Hey guys, I have been having virus issues since mid December and have not been able to solve them on my own. I have a google redirect and Windows Security Virus and who knows what else. Attached below are the logs that are requested. Any help that you can provide is appreciated.
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.07.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
John :: JOHN-BC19467D9A [administrator]
1/7/2012 2:02:13 PM
mbam-log-2012-01-07 (14-02-13).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 235639
Time elapsed: 28 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
I:\Documents and Settings\Pam\Local Settings\Application Data\ncn.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-01-07 14:46:02
Windows 5.1.2600 Service Pack 3
Running: bml80zym.exe; Driver: I:\DOCUME~1\John\LOCALS~1\Temp\kgdyipow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs KmxFile.sys (HIPS File Guard driver/CA)
AttachedDevice \FileSystem\Ntfs \Ntfs VET-FILT.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.)
AttachedDevice \FileSystem\Ntfs \Ntfs kmxagent.sys (HIPS Agent Driver/CA)
AttachedDevice \FileSystem\Ntfs \Ntfs VET-REC.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.)
Device \Driver\Tcpip \Device\Ip kmxfw.sys (HIPS Firewall Driver/CA)
Device \Driver\Tcpip \Device\Tcp kmxfw.sys (HIPS Firewall Driver/CA)
Device \Driver\Tcpip \Device\Udp kmxfw.sys (HIPS Firewall Driver/CA)
Device \Driver\Tcpip \Device\RawIp kmxfw.sys (HIPS Firewall Driver/CA)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by John at 15:07:49 on 2012-01-07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.472 [GMT -6:00]
.
AV: CA Anti-Virus *Enabled/Updated* {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}
FW: CA Personal Firewall *Disabled*
.
============== Running Processes ===============
.
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
I:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
I:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
I:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
I:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
svchost.exe
I:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
I:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
I:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
I:\WINDOWS\eHome\ehRecvr.exe
I:\WINDOWS\eHome\ehSched.exe
I:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
I:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
svchost.exe
I:\WINDOWS\system32\svchost.exe -k imgsvc
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\system32\dllhost.exe
I:\WINDOWS\system32\wscntfy.exe
I:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
I:\WINDOWS\ehome\ehtray.exe
I:\WINDOWS\stsystra.exe
I:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2J1.EXE
I:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
I:\WINDOWS\eHome\ehmsas.exe
I:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
I:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\Program Files\Epson Software\Event Manager\EEventManager.exe
I:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
I:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
I:\Program Files\Messenger\msmsgs.exe
I:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
I:\Program Files\iPod\bin\iPodService.exe
I:\WINDOWS\system32\rundll32.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://soccernet.espn.go.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - i:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - i:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - i:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - i:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - i:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - i:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - i:\program files\canon\easy-webprint\Toolband.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - i:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [MSMSGS] "i:\program files\messenger\msmsgs.exe" /background
uRun: [swg] "i:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] i:\windows\system32\ctfmon.exe
uRun: [Artisan 837(Network)] i:\windows\system32\spool\drivers\w32x86\3\e_fatihoa.exe /fu "i:\docume~1\john\locals~1\temp\E_S1A.tmp" /EF "HKCU"
mRun: [ehTray] i:\windows\ehome\ehtray.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [ATIPTA] "i:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [OpwareSE2] "i:\program files\scansoft\omnipagese2.0\OpwareSE2.exe"
mRun: [EPSON Stylus Photo R800] i:\windows\system32\spool\drivers\w32x86\3\E_S4I2J1.EXE /P23 "EPSON Stylus Photo R800" /O6 "USB002" /M "Stylus Photo R800"
mRun: [Adobe Photo Downloader] "i:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [cctray] "i:\program files\ca\ca internet security suite\cctray\cctray.exe"
mRun: [CAVRID] "i:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe"
mRun: [cafwc] i:\program files\ca\ca internet security suite\ca personal firewall\cafw.exe -cl
mRun: [capfasem] i:\program files\ca\ca internet security suite\ca personal firewall\capfasem.exe
mRun: [<NO NAME>]
mRun: [capfupgrade] i:\program files\ca\ca internet security suite\ca personal firewall\capfupgrade.exe
mRun: [iTunesHelper] "i:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "i:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "i:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "i:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "i:\program files\java\jre6\bin\jusched.exe"
mRun: [EEventManager] "i:\program files\epson software\event manager\EEventManager.exe"
mRun: [FUFAXRCV] "i:\program files\epson software\fax utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "i:\program files\epson software\fax utility\FUFAXSTM.exe"
dRun: [ctfmon.exe] i:\windows\system32\ctfmon.exe
StartupFolder: i:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - i:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
IE: Convert link target to Adobe PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - i:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - i:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC} - i:\program files\java\jre6\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - i:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: i:\windows\system32\VetRedir.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/swdir8d196a.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - i:\program files\yahoo!\common\Yinsthelper.dll
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/44.10/uploader2.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxps://www.myfamily.com/Controls/Upload/ImageUploader5.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} - hxxp://community.weightwatchers.com/Scripts/ImageUploader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/games/popcaploader_v6.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: PFW - UmxWnp.Dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - i:\windows\system32\WPDShServiceObj.dll
STS: {5defdc92-484f-4a0a-8f98-86f2f2b4542c} - No File
LSA: Notification Packages = scecli lovojefu.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - i:\documents and settings\john\application data\mozilla\firefox\profiles\h69h0tno.default\
FF - plugin: i:\documents and settings\pam\application data\move networks\plugins\npqmp071505000010.dll
FF - plugin: i:\documents and settings\pam\application data\move networks\plugins\npqmp071705000014.dll
FF - plugin: i:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: i:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: i:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: i:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: i:\program files\mozilla firefox\plugins\NPcol500.dll
FF - plugin: i:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: i:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: i:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: i:\program files\mozilla firefox\plugins\npyaxmpb.dll
.
============= SERVICES / DRIVERS ===============
.
R0 KmxStart;KmxStart;i:\windows\system32\drivers\KmxStart.sys [2008-6-24 93712]
R1 KmxAgent;KmxAgent;i:\windows\system32\drivers\KmxAgent.sys [2008-6-24 63504]
R1 KmxFile;KmxFile;i:\windows\system32\drivers\KmxFile.sys [2008-6-24 45584]
R1 KmxFw;KmxFw;i:\windows\system32\drivers\KmxFw.sys [2008-6-24 115216]
R1 VET-FILT;VET File System Filter;i:\windows\system32\drivers\vet-filt.sys [2010-3-28 26352]
R1 VET-REC;VET File System Recognizer;i:\windows\system32\drivers\vet-rec.sys [2010-3-28 21104]
R1 VETEFILE;VET File Scan Engine;i:\windows\system32\drivers\vetefile.sys [2010-6-3 746216]
R1 VETFDDNT;VET Floppy Boot Sector Monitor;i:\windows\system32\drivers\vetfddnt.sys [2010-3-28 21488]
R1 VETMONNT;VET File Monitor;i:\windows\system32\drivers\vetmonnt.sys [2010-3-28 32240]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;i:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 CAISafe;CAISafe;i:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2010-3-28 144960]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;i:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-3-17 513408]
R2 KmxCF;KmxCF;i:\windows\system32\drivers\KmxCF.sys [2008-6-24 134648]
R2 KmxSbx;KmxSbx;i:\windows\system32\drivers\KmxSbx.sys [2008-6-24 66576]
R2 McrdSvc;Media Center Extender Service;i:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 UmxAgent;HIPS Event Manager;i:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2007-10-18 1010192]
R2 UmxCfg;HIPS Configuration Interpreter;i:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2007-10-18 801296]
R2 UmxPol;HIPS Policy Manager;i:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2008-6-24 281104]
R2 VETMSGNT;VET Message Service;i:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2010-3-28 238928]
R3 KmxCfg;KmxCfg;i:\windows\system32\drivers\KmxCfg.sys [2008-6-24 88816]
R3 PPCtlPriv;PPCtlPriv;i:\program files\ca\ca internet security suite\ca anti-spyware\PPCtlPriv.exe [2007-8-16 189704]
R3 VETEBOOT;VET Boot Scan Engine;i:\windows\system32\drivers\veteboot.sys [2010-6-3 130280]
S2 gupdate;Google Update Service (gupdate);i:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S2 mrtRate;mrtRate; [x]
S3 gupdatem;Google Update Service (gupdatem);i:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
.
=============== Created Last 30 ================
.
2011-12-30 03:43:25 626688 ----a-w- i:\program files\mozilla firefox\msvcr80.dll
2011-12-30 03:43:25 548864 ----a-w- i:\program files\mozilla firefox\msvcp80.dll
2011-12-30 03:43:25 479232 ----a-w- i:\program files\mozilla firefox\msvcm80.dll
2011-12-30 03:43:25 43992 ----a-w- i:\program files\mozilla firefox\mozutils.dll
.
==================== Find3M ====================
.
2011-12-15 02:39:37 414368 ----a-w- i:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 21:24:06 20464 ----a-w- i:\windows\system32\drivers\mbam.sys
2011-11-23 13:25:32 1859584 ----a-w- i:\windows\system32\win32k.sys
2011-11-04 19:20:51 916992 ----a-w- i:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ----a-w- i:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ----a-w- i:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- i:\windows\system32\html.iec
2011-11-01 16:07:10 1288704 ----a-w- i:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- i:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- i:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- i:\windows\system32\ntkrnlpa.exe
2011-10-14 23:38:00 456192 ----a-w- i:\windows\system32\encdec.dll
2011-10-10 14:22:41 692736 ----a-w- i:\windows\system32\inetcomm.dll
.
============= FINISH: 15:08:20.34 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/8/2006 4:47:09 PM
System Uptime: 1/7/2012 2:33:28 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0KF623
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
D: is CDROM ()
H: is CDROM ()
I: is FIXED (NTFS) - 149 GiB total, 71.201 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: TI Technologies Inc.
Description: RADEON X300 SE 128MB HyperMemory Secondary
Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Manufacturer: ATI Technologies Inc.
Name: RADEON X300 SE 128MB HyperMemory Secondary
PNP Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Service: ati2mtag
.
==== System Restore Points ===================
.
RP1883: 10/10/2011 2:34:50 PM - System Checkpoint
RP1884: 10/11/2011 2:43:33 PM - System Checkpoint
RP1885: 10/12/2011 2:52:05 PM - System Checkpoint
RP1886: 10/13/2011 4:41:16 PM - System Checkpoint
RP1887: 10/14/2011 3:00:19 AM - Software Distribution Service 3.0
RP1888: 10/15/2011 3:17:56 AM - System Checkpoint
RP1889: 10/16/2011 3:47:56 AM - System Checkpoint
RP1890: 10/17/2011 4:36:28 AM - System Checkpoint
RP1891: 10/18/2011 4:59:48 AM - System Checkpoint
RP1892: 10/19/2011 5:47:45 AM - System Checkpoint
RP1893: 10/20/2011 5:49:43 AM - System Checkpoint
RP1894: 10/21/2011 6:11:41 AM - System Checkpoint
RP1895: 10/22/2011 6:26:08 AM - System Checkpoint
RP1896: 10/23/2011 6:38:13 AM - System Checkpoint
RP1897: 10/24/2011 7:03:16 AM - System Checkpoint
RP1898: 10/25/2011 7:32:30 AM - System Checkpoint
RP1899: 10/26/2011 8:24:39 AM - System Checkpoint
RP1900: 10/27/2011 9:32:39 AM - System Checkpoint
RP1901: 10/28/2011 10:22:11 AM - System Checkpoint
RP1902: 10/29/2011 11:44:03 AM - System Checkpoint
RP1903: 10/30/2011 11:51:31 AM - System Checkpoint
RP1904: 10/31/2011 1:19:48 PM - System Checkpoint
RP1905: 11/1/2011 2:05:05 PM - System Checkpoint
RP1906: 11/2/2011 2:19:17 PM - System Checkpoint
RP1907: 11/3/2011 5:20:51 PM - System Checkpoint
RP1908: 11/5/2011 12:13:30 AM - System Checkpoint
RP1909: 11/6/2011 12:33:20 AM - System Checkpoint
RP1910: 11/7/2011 1:33:15 AM - System Checkpoint
RP1911: 11/8/2011 1:55:20 AM - System Checkpoint
RP1912: 11/9/2011 2:45:25 AM - System Checkpoint
RP1913: 11/9/2011 3:00:19 AM - Software Distribution Service 3.0
RP1914: 11/10/2011 3:20:22 AM - System Checkpoint
RP1915: 11/10/2011 9:57:10 PM - Software Distribution Service 3.0
RP1916: 11/12/2011 12:28:53 AM - System Checkpoint
RP1917: 11/13/2011 12:37:00 AM - System Checkpoint
RP1918: 11/14/2011 12:54:47 AM - System Checkpoint
RP1919: 11/15/2011 1:20:19 AM - System Checkpoint
RP1920: 11/16/2011 2:06:42 AM - System Checkpoint
RP1921: 11/17/2011 2:18:13 AM - System Checkpoint
RP1922: 11/18/2011 2:54:09 AM - System Checkpoint
RP1923: 11/19/2011 3:33:11 AM - System Checkpoint
RP1924: 11/20/2011 3:54:08 AM - System Checkpoint
RP1925: 11/21/2011 5:07:27 AM - System Checkpoint
RP1926: 11/22/2011 11:37:27 AM - System Checkpoint
RP1927: 11/23/2011 2:40:26 PM - System Checkpoint
RP1928: 11/24/2011 6:31:50 PM - System Checkpoint
RP1929: 11/25/2011 6:35:47 PM - System Checkpoint
RP1930: 11/26/2011 9:23:29 PM - System Checkpoint
RP1931: 11/27/2011 10:27:53 PM - System Checkpoint
RP1932: 11/28/2011 10:51:37 PM - System Checkpoint
RP1933: 11/29/2011 11:35:17 PM - System Checkpoint
RP1934: 11/30/2011 11:46:59 PM - System Checkpoint
RP1935: 12/2/2011 6:41:26 AM - System Checkpoint
RP1936: 12/3/2011 7:18:39 AM - System Checkpoint
RP1937: 12/4/2011 8:06:34 AM - System Checkpoint
RP1938: 12/5/2011 10:07:26 AM - System Checkpoint
RP1939: 12/6/2011 11:22:35 AM - System Checkpoint
RP1940: 12/7/2011 12:06:57 PM - System Checkpoint
RP1941: 12/8/2011 1:16:55 PM - System Checkpoint
RP1942: 12/9/2011 2:03:25 PM - System Checkpoint
RP1943: 12/10/2011 2:43:41 PM - System Checkpoint
RP1944: 12/11/2011 4:37:51 PM - System Checkpoint
RP1945: 12/13/2011 12:21:03 AM - System Checkpoint
RP1946: 12/14/2011 1:44:31 AM - System Checkpoint
RP1947: 12/15/2011 2:44:31 AM - System Checkpoint
RP1948: 12/15/2011 3:00:20 AM - Software Distribution Service 3.0
RP1949: 12/16/2011 10:58:00 PM - System Checkpoint
RP1950: 12/17/2011 11:50:38 PM - System Checkpoint
RP1951: 12/19/2011 12:56:03 AM - System Checkpoint
RP1952: 12/20/2011 1:55:32 AM - System Checkpoint
RP1953: 12/21/2011 2:30:03 AM - System Checkpoint
RP1954: 12/22/2011 3:21:02 AM - System Checkpoint
RP1955: 12/23/2011 4:56:02 AM - System Checkpoint
RP1956: 12/24/2011 6:19:03 AM - System Checkpoint
RP1957: 12/25/2011 7:06:29 AM - System Checkpoint
RP1958: 12/26/2011 8:39:34 AM - System Checkpoint
RP1959: 12/27/2011 9:28:01 AM - System Checkpoint
RP1960: 12/28/2011 9:57:08 AM - System Checkpoint
RP1961: 12/29/2011 10:47:36 AM - System Checkpoint
RP1962: 12/30/2011 11:57:30 AM - System Checkpoint
RP1963: 12/31/2011 1:13:45 PM - System Checkpoint
RP1964: 1/2/2012 8:27:17 AM - System Checkpoint
RP1965: 1/3/2012 4:24:48 PM - System Checkpoint
RP1966: 1/4/2012 5:24:08 PM - System Checkpoint
RP1967: 1/6/2012 2:11:22 AM - System Checkpoint
RP1968: 1/7/2012 2:45:00 AM - System Checkpoint
.
==== Installed Programs ======================
.
ABBYY FineReader 9.0 Sprint
Across Lite 2.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 2.0
Adobe Reader 9.4.7
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.0
Amazon MP3 Downloader 1.0.10
AnswerWorks 4.0 Runtime - English
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
ATI Parental Control
Bonjour
CA Anti-Spam
CA Anti-Spyware
CA Anti-Virus
CA Internet Security Suite
CA Personal Firewall
Canon Utilities Easy-PhotoPrint
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Coupon Printer for Windows
Critical Update for Windows Media Player 11 (KB959772)
DeductionPro 2008
DeductionPro 2009
Dell Resource CD
Easy-WebPrint
EPSON Artisan 837 Series Printer Uninstall
Epson Connect
Epson Customer Participation
Epson Download Navigator
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
Epson Print CD
EPSON Printer Software
EPSON Scan
EpsonNet Print
Garmin USB Drivers
Garmin WebUpdater
GemMaster Mystic
Google Toolbar for Internet Explorer
Google Update Helper
H&R Block Deluxe + Efile + State 2009
H&R Block Deluxe + Efile + State 2010
H&R Block Kansas 2009
H&R Block Kansas 2010
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) PRO Network Connections Drivers
iTunes
J2SE Runtime Environment 5.0 Update 10
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Malwarebytes Anti-Malware version 1.60.0.1800
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Streets and Trips 2005
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Modem Helper
MotionBased Agent
Mozilla Firefox 9.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Media Center Extensions
NVIDIA PureVideo Decoder
OmniPage SE 2.0
OpenOffice.org Installer 1.0
PENTAX Digital Camera Utility
Quicken 2007
QuickTime
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SigmaTel Audio
Sonic Encoders
System Requirements Lab
TaxCut Kansas 2008
TaxCut Premium + State + Efile 2008
TurboTax Deluxe 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebFldrs XP
WexTech AnswerWorks
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Install Manager
Zoo Tycoon 2
.
==== Event Viewer Messages From Past Week ========
.
1/7/2012 2:35:14 PM, error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.07.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
John :: JOHN-BC19467D9A [administrator]
1/7/2012 2:02:13 PM
mbam-log-2012-01-07 (14-02-13).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 235639
Time elapsed: 28 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
I:\Documents and Settings\Pam\Local Settings\Application Data\ncn.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-01-07 14:46:02
Windows 5.1.2600 Service Pack 3
Running: bml80zym.exe; Driver: I:\DOCUME~1\John\LOCALS~1\Temp\kgdyipow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs KmxFile.sys (HIPS File Guard driver/CA)
AttachedDevice \FileSystem\Ntfs \Ntfs VET-FILT.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.)
AttachedDevice \FileSystem\Ntfs \Ntfs kmxagent.sys (HIPS Agent Driver/CA)
AttachedDevice \FileSystem\Ntfs \Ntfs VET-REC.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.)
Device \Driver\Tcpip \Device\Ip kmxfw.sys (HIPS Firewall Driver/CA)
Device \Driver\Tcpip \Device\Tcp kmxfw.sys (HIPS Firewall Driver/CA)
Device \Driver\Tcpip \Device\Udp kmxfw.sys (HIPS Firewall Driver/CA)
Device \Driver\Tcpip \Device\RawIp kmxfw.sys (HIPS Firewall Driver/CA)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by John at 15:07:49 on 2012-01-07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.472 [GMT -6:00]
.
AV: CA Anti-Virus *Enabled/Updated* {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}
FW: CA Personal Firewall *Disabled*
.
============== Running Processes ===============
.
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
I:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
I:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
I:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
I:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
svchost.exe
I:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
I:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
I:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
I:\Program Files\Bonjour\mDNSResponder.exe
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
I:\WINDOWS\eHome\ehRecvr.exe
I:\WINDOWS\eHome\ehSched.exe
I:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
I:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
svchost.exe
I:\WINDOWS\system32\svchost.exe -k imgsvc
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\system32\dllhost.exe
I:\WINDOWS\system32\wscntfy.exe
I:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
I:\WINDOWS\ehome\ehtray.exe
I:\WINDOWS\stsystra.exe
I:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2J1.EXE
I:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
I:\WINDOWS\eHome\ehmsas.exe
I:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
I:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\Program Files\Epson Software\Event Manager\EEventManager.exe
I:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
I:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
I:\Program Files\Messenger\msmsgs.exe
I:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
I:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
I:\Program Files\iPod\bin\iPodService.exe
I:\WINDOWS\system32\rundll32.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://soccernet.espn.go.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - i:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - i:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - i:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - i:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - i:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - i:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - i:\program files\canon\easy-webprint\Toolband.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - i:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [MSMSGS] "i:\program files\messenger\msmsgs.exe" /background
uRun: [swg] "i:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] i:\windows\system32\ctfmon.exe
uRun: [Artisan 837(Network)] i:\windows\system32\spool\drivers\w32x86\3\e_fatihoa.exe /fu "i:\docume~1\john\locals~1\temp\E_S1A.tmp" /EF "HKCU"
mRun: [ehTray] i:\windows\ehome\ehtray.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [ATIPTA] "i:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [OpwareSE2] "i:\program files\scansoft\omnipagese2.0\OpwareSE2.exe"
mRun: [EPSON Stylus Photo R800] i:\windows\system32\spool\drivers\w32x86\3\E_S4I2J1.EXE /P23 "EPSON Stylus Photo R800" /O6 "USB002" /M "Stylus Photo R800"
mRun: [Adobe Photo Downloader] "i:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [cctray] "i:\program files\ca\ca internet security suite\cctray\cctray.exe"
mRun: [CAVRID] "i:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe"
mRun: [cafwc] i:\program files\ca\ca internet security suite\ca personal firewall\cafw.exe -cl
mRun: [capfasem] i:\program files\ca\ca internet security suite\ca personal firewall\capfasem.exe
mRun: [<NO NAME>]
mRun: [capfupgrade] i:\program files\ca\ca internet security suite\ca personal firewall\capfupgrade.exe
mRun: [iTunesHelper] "i:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "i:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "i:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "i:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "i:\program files\java\jre6\bin\jusched.exe"
mRun: [EEventManager] "i:\program files\epson software\event manager\EEventManager.exe"
mRun: [FUFAXRCV] "i:\program files\epson software\fax utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "i:\program files\epson software\fax utility\FUFAXSTM.exe"
dRun: [ctfmon.exe] i:\windows\system32\ctfmon.exe
StartupFolder: i:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - i:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
IE: Convert link target to Adobe PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - i:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - i:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - i:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC} - i:\program files\java\jre6\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - i:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: i:\windows\system32\VetRedir.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/swdir8d196a.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - i:\program files\yahoo!\common\Yinsthelper.dll
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/44.10/uploader2.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxps://www.myfamily.com/Controls/Upload/ImageUploader5.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} - hxxp://community.weightwatchers.com/Scripts/ImageUploader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/games/popcaploader_v6.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: PFW - UmxWnp.Dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - i:\windows\system32\WPDShServiceObj.dll
STS: {5defdc92-484f-4a0a-8f98-86f2f2b4542c} - No File
LSA: Notification Packages = scecli lovojefu.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - i:\documents and settings\john\application data\mozilla\firefox\profiles\h69h0tno.default\
FF - plugin: i:\documents and settings\pam\application data\move networks\plugins\npqmp071505000010.dll
FF - plugin: i:\documents and settings\pam\application data\move networks\plugins\npqmp071705000014.dll
FF - plugin: i:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: i:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: i:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: i:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: i:\program files\mozilla firefox\plugins\NPcol500.dll
FF - plugin: i:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: i:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: i:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: i:\program files\mozilla firefox\plugins\npyaxmpb.dll
.
============= SERVICES / DRIVERS ===============
.
R0 KmxStart;KmxStart;i:\windows\system32\drivers\KmxStart.sys [2008-6-24 93712]
R1 KmxAgent;KmxAgent;i:\windows\system32\drivers\KmxAgent.sys [2008-6-24 63504]
R1 KmxFile;KmxFile;i:\windows\system32\drivers\KmxFile.sys [2008-6-24 45584]
R1 KmxFw;KmxFw;i:\windows\system32\drivers\KmxFw.sys [2008-6-24 115216]
R1 VET-FILT;VET File System Filter;i:\windows\system32\drivers\vet-filt.sys [2010-3-28 26352]
R1 VET-REC;VET File System Recognizer;i:\windows\system32\drivers\vet-rec.sys [2010-3-28 21104]
R1 VETEFILE;VET File Scan Engine;i:\windows\system32\drivers\vetefile.sys [2010-6-3 746216]
R1 VETFDDNT;VET Floppy Boot Sector Monitor;i:\windows\system32\drivers\vetfddnt.sys [2010-3-28 21488]
R1 VETMONNT;VET File Monitor;i:\windows\system32\drivers\vetmonnt.sys [2010-3-28 32240]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;i:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 CAISafe;CAISafe;i:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2010-3-28 144960]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;i:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-3-17 513408]
R2 KmxCF;KmxCF;i:\windows\system32\drivers\KmxCF.sys [2008-6-24 134648]
R2 KmxSbx;KmxSbx;i:\windows\system32\drivers\KmxSbx.sys [2008-6-24 66576]
R2 McrdSvc;Media Center Extender Service;i:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 UmxAgent;HIPS Event Manager;i:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2007-10-18 1010192]
R2 UmxCfg;HIPS Configuration Interpreter;i:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2007-10-18 801296]
R2 UmxPol;HIPS Policy Manager;i:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2008-6-24 281104]
R2 VETMSGNT;VET Message Service;i:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2010-3-28 238928]
R3 KmxCfg;KmxCfg;i:\windows\system32\drivers\KmxCfg.sys [2008-6-24 88816]
R3 PPCtlPriv;PPCtlPriv;i:\program files\ca\ca internet security suite\ca anti-spyware\PPCtlPriv.exe [2007-8-16 189704]
R3 VETEBOOT;VET Boot Scan Engine;i:\windows\system32\drivers\veteboot.sys [2010-6-3 130280]
S2 gupdate;Google Update Service (gupdate);i:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S2 mrtRate;mrtRate; [x]
S3 gupdatem;Google Update Service (gupdatem);i:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
.
=============== Created Last 30 ================
.
2011-12-30 03:43:25 626688 ----a-w- i:\program files\mozilla firefox\msvcr80.dll
2011-12-30 03:43:25 548864 ----a-w- i:\program files\mozilla firefox\msvcp80.dll
2011-12-30 03:43:25 479232 ----a-w- i:\program files\mozilla firefox\msvcm80.dll
2011-12-30 03:43:25 43992 ----a-w- i:\program files\mozilla firefox\mozutils.dll
.
==================== Find3M ====================
.
2011-12-15 02:39:37 414368 ----a-w- i:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 21:24:06 20464 ----a-w- i:\windows\system32\drivers\mbam.sys
2011-11-23 13:25:32 1859584 ----a-w- i:\windows\system32\win32k.sys
2011-11-04 19:20:51 916992 ----a-w- i:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ----a-w- i:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ----a-w- i:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- i:\windows\system32\html.iec
2011-11-01 16:07:10 1288704 ----a-w- i:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- i:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- i:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- i:\windows\system32\ntkrnlpa.exe
2011-10-14 23:38:00 456192 ----a-w- i:\windows\system32\encdec.dll
2011-10-10 14:22:41 692736 ----a-w- i:\windows\system32\inetcomm.dll
.
============= FINISH: 15:08:20.34 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/8/2006 4:47:09 PM
System Uptime: 1/7/2012 2:33:28 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0KF623
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
D: is CDROM ()
H: is CDROM ()
I: is FIXED (NTFS) - 149 GiB total, 71.201 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: TI Technologies Inc.
Description: RADEON X300 SE 128MB HyperMemory Secondary
Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Manufacturer: ATI Technologies Inc.
Name: RADEON X300 SE 128MB HyperMemory Secondary
PNP Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_06031002&REV_00\4&1603E009&0&0108
Service: ati2mtag
.
==== System Restore Points ===================
.
RP1883: 10/10/2011 2:34:50 PM - System Checkpoint
RP1884: 10/11/2011 2:43:33 PM - System Checkpoint
RP1885: 10/12/2011 2:52:05 PM - System Checkpoint
RP1886: 10/13/2011 4:41:16 PM - System Checkpoint
RP1887: 10/14/2011 3:00:19 AM - Software Distribution Service 3.0
RP1888: 10/15/2011 3:17:56 AM - System Checkpoint
RP1889: 10/16/2011 3:47:56 AM - System Checkpoint
RP1890: 10/17/2011 4:36:28 AM - System Checkpoint
RP1891: 10/18/2011 4:59:48 AM - System Checkpoint
RP1892: 10/19/2011 5:47:45 AM - System Checkpoint
RP1893: 10/20/2011 5:49:43 AM - System Checkpoint
RP1894: 10/21/2011 6:11:41 AM - System Checkpoint
RP1895: 10/22/2011 6:26:08 AM - System Checkpoint
RP1896: 10/23/2011 6:38:13 AM - System Checkpoint
RP1897: 10/24/2011 7:03:16 AM - System Checkpoint
RP1898: 10/25/2011 7:32:30 AM - System Checkpoint
RP1899: 10/26/2011 8:24:39 AM - System Checkpoint
RP1900: 10/27/2011 9:32:39 AM - System Checkpoint
RP1901: 10/28/2011 10:22:11 AM - System Checkpoint
RP1902: 10/29/2011 11:44:03 AM - System Checkpoint
RP1903: 10/30/2011 11:51:31 AM - System Checkpoint
RP1904: 10/31/2011 1:19:48 PM - System Checkpoint
RP1905: 11/1/2011 2:05:05 PM - System Checkpoint
RP1906: 11/2/2011 2:19:17 PM - System Checkpoint
RP1907: 11/3/2011 5:20:51 PM - System Checkpoint
RP1908: 11/5/2011 12:13:30 AM - System Checkpoint
RP1909: 11/6/2011 12:33:20 AM - System Checkpoint
RP1910: 11/7/2011 1:33:15 AM - System Checkpoint
RP1911: 11/8/2011 1:55:20 AM - System Checkpoint
RP1912: 11/9/2011 2:45:25 AM - System Checkpoint
RP1913: 11/9/2011 3:00:19 AM - Software Distribution Service 3.0
RP1914: 11/10/2011 3:20:22 AM - System Checkpoint
RP1915: 11/10/2011 9:57:10 PM - Software Distribution Service 3.0
RP1916: 11/12/2011 12:28:53 AM - System Checkpoint
RP1917: 11/13/2011 12:37:00 AM - System Checkpoint
RP1918: 11/14/2011 12:54:47 AM - System Checkpoint
RP1919: 11/15/2011 1:20:19 AM - System Checkpoint
RP1920: 11/16/2011 2:06:42 AM - System Checkpoint
RP1921: 11/17/2011 2:18:13 AM - System Checkpoint
RP1922: 11/18/2011 2:54:09 AM - System Checkpoint
RP1923: 11/19/2011 3:33:11 AM - System Checkpoint
RP1924: 11/20/2011 3:54:08 AM - System Checkpoint
RP1925: 11/21/2011 5:07:27 AM - System Checkpoint
RP1926: 11/22/2011 11:37:27 AM - System Checkpoint
RP1927: 11/23/2011 2:40:26 PM - System Checkpoint
RP1928: 11/24/2011 6:31:50 PM - System Checkpoint
RP1929: 11/25/2011 6:35:47 PM - System Checkpoint
RP1930: 11/26/2011 9:23:29 PM - System Checkpoint
RP1931: 11/27/2011 10:27:53 PM - System Checkpoint
RP1932: 11/28/2011 10:51:37 PM - System Checkpoint
RP1933: 11/29/2011 11:35:17 PM - System Checkpoint
RP1934: 11/30/2011 11:46:59 PM - System Checkpoint
RP1935: 12/2/2011 6:41:26 AM - System Checkpoint
RP1936: 12/3/2011 7:18:39 AM - System Checkpoint
RP1937: 12/4/2011 8:06:34 AM - System Checkpoint
RP1938: 12/5/2011 10:07:26 AM - System Checkpoint
RP1939: 12/6/2011 11:22:35 AM - System Checkpoint
RP1940: 12/7/2011 12:06:57 PM - System Checkpoint
RP1941: 12/8/2011 1:16:55 PM - System Checkpoint
RP1942: 12/9/2011 2:03:25 PM - System Checkpoint
RP1943: 12/10/2011 2:43:41 PM - System Checkpoint
RP1944: 12/11/2011 4:37:51 PM - System Checkpoint
RP1945: 12/13/2011 12:21:03 AM - System Checkpoint
RP1946: 12/14/2011 1:44:31 AM - System Checkpoint
RP1947: 12/15/2011 2:44:31 AM - System Checkpoint
RP1948: 12/15/2011 3:00:20 AM - Software Distribution Service 3.0
RP1949: 12/16/2011 10:58:00 PM - System Checkpoint
RP1950: 12/17/2011 11:50:38 PM - System Checkpoint
RP1951: 12/19/2011 12:56:03 AM - System Checkpoint
RP1952: 12/20/2011 1:55:32 AM - System Checkpoint
RP1953: 12/21/2011 2:30:03 AM - System Checkpoint
RP1954: 12/22/2011 3:21:02 AM - System Checkpoint
RP1955: 12/23/2011 4:56:02 AM - System Checkpoint
RP1956: 12/24/2011 6:19:03 AM - System Checkpoint
RP1957: 12/25/2011 7:06:29 AM - System Checkpoint
RP1958: 12/26/2011 8:39:34 AM - System Checkpoint
RP1959: 12/27/2011 9:28:01 AM - System Checkpoint
RP1960: 12/28/2011 9:57:08 AM - System Checkpoint
RP1961: 12/29/2011 10:47:36 AM - System Checkpoint
RP1962: 12/30/2011 11:57:30 AM - System Checkpoint
RP1963: 12/31/2011 1:13:45 PM - System Checkpoint
RP1964: 1/2/2012 8:27:17 AM - System Checkpoint
RP1965: 1/3/2012 4:24:48 PM - System Checkpoint
RP1966: 1/4/2012 5:24:08 PM - System Checkpoint
RP1967: 1/6/2012 2:11:22 AM - System Checkpoint
RP1968: 1/7/2012 2:45:00 AM - System Checkpoint
.
==== Installed Programs ======================
.
ABBYY FineReader 9.0 Sprint
Across Lite 2.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 2.0
Adobe Reader 9.4.7
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.0
Amazon MP3 Downloader 1.0.10
AnswerWorks 4.0 Runtime - English
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
ATI Parental Control
Bonjour
CA Anti-Spam
CA Anti-Spyware
CA Anti-Virus
CA Internet Security Suite
CA Personal Firewall
Canon Utilities Easy-PhotoPrint
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Coupon Printer for Windows
Critical Update for Windows Media Player 11 (KB959772)
DeductionPro 2008
DeductionPro 2009
Dell Resource CD
Easy-WebPrint
EPSON Artisan 837 Series Printer Uninstall
Epson Connect
Epson Customer Participation
Epson Download Navigator
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
Epson Print CD
EPSON Printer Software
EPSON Scan
EpsonNet Print
Garmin USB Drivers
Garmin WebUpdater
GemMaster Mystic
Google Toolbar for Internet Explorer
Google Update Helper
H&R Block Deluxe + Efile + State 2009
H&R Block Deluxe + Efile + State 2010
H&R Block Kansas 2009
H&R Block Kansas 2010
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) PRO Network Connections Drivers
iTunes
J2SE Runtime Environment 5.0 Update 10
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Malwarebytes Anti-Malware version 1.60.0.1800
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Streets and Trips 2005
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Modem Helper
MotionBased Agent
Mozilla Firefox 9.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Media Center Extensions
NVIDIA PureVideo Decoder
OmniPage SE 2.0
OpenOffice.org Installer 1.0
PENTAX Digital Camera Utility
Quicken 2007
QuickTime
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SigmaTel Audio
Sonic Encoders
System Requirements Lab
TaxCut Kansas 2008
TaxCut Premium + State + Efile 2008
TurboTax Deluxe 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebFldrs XP
WexTech AnswerWorks
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Install Manager
Zoo Tycoon 2
.
==== Event Viewer Messages From Past Week ========
.
1/7/2012 2:35:14 PM, error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================