Machine Runnign XP 32 bit. ran Malwarebytes found a bunch of stuff but user deleted the older log files. Here is a current MWbytes protection log and the GMER and DDS logs.
09:02:26 bbrandt DETECTION C:\WINDOWS\TEMP\kna0.442571589712204.exe Trojan.Dropper QUARANTINE
09:02:33 bbrandt DETECTION C:\WINDOWS\TEMP\opre0.7402224885088704.exe Trojan.Dropper QUARANTINE
09:03:14 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
09:03:17 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
09:03:23 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
09:03:35 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
09:03:38 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
09:03:44 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
09:03:56 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
09:03:59 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
09:04:05 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
09:05:57 bbrandt MESSAGE Protection started successfully
09:06:06 bbrandt MESSAGE IP Protection started successfully
09:08:31 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:08:34 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:08:41 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:08:54 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:08:57 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:09:03 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:09:16 bbrandt IP-BLOCK 212.36.9.58 (Type: outgoing)
09:09:16 bbrandt IP-BLOCK 83.133.120.187 (Type: outgoing)
09:09:19 bbrandt IP-BLOCK 212.36.9.58 (Type: outgoing)
09:09:20 bbrandt IP-BLOCK 83.133.120.187 (Type: outgoing)
09:09:26 bbrandt IP-BLOCK 212.36.9.58 (Type: outgoing)
09:09:26 bbrandt IP-BLOCK 83.133.120.187 (Type: outgoing)
09:09:39 bbrandt IP-BLOCK 77.91.231.166 (Type: outgoing)
09:09:42 bbrandt IP-BLOCK 77.91.231.166 (Type: outgoing)
09:09:48 bbrandt IP-BLOCK 77.91.231.166 (Type: outgoing)
09:14:04 bbrandt MESSAGE Protection started successfully
09:14:09 bbrandt MESSAGE IP Protection started successfully
09:56:08 bbrandt MESSAGE Protection started successfully
09:56:16 bbrandt MESSAGE IP Protection started successfully
10:06:23 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
10:06:26 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
10:06:32 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
10:06:45 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
10:06:48 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
10:06:54 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
10:07:06 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
10:07:09 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
10:07:15 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-12-20 10:14:50
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 Intel___ rev.1.0.
Running: 6kfrodex.exe; Driver: C:\DOCUME~1\bbrandt\LOCALS~1\Temp\pxtdqpow.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 TDL4@MBR code has been found <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs TmPreFlt.sys (Pre-Filter For XP/Trend Micro Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat TmPreFlt.sys (Pre-Filter For XP/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22
Run by bbrandt at 10:24:52 on 2011-12-20
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1183 [GMT -8:00]
.
AV: Trend Micro Client/Server Security Agent Antivirus *Enabled/Updated* {3E50D81E-F9F1-4A50-BD86-21DD18124D8D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$FMS\Binn\sqlservr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Microsoft SQL Server\MSSQL$FMS\Binn\sqlagent.EXE
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\CNTAoSMgr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
D:\Program Files\Wind2 FMS\Wind2.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcrobatInfo.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://liveupdate.cyberlink.com/b/a/r?PRODUCTNAME=PowerDVD&PRODUCTVERSION=8.1_DX(Dell)&VERSIONTYPE=Standard%202ch&BU=&MAJORVER=8&MINORVER=1&CHANNEL=OEM&BUILDNO=4212&LANGUAGE=enu&VENDORNAME=1840&SR=DVD080429-03&OSREGION=&DEVICE=&TYPE=&BBProductId=1&BBProdVerId=553&BBProdVerTypeId=2002&BBnChannel=1&BBnLangId=1&BBnOSRegion=-1&PATTERNID=12092&BB_ID=11097&URL=http%3A%2F%2Fupdate.cyberlink.com%2Fftpdload%2FPatch2%2F22%2FPatch.exe
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\client server security agent\bho\1007\TmIEPlg.dll
BHO: Solid Converter PDF: {259f616c-a300-44f5-b04a-ed001a26c85c} - c:\program files\soliddocuments\solidconverterpdf\scpdf\ExploreExtPDF.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Solid Converter PDF: {259f616c-a300-44f5-b04a-ed001a26c85c} - c:\program files\soliddocuments\solidconverterpdf\scpdf\ExploreExtPDF.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\client server security agent\pccntmon.exe" -HideWindow
mRun: [<NO NAME>]
mRun: [BackgroundSwitcher] c:\windows\system32\bgswitch.exe
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [OE] "c:\program files\trend micro\client server security agent\tmas_oe\TMAS_OEMon.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
mPolicies-explorer: NoWelcomeScreen = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: deltek.com\dsm
Trusted Zone: deltek.com\ftp-intl
Trusted Zone: ftp-us-deltek.com
DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} - hxxp://sbs2k01/connectcomputer/nshelp.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1284564762959
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1284564756193
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 10.10.0.2
TCP: Interfaces\{20D99558-ABCF-47D3-9DCD-71B478A37F49} : DhcpNameServer = 10.10.0.2
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\client server security agent\bho\1007\TmIEPlg.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\bbrandt\application data\mozilla\firefox\profiles\c8rzaanb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\documents and settings\bbrandt\application data\mozilla\firefox\profiles\c8rzaanb.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\bbrandt\application data\mozilla\firefox\profiles\c8rzaanb.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\documents and settings\bbrandt\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-19 366152]
R2 MSSQL$FMS;MSSQL$FMS;c:\program files\microsoft sql server\mssql$fms\binn\sqlservr.exe -sfms --> c:\program files\microsoft sql server\mssql$fms\binn\sqlservr.exe -sFMS [?]
R2 PQfsmonNT ABE675CA-49DF-11d3-93F6-00104B64D07B;PowerQuest File System Monitor PQfsmonNT ABE675CA-49DF-11d3-93F6-00104B64D07B;c:\program files\powerquest\datakeeper\PqFsmonNt.sys [2008-12-4 49096]
R2 SQLAgent$FMS;SQLAgent$FMS;c:\program files\microsoft sql server\mssql$fms\binn\sqlagent.exe -i fms --> c:\program files\microsoft sql server\mssql$fms\binn\sqlagent.EXE -i FMS [?]
R2 TmFilter;Trend Micro Filter;c:\program files\trend micro\client server security agent\tmxpflt.sys [2008-11-28 262416]
R2 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\client server security agent\tmpreflt.sys [2008-11-28 36624]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-19 22216]
R3 TmProxy;Trend Micro Client/Server Security Agent Proxy Service;c:\program files\trend micro\client server security agent\TmProxy.exe [2008-11-28 689416]
S3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2008-12-2 52240]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-1 136176]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-1 136176]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2011-12-19 18:14:18 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-19 18:14:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-16 00:29:18 -------- d-----w- c:\documents and settings\bbrandt\application data\Malwarebytes
2011-12-16 00:29:12 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-11-21 18:47:57 -------- d-----w- c:\documents and settings\bbrandt\application data\SUPERAntiSpyware.com
2011-11-21 18:47:26 -------- d-----w- c:\program files\SUPERAntiSpyware
.
==================== Find3M ====================
.
2011-12-16 16:56:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 10:27:11.28 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/2/2008 11:29:21 AM
System Uptime: 12/20/2011 9:55:26 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0TP412
Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz | CPU | 2394/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 128.981 GiB free.
D: is FIXED (NTFS) - 42 GiB total, 37.586 GiB free.
E: is FIXED (NTFS) - 107 GiB total, 91.775 GiB free.
F: is CDROM ()
G: is NetworkDisk (NTFS) - 185 GiB total, 118.433 GiB free.
I: is NetworkDisk (NTFS) - 185 GiB total, 118.433 GiB free.
J: is NetworkDisk (NTFS) - 185 GiB total, 118.433 GiB free.
K: is NetworkDisk (NTFS) - 185 GiB total, 118.433 GiB free.
P: is NetworkDisk (NTFS) - 53 GiB total, 35.689 GiB free.
Q: is NetworkDisk (NTFS) - 420 GiB total, 167.399 GiB free.
T: is NetworkDisk (NTFS) - 42 GiB total, 37.586 GiB free.
U: is NetworkDisk (NTFS) - 42 GiB total, 37.586 GiB free.
W: is Removable
X: is Removable
Y: is Removable
Z: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP884: 12/16/2011 1:58:54 PM - System Checkpoint
RP885: 12/19/2011 12:20:10 PM - System Checkpoint
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
AccXES
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.4.6 - CPSID_83708
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Player 9 ActiveX
AutoCAD 2008 - English
AutoCAD 2008 - English SP1
AutoCAD 2011 - English
AutoCAD 2011 - English Version 2.1
AutoCAD 2011 Language Pack - English
Autodesk DWF Viewer 7
Autodesk Material Library 2011
Autodesk Material Library 2011 Base Image library
Broadcom Gigabit Integrated Controller
Brother HL-5340D
CCleaner
Citrix Presentation Server Client
Crystal Reports XI for Deltek
DbaMgr2k
Deltek Financial Management System Standalone
Easy CD Creator 5 Platinum
EPSON Artisan 800 Series Printer Uninstall
Epson Event Manager
Epson Print CD
EPSON Scan
FARO LS 1.1.406.58
Google Chrome
Google Earth Plug-in
Google Update Helper
GoToMeeting 4.1.0.366
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB921411)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
Intel(R) Matrix Storage Manager
Java Auto Updater
Java(TM) 6 Update 22
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Access 2000 SR-1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Express Edition
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Desktop Engine (FMS)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 7.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Picasa 3
PowerDesk 4.0
PowerDVD
PowerQuest DataKeeper
Powertoys For Windows XP
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB939373)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB942830)
Security Update for Windows XP (KB942831)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
SolidConverterPDF
Sonic CinePlayer Decoder Pack
SoundMAX
SQLXML 3.0 SP3
Startup Cop
SUPERAntiSpyware
SureThing CD Labeler Deluxe 5
Trend Micro Client/Server Security Agent
Tweakui Powertoy for Windows XP
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office PowerPoint 2007 Help (KB957247)
Update for Microsoft Office Word 2007 Help (KB957252)
Update for Microsoft Script Editor Help (KB957253)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb957829)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VBA (2627.01)
W2 Mate (2011) 8.0.35
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Search 4.0
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinZip
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
12/20/2011 9:19:54 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip tmtdi
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The World Wide Web Publishing service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start.
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/20/2011 9:18:58 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/20/2011 9:18:51 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12/20/2011 9:05:57 AM, error: System Error [1003] - Error code 10000050, parameter1 e303a01c, parameter2 00000000, parameter3 bf8326c3, parameter4 00000001.
12/20/2011 10:24:55 AM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
12/15/2011 8:41:17 AM, error: DCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {0C0A3666-30C9-11D0-8F20-00805F2CD064} to the user BOB\IWAM_BOB SID (S-1-5-21-1757981266-1614895754-725345543-1008). This security permission can be modified using the Component Services administrative tool.
12/15/2011 8:23:50 AM, error: Service Control Manager [7023] - The SPService service terminated with the following error: The system cannot find the file specified.
.
==== End Of File ===========================
09:02:26 bbrandt DETECTION C:\WINDOWS\TEMP\kna0.442571589712204.exe Trojan.Dropper QUARANTINE
09:02:33 bbrandt DETECTION C:\WINDOWS\TEMP\opre0.7402224885088704.exe Trojan.Dropper QUARANTINE
09:03:14 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
09:03:17 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
09:03:23 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
09:03:35 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
09:03:38 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
09:03:44 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
09:03:56 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
09:03:59 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
09:04:05 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
09:05:57 bbrandt MESSAGE Protection started successfully
09:06:06 bbrandt MESSAGE IP Protection started successfully
09:08:31 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:08:34 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:08:41 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:08:54 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:08:57 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:09:03 bbrandt IP-BLOCK 83.133.124.195 (Type: outgoing)
09:09:16 bbrandt IP-BLOCK 212.36.9.58 (Type: outgoing)
09:09:16 bbrandt IP-BLOCK 83.133.120.187 (Type: outgoing)
09:09:19 bbrandt IP-BLOCK 212.36.9.58 (Type: outgoing)
09:09:20 bbrandt IP-BLOCK 83.133.120.187 (Type: outgoing)
09:09:26 bbrandt IP-BLOCK 212.36.9.58 (Type: outgoing)
09:09:26 bbrandt IP-BLOCK 83.133.120.187 (Type: outgoing)
09:09:39 bbrandt IP-BLOCK 77.91.231.166 (Type: outgoing)
09:09:42 bbrandt IP-BLOCK 77.91.231.166 (Type: outgoing)
09:09:48 bbrandt IP-BLOCK 77.91.231.166 (Type: outgoing)
09:14:04 bbrandt MESSAGE Protection started successfully
09:14:09 bbrandt MESSAGE IP Protection started successfully
09:56:08 bbrandt MESSAGE Protection started successfully
09:56:16 bbrandt MESSAGE IP Protection started successfully
10:06:23 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
10:06:26 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
10:06:32 bbrandt IP-BLOCK 146.185.250.213 (Type: outgoing)
10:06:45 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
10:06:48 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
10:06:54 bbrandt IP-BLOCK 146.185.250.214 (Type: outgoing)
10:07:06 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
10:07:09 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
10:07:15 bbrandt IP-BLOCK 146.185.250.212 (Type: outgoing)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-12-20 10:14:50
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 Intel___ rev.1.0.
Running: 6kfrodex.exe; Driver: C:\DOCUME~1\bbrandt\LOCALS~1\Temp\pxtdqpow.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 TDL4@MBR code has been found <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs TmPreFlt.sys (Pre-Filter For XP/Trend Micro Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat TmPreFlt.sys (Pre-Filter For XP/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22
Run by bbrandt at 10:24:52 on 2011-12-20
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1183 [GMT -8:00]
.
AV: Trend Micro Client/Server Security Agent Antivirus *Enabled/Updated* {3E50D81E-F9F1-4A50-BD86-21DD18124D8D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$FMS\Binn\sqlservr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Microsoft SQL Server\MSSQL$FMS\Binn\sqlagent.EXE
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\CNTAoSMgr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
D:\Program Files\Wind2 FMS\Wind2.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\bbrandt\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcrobatInfo.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://liveupdate.cyberlink.com/b/a/r?PRODUCTNAME=PowerDVD&PRODUCTVERSION=8.1_DX(Dell)&VERSIONTYPE=Standard%202ch&BU=&MAJORVER=8&MINORVER=1&CHANNEL=OEM&BUILDNO=4212&LANGUAGE=enu&VENDORNAME=1840&SR=DVD080429-03&OSREGION=&DEVICE=&TYPE=&BBProductId=1&BBProdVerId=553&BBProdVerTypeId=2002&BBnChannel=1&BBnLangId=1&BBnOSRegion=-1&PATTERNID=12092&BB_ID=11097&URL=http%3A%2F%2Fupdate.cyberlink.com%2Fftpdload%2FPatch2%2F22%2FPatch.exe
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\client server security agent\bho\1007\TmIEPlg.dll
BHO: Solid Converter PDF: {259f616c-a300-44f5-b04a-ed001a26c85c} - c:\program files\soliddocuments\solidconverterpdf\scpdf\ExploreExtPDF.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Solid Converter PDF: {259f616c-a300-44f5-b04a-ed001a26c85c} - c:\program files\soliddocuments\solidconverterpdf\scpdf\ExploreExtPDF.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\client server security agent\pccntmon.exe" -HideWindow
mRun: [<NO NAME>]
mRun: [BackgroundSwitcher] c:\windows\system32\bgswitch.exe
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [OE] "c:\program files\trend micro\client server security agent\tmas_oe\TMAS_OEMon.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
mPolicies-explorer: NoWelcomeScreen = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: deltek.com\dsm
Trusted Zone: deltek.com\ftp-intl
Trusted Zone: ftp-us-deltek.com
DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} - hxxp://sbs2k01/connectcomputer/nshelp.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1284564762959
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1284564756193
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 10.10.0.2
TCP: Interfaces\{20D99558-ABCF-47D3-9DCD-71B478A37F49} : DhcpNameServer = 10.10.0.2
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\client server security agent\bho\1007\TmIEPlg.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\bbrandt\application data\mozilla\firefox\profiles\c8rzaanb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\documents and settings\bbrandt\application data\mozilla\firefox\profiles\c8rzaanb.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\bbrandt\application data\mozilla\firefox\profiles\c8rzaanb.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\documents and settings\bbrandt\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-19 366152]
R2 MSSQL$FMS;MSSQL$FMS;c:\program files\microsoft sql server\mssql$fms\binn\sqlservr.exe -sfms --> c:\program files\microsoft sql server\mssql$fms\binn\sqlservr.exe -sFMS [?]
R2 PQfsmonNT ABE675CA-49DF-11d3-93F6-00104B64D07B;PowerQuest File System Monitor PQfsmonNT ABE675CA-49DF-11d3-93F6-00104B64D07B;c:\program files\powerquest\datakeeper\PqFsmonNt.sys [2008-12-4 49096]
R2 SQLAgent$FMS;SQLAgent$FMS;c:\program files\microsoft sql server\mssql$fms\binn\sqlagent.exe -i fms --> c:\program files\microsoft sql server\mssql$fms\binn\sqlagent.EXE -i FMS [?]
R2 TmFilter;Trend Micro Filter;c:\program files\trend micro\client server security agent\tmxpflt.sys [2008-11-28 262416]
R2 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\client server security agent\tmpreflt.sys [2008-11-28 36624]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-19 22216]
R3 TmProxy;Trend Micro Client/Server Security Agent Proxy Service;c:\program files\trend micro\client server security agent\TmProxy.exe [2008-11-28 689416]
S3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2008-12-2 52240]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-1 136176]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-1 136176]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2011-12-19 18:14:18 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-19 18:14:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-16 00:29:18 -------- d-----w- c:\documents and settings\bbrandt\application data\Malwarebytes
2011-12-16 00:29:12 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-11-21 18:47:57 -------- d-----w- c:\documents and settings\bbrandt\application data\SUPERAntiSpyware.com
2011-11-21 18:47:26 -------- d-----w- c:\program files\SUPERAntiSpyware
.
==================== Find3M ====================
.
2011-12-16 16:56:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 10:27:11.28 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/2/2008 11:29:21 AM
System Uptime: 12/20/2011 9:55:26 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0TP412
Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz | CPU | 2394/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 128.981 GiB free.
D: is FIXED (NTFS) - 42 GiB total, 37.586 GiB free.
E: is FIXED (NTFS) - 107 GiB total, 91.775 GiB free.
F: is CDROM ()
G: is NetworkDisk (NTFS) - 185 GiB total, 118.433 GiB free.
I: is NetworkDisk (NTFS) - 185 GiB total, 118.433 GiB free.
J: is NetworkDisk (NTFS) - 185 GiB total, 118.433 GiB free.
K: is NetworkDisk (NTFS) - 185 GiB total, 118.433 GiB free.
P: is NetworkDisk (NTFS) - 53 GiB total, 35.689 GiB free.
Q: is NetworkDisk (NTFS) - 420 GiB total, 167.399 GiB free.
T: is NetworkDisk (NTFS) - 42 GiB total, 37.586 GiB free.
U: is NetworkDisk (NTFS) - 42 GiB total, 37.586 GiB free.
W: is Removable
X: is Removable
Y: is Removable
Z: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP884: 12/16/2011 1:58:54 PM - System Checkpoint
RP885: 12/19/2011 12:20:10 PM - System Checkpoint
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
AccXES
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.4.6 - CPSID_83708
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Player 9 ActiveX
AutoCAD 2008 - English
AutoCAD 2008 - English SP1
AutoCAD 2011 - English
AutoCAD 2011 - English Version 2.1
AutoCAD 2011 Language Pack - English
Autodesk DWF Viewer 7
Autodesk Material Library 2011
Autodesk Material Library 2011 Base Image library
Broadcom Gigabit Integrated Controller
Brother HL-5340D
CCleaner
Citrix Presentation Server Client
Crystal Reports XI for Deltek
DbaMgr2k
Deltek Financial Management System Standalone
Easy CD Creator 5 Platinum
EPSON Artisan 800 Series Printer Uninstall
Epson Event Manager
Epson Print CD
EPSON Scan
FARO LS 1.1.406.58
Google Chrome
Google Earth Plug-in
Google Update Helper
GoToMeeting 4.1.0.366
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB921411)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
Intel(R) Matrix Storage Manager
Java Auto Updater
Java(TM) 6 Update 22
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Access 2000 SR-1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Express Edition
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Desktop Engine (FMS)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 7.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Picasa 3
PowerDesk 4.0
PowerDVD
PowerQuest DataKeeper
Powertoys For Windows XP
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB939373)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB942830)
Security Update for Windows XP (KB942831)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
SolidConverterPDF
Sonic CinePlayer Decoder Pack
SoundMAX
SQLXML 3.0 SP3
Startup Cop
SUPERAntiSpyware
SureThing CD Labeler Deluxe 5
Trend Micro Client/Server Security Agent
Tweakui Powertoy for Windows XP
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office PowerPoint 2007 Help (KB957247)
Update for Microsoft Office Word 2007 Help (KB957252)
Update for Microsoft Script Editor Help (KB957253)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb957829)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VBA (2627.01)
W2 Mate (2011) 8.0.35
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Search 4.0
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinZip
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
12/20/2011 9:19:54 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip tmtdi
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The World Wide Web Publishing service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start.
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/20/2011 9:19:54 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/20/2011 9:18:58 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/20/2011 9:18:51 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12/20/2011 9:05:57 AM, error: System Error [1003] - Error code 10000050, parameter1 e303a01c, parameter2 00000000, parameter3 bf8326c3, parameter4 00000001.
12/20/2011 10:24:55 AM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
12/15/2011 8:41:17 AM, error: DCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {0C0A3666-30C9-11D0-8F20-00805F2CD064} to the user BOB\IWAM_BOB SID (S-1-5-21-1757981266-1614895754-725345543-1008). This security permission can be modified using the Component Services administrative tool.
12/15/2011 8:23:50 AM, error: Service Control Manager [7023] - The SPService service terminated with the following error: The system cannot find the file specified.
.
==== End Of File ===========================