VvWolverinevV
Posts: 119 +0
Hi
I'm cleaning this Dell laptop as a favor. The biggest symptom I can see is a file on the desktop that I am not able to delete. The error message when I try to delete it is something to the effect of "[Unable to access the volume or device]". Please find the logs pasted below. Is the computer clean?
Symantec AntiVirus Corporate Edition 10
(no findings)
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5685
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2/5/2011 3:10:39 PM
mbam-log-2011-02-05 (15-10-39).txt
Scan type: Quick scan
Objects scanned: 139582
Time elapsed: 8 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 4
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\Ara\application data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-02-05 15:23:04
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST912081 rev.3.AD
Running: 2kz4g8od.exe; Driver: C:\DOCUME~1\Ara\LOCALS~1\Temp\uxtyiaog.sys
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-12-12.02) - NTFSx86
Run by Ara at 15:28:43.87 on Sat 02/05/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2350 [GMT -5:00]
AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\PhoTags Express\Photags AutoDetect.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Ara\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = https://my.rutgers.edu/portal
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\ara\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [PAC7311_Monitor] c:\windows\pixart\pac7311\Monitor.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\photag~1.lnk - c:\program files\photags express\Photags AutoDetect.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: NavLogon - c:\windows\system32\NavLogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 nwprovau
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\ara\applic~1\mozilla\firefox\profiles\s4l4libi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=100000000000000002&tb_oid=07-07-2009&tb_mrud=07-07-2010
FF - prefs.js: browser.startup.homepage - hxxp://gmail.com/
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&tb_uuid=100000000000000002&tb_oid=07-07-2009&tb_mrud=07-07-2010&query=
FF - plugin: c:\documents and settings\ara\application data\move networks\plugins\npqmp071505000010.dll
FF - plugin: c:\documents and settings\ara\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\ara\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\ara\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\ara\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\ara\application data\Move Networks
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]
R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-7-19 192160]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-7-19 169632]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-9-27 1813232]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-1-24 24652]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110205.002\naveng.sys [2011-2-5 86008]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110205.002\navex15.sys [2011-2-5 1360760]
S0 cerc6;cerc6; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 EraserUtilDrv11010;EraserUtilDrv11010;\??\c:\program files\common files\symantec shared\eengine\eraserutildrv11010.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrv11010.sys [?]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-2-19 30192]
S3 PAC7311;PC VGA Camera;c:\windows\system32\drivers\PA707UCM.SYS [2010-3-7 449024]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-9-27 116464]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
=============== Created Last 30 ================
2011-02-05 19:59:52 -------- d-----w- c:\docume~1\ara\applic~1\Malwarebytes
2011-02-05 19:59:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-05 19:59:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-05 19:59:37 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-05 19:59:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-05 17:13:53 -------- d-----w- c:\windows\system32\winrm
2011-02-05 17:13:47 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-02-05 16:59:28 -------- d-----w- c:\docume~1\ara\locals~1\applic~1\ApplicationHistory
2011-02-05 16:38:00 -------- d-sh--w- c:\documents and settings\ara\PrivacIE
2011-02-05 16:35:14 -------- d-sh--w- c:\documents and settings\ara\IETldCache
2011-02-05 16:16:50 -------- d-----w- c:\program files\common files\Windows Live
2011-02-05 16:14:41 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-02-05 16:13:32 -------- d-----w- c:\windows\ie8updates
2011-02-05 16:13:17 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-02-05 16:13:16 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-02-05 16:13:16 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-02-05 16:11:49 -------- dc-h--w- c:\windows\ie8
2011-02-05 15:57:45 -------- d-----w- c:\windows\system32\XPSViewer
2011-02-05 15:57:05 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-02-05 15:56:41 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-02-05 15:56:41 117760 ------w- c:\windows\system32\prntvpt.dll
2011-02-05 15:56:40 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-02-05 15:56:40 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-02-05 15:56:40 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-02-05 15:56:40 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-02-05 15:56:40 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-02-05 15:56:40 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-02-05 15:56:39 -------- d-----w- C:\d922c995927a91e91940
2011-02-05 15:48:49 -------- d-----w- c:\docume~1\ara\applic~1\Windows Desktop Search
2011-02-05 15:47:41 -------- d-----w- c:\windows\system32\GroupPolicy
2011-02-05 15:47:41 -------- d-----w- c:\program files\Windows Desktop Search
2011-02-05 15:46:10 -------- d-----w- c:\program files\Windows Media Connect 2
2011-02-05 15:43:36 -------- d-----w- c:\windows\system32\LogFiles
2011-02-05 15:40:38 -------- d-----w- c:\windows\system32\URTTemp
2011-02-05 15:09:32 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-02-05 15:09:32 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-02-05 15:09:32 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-02-05 15:09:32 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2011-02-05 15:09:31 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2011-02-05 15:09:31 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2011-02-05 15:09:31 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2011-02-05 15:09:31 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
==================== Find3M ====================
2010-11-27 23:31:20 2146304 ----a-w- c:\windows\system32\python31.dll
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
============= FINISH: 15:30:00.53 ===============
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 1/24/2009 12:58:47 PM
System Uptime: 2/5/2011 3:12:02 PM (0 hours ago)
Motherboard: Dell Inc. | | 0WM416
Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz | Microprocessor | 778/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 110 GiB total, 73.471 GiB free.
D: is FIXED (NTFS) - 2 GiB total, 1.126 GiB free.
E: is CDROM (UDF)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP363: 11/7/2010 3:51:29 PM - System Checkpoint
RP364: 11/8/2010 5:19:33 PM - System Checkpoint
RP365: 11/10/2010 7:40:35 AM - System Checkpoint
RP366: 11/11/2010 7:22:42 AM - Software Distribution Service 3.0
RP367: 11/12/2010 9:47:23 AM - System Checkpoint
RP368: 11/13/2010 12:55:44 PM - System Checkpoint
RP369: 11/15/2010 5:32:45 PM - System Checkpoint
RP370: 11/16/2010 6:34:54 PM - System Checkpoint
RP371: 11/17/2010 7:30:11 PM - System Checkpoint
RP372: 11/18/2010 8:58:23 PM - System Checkpoint
RP373: 11/20/2010 9:10:24 PM - System Checkpoint
RP374: 11/23/2010 8:40:54 AM - System Checkpoint
RP375: 11/28/2010 5:54:05 PM - System Checkpoint
RP376: 11/30/2010 8:32:15 PM - System Checkpoint
RP377: 12/1/2010 10:50:34 PM - System Checkpoint
RP378: 12/5/2010 10:01:32 AM - System Checkpoint
RP379: 12/7/2010 7:36:11 PM - System Checkpoint
RP380: 12/9/2010 5:47:26 PM - System Checkpoint
RP381: 12/10/2010 8:31:26 PM - System Checkpoint
RP382: 12/11/2010 9:06:41 PM - System Checkpoint
RP383: 12/13/2010 7:52:39 PM - Removed Ask Toolbar.
RP384: 12/15/2010 7:41:22 PM - Installed Python 3.1.3
RP385: 12/16/2010 11:55:33 AM - Software Distribution Service 3.0
RP386: 12/19/2010 2:23:37 PM - System Checkpoint
RP387: 12/22/2010 10:02:36 PM - System Checkpoint
RP388: 12/23/2010 11:53:37 PM - System Checkpoint
RP389: 12/26/2010 1:40:46 PM - System Checkpoint
RP390: 12/27/2010 2:58:43 PM - System Checkpoint
RP391: 12/28/2010 8:58:23 PM - System Checkpoint
RP392: 12/29/2010 11:22:18 AM - Configured Microsoft Office Professional Plus 2007
RP393: 12/30/2010 7:47:46 AM - Software Distribution Service 3.0
RP394: 1/2/2011 8:53:16 PM - Software Distribution Service 3.0
RP395: 1/6/2011 7:39:43 AM - Software Distribution Service 3.0
RP396: 1/7/2011 8:11:20 PM - System Checkpoint
RP397: 1/8/2011 8:51:05 PM - System Checkpoint
RP398: 1/10/2011 7:59:44 PM - System Checkpoint
RP399: 1/11/2011 9:37:53 PM - Software Distribution Service 3.0
RP400: 1/12/2011 10:24:44 PM - System Checkpoint
RP401: 1/17/2011 9:26:50 PM - System Checkpoint
RP402: 1/18/2011 9:40:53 PM - System Checkpoint
RP403: 1/19/2011 9:45:41 PM - System Checkpoint
RP404: 1/22/2011 6:34:41 PM - System Checkpoint
RP405: 1/23/2011 6:52:09 PM - System Checkpoint
RP406: 1/24/2011 10:03:33 PM - System Checkpoint
RP407: 1/27/2011 11:44:04 AM - System Checkpoint
RP408: 1/28/2011 7:32:09 PM - System Checkpoint
RP409: 1/31/2011 8:41:43 PM - System Checkpoint
RP410: 2/1/2011 9:00:46 PM - System Checkpoint
RP411: 2/3/2011 2:02:30 PM - System Checkpoint
RP412: 2/5/2011 9:59:53 AM - Software Distribution Service 3.0
RP413: 2/5/2011 10:17:26 AM - Software Distribution Service 3.0
RP414: 2/5/2011 10:23:59 AM - Software Distribution Service 3.0
RP415: 2/5/2011 10:40:24 AM - Software Distribution Service 3.0
RP416: 2/5/2011 11:35:35 AM - Printer Driver Microsoft XPS Document Writer Installed
RP417: 2/5/2011 11:53:48 AM - Software Distribution Service 3.0
RP418: 2/5/2011 12:51:35 PM - Software Distribution Service 3.0
RP419: 2/5/2011 12:55:07 PM - Software Distribution Service 3.0
==== Installed Programs ======================
32 Bit HP BiDi Channel Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
AIM 7
AIM Toolbar
Alarm 2.0.4
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
Broadcom Gigabit Integrated Controller
Conexant HDA D330 MDC V.92 Modem
Dell Resource CD
Dell Wireless WLAN Card
Documents To Go Desktop for iPhone
Download Updater (AOL LLC)
Foxit Reader
Google Chrome
Google Desktop
Google Talk Plugin
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IrfanView (remove only)
iTunes
Java(TM) 6 Update 13
LiveUpdate 3.1 (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Move Media Player
Mozilla Firefox (3.6.13)
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nike+ Mini Screen Saver
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Oz776 SCR Driver V1.1.4.2
PC VGA Camer@
PhoTags Express
PowerDVD
Python 3.1.3
QuickTime
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Update Manager
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shutterfly Express Uploader
SigmaTel Audio
Sonic CinePlayer Decoder Pack
Symantec AntiVirus
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Outlook 2007 Junk Email Filter (KB2483110)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Viewpoint Media Player
VLC media player 1.0.1
WebFldrs XP
Willis - Medical Terminology A Programmed Approach
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
==== Event Viewer Messages From Past Week ========
2/5/2011 2:48:06 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:48:02 PM, error: Service Control Manager [7034] - The Viewpoint Manager Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:48:00 PM, error: Service Control Manager [7034] - The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:59 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:59 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:59 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:58 PM, error: Service Control Manager [7034] - The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:58 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/5/2011 11:15:54 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x800f020b: Hewlett-Packard - Printing - HP LaserJet P3005.
2/5/2011 10:48:54 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Update for WMDRM-enabled Media Players (KB902344).
2/1/2011 11:38:20 AM, error: Dhcp [1002] - The IP address lease 172.20.21.17 for the Network Card with network address 00225F5F2F80 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
1/30/2011 10:38:32 AM, error: Dhcp [1002] - The IP address lease 172.20.21.17 for the Network Card with network address 00225F5F2F80 has been denied by the DHCP server 172.20.21.1 (The DHCP Server sent a DHCPNACK message).
1/29/2011 9:50:48 AM, error: Dhcp [1002] - The IP address lease 172.20.21.17 for the Network Card with network address 00225F5F2F80 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
==== End Of File ===========================
I'm cleaning this Dell laptop as a favor. The biggest symptom I can see is a file on the desktop that I am not able to delete. The error message when I try to delete it is something to the effect of "[Unable to access the volume or device]". Please find the logs pasted below. Is the computer clean?
Symantec AntiVirus Corporate Edition 10
(no findings)
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5685
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2/5/2011 3:10:39 PM
mbam-log-2011-02-05 (15-10-39).txt
Scan type: Quick scan
Objects scanned: 139582
Time elapsed: 8 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 4
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\Ara\application data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-02-05 15:23:04
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST912081 rev.3.AD
Running: 2kz4g8od.exe; Driver: C:\DOCUME~1\Ara\LOCALS~1\Temp\uxtyiaog.sys
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-12-12.02) - NTFSx86
Run by Ara at 15:28:43.87 on Sat 02/05/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2350 [GMT -5:00]
AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\PhoTags Express\Photags AutoDetect.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Ara\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = https://my.rutgers.edu/portal
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\ara\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [PAC7311_Monitor] c:\windows\pixart\pac7311\Monitor.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\photag~1.lnk - c:\program files\photags express\Photags AutoDetect.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: NavLogon - c:\windows\system32\NavLogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 nwprovau
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\ara\applic~1\mozilla\firefox\profiles\s4l4libi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=100000000000000002&tb_oid=07-07-2009&tb_mrud=07-07-2010
FF - prefs.js: browser.startup.homepage - hxxp://gmail.com/
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&tb_uuid=100000000000000002&tb_oid=07-07-2009&tb_mrud=07-07-2010&query=
FF - plugin: c:\documents and settings\ara\application data\move networks\plugins\npqmp071505000010.dll
FF - plugin: c:\documents and settings\ara\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\ara\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\ara\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\ara\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\ara\application data\Move Networks
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]
R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-7-19 192160]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-7-19 169632]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-9-27 1813232]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-1-24 24652]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110205.002\naveng.sys [2011-2-5 86008]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110205.002\navex15.sys [2011-2-5 1360760]
S0 cerc6;cerc6; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 EraserUtilDrv11010;EraserUtilDrv11010;\??\c:\program files\common files\symantec shared\eengine\eraserutildrv11010.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrv11010.sys [?]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-2-19 30192]
S3 PAC7311;PC VGA Camera;c:\windows\system32\drivers\PA707UCM.SYS [2010-3-7 449024]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-9-27 116464]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
=============== Created Last 30 ================
2011-02-05 19:59:52 -------- d-----w- c:\docume~1\ara\applic~1\Malwarebytes
2011-02-05 19:59:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-05 19:59:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-05 19:59:37 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-05 19:59:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-05 17:13:53 -------- d-----w- c:\windows\system32\winrm
2011-02-05 17:13:47 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-02-05 16:59:28 -------- d-----w- c:\docume~1\ara\locals~1\applic~1\ApplicationHistory
2011-02-05 16:38:00 -------- d-sh--w- c:\documents and settings\ara\PrivacIE
2011-02-05 16:35:14 -------- d-sh--w- c:\documents and settings\ara\IETldCache
2011-02-05 16:16:50 -------- d-----w- c:\program files\common files\Windows Live
2011-02-05 16:14:41 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-02-05 16:13:32 -------- d-----w- c:\windows\ie8updates
2011-02-05 16:13:17 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-02-05 16:13:16 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-02-05 16:13:16 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-02-05 16:11:49 -------- dc-h--w- c:\windows\ie8
2011-02-05 15:57:45 -------- d-----w- c:\windows\system32\XPSViewer
2011-02-05 15:57:05 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-02-05 15:56:41 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-02-05 15:56:41 117760 ------w- c:\windows\system32\prntvpt.dll
2011-02-05 15:56:40 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-02-05 15:56:40 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-02-05 15:56:40 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-02-05 15:56:40 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-02-05 15:56:40 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-02-05 15:56:40 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-02-05 15:56:39 -------- d-----w- C:\d922c995927a91e91940
2011-02-05 15:48:49 -------- d-----w- c:\docume~1\ara\applic~1\Windows Desktop Search
2011-02-05 15:47:41 -------- d-----w- c:\windows\system32\GroupPolicy
2011-02-05 15:47:41 -------- d-----w- c:\program files\Windows Desktop Search
2011-02-05 15:46:10 -------- d-----w- c:\program files\Windows Media Connect 2
2011-02-05 15:43:36 -------- d-----w- c:\windows\system32\LogFiles
2011-02-05 15:40:38 -------- d-----w- c:\windows\system32\URTTemp
2011-02-05 15:09:32 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-02-05 15:09:32 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-02-05 15:09:32 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-02-05 15:09:32 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2011-02-05 15:09:31 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2011-02-05 15:09:31 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2011-02-05 15:09:31 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2011-02-05 15:09:31 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
==================== Find3M ====================
2010-11-27 23:31:20 2146304 ----a-w- c:\windows\system32\python31.dll
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
============= FINISH: 15:30:00.53 ===============
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 1/24/2009 12:58:47 PM
System Uptime: 2/5/2011 3:12:02 PM (0 hours ago)
Motherboard: Dell Inc. | | 0WM416
Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz | Microprocessor | 778/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 110 GiB total, 73.471 GiB free.
D: is FIXED (NTFS) - 2 GiB total, 1.126 GiB free.
E: is CDROM (UDF)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP363: 11/7/2010 3:51:29 PM - System Checkpoint
RP364: 11/8/2010 5:19:33 PM - System Checkpoint
RP365: 11/10/2010 7:40:35 AM - System Checkpoint
RP366: 11/11/2010 7:22:42 AM - Software Distribution Service 3.0
RP367: 11/12/2010 9:47:23 AM - System Checkpoint
RP368: 11/13/2010 12:55:44 PM - System Checkpoint
RP369: 11/15/2010 5:32:45 PM - System Checkpoint
RP370: 11/16/2010 6:34:54 PM - System Checkpoint
RP371: 11/17/2010 7:30:11 PM - System Checkpoint
RP372: 11/18/2010 8:58:23 PM - System Checkpoint
RP373: 11/20/2010 9:10:24 PM - System Checkpoint
RP374: 11/23/2010 8:40:54 AM - System Checkpoint
RP375: 11/28/2010 5:54:05 PM - System Checkpoint
RP376: 11/30/2010 8:32:15 PM - System Checkpoint
RP377: 12/1/2010 10:50:34 PM - System Checkpoint
RP378: 12/5/2010 10:01:32 AM - System Checkpoint
RP379: 12/7/2010 7:36:11 PM - System Checkpoint
RP380: 12/9/2010 5:47:26 PM - System Checkpoint
RP381: 12/10/2010 8:31:26 PM - System Checkpoint
RP382: 12/11/2010 9:06:41 PM - System Checkpoint
RP383: 12/13/2010 7:52:39 PM - Removed Ask Toolbar.
RP384: 12/15/2010 7:41:22 PM - Installed Python 3.1.3
RP385: 12/16/2010 11:55:33 AM - Software Distribution Service 3.0
RP386: 12/19/2010 2:23:37 PM - System Checkpoint
RP387: 12/22/2010 10:02:36 PM - System Checkpoint
RP388: 12/23/2010 11:53:37 PM - System Checkpoint
RP389: 12/26/2010 1:40:46 PM - System Checkpoint
RP390: 12/27/2010 2:58:43 PM - System Checkpoint
RP391: 12/28/2010 8:58:23 PM - System Checkpoint
RP392: 12/29/2010 11:22:18 AM - Configured Microsoft Office Professional Plus 2007
RP393: 12/30/2010 7:47:46 AM - Software Distribution Service 3.0
RP394: 1/2/2011 8:53:16 PM - Software Distribution Service 3.0
RP395: 1/6/2011 7:39:43 AM - Software Distribution Service 3.0
RP396: 1/7/2011 8:11:20 PM - System Checkpoint
RP397: 1/8/2011 8:51:05 PM - System Checkpoint
RP398: 1/10/2011 7:59:44 PM - System Checkpoint
RP399: 1/11/2011 9:37:53 PM - Software Distribution Service 3.0
RP400: 1/12/2011 10:24:44 PM - System Checkpoint
RP401: 1/17/2011 9:26:50 PM - System Checkpoint
RP402: 1/18/2011 9:40:53 PM - System Checkpoint
RP403: 1/19/2011 9:45:41 PM - System Checkpoint
RP404: 1/22/2011 6:34:41 PM - System Checkpoint
RP405: 1/23/2011 6:52:09 PM - System Checkpoint
RP406: 1/24/2011 10:03:33 PM - System Checkpoint
RP407: 1/27/2011 11:44:04 AM - System Checkpoint
RP408: 1/28/2011 7:32:09 PM - System Checkpoint
RP409: 1/31/2011 8:41:43 PM - System Checkpoint
RP410: 2/1/2011 9:00:46 PM - System Checkpoint
RP411: 2/3/2011 2:02:30 PM - System Checkpoint
RP412: 2/5/2011 9:59:53 AM - Software Distribution Service 3.0
RP413: 2/5/2011 10:17:26 AM - Software Distribution Service 3.0
RP414: 2/5/2011 10:23:59 AM - Software Distribution Service 3.0
RP415: 2/5/2011 10:40:24 AM - Software Distribution Service 3.0
RP416: 2/5/2011 11:35:35 AM - Printer Driver Microsoft XPS Document Writer Installed
RP417: 2/5/2011 11:53:48 AM - Software Distribution Service 3.0
RP418: 2/5/2011 12:51:35 PM - Software Distribution Service 3.0
RP419: 2/5/2011 12:55:07 PM - Software Distribution Service 3.0
==== Installed Programs ======================
32 Bit HP BiDi Channel Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
AIM 7
AIM Toolbar
Alarm 2.0.4
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
Broadcom Gigabit Integrated Controller
Conexant HDA D330 MDC V.92 Modem
Dell Resource CD
Dell Wireless WLAN Card
Documents To Go Desktop for iPhone
Download Updater (AOL LLC)
Foxit Reader
Google Chrome
Google Desktop
Google Talk Plugin
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IrfanView (remove only)
iTunes
Java(TM) 6 Update 13
LiveUpdate 3.1 (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Move Media Player
Mozilla Firefox (3.6.13)
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nike+ Mini Screen Saver
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Oz776 SCR Driver V1.1.4.2
PC VGA Camer@
PhoTags Express
PowerDVD
Python 3.1.3
QuickTime
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Update Manager
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shutterfly Express Uploader
SigmaTel Audio
Sonic CinePlayer Decoder Pack
Symantec AntiVirus
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Outlook 2007 Junk Email Filter (KB2483110)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Viewpoint Media Player
VLC media player 1.0.1
WebFldrs XP
Willis - Medical Terminology A Programmed Approach
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
==== Event Viewer Messages From Past Week ========
2/5/2011 2:48:06 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:48:02 PM, error: Service Control Manager [7034] - The Viewpoint Manager Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:48:00 PM, error: Service Control Manager [7034] - The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:59 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:59 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:59 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:58 PM, error: Service Control Manager [7034] - The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2011 2:47:58 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/5/2011 11:15:54 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x800f020b: Hewlett-Packard - Printing - HP LaserJet P3005.
2/5/2011 10:48:54 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Update for WMDRM-enabled Media Players (KB902344).
2/1/2011 11:38:20 AM, error: Dhcp [1002] - The IP address lease 172.20.21.17 for the Network Card with network address 00225F5F2F80 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
1/30/2011 10:38:32 AM, error: Dhcp [1002] - The IP address lease 172.20.21.17 for the Network Card with network address 00225F5F2F80 has been denied by the DHCP server 172.20.21.1 (The DHCP Server sent a DHCPNACK message).
1/29/2011 9:50:48 AM, error: Dhcp [1002] - The IP address lease 172.20.21.17 for the Network Card with network address 00225F5F2F80 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
==== End Of File ===========================