I am helping a friend out with his Laptop. Dell Latitude 131L
He has gotten several viruses that I thought I cleaned up, but yesterday someone sent over 600 e-mails from his hotmail account. He thinks it was hacked, I think it was a virus.
I have don't 3 different scans, MS Security Essentials, Trend Micro and Malware Antibytes and found nothing. Here are the other logs as requested in the 8 steps.
Thanks for your help in advance
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5117
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/14/2010 8:52:28 PM
mbam-log-2010-11-14 (20-52-28).txt
Scan type: Full scan (C:\|)
Objects scanned: 193553
Time elapsed: 57 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
----------------------------------------------------------------------------------
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-14 22:05:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK8034GSX rev.AH301D
Running: 48vdc9zx.exe; Driver: C:\DOCUME~1\DELLCU~1\LOCALS~1\Temp\kflyrpow.sys
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[2436] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3156] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10405CF5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
Device \FileSystem\Fastfat \Fat AE067D20
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Roxio)
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-11-10.01) - NTFSx86
Run by Dell Customer at 22:08:19.46 on Sun 11/14/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1219 [GMT -5:00]
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Dell Customer\Desktop\dds.scr
\\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
============== Pseudo HJT Report ===============
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://127.0.0.1:4664/first_usage&s=h6QDYRnkO80H61RJs72csOlpj2Q
uInternet Settings,ProxyServer = sas.se1.attbb.net:8000
uInternet Settings,ProxyOverride = *.se1.attbb.net;<local>;*.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [HitmanPro35] "c:\program files\hitman pro 3.5\HitmanPro35.exe" /scan:boot
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
Trusted Zone: intuit.com\ttlc
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://by135fd.bay135.hotmail.msn.com/resources/MsnPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177373752500
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\dellcu~1\applic~1\mozilla\firefox\profiles\7s6eghe1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.hotmail.com
FF - plugin: c:\documents and settings\dell customer\application data\mozilla\firefox\profiles\7s6eghe1.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: XULRunner: {296F8082-177E-4560-AF57-66657CC3B8DB} - c:\documents and settings\dell customer\local settings\application data\{296F8082-177E-4560-AF57-66657CC3B8DB}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
============= SERVICES / DRIVERS ===============
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 151216]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]
=============== Created Last 30 ================
2010-11-15 00:33:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-15 00:33:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-15 00:33:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-14 11:56:12 6146896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{79f13ae7-a571-4750-8d01-9ea0feebdac3}\mpengine.dll
2010-11-13 17:50:05 -------- d-----w- c:\program files\iPod
2010-11-13 17:49:58 -------- d-----w- c:\program files\iTunes
2010-10-22 15:14:14 -------- d-----w- c:\docume~1\dellcu~1\applic~1\Malwarebytes
2010-10-22 15:14:04 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
==================== Find3M ====================
2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-04 10:22:49 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-09-28 10:13:21 0 ----a-w- c:\windows\Fcozig.bin
2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-08 15:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
============= FINISH: 22:08:39.10 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-11-10.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 4/23/2007 5:36:17 PM
System Uptime: 11/14/2010 7:49:44 PM (3 hours ago)
Motherboard: Dell Inc. | | 0PM607
Processor: Mobile AMD Sempron(tm) Processor 3500+ | Socket M2/S1G1 | 1795/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 74 GiB total, 47.127 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Dell Wireless 1390 WLAN Mini-Card
Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_00071028&REV_01\4&232B014&0&0030
Manufacturer: Broadcom
Name: Dell Wireless 1390 WLAN Mini-Card
PNP Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_00071028&REV_01\4&232B014&0&0030
Service: BCM43XX
==== System Restore Points ===================
RP1159: 8/17/2010 5:45:11 PM - System Checkpoint
RP1160: 8/19/2010 8:48:26 PM - System Checkpoint
RP1161: 8/20/2010 9:42:39 PM - System Checkpoint
RP1162: 8/24/2010 7:15:09 PM - System Checkpoint
RP1163: 8/25/2010 9:18:35 PM - System Checkpoint
RP1164: 8/26/2010 6:28:07 PM - Removed ATI RADEON 9800 Chimp Demo v1.0
RP1165: 8/26/2010 6:29:58 PM - Removed ATI RADEON 9700 Pipe Dream Demo v1.1
RP1166: 8/26/2010 6:30:45 PM - Removed Garmin WebUpdater
RP1167: 8/26/2010 6:32:07 PM - Removed Roxio Creator Audio
RP1168: 8/26/2010 6:33:35 PM - Removed Roxio Creator DE
RP1169: 8/26/2010 6:34:16 PM - Removed Roxio Creator Tools
RP1170: 8/26/2010 6:36:04 PM - Removed Bonjour
RP1171: 8/27/2010 7:30:20 PM - System Checkpoint
RP1172: 8/28/2010 8:24:21 PM - System Checkpoint
RP1173: 8/29/2010 8:41:18 PM - System Checkpoint
RP1174: 8/31/2010 6:45:53 AM - System Checkpoint
RP1175: 9/1/2010 6:47:03 AM - System Checkpoint
RP1176: 9/2/2010 7:26:29 AM - System Checkpoint
RP1177: 9/3/2010 7:52:48 AM - System Checkpoint
RP1178: 9/4/2010 8:14:53 AM - System Checkpoint
RP1179: 9/4/2010 1:07:43 PM - Software Distribution Service 3.0
RP1180: 9/5/2010 2:05:47 PM - System Checkpoint
RP1181: 9/6/2010 2:11:10 PM - System Checkpoint
RP1182: 9/7/2010 3:09:22 PM - System Checkpoint
RP1183: 9/8/2010 3:37:09 PM - System Checkpoint
RP1184: 9/9/2010 8:48:48 AM - Avg Update
RP1185: 9/10/2010 9:00:40 AM - System Checkpoint
RP1186: 9/11/2010 10:24:33 AM - System Checkpoint
RP1187: 9/12/2010 10:36:10 AM - System Checkpoint
RP1188: 9/13/2010 11:29:24 AM - System Checkpoint
RP1189: 9/14/2010 12:58:01 PM - System Checkpoint
RP1190: 9/15/2010 10:49:28 AM - Software Distribution Service 3.0
RP1191: 9/16/2010 10:51:19 AM - System Checkpoint
RP1192: 9/17/2010 11:53:37 AM - System Checkpoint
RP1193: 9/18/2010 1:01:03 PM - System Checkpoint
RP1194: 9/19/2010 1:25:39 PM - System Checkpoint
RP1195: 9/20/2010 1:47:21 PM - System Checkpoint
RP1196: 9/21/2010 2:11:06 PM - System Checkpoint
RP1197: 9/22/2010 2:25:14 PM - System Checkpoint
RP1198: 9/23/2010 9:49:37 AM - Avg Update
RP1199: 9/23/2010 9:50:51 AM - Avg Update
RP1200: 9/24/2010 10:41:24 AM - System Checkpoint
RP1201: 9/25/2010 10:48:14 AM - System Checkpoint
RP1202: 9/26/2010 10:57:30 AM - System Checkpoint
RP1203: 9/27/2010 11:12:27 AM - System Checkpoint
RP1204: 9/28/2010 12:33:20 PM - System Checkpoint
RP1205: 9/28/2010 7:01:57 PM - Software Distribution Service 3.0
RP1206: 9/28/2010 7:04:53 PM - Removed AVG Free 9.0
RP1207: 9/28/2010 7:06:49 PM - Microsoft Antimalware Checkpoint
RP1208: 9/28/2010 7:27:06 PM - Software Distribution Service 3.0
RP1209: 9/29/2010 5:32:11 AM - Software Distribution Service 3.0
RP1210: 9/30/2010 4:48:34 AM - Software Distribution Service 3.0
RP1211: 10/1/2010 5:12:45 AM - Software Distribution Service 3.0
RP1212: 10/2/2010 1:28:44 PM - Software Distribution Service 3.0
RP1213: 10/3/2010 2:06:11 PM - System Checkpoint
RP1214: 10/4/2010 6:26:59 AM - Software Distribution Service 3.0
RP1215: 10/4/2010 1:08:28 PM - Software Distribution Service 3.0
RP1216: 10/5/2010 2:01:19 PM - System Checkpoint
RP1217: 10/6/2010 6:16:20 AM - Software Distribution Service 3.0
RP1218: 10/7/2010 6:20:57 AM - Software Distribution Service 3.0
RP1219: 10/8/2010 6:25:14 AM - Software Distribution Service 3.0
RP1220: 10/8/2010 6:26:51 AM - Software Distribution Service 3.0
RP1221: 10/9/2010 7:00:17 AM - System Checkpoint
RP1222: 10/10/2010 6:48:41 AM - Software Distribution Service 3.0
RP1223: 10/11/2010 7:31:29 AM - System Checkpoint
RP1224: 10/11/2010 12:55:18 PM - Software Distribution Service 3.0
RP1225: 10/12/2010 1:22:37 PM - System Checkpoint
RP1226: 10/13/2010 6:23:59 AM - Software Distribution Service 3.0
RP1227: 10/13/2010 6:34:48 AM - Software Distribution Service 3.0
RP1228: 10/14/2010 6:31:16 AM - Software Distribution Service 3.0
RP1229: 10/14/2010 8:53:44 PM - Software Distribution Service 3.0
RP1230: 10/16/2010 6:11:27 AM - Software Distribution Service 3.0
RP1231: 10/17/2010 6:34:17 AM - Software Distribution Service 3.0
RP1232: 10/18/2010 7:44:12 AM - System Checkpoint
RP1233: 10/18/2010 1:24:00 PM - Software Distribution Service 3.0
RP1234: 10/19/2010 1:49:05 PM - System Checkpoint
RP1235: 10/19/2010 11:29:17 PM - Software Distribution Service 3.0
RP1236: 10/20/2010 6:41:31 AM - Software Distribution Service 3.0
RP1237: 10/21/2010 6:56:03 AM - Software Distribution Service 3.0
RP1238: 10/22/2010 7:00:06 AM - System Checkpoint
RP1239: 10/22/2010 10:51:20 AM - Software Distribution Service 3.0
RP1240: 10/23/2010 11:46:19 AM - System Checkpoint
RP1241: 10/24/2010 6:50:55 AM - Software Distribution Service 3.0
RP1242: 10/25/2010 10:05:13 AM - Software Distribution Service 3.0
RP1243: 10/25/2010 1:16:00 PM - Cleaned registry with Windows Live OneCare safety scanner
RP1244: 10/25/2010 1:18:16 PM - Cleaned registry with Windows Live OneCare safety scanner
RP1245: 10/26/2010 1:58:35 PM - System Checkpoint
RP1246: 10/27/2010 3:10:26 PM - System Checkpoint
RP1247: 10/28/2010 6:59:56 AM - Software Distribution Service 3.0
RP1248: 10/29/2010 7:08:16 AM - Software Distribution Service 3.0
RP1249: 10/30/2010 11:37:11 AM - Software Distribution Service 3.0
RP1250: 10/31/2010 11:59:33 AM - System Checkpoint
RP1251: 11/1/2010 5:47:25 AM - Software Distribution Service 3.0
RP1252: 11/1/2010 12:47:33 PM - Software Distribution Service 3.0
RP1253: 11/2/2010 1:29:51 PM - System Checkpoint
RP1254: 11/3/2010 6:25:37 AM - Software Distribution Service 3.0
RP1255: 11/4/2010 7:57:16 AM - System Checkpoint
RP1256: 11/5/2010 6:16:23 AM - Software Distribution Service 3.0
RP1257: 11/6/2010 6:42:13 AM - Software Distribution Service 3.0
RP1258: 11/7/2010 6:43:01 AM - System Checkpoint
RP1259: 11/8/2010 6:07:53 AM - Software Distribution Service 3.0
RP1260: 11/8/2010 12:42:31 PM - Software Distribution Service 3.0
RP1261: 11/9/2010 12:44:55 PM - System Checkpoint
RP1262: 11/10/2010 6:19:45 AM - Software Distribution Service 3.0
RP1263: 11/10/2010 6:23:20 AM - Software Distribution Service 3.0
RP1264: 11/11/2010 7:27:37 AM - System Checkpoint
RP1265: 11/12/2010 6:15:38 AM - Software Distribution Service 3.0
RP1266: 11/13/2010 6:38:48 AM - Software Distribution Service 3.0
RP1267: 11/14/2010 6:55:51 AM - Software Distribution Service 3.0
==== Installed Programs ======================
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.3
AMD Processor Driver
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Astro Gemini Screensaver Manager 1.2
ATI Catalyst Control Center
ATI Display Driver
Bonjour
Broadcom Management Programs
CCleaner (remove only)
Conexant HDA D110 MDC V.92 Modem
Critical Update for Windows Media Player 11 (KB959772)
Dell Wireless WLAN Card
Digital Line Detect
Garmin City Navigator Europe NT 2010
Garmin City Navigator North America 2009
Garmin City Navigator North America NT 2009 Update
Garmin City Navigator North America NT 2010.30
Garmin Communicator Plugin
Garmin MapSource
Garmin POI Loader
Garmin USB Drivers
Garmin WebUpdater
Google Earth
Google Update Helper
Hampton Hotels eDirectory with MultiView Reader
Hitman Pro 3.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IE New Window Maximizer 2.4
iPhone Configuration Utility
iTunes
J2SE Runtime Environment 5.0 Update 6
Java(TM) SE Runtime Environment 6 Update 1
Lexmark Z600 Series
Lotus SmartSuite Release 9.5
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft English TTS Engine
Microsoft IntelliPoint 6.01
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Access database engine 2007 (English)
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Streets & Trips 2009
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Modem Helper
Mozilla Firefox (3.6.12)
MSXML 6 Service Pack 2 (KB954459)
NetWaiting
Octoshape add-in for Adobe Flash Player
PowerDVD 5.7
QuickSet
QuickTime
Roxio Creator Copy
Roxio Creator Data
Roxio Drag-to-Disc
Roxio Express Labeler
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sonic Activation Module
Sony USB Driver
Spelling Dictionaries Support For Adobe Reader 8
Synaptics Pointing Device Driver
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax Basic 2007
TurboTax ItsDeductible 2006
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
WexTech AnswerWorks
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
==== Event Viewer Messages From Past Week ========
11/9/2010 6:40:57 AM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 0019B96884F1 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
11/14/2010 9:05:41 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The NICCONFIGSVC service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/14/2010 7:47:16 PM, error: Service Control Manager [7034] - The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:16 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:16 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
==== End Of File ===========================
He has gotten several viruses that I thought I cleaned up, but yesterday someone sent over 600 e-mails from his hotmail account. He thinks it was hacked, I think it was a virus.
I have don't 3 different scans, MS Security Essentials, Trend Micro and Malware Antibytes and found nothing. Here are the other logs as requested in the 8 steps.
Thanks for your help in advance
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5117
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/14/2010 8:52:28 PM
mbam-log-2010-11-14 (20-52-28).txt
Scan type: Full scan (C:\|)
Objects scanned: 193553
Time elapsed: 57 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
----------------------------------------------------------------------------------
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-14 22:05:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK8034GSX rev.AH301D
Running: 48vdc9zx.exe; Driver: C:\DOCUME~1\DELLCU~1\LOCALS~1\Temp\kflyrpow.sys
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[2436] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3156] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10405CF5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
Device \FileSystem\Fastfat \Fat AE067D20
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Roxio)
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-11-10.01) - NTFSx86
Run by Dell Customer at 22:08:19.46 on Sun 11/14/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1219 [GMT -5:00]
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Dell Customer\Desktop\dds.scr
\\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
============== Pseudo HJT Report ===============
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://127.0.0.1:4664/first_usage&s=h6QDYRnkO80H61RJs72csOlpj2Q
uInternet Settings,ProxyServer = sas.se1.attbb.net:8000
uInternet Settings,ProxyOverride = *.se1.attbb.net;<local>;*.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [HitmanPro35] "c:\program files\hitman pro 3.5\HitmanPro35.exe" /scan:boot
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
Trusted Zone: intuit.com\ttlc
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://by135fd.bay135.hotmail.msn.com/resources/MsnPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177373752500
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\dellcu~1\applic~1\mozilla\firefox\profiles\7s6eghe1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.hotmail.com
FF - plugin: c:\documents and settings\dell customer\application data\mozilla\firefox\profiles\7s6eghe1.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: XULRunner: {296F8082-177E-4560-AF57-66657CC3B8DB} - c:\documents and settings\dell customer\local settings\application data\{296F8082-177E-4560-AF57-66657CC3B8DB}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
============= SERVICES / DRIVERS ===============
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 151216]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]
=============== Created Last 30 ================
2010-11-15 00:33:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-15 00:33:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-15 00:33:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-14 11:56:12 6146896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{79f13ae7-a571-4750-8d01-9ea0feebdac3}\mpengine.dll
2010-11-13 17:50:05 -------- d-----w- c:\program files\iPod
2010-11-13 17:49:58 -------- d-----w- c:\program files\iTunes
2010-10-22 15:14:14 -------- d-----w- c:\docume~1\dellcu~1\applic~1\Malwarebytes
2010-10-22 15:14:04 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
==================== Find3M ====================
2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-04 10:22:49 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-09-28 10:13:21 0 ----a-w- c:\windows\Fcozig.bin
2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-08 15:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
============= FINISH: 22:08:39.10 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-11-10.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 4/23/2007 5:36:17 PM
System Uptime: 11/14/2010 7:49:44 PM (3 hours ago)
Motherboard: Dell Inc. | | 0PM607
Processor: Mobile AMD Sempron(tm) Processor 3500+ | Socket M2/S1G1 | 1795/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 74 GiB total, 47.127 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Dell Wireless 1390 WLAN Mini-Card
Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_00071028&REV_01\4&232B014&0&0030
Manufacturer: Broadcom
Name: Dell Wireless 1390 WLAN Mini-Card
PNP Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_00071028&REV_01\4&232B014&0&0030
Service: BCM43XX
==== System Restore Points ===================
RP1159: 8/17/2010 5:45:11 PM - System Checkpoint
RP1160: 8/19/2010 8:48:26 PM - System Checkpoint
RP1161: 8/20/2010 9:42:39 PM - System Checkpoint
RP1162: 8/24/2010 7:15:09 PM - System Checkpoint
RP1163: 8/25/2010 9:18:35 PM - System Checkpoint
RP1164: 8/26/2010 6:28:07 PM - Removed ATI RADEON 9800 Chimp Demo v1.0
RP1165: 8/26/2010 6:29:58 PM - Removed ATI RADEON 9700 Pipe Dream Demo v1.1
RP1166: 8/26/2010 6:30:45 PM - Removed Garmin WebUpdater
RP1167: 8/26/2010 6:32:07 PM - Removed Roxio Creator Audio
RP1168: 8/26/2010 6:33:35 PM - Removed Roxio Creator DE
RP1169: 8/26/2010 6:34:16 PM - Removed Roxio Creator Tools
RP1170: 8/26/2010 6:36:04 PM - Removed Bonjour
RP1171: 8/27/2010 7:30:20 PM - System Checkpoint
RP1172: 8/28/2010 8:24:21 PM - System Checkpoint
RP1173: 8/29/2010 8:41:18 PM - System Checkpoint
RP1174: 8/31/2010 6:45:53 AM - System Checkpoint
RP1175: 9/1/2010 6:47:03 AM - System Checkpoint
RP1176: 9/2/2010 7:26:29 AM - System Checkpoint
RP1177: 9/3/2010 7:52:48 AM - System Checkpoint
RP1178: 9/4/2010 8:14:53 AM - System Checkpoint
RP1179: 9/4/2010 1:07:43 PM - Software Distribution Service 3.0
RP1180: 9/5/2010 2:05:47 PM - System Checkpoint
RP1181: 9/6/2010 2:11:10 PM - System Checkpoint
RP1182: 9/7/2010 3:09:22 PM - System Checkpoint
RP1183: 9/8/2010 3:37:09 PM - System Checkpoint
RP1184: 9/9/2010 8:48:48 AM - Avg Update
RP1185: 9/10/2010 9:00:40 AM - System Checkpoint
RP1186: 9/11/2010 10:24:33 AM - System Checkpoint
RP1187: 9/12/2010 10:36:10 AM - System Checkpoint
RP1188: 9/13/2010 11:29:24 AM - System Checkpoint
RP1189: 9/14/2010 12:58:01 PM - System Checkpoint
RP1190: 9/15/2010 10:49:28 AM - Software Distribution Service 3.0
RP1191: 9/16/2010 10:51:19 AM - System Checkpoint
RP1192: 9/17/2010 11:53:37 AM - System Checkpoint
RP1193: 9/18/2010 1:01:03 PM - System Checkpoint
RP1194: 9/19/2010 1:25:39 PM - System Checkpoint
RP1195: 9/20/2010 1:47:21 PM - System Checkpoint
RP1196: 9/21/2010 2:11:06 PM - System Checkpoint
RP1197: 9/22/2010 2:25:14 PM - System Checkpoint
RP1198: 9/23/2010 9:49:37 AM - Avg Update
RP1199: 9/23/2010 9:50:51 AM - Avg Update
RP1200: 9/24/2010 10:41:24 AM - System Checkpoint
RP1201: 9/25/2010 10:48:14 AM - System Checkpoint
RP1202: 9/26/2010 10:57:30 AM - System Checkpoint
RP1203: 9/27/2010 11:12:27 AM - System Checkpoint
RP1204: 9/28/2010 12:33:20 PM - System Checkpoint
RP1205: 9/28/2010 7:01:57 PM - Software Distribution Service 3.0
RP1206: 9/28/2010 7:04:53 PM - Removed AVG Free 9.0
RP1207: 9/28/2010 7:06:49 PM - Microsoft Antimalware Checkpoint
RP1208: 9/28/2010 7:27:06 PM - Software Distribution Service 3.0
RP1209: 9/29/2010 5:32:11 AM - Software Distribution Service 3.0
RP1210: 9/30/2010 4:48:34 AM - Software Distribution Service 3.0
RP1211: 10/1/2010 5:12:45 AM - Software Distribution Service 3.0
RP1212: 10/2/2010 1:28:44 PM - Software Distribution Service 3.0
RP1213: 10/3/2010 2:06:11 PM - System Checkpoint
RP1214: 10/4/2010 6:26:59 AM - Software Distribution Service 3.0
RP1215: 10/4/2010 1:08:28 PM - Software Distribution Service 3.0
RP1216: 10/5/2010 2:01:19 PM - System Checkpoint
RP1217: 10/6/2010 6:16:20 AM - Software Distribution Service 3.0
RP1218: 10/7/2010 6:20:57 AM - Software Distribution Service 3.0
RP1219: 10/8/2010 6:25:14 AM - Software Distribution Service 3.0
RP1220: 10/8/2010 6:26:51 AM - Software Distribution Service 3.0
RP1221: 10/9/2010 7:00:17 AM - System Checkpoint
RP1222: 10/10/2010 6:48:41 AM - Software Distribution Service 3.0
RP1223: 10/11/2010 7:31:29 AM - System Checkpoint
RP1224: 10/11/2010 12:55:18 PM - Software Distribution Service 3.0
RP1225: 10/12/2010 1:22:37 PM - System Checkpoint
RP1226: 10/13/2010 6:23:59 AM - Software Distribution Service 3.0
RP1227: 10/13/2010 6:34:48 AM - Software Distribution Service 3.0
RP1228: 10/14/2010 6:31:16 AM - Software Distribution Service 3.0
RP1229: 10/14/2010 8:53:44 PM - Software Distribution Service 3.0
RP1230: 10/16/2010 6:11:27 AM - Software Distribution Service 3.0
RP1231: 10/17/2010 6:34:17 AM - Software Distribution Service 3.0
RP1232: 10/18/2010 7:44:12 AM - System Checkpoint
RP1233: 10/18/2010 1:24:00 PM - Software Distribution Service 3.0
RP1234: 10/19/2010 1:49:05 PM - System Checkpoint
RP1235: 10/19/2010 11:29:17 PM - Software Distribution Service 3.0
RP1236: 10/20/2010 6:41:31 AM - Software Distribution Service 3.0
RP1237: 10/21/2010 6:56:03 AM - Software Distribution Service 3.0
RP1238: 10/22/2010 7:00:06 AM - System Checkpoint
RP1239: 10/22/2010 10:51:20 AM - Software Distribution Service 3.0
RP1240: 10/23/2010 11:46:19 AM - System Checkpoint
RP1241: 10/24/2010 6:50:55 AM - Software Distribution Service 3.0
RP1242: 10/25/2010 10:05:13 AM - Software Distribution Service 3.0
RP1243: 10/25/2010 1:16:00 PM - Cleaned registry with Windows Live OneCare safety scanner
RP1244: 10/25/2010 1:18:16 PM - Cleaned registry with Windows Live OneCare safety scanner
RP1245: 10/26/2010 1:58:35 PM - System Checkpoint
RP1246: 10/27/2010 3:10:26 PM - System Checkpoint
RP1247: 10/28/2010 6:59:56 AM - Software Distribution Service 3.0
RP1248: 10/29/2010 7:08:16 AM - Software Distribution Service 3.0
RP1249: 10/30/2010 11:37:11 AM - Software Distribution Service 3.0
RP1250: 10/31/2010 11:59:33 AM - System Checkpoint
RP1251: 11/1/2010 5:47:25 AM - Software Distribution Service 3.0
RP1252: 11/1/2010 12:47:33 PM - Software Distribution Service 3.0
RP1253: 11/2/2010 1:29:51 PM - System Checkpoint
RP1254: 11/3/2010 6:25:37 AM - Software Distribution Service 3.0
RP1255: 11/4/2010 7:57:16 AM - System Checkpoint
RP1256: 11/5/2010 6:16:23 AM - Software Distribution Service 3.0
RP1257: 11/6/2010 6:42:13 AM - Software Distribution Service 3.0
RP1258: 11/7/2010 6:43:01 AM - System Checkpoint
RP1259: 11/8/2010 6:07:53 AM - Software Distribution Service 3.0
RP1260: 11/8/2010 12:42:31 PM - Software Distribution Service 3.0
RP1261: 11/9/2010 12:44:55 PM - System Checkpoint
RP1262: 11/10/2010 6:19:45 AM - Software Distribution Service 3.0
RP1263: 11/10/2010 6:23:20 AM - Software Distribution Service 3.0
RP1264: 11/11/2010 7:27:37 AM - System Checkpoint
RP1265: 11/12/2010 6:15:38 AM - Software Distribution Service 3.0
RP1266: 11/13/2010 6:38:48 AM - Software Distribution Service 3.0
RP1267: 11/14/2010 6:55:51 AM - Software Distribution Service 3.0
==== Installed Programs ======================
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.3
AMD Processor Driver
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Astro Gemini Screensaver Manager 1.2
ATI Catalyst Control Center
ATI Display Driver
Bonjour
Broadcom Management Programs
CCleaner (remove only)
Conexant HDA D110 MDC V.92 Modem
Critical Update for Windows Media Player 11 (KB959772)
Dell Wireless WLAN Card
Digital Line Detect
Garmin City Navigator Europe NT 2010
Garmin City Navigator North America 2009
Garmin City Navigator North America NT 2009 Update
Garmin City Navigator North America NT 2010.30
Garmin Communicator Plugin
Garmin MapSource
Garmin POI Loader
Garmin USB Drivers
Garmin WebUpdater
Google Earth
Google Update Helper
Hampton Hotels eDirectory with MultiView Reader
Hitman Pro 3.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IE New Window Maximizer 2.4
iPhone Configuration Utility
iTunes
J2SE Runtime Environment 5.0 Update 6
Java(TM) SE Runtime Environment 6 Update 1
Lexmark Z600 Series
Lotus SmartSuite Release 9.5
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft English TTS Engine
Microsoft IntelliPoint 6.01
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Access database engine 2007 (English)
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Streets & Trips 2009
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Modem Helper
Mozilla Firefox (3.6.12)
MSXML 6 Service Pack 2 (KB954459)
NetWaiting
Octoshape add-in for Adobe Flash Player
PowerDVD 5.7
QuickSet
QuickTime
Roxio Creator Copy
Roxio Creator Data
Roxio Drag-to-Disc
Roxio Express Labeler
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sonic Activation Module
Sony USB Driver
Spelling Dictionaries Support For Adobe Reader 8
Synaptics Pointing Device Driver
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax Basic 2007
TurboTax ItsDeductible 2006
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
WexTech AnswerWorks
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
==== Event Viewer Messages From Past Week ========
11/9/2010 6:40:57 AM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 0019B96884F1 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
11/14/2010 9:05:41 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The NICCONFIGSVC service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:17 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/14/2010 7:47:16 PM, error: Service Control Manager [7034] - The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:16 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 7:47:16 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
==== End Of File ===========================