is stopping or an election is being forced.
6/13/2011 8:31:23 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer ARLAN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8E2FEB0E-8564-4463-. The master browser is stopping or an election is being forced.
6/13/2011 7:13:23 PM, error: Dhcp [1002] - The IP address lease 10.1.47.178 for the Network Card with network address 0026C748FFEA has been denied by the DHCP server 10.0.50.254 (The DHCP Server sent a DHCPNACK message).
6/13/2011 2:40:28 PM, error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
6/13/2011 11:50:39 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer USER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8E2FEB0E-8564-4463-8. The master browser is stopping or an election is being forced.
6/12/2011 9:41:54 AM, error: Srv [2000] - The server's call to a system service failed unexpectedly.
.
==== End Of File ===========================
Let me first say before I found your forum today, I ran McAfee and MalwareBytes(i have the logs if you want them) and it appeared to remove the false alerts, but that is when I found the hijacked links.
I have since found you and followed your 5 steps and attached the logs below
Thanks in advance for your assistance.
mbam log
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Database version: 6886
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
6/18/2011 11:56:37 PM
mbam-log-2011-06-18 (23-56-37).txt
Scan type: Full scan (C:\|)
Objects scanned: 328002
Time elapsed: 2 hour(s), 3 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER Log:
GMER 1.0.15.15640 - http://www.gmer.net
Rootkit quick scan 2011-06-19 00:09:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 HITACHI_ rev.PC3Z
Running: mq02i124.exe; Driver: C:\DOCUME~1\MIKERE~1\LOCALS~1\Temp\awdcapow.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\WINDOWS\system32\Drivers\Crypto.sys (SafeNet Crypto Driver/SafeNet) ZwEnumerateKey [0x99BABCB2]
SSDT \??\C:\WINDOWS\system32\Drivers\Crypto.sys (SafeNet Crypto Driver/SafeNet) ZwEnumerateValueKey [0x99BABCF2]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xB9DF0DB7]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xB9DF0E0E]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenProcess [0xB9DF0D34]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenThread [0xB9DF0D48]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwRenameKey [0xB9DF0DA1]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetSecurityObject [0xB9DF0DE4]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0xB9DF0E3B]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0xB9DF0DF8]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenProcess
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenThread
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetSecurityObject
---- Devices - GMER 1.0.15 ----
Device \Driver\iaStor \Device\Ide\iaStor0 8AD7B1ED
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 8AD7B1ED
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-1 8AD7B1ED
AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
---- Threads - GMER 1.0.15 ----
Thread System [4:208] 8AD7FE7A
Thread System [4:212] 8AD82008
---- EOF - GMER 1.0.15 ----
DDS Logs:
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Mike Reilly at 0:12:04 on 2011-06-19
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2937.1100 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
C:\Program Files\Juniper\NetScreen-Remote\IPSecMon.exe
C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\intersystems\cache\bin\cservice.exe
C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
C:\Program Files\DDNI\DIBS\DDNIService.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\intersystems\cache\bin\cache.exe
c:\intersystems\cache\bin\cache.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
c:\program files\lenovo\system update\suservice.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110606075706.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AROReminder] c:\program files\aro 2011\aro.exe -rem
mRun: [TPFNF7] c:\program files\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [<NO NAME>]
mRun: [TpShocks] TpShocks.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe
mRun: [LENOVO.TPFNF6R] c:\program files\lenovo\hotkey\TPFNF6R.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe
mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatchTray10.exe"
mRun: [RoxioDragToDisc] "c:\program files\lenovo\drag-to-disc\DrgToDsc.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Message Center Plus] c:\program files\lenovo\message center plus\MCPLaunch.exe /start
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [IdeaNotesUser] c:\program files\ddni\lenovo idea notes\DDNIMSGUser.exe
mRun: [CreateLMBCShortCut] "c:\program files\lenovo\mobile broadband connect\UserShortcutCreator.exe"
mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe
mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe
mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [SpybotSnD] "c:\program files\spybot - search & destroy\SpybotSD.exe"
mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\mikere~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\mike reilly\application data\dropbox\bin\Dropbox.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {9C5FFF8F-0FE6-47AC-A0E6-85EF424F9D32} - hxxps://ftp.firstbanks.com/COM/MOVEitUploadWizard6.0.0.ocx
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6138/mcfscan.cab
TCP: DhcpNameServer = 192.168.15.1
TCP: Interfaces\{8E2FEB0E-8564-4463-865E-BD3A8B11CC45} : DhcpNameServer = 192.168.15.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: ACNotify - ACNotify.dll
Notify: igfxcui - igfxdev.dll
Notify: tpfnf2 - c:\program files\lenovo\hotkey\notifyf2.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli ACGina
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-1-15 459728]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-3-4 20520]
R1 IPSECDRV;SafeNet IPSec Plugin;c:\windows\system32\drivers\IpSecDrv.sys [2010-7-29 139832]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2009-7-16 13480]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-1-15 89368]
R2 Cache_c-_intersystems_cache;Caché Controller for CACHE;c:\intersystems\cache\bin\cservice.exe [2010-10-5 73728]
R2 Crypto;Crypto;c:\windows\system32\drivers\Crypto.sys [2010-7-29 536634]
R2 DDNIMSGService;DDNIMSGService;c:\program files\ddni\lenovo idea notes\DDNIMSGService.exe [2009-6-23 171872]
R2 DDNIService;DDNIService;c:\program files\ddni\dibs\DDNIService.exe [2010-6-27 163680]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2009-10-5 45424]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-1-15 165000]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-1-15 159832]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-1-15 148520]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2010-9-16 80896]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-6-27 53248]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2009-10-5 62320]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2008-11-24 520192]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-1-15 57432]
R3 DniVap;SafeNet WAN Miniport (VA);c:\windows\system32\drivers\vap.sys [2010-7-29 29184]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2010-6-27 110080]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2010-6-27 119256]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-1-15 179248]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-1-15 59288]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-1-15 337912]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2011-1-15 83688]
R3 NETw1x32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETw1x32.sys [2010-6-27 5929216]
RUnknown SASDIFSV;SASDIFSV; [x]
RUnknown SASKUTIL;SASKUTIL; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-24 136176]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-10-27 366640]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\roxio\digital home 10\RoxioUpnpService10.exe [2008-4-25 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2008-4-25 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2008-4-25 166384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-6-27 1684736]
S3 CACHEhttpd;Web Server for CACHE;c:\intersystems\cache\httpd\bin\httpd.exe [2010-10-5 20541]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-24 136176]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-4-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-22 21248]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2011-1-15 83688]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-1-15 85984]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\roxio\digital home 10\RoxioUPnPRenderer10.exe [2008-4-25 313840]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-4-25 1120752]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 McOobeSv;McAfee OOBE Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-15 214904]
.
=============== Created Last 30 ================
.
2011-05-29 15:56:51 -------- d-----w- c:\documents and settings\mike reilly\application data\Sammsoft
2011-05-29 15:56:35 -------- d-----w- c:\program files\ARO 2011
2011-05-29 08:55:05 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-05-28 23:50:50 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-05-28 23:50:50 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-05-28 11:43:08 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-05-28 11:43:08 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2011-06-07 15:05:19 72080 ----a-w- c:\documents and settings\mike reilly\g2mdlhlpx.exe
2011-05-29 13:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-02 15:31:52 692736 ------w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19:43 456320 ------w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11:11 43520 ------w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ------w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ------w- c:\windows\system32\drivers\mup.sys
.
============= FINISH: 0:13:08.12 ===============
Attach Log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/29/2010 4:57:58 AM
System Uptime: 6/18/2011 10:26:00 AM (14 hours ago)
.
Motherboard: LENOVO | | 28479WU
Processor: Intel Pentium III Xeon processor | U2E1 | 1193/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 292 GiB total, 217.233 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP244: 3/20/2011 10:07:59 AM - System Checkpoint
RP245: 3/21/2011 4:52:35 PM - System Checkpoint
RP246: 3/22/2011 5:05:27 PM - System Checkpoint
RP247: 3/23/2011 3:00:15 AM - Software Distribution Service 3.0
RP248: 3/24/2011 3:00:15 AM - Software Distribution Service 3.0
RP249: 3/25/2011 4:03:41 AM - System Checkpoint
RP250: 3/26/2011 6:43:26 AM - System Checkpoint
RP251: 3/27/2011 11:25:48 AM - System Checkpoint
RP252: 3/28/2011 12:58:19 PM - System Checkpoint
RP253: 3/29/2011 8:17:14 PM - System Checkpoint
RP254: 3/30/2011 8:39:13 PM - System Checkpoint
RP255: 3/31/2011 11:43:43 PM - System Checkpoint
RP256: 4/1/2011 11:48:21 PM - System Checkpoint
RP257: 4/3/2011 12:01:06 AM - System Checkpoint
RP258: 4/4/2011 12:52:50 PM - System Checkpoint
RP259: 4/5/2011 6:54:03 PM - System Checkpoint
RP260: 4/6/2011 4:14:17 PM - Removed Microsoft Office Suite Activation Assistant.
RP261: 4/6/2011 4:20:04 PM - Removed 2007 Microsoft Office system
RP262: 4/6/2011 4:27:40 PM - Removed Microsoft Office 2003 Web Components
RP263: 4/6/2011 4:31:40 PM - Removed Microsoft Visio Premium 2010
RP264: 4/7/2011 9:04:20 PM - System Checkpoint
RP265: 4/9/2011 12:40:39 AM - System Checkpoint
RP266: 4/10/2011 1:42:54 AM - System Checkpoint
RP267: 4/10/2011 8:33:41 AM - Installed HTC Sync.
RP268: 4/11/2011 5:22:24 AM - Software Distribution Service 3.0
RP269: 4/12/2011 1:35:14 PM - System Checkpoint
RP270: 4/13/2011 3:43:23 PM - System Checkpoint
RP271: 4/13/2011 6:31:43 PM - Software Distribution Service 3.0
RP272: 4/14/2011 10:49:30 PM - System Checkpoint
RP273: 4/15/2011 6:03:22 AM - Software Distribution Service 3.0
RP274: 4/16/2011 7:12:24 AM - System Checkpoint
RP275: 4/17/2011 8:23:33 AM - System Checkpoint
RP276: 4/18/2011 7:03:37 PM - System Checkpoint
RP277: 4/19/2011 7:18:01 PM - System Checkpoint
RP278: 4/20/2011 10:40:34 PM - System Checkpoint
RP279: 4/21/2011 3:00:15 AM - Software Distribution Service 3.0
RP280: 4/22/2011 4:19:30 AM - System Checkpoint
RP281: 4/23/2011 5:39:31 AM - System Checkpoint
RP282: 4/24/2011 7:50:05 AM - System Checkpoint
RP283: 4/25/2011 8:45:16 AM - System Checkpoint
RP284: 4/26/2011 6:20:58 PM - System Checkpoint
RP285: 4/27/2011 3:00:15 AM - Software Distribution Service 3.0
RP286: 4/28/2011 3:48:38 AM - System Checkpoint
RP287: 4/29/2011 4:43:09 AM - System Checkpoint
RP288: 4/30/2011 9:01:09 AM - System Checkpoint
RP289: 5/1/2011 9:14:46 AM - System Checkpoint
RP290: 5/2/2011 5:24:51 PM - System Checkpoint
RP291: 5/3/2011 7:59:24 PM - System Checkpoint
RP292: 5/4/2011 8:54:59 PM - System Checkpoint
RP293: 5/5/2011 10:36:45 PM - System Checkpoint
RP294: 5/7/2011 12:15:52 AM - System Checkpoint
RP295: 5/8/2011 12:26:21 AM - System Checkpoint
RP296: 5/9/2011 12:40:40 AM - System Checkpoint
RP297: 5/10/2011 2:24:00 AM - System Checkpoint
RP298: 5/11/2011 3:00:23 AM - Software Distribution Service 3.0
RP299: 5/12/2011 4:04:20 AM - System Checkpoint
RP300: 5/13/2011 4:21:59 AM - System Checkpoint
RP301: 5/14/2011 6:04:06 AM - System Checkpoint
RP302: 5/15/2011 7:35:13 AM - System Checkpoint
RP303: 5/16/2011 6:28:49 PM - System Checkpoint
RP304: 5/17/2011 10:23:54 PM - System Checkpoint
RP305: 5/19/2011 12:09:54 AM - System Checkpoint
RP306: 5/20/2011 12:15:02 AM - System Checkpoint
RP307: 5/21/2011 2:14:26 AM - System Checkpoint
RP308: 5/22/2011 2:39:47 AM - System Checkpoint
RP309: 5/23/2011 4:38:42 AM - System Checkpoint
RP310: 5/24/2011 10:41:28 AM - System Checkpoint
RP311: 5/25/2011 1:21:27 PM - System Checkpoint
RP312: 5/26/2011 4:30:00 PM - System Checkpoint
RP313: 5/27/2011 4:40:54 PM - System Checkpoint
RP314: 5/28/2011 7:39:56 AM - Restore Operation
RP315: 5/28/2011 6:07:59 PM - Restore Operation
RP316: 5/28/2011 7:09:54 PM - Restore Operation
RP317: 5/29/2011 4:56:59 AM - Restore Operation
RP318: 5/29/2011 5:00:52 AM - Restore Operation
RP319: 5/29/2011 11:56:31 AM - ARO 2011 - Before Installation
RP320: 5/29/2011 11:57:01 AM - ARO 2011 - FIRST RUN
RP321: 5/30/2011 2:12:18 PM - System Checkpoint
RP322: 5/31/2011 6:48:01 PM - System Checkpoint
RP323: 6/1/2011 8:37:13 PM - System Checkpoint
RP324: 6/2/2011 9:32:28 PM - System Checkpoint
RP325: 6/3/2011 11:58:30 PM - System Checkpoint
RP326: 6/5/2011 12:20:32 AM - System Checkpoint
RP327: 6/6/2011 2:36:45 AM - System Checkpoint
RP328: 6/7/2011 6:21:50 PM - System Checkpoint
RP329: 6/8/2011 6:54:40 PM - System Checkpoint
RP330: 6/9/2011 7:36:59 PM - System Checkpoint
RP331: 6/10/2011 10:49:27 PM - System Checkpoint
RP332: 6/12/2011 12:38:14 AM - System Checkpoint
RP333: 6/13/2011 12:50:50 AM - System Checkpoint
RP334: 6/14/2011 1:14:54 AM - System Checkpoint
RP335: 6/15/2011 3:29:49 AM - System Checkpoint
RP336: 6/15/2011 8:38:04 AM - Software Distribution Service 3.0
RP337: 6/16/2011 3:00:20 AM - Software Distribution Service 3.0
RP338: 6/17/2011 3:47:52 AM - System Checkpoint
RP339: 6/17/2011 9:27:23 PM - Removed HTC Sync.
RP340: 6/17/2011 9:27:55 PM - Installed HTC Sync.
.
==== Installed Programs ======================
.
Access Help
ACH Origination Application
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.4
Adobe SVG Viewer 3.0
ARO 2011
Artiva Manager
Artiva Studio
Artiva Workstation
AT&T Service Activation
BufferChm
Business Contact Manager for Outlook 2007 SP2
Caché in C:\InterSystems\Cache
Client Security - Password Manager
Crystal Reports 11
CT Term GUI
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DIBS
Drag-to-Disc
Dropbox
eSupportQFolder
Google Chrome
Google Update Helper
GoToMeeting 4.8.0.723
Help Center
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB949764)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970685)
Hotfix for Windows XP (KB981793)
HP Deskjet 5400 series
HP Imaging Device Functions 5.0
HP Software Update
HP Solution Center & Imaging Support Tools 5.0
HPDeskjet5400Series
HPProductAssistant
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless WiFi Software
Intel® Matrix Storage Manager
InterSystems ODBC Driver
InterVideo WinDVD 8
Ipswitch WS_FTP Professional 2007
Java Auto Updater
Java(TM) 6 Update 21
JMicron Flash Media Controller Driver
Junk Mail filter update
Lenovo Central
Lenovo Idea Notes
Lenovo Registration
Lenovo System Interface Driver
Lenovo System Toolbox
Lenovo Welcome
Malwarebytes' Anti-Malware version 1.51.0.1200
McAfee AntiVirus Plus
McAfee Virtual Technician
Message Center
Message Center Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mobile Broadband Connect
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6.0 Parser
NetScreen-Remote
Network Recording Player
Notepad++
OGA Notifier 2.0.0048.0
On Screen Display
OnDemand Desktop Publisher
Online Data Backup
Pidgin
PokerStars
Presentation Director
Productivity Center Supplement for ThinkPad
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Rescue and Recovery
Roxio Activation Module
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Creator Small Business Edition
Roxio Express Labeler 3
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SolutionCenter
Sonic CinePlayer Decoder Pack
Sonic Icons for Lenovo
Status
System Update
TextPad 5
ThinkPad FullScreen Magnifier
ThinkPad Hotkey Features Setup
ThinkPad PC Card Power Policy
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad UltraNav Driver
ThinkPad UltraNav Utility
ThinkVantage Access Connections
ThinkVantage Active Protection System
ThinkVantage Productivity Center
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Outlook 2007 Junk Email Filter (KB2536413)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Veetle TV 0.9.18
Verizon Wireless Mobile Broadband Self Activation
VNC Free Edition 4.1.3
vShare Plugin
Wallpapers
WebEx
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Connect
Windows Media Format Runtime
Windows Media Player 10
Windows Search 4.0
Xcelsius 2008
XP Themes
.
==== Event Viewer Messages From Past Week ========
.
6/18/2011 8:15:54 AM, error: Service Control Manager [7000] - The IP Traffic Filter Driver service failed to start due to the following error: The system cannot find the file specified.
6/18/2011 10:27:56 AM, error: Service Control Manager [7024] - The Web Server for CACHE service terminated with service-specific error 1 (0x1).
6/18/2011 10:27:06 AM, error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.
6/18/2011 10:27:06 AM, error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.
6/15/2011 9:19:27 AM, error: Dhcp [1002] - The IP address lease 10.0.50.105 for the Network Card with network address 0026C748FFEA has been denied by the DHCP server 10.1.47.11 (The DHCP Server sent a DHCPNACK message).
6/15/2011 9:19:03 AM, error: ACPIEC [1] - \Device\ACPIEC: The embedded controller (EC) hardware didn't respond within the timeout period. This may indicate an error in the EC hardware or firmware, or possibly a poorly designed BIOS which accesses the EC in an unsafe manner. The EC driver will retry the failed transaction if possible.
6/15/2011 4:07:09 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer KEVINNIEDBALSKI that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8E2FEB0E-856. The master browser is stopping or an election is being forced.
6/14/2011 8:42:27 AM, error: Dhcp [1002] - The IP address lease 10.0.50.159 for the Network Card with network address 0026C748FFEA has been denied by the DHCP server 10.1.47.11 (The DHCP Server sent a DHCPNACK message).
6/13/2011 9:08:30 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer AGGREY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8E2FEB0E-8564-4463. The master browser is stopping or an election is being forced.
6/13/2011 8:31:23 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer ARLAN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8E2FEB0E-8564-4463-. The master browser is stopping or an election is being forced.
6/13/2011 7:13:23 PM, error: Dhcp [1002] - The IP address lease 10.1.47.178 for the Network Card with network address 0026C748FFEA has been denied by the DHCP server 10.0.50.254 (The DHCP Server sent a DHCPNACK message).
6/13/2011 2:40:28 PM, error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
6/13/2011 11:50:39 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer USER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8E2FEB0E-8564-4463-8. The master browser is stopping or an election is being forced.
6/12/2011 9:41:54 AM, error: Srv [2000] - The server's call to a system service failed unexpectedly.
.
==== End Of File ===========================