Okay... well before I do anything further, here are the results/logs of my scans:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5727
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
2/15/2011 3:58:06 PM
mbam-log-2011-02-15 (15-58-06).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 269323
Time elapsed: 1 hour(s), 10 minute(s), 14 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
_________________________________________________________
GMER 1.0.15.15530 -
http://www.gmer.net
Rootkit quick scan 2011-02-15 14:47:35
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-12 Maxtor_6L200P0 rev.BAH41G10
Running: snmn4hqg.exe; Driver: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\kftyqfow.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\WINDOWS\system32\drivers\HOOKHELP.sys (HookHelp.sys/Beijing Rising Information Technology Co., Ltd.) ZwQueryDirectoryFile [0xBA3E4894]
SSDT \??\C:\WINDOWS\system32\drivers\HOOKHELP.sys (HookHelp.sys/Beijing Rising Information Technology Co., Ltd.) ZwQuerySystemInformation [0xBA3E4939]
Code \??\C:\WINDOWS\system32\drivers\HOOKHELP.sys (HookHelp.sys/Beijing Rising Information Technology Co., Ltd.) ObReferenceObjectByHandle
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs HOOKHELP.sys (HookHelp.sys/Beijing Rising Information Technology Co., Ltd.)
AttachedDevice \FileSystem\Ntfs \Ntfs bb-run.sys (Promise Disk Accelerator/Promise Technology, Inc.)
Device \FileSystem\Fastfat \Fat HOOKHELP.sys (HookHelp.sys/Beijing Rising Information Technology Co., Ltd.)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat bb-run.sys (Promise Disk Accelerator/Promise Technology, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip HookTdi.sys (hooktdi.sys/Beijing Rising Information Technology Co., Ltd.)
AttachedDevice \Driver\Tcpip \Device\Ip rfwtdi.sys (rfwtdi.sys/Beijing Rising Information Technology Co., Ltd.)
AttachedDevice \Driver\Tcpip \Device\Tcp HookTdi.sys (hooktdi.sys/Beijing Rising Information Technology Co., Ltd.)
AttachedDevice \Driver\Tcpip \Device\Tcp rfwtdi.sys (rfwtdi.sys/Beijing Rising Information Technology Co., Ltd.)
AttachedDevice \Driver\Tcpip \Device\Udp HookTdi.sys (hooktdi.sys/Beijing Rising Information Technology Co., Ltd.)
AttachedDevice \Driver\Tcpip \Device\Udp rfwtdi.sys (rfwtdi.sys/Beijing Rising Information Technology Co., Ltd.)
AttachedDevice \Driver\Tcpip \Device\RawIp HookTdi.sys (hooktdi.sys/Beijing Rising Information Technology Co., Ltd.)
AttachedDevice \Driver\Tcpip \Device\RawIp rfwtdi.sys (rfwtdi.sys/Beijing Rising Information Technology Co., Ltd.)
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-12-12.02) - NTFSx86
Run by Compaq_Owner at 16:42:20.15 on Tue 02/15/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1470.969 [GMT -5:00]
AV: Rising Antivirus *Enabled/Updated* {234E4A88-48FA-4220-A994-5323706FF524}
FW: Rising Personal Firewall *Enabled*
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Rising\RSD\RsMgrSvc.exe
C:\Program Files\Rising\Rav\RavMonD.exe
C:\Program Files\Rising\RFW\RavMonD.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Rising\RFW\RSTRAY.EXE
C:\Program Files\Rising\Rav\RSTRAY.EXE
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\Pelmiced.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Documents and Settings\Compaq_Owner\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://google.com/
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [PCDrProfiler]
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [CorelDRAW Graphics Suite 11b] c:\program files\corel\corel graphics 12\languages\en\programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=022511 serial=DR12WUX-0606275-REX lang=EN
mRun: [RFWTRAY] "c:\program files\rising\rfw\RSTRAY.EXE" -system
mRun: [RavTRAY] "c:\program files\rising\rav\RSTRAY.EXE" -system
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SMSERIAL] sm56hlpr.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 192.168.2.6 HP000D9D071653
Hosts: 69.63.189.16 static.ak.fbcdn.net
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\compaq~1\applic~1\mozilla\firefox\profiles\itkk5cx6.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q=
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np32asw.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter:
jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-2-11 64288]
R1 hooksys;hooksys;c:\windows\system32\drivers\Hooksys.sys [2010-12-1 165912]
R1 HookTdi;HookTdi;c:\windows\system32\drivers\HookTdi.sys [2010-12-1 23576]
R1 HyperVM;HyperVM;c:\windows\system32\drivers\hvm.sys [2010-12-1 31896]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 RFWARP;Rising RfwARP Driver;c:\windows\system32\drivers\rfwarp.sys [2010-12-1 27672]
R2 rfwtdi;rfwtdi;c:\program files\rising\rfw\rfwtdi.sys [2010-12-1 25624]
R2 rsfwdrv;rsfwdrv;c:\program files\rising\rfw\rsfwdrv.sys [2010-12-1 57880]
R2 RsMgrSvc;Rsd Service;c:\program files\rising\rsd\RsMgrSvc.exe [2010-12-1 88728]
R2 RsRavMon;Rav Service;c:\program files\rising\rav\RavMonD.exe [2010-12-1 167544]
R2 RsRFWMon;RFW Service;c:\program files\rising\rfw\RavMonD.exe [2010-12-1 167544]
R3 RFWNDIS;Rising RfwNdis Driver;c:\windows\system32\drivers\rfwndis.sys [2010-12-1 20248]
S3 ATICDSDr;ATICDSDr;c:\program files\ati technologies\ati control panel\atiicdxx.sys [2005-8-3 6144]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
=============== Created Last 30 ================
2011-02-15 08:46:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2011-02-15 08:46:22 -------- d-----w- c:\program files\McAfee Security Scan
2011-02-15 02:48:47 -------- d-----w- c:\windows\Performance
2011-02-15 02:48:29 -------- d-----w- c:\docume~1\compaq~1\locals~1\applic~1\Microsoft Corporation
2011-02-15 02:47:39 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2011-02-15 00:31:21 -------- dc-h--w- c:\windows\ie8
2011-02-14 05:12:59 -------- d-----w- c:\windows\system32\XPSViewer
2011-02-14 05:11:58 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-02-14 05:11:37 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-02-14 05:11:37 117760 ------w- c:\windows\system32\prntvpt.dll
2011-02-14 05:11:36 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-02-14 05:11:36 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-02-14 05:11:36 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-02-14 05:11:36 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-02-14 05:11:35 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-02-14 05:11:35 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2011-02-14 05:11:34 -------- d-----w- C:\af8b021c70bc72bd3b5735795c4b8981
2011-02-13 22:12:38 599040 ------w- c:\windows\system32\dllcache\msfeeds.dll
2011-02-13 22:12:38 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-02-13 22:12:38 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2011-02-13 22:12:37 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2011-02-13 22:12:37 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2011-02-13 22:12:37 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2011-02-13 22:12:35 11076096 ------w- c:\windows\system32\dllcache\ieframe.dll
2011-02-13 21:45:50 -------- d-----w- c:\program files\MSXML 6.0
2011-02-13 21:40:08 -------- d-----w- c:\windows\ServicePackFiles
2011-02-13 20:44:38 454016 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2011-02-13 20:43:22 2137088 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-02-13 20:43:20 2181376 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-02-13 20:43:17 2016768 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-02-13 20:43:15 2058368 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-02-13 20:40:56 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-02-13 20:40:56 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2011-02-13 19:14:10 -------- d-----w- c:\windows\system32\CatRoot_bak
2011-02-13 19:12:29 -------- d-----w- c:\windows\system32\PreInstall
2011-02-13 16:58:19 -------- d-----w- C:\VundoFix Backups
2011-02-12 18:13:30 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-02-12 16:36:20 -------- d-----w- c:\windows\Temp1
2011-02-11 17:41:08 -------- d-----w- c:\docume~1\compaq~1\applic~1\SUPERAntiSpyware.com
2011-02-11 17:41:08 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-02-11 17:39:53 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-02-11 17:01:42 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-11 16:53:08 917504 ----a-w- c:\windows\system32\FLASH.OCX
2011-02-11 11:16:24 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-02-11 11:03:18 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-10 06:44:33 -------- d-----w- c:\docume~1\compaq~1\applic~1\Malwarebytes
2011-02-10 06:44:23 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-10 06:44:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-10 06:44:18 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-10 06:44:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-09 01:27:04 -------- d-----w- c:\program files\PIXELA
2011-02-07 23:10:57 327904 ----a-w- c:\program files\mozilla firefox\plugins\np32asw.dll
2011-02-07 23:10:57 327904 ----a-w- c:\program files\mozilla firefox\components\np32asw.dll
2011-02-05 15:40:49 -------- d-----w- c:\docume~1\compaq~1\locals~1\applic~1\Temp
2011-02-05 07:22:32 912344 ----a-w- c:\program files\mozilla firefox\firefox.exe
2011-02-05 07:22:32 19416 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
2011-02-05 07:22:32 107480 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
2011-01-30 15:45:12 135568 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-01-30 15:45:12 135568 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-01-26 18:37:53 -------- d-----w- c:\docume~1\compaq~1\applic~1\WinBatch
2011-01-26 05:23:34 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-01-26 05:23:34 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2011-01-26 05:22:44 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-01-26 05:22:44 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
==================== Find3M ====================
2011-02-11 11:02:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-26 04:36:12 256 ----a-w- c:\windows\system32\pool.bin
2010-12-22 23:12:38 6656 ----a-w- c:\windows\system32\haspvdd.dll
2010-12-22 23:12:38 383 ----a-w- c:\windows\system32\haspdos.sys
2010-12-22 22:18:10 8192 ----a-w- c:\windows\system32\GTCGLMON.DLL
2010-12-01 08:20:40 146072 ------w- c:\windows\system32\ravext.dll
2010-12-01 08:15:32 239768 ------w- c:\windows\system32\bsmain.exe
============= FINISH: 16:43:02.87 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 5/29/2010 11:43:19 AM
System Uptime: 2/15/2011 2:34:41 PM (2 hours ago)
Motherboard: ASUSTek Computer INC. | | Amberine M
Processor: AMD Athlon(tm) 64 Processor 3500+ | Socket 939 | 2200/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 180 GiB total, 130.382 GiB free.
D: is FIXED (FAT32) - 6 GiB total, 1.188 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP280: 2/10/2011 12:31:04 PM - Printer Driver Microsoft Office Document Image Writer Installed
RP281: 2/11/2011 3:15:24 AM - Removed J2SE Runtime Environment 5.0
RP282: 2/11/2011 3:17:07 AM - Removed Java(TM) 6 Update 20
RP283: 2/11/2011 6:02:46 AM - Installed Java(TM) 6 Update 23
RP284: 2/11/2011 12:21:38 PM - Configured easy Internet sign-up
RP285: 2/12/2011 1:52:46 PM - System Checkpoint
RP286: 2/13/2011 12:14:24 PM - Software Distribution Service 3.0
RP287: 2/13/2011 2:10:11 PM - Software Distribution Service 3.0
RP288: 2/13/2011 4:34:37 PM - Software Distribution Service 3.0
RP289: 2/13/2011 5:16:01 PM - Installed Windows Internet Explorer 8.
RP290: 2/13/2011 5:16:50 PM - Software Distribution Service 3.0
RP291: 2/14/2011 12:05:20 AM - Software Distribution Service 3.0
RP292: 2/14/2011 12:38:26 AM - Installed Windows Internet Explorer 8.
RP293: 2/14/2011 12:39:18 AM - Software Distribution Service 3.0
RP294: 2/14/2011 12:44:21 AM - Software Distribution Service 3.0
RP295: 2/14/2011 12:28:44 PM - Software Distribution Service 3.0
RP296: 2/14/2011 2:23:06 PM - Software Distribution Service 3.0
RP297: 2/14/2011 7:32:36 PM - Installed Windows Internet Explorer 8.
RP298: 2/14/2011 7:33:41 PM - Software Distribution Service 3.0
RP299: 2/14/2011 9:47:37 PM - Installed Windows 7 Upgrade Advisor
RP300: 2/15/2011 2:40:24 AM - Software Distribution Service 3.0
RP301: 2/15/2011 3:48:20 AM - Removed Adobe Reader 7.0
RP302: 2/15/2011 3:48:42 AM - Installed Adobe Reader X (10.0.1).
==== Installed Programs ======================
7300
7300_Help
7300Trb
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0
Adobe Reader X (10.0.1)
AiO_Scan
AiOSoftware
Apple Application Support
Apple Software Update
ATI Control Panel
ATI Display Driver
Barnyard Invasion from Compaq (remove only)
Bejeweled 2 Deluxe from Compaq (remove only)
Big Kahuna Reef from Compaq (remove only)
Blackhawk Striker 2 from Compaq (remove only)
Blasterball 2 from Compaq (remove only)
Blasterball 2 Holidays from Compaq (remove only)
Boggle Supreme from Compaq (remove only)
Bounce Symphony from Compaq (remove only)
BufferChm
Compaq Connections (remove only)
Compaq Game Console and games
Compaq Multimedia Keyboard Software
Compaq Organize
Compatibility Pack for the 2007 Office system
CorelDRAW Graphics Suite 12
Crystal Maze from Compaq (remove only)
Destinations
Digby's Donuts from Compaq (remove only)
Director
FATE Demo from Compaq (remove only)
Fax
Flip Words from Compaq (remove only)
Google Toolbar for Internet Explorer
HASP4 Device Drivers
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Diagnostic Assistant
HP Image Zone 4.2
HP Photosmart Essential
HP PSC & OfficeJet 4.2
HP Software Update
HpSdpAppCoreApp
HPSystemDiagnostics
Insaniquarium Deluxe from Compaq (remove only)
InterVideo WinDVD Player
iTunes
Java Auto Updater
Java(TM) 6 Update 23
Jewel Quest from Compaq (remove only)
LightScribe 1.4.31.1
Mah Jong Quest from Compaq (remove only)
Malwarebytes' Anti-Malware
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Money 2005
Microsoft Office Professional Edition 2003
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Works
Motorola SM56 Speakerphone Modem
Mouse Suite
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
NetMos Multi-IO Controller
Office 2003 Tour
Overland
PC-Doctor 5 for Windows
Polar Bowler from Compaq (remove only)
Polar Golfer from Compaq (remove only)
ProductContext
PS2
Puzzle Express from Compaq (remove only)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QFolder
Quicken 2005
QuickTime
Readme
RealPlayer
Remove WeatherBug Installer
Ricochet Lost Worlds from Compaq (remove only)
Rising Antivirus
Rising Personal Firewall
Rising Software Deployment System
Scan
SCRABBLE Blast from Compaq (remove only)
SCRABBLE from Compaq (remove only)
SCRABBLE Rack Attack from Compaq (remove only)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Shrek 2 Ogre Bowler from Compaq (remove only)
SignLab ES2 (C:\CADlink\SignLab ES2)
Slingo Deluxe from Compaq (remove only)
Slyder from Compaq (remove only)
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Super Granny from Compaq (remove only)
SUPERAntiSpyware
Swarm from Compaq (remove only)
Tradewinds from Compaq (remove only)
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB938828)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
WebReg
Windows 7 Upgrade Advisor
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
==== Event Viewer Messages From Past Week ========
2/14/2011 3:20:38 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service iPodService with arguments "-Service" in order to run the server: {7A7FB085-6068-4898-8CCA-480A9187277C}
2/13/2011 5:07:25 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP.
2/13/2011 11:56:58 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Lavasoft Ad-Aware Service service to connect.
2/13/2011 11:56:58 PM, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/13/2011 11:56:53 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
2/13/2011 11:56:53 PM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
2/13/2011 11:56:53 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
2/13/2011 11:56:53 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
2/13/2011 11:56:53 PM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
2/13/2011 11:56:41 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).
2/13/2011 11:56:41 PM, error: Service Control Manager [7031] - The Rsd Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
2/13/2011 11:56:41 PM, error: Service Control Manager [7031] - The RFW Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
2/13/2011 11:50:25 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer SHANNON-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AACFE542-540F-410. The master browser is stopping or an election is being forced.
2/13/2011 11:43:25 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
2/12/2011 12:36:10 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
2/12/2011 12:15:42 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 Fips HookTdi IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
2/12/2011 12:15:42 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
2/12/2011 12:15:42 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/12/2011 1:09:23 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/12/2011 1:07:23 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
==== End Of File ===========================