Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4937
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
10/24/2010 11:13:35 AM
mbam-log-2010-10-24 (11-13-35).txt
Scan type: Quick scan
Objects scanned: 153496
Time elapsed: 7 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\herjek.config (Malware.Trace) -> Quarantined and deleted successfully.
GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-10-24 12:08:12
Windows 5.1.2600 Service Pack 3
Running: srxsv2jd.exe; Driver: C:\DOCUME~1\Tom\LOCALS~1\Temp\kgroypow.sys
---- System - GMER 1.0.15 ----
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwClose [0xECC9FCF0]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwCreateKey [0xECC9FBAC]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwDeleteKey [0xECCA0160]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwDeleteValueKey [0xECCA008A]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwDuplicateObject [0xECC9F782]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwOpenKey [0xECC9FC86]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwOpenProcess [0xECC9F6C2]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwOpenThread [0xECC9F726]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwQueryValueKey [0xECC9FDA6]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwRenameKey [0xECCA022E]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwRestoreKey [0xECC9FD66]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwSetValueKey [0xECC9FEE6]
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwCreateProcessEx [0xECCACBAE]
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwCreateSection [0xECCAC9D2]
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwLoadDriver [0xECCACB0C]
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** NtCreateSection
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ObInsertObject
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
PAGE*********** ntkrnlpa.exe!ZwLoadDriver*************************************************************************************************************************** 805795FA 7 Bytes* JMP ECCACB10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE*********** ntkrnlpa.exe!NtCreateSection************************************************************************************************************************ 805A075C 7 Bytes* JMP ECCAC9D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE*********** ntkrnlpa.exe!ObMakeTemporaryObject****************************************************************************************************************** 805B1CE0 5 Bytes* JMP ECCA85D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE*********** ntkrnlpa.exe!ObInsertObject************************************************************************************************************************* 805B8B58 5 Bytes* JMP ECCA9FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE*********** ntkrnlpa.exe!ZwCreateProcessEx********************************************************************************************************************** 805C73EA 7 Bytes* JMP ECCACBB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
?************** omtl.sys******************************************************************************************************************************************** The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text********** C:\WINDOWS\System32\svchost.exe[1176] ntdll.dll!NtProtectVirtualMemory****************************************************************************** 7C90D6EE 5 Bytes* JMP 00D0000A
.text********** C:\WINDOWS\System32\svchost.exe[1176] ntdll.dll!NtWriteVirtualMemory******************************************************************************** 7C90DFAE 5 Bytes* JMP 00D1000A
.text********** C:\WINDOWS\System32\svchost.exe[1176] ntdll.dll!KiUserExceptionDispatcher*************************************************************************** 7C90E47C 5 Bytes* JMP 00CF000C
.text********** C:\WINDOWS\System32\svchost.exe[1176] USER32.dll!GetCursorPos*************************************************************************************** 7E42974E 5 Bytes* JMP 0171000A
.text********** C:\WINDOWS\System32\svchost.exe[1176] ole32.dll!CoCreateInstance************************************************************************************ 774FF1AC 5 Bytes* JMP 00EA000A
.text********** C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1796] kernel32.dll!SetUnhandledExceptionFilter************************************************** 7C84495D 4 Bytes* [C2, 04, 00, 90] {RET 0x4; NOP }
.text********** C:\WINDOWS\Explorer.EXE[1808] ntdll.dll!NtProtectVirtualMemory************************************************************************************** 7C90D6EE 5 Bytes* JMP 00C9000A
.text********** C:\WINDOWS\Explorer.EXE[1808] ntdll.dll!NtWriteVirtualMemory**************************************************************************************** 7C90DFAE 5 Bytes* JMP 00D2000A
.text********** C:\WINDOWS\Explorer.EXE[1808] ntdll.dll!KiUserExceptionDispatcher*********************************************************************************** 7C90E47C 5 Bytes* JMP 00C8000C
---- User IAT/EAT - GMER 1.0.15 ----
IAT************ C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW]**************************************** 003B0002
IAT************ C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW]********************************************** 003B0000
---- Devices - GMER 1.0.15 ----
Device********* \FileSystem\Ntfs \Ntfs****************************************************************************************************************************** aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice* \FileSystem\Ntfs \Ntfs****************************************************************************************************************************** aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice* \Driver\Tcpip \Device\Ip**************************************************************************************************************************** aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice* \Driver\Tcpip \Device\Tcp*************************************************************************************************************************** aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice* \Driver\Tcpip \Device\Udp*************************************************************************************************************************** aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice* \Driver\Tcpip \Device\RawIp************************************************************************************************************************* aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device********* \Driver\viasraid -> DriverStartIo \Device\Scsi\viasraid1******************************************************************************************** 8705C292
Device********* \Device\Scsi\viasraid1Port3Path0Target0Lun0 -> \??\SCSI#Disk&Ven_VIA_SATA&Prod__RAID_0&Rev_#4&17c50b7c&0&000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}* device not found
---- Modules - GMER 1.0.15 ----
Module********* (noname) (*** hidden *** )************************************************************************************************************************** 02000000-03F8F000 (33091584 bytes)***********************************************************************************
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-10-21.02) - NTFSx86*
Run by Tom at 12:12:16.81 on Sun 10/24/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Home Edition* 5.1.2600.3.1252.1.1033.18.1023.284 [GMT -7:00]
AV: The Shield Deluxe Antivirus *On-access scanning disabled* (Outdated)** {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: avast! Antivirus *On-access scanning enabled* (Updated)** {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\RSSoft\RedSwoosh.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\F5D8053v4\BelkinWCUI.exe
C:\Program Files\Belkin\Nostromo\nost_LM.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tom\Desktop\dds.scr
============== Pseudo HJT Report ===============
uSearch Page = About:Blank
uSearch Bar = About:Blank
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = About:Blank
uSearchMigratedDefaultURL = 687474703a2f2f7777772e476f6f676c652e636f6d2f
mSearch Bar = about:blank
mSearchMigratedDefaultURL = 687474703a2f2f7777772e476f6f676c652e636f6d2f
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = About:Blank
mSearchURL = about:blank
mSearchAssistant = about:blank
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {e3bb3f2a-8f67-4b96-a432-8190258c0fd1} - c:\windows\system32\rqRKEXnO.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &ESPN: {ae6f2894-af10-4c9c-b16e-1dfc6ff8c0c6} - c:\program files\espn\toolbar\DIGToolBar.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [RemoteCenter] c:\program files\creative\mediasource\remotecontrol\RCMan.EXE
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Red Swoosh] c:\program files\rssoft\RedSwoosh.exe /S
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r
mRun: [CTDVDDET] c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDet.EXE
mRun: [CTHelper] CTHELPER.EXE
mRun: [SBDrvDet] c:\program files\creative\sb drive det\SBDrvDet.exe /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [RoxioEngineUtility] "c:\program files\common files\roxio shared\system\EngUtil.exe"
mRun: [RoxioDragToDisc] "c:\program files\roxio\easy cd creator 6\dragtodisc\DrgToDsc.exe"
mRun: [RoxioAudioCentral] "c:\program files\roxio\easy cd creator 6\audiocentral\RxMon.exe"
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [DIGServices] c:\program files\espnruntime\DIGServices.exe** /brand=ESPN** /priority=0** /poll=24
mRun: [LXSUPMON] c:\windows\system32\LXSUPMON.EXE RUN
mRun: [WD Button Manager] WDBtnMgr.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [Conime] %windir%\system32\conime.exe
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\tom\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\tom\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\belkin~1.lnk - c:\program files\belkin\f5d8053v4\BelkinWCUI.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\loadou~1.lnk - c:\program files\belkin\nostromo\nost_LM.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: aol.com\free
Trusted Zone: microsoft.com\v4.windowsupdate
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: microsoft.com\www
DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - hxxps://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.viewpoint.com/cgi-bin/installer.v4/vet_install_popup.pl?1&6&04.00.08.43&unknown&unknown&http://www.toyota.com/vehicles/2005/prius/key_features/pc/index.html
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Notify: WRNotifier - WRLogonNTF.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\rqRKEXnO
LSA: Notification Packages = scecli c:\windows\system32\kejajumo.dll
============= SERVICES / DRIVERS ===============
R0 viasraid;viasraid;c:\windows\system32\drivers\VIASRAID.SYS [2010-5-13 77056]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-5-31 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-5-31 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-31 40384]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2010-9-13 308656]
R2 PfDetNT;PfDetNT;c:\windows\system32\drivers\pfmodnt.sys [2004-12-4 16168]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-31 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-31 40384]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2009-1-12 517632]
S1 MpKsl8e8849bf;MpKsl8e8849bf;\??\c:\windows\system32\mpenginestore\mpksl8e8849bf.sys --> c:\windows\system32\mpenginestore\MpKsl8e8849bf.sys [?]
S2 tcaicchg;tcaicchg;\??\c:\windows\system32\tcaicchg.sys --> c:\windows\system32\tcaicchg.sys [?]
S2 TCAITDI;TCAITDI Protocol;c:\windows\system32\drivers\tcaitdi.sys --> c:\windows\system32\drivers\TCAITDI.sys [?]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [2003-7-23 22821]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\program files\lavalys\everest ultimate edition\kerneld.wnt --> c:\program files\lavalys\everest ultimate edition\kerneld.wnt [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2008-12-23 552448]
=============== Created Last 30 ================
2010-10-24 08:50:42*** --------*** d-----w-*** c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2010-10-24 08:50:40*** --------*** d-----w-*** c:\program files\McAfee Security Scan
2010-10-15 05:40:07*** 974848*** -c----w-*** c:\windows\system32\dllcache\mfc42.dll
2010-10-15 05:40:07*** 953856*** -c----w-*** c:\windows\system32\dllcache\mfc40u.dll
2010-10-15 05:39:58*** 617472*** -c----w-*** c:\windows\system32\dllcache\comctl32.dll
2010-10-04 18:50:10*** --------*** d-----w-*** c:\program files\iTunes
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin.dll
2010-10-04 18:46:00*** --------*** d-----w-*** c:\program files\Bonjour
2010-09-26 15:43:59*** --------*** d-----w-*** c:\docume~1\tom\applic~1\OpenOffice.org
2010-09-26 15:07:51*** --------*** d-----w-*** c:\program files\JRE
2010-09-26 15:07:11*** --------*** d-----w-*** c:\program files\OpenOffice.org 3
2010-09-26 15:06:54*** 472808*** ----a-w-*** c:\windows\system32\deployJava1.dll
2010-09-26 03:29:51*** 421888*** ----a-w-*** c:\windows\system32\EKIJ5000MON.dll
2010-09-26 03:29:51*** 196608*** ----a-w-*** c:\windows\system32\spool\prtprocs\w32x86\EKIJ5000PPR.dll
2010-09-26 03:29:51*** 131072*** ----a-w-*** c:\windows\system32\EKIJCOINST09.dll
==================== Find3M* ====================
2010-09-18 19:23:26*** 974848*** ----a-w-*** c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25*** 974848*** ----a-w-*** c:\windows\system32\mfc42.dll
2010-09-18 06:53:25*** 954368*** ----a-w-*** c:\windows\system32\mfc40.dll
2010-09-18 06:53:25*** 953856*** ----a-w-*** c:\windows\system32\mfc40u.dll
2010-09-15 09:29:49*** 73728*** ----a-w-*** c:\windows\system32\javacpl.cpl
2010-09-10 05:58:08*** 916480*** ----a-w-*** c:\windows\system32\wininet.dll
2010-09-10 05:58:06*** 43520*** ----a-w-*** c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06*** 1469440*** ----a-w-*** c:\windows\system32\inetcpl.cpl
2010-09-08 18:17:46*** 94208*** ----a-w-*** c:\windows\system32\QuickTimeVR.qtx
2010-09-08 18:17:46*** 69632*** ----a-w-*** c:\windows\system32\QuickTime.qts
2010-09-07 15:12:17*** 38848*** ----a-w-*** c:\windows\avastSS.scr
2010-09-01 11:51:14*** 285824*** ----a-w-*** c:\windows\system32\atmfd.dll
2010-08-31 13:42:52*** 1852800*** ----a-w-*** c:\windows\system32\win32k.sys
2010-08-27 08:02:29*** 119808*** ----a-w-*** c:\windows\system32\t2embed.dll
2010-08-27 05:57:43*** 99840*** ----a-w-*** c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45*** 5120*** ----a-w-*** c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04*** 617472*** ----a-w-*** c:\windows\system32\comctl32.dll
2010-08-17 13:17:06*** 58880*** ----a-w-*** c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00*** 590848*** ----a-w-*** c:\windows\system32\rpcrt4.dll
2010-07-28 01:44:10*** 91424*** ----a-w-*** c:\windows\system32\dnssd.dll
2010-07-28 01:44:10*** 107808*** ----a-w-*** c:\windows\system32\dns-sd.exe
============= FINISH: 12:13:23.48 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-10-21.02)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 6/26/2006 5:00:51 PM
System Uptime: 10/24/2010 11:14:49 AM (1 hours ago)
Motherboard: ASUSTeK Computer Inc. |* | SK8V
Processor: AMD Athlon(tm) 64 FX-51 Processor | Socket 754 | 2202/200mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 224 GiB total, 157.514 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: RAID Controller
Device ID: PCI\VEN_105A&DEV_3373&SUBSYS_80F51043&REV_02\3&267A616A&0&40
Manufacturer:
Name: RAID Controller
PNP Device ID: PCI\VEN_105A&DEV_3373&SUBSYS_80F51043&REV_02\3&267A616A&0&40
Service:
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 3Com Gigabit LOM (3C940)
Device ID: PCI\VEN_10B7&DEV_1700&SUBSYS_80EB1043&REV_12\3&267A616A&0&50
Manufacturer: 3Com
Name: 3Com Gigabit LOM (3C940)
PNP Device ID: PCI\VEN_10B7&DEV_1700&SUBSYS_80EB1043&REV_12\3&267A616A&0&50
Service: EL2000
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: MAC Bridge Miniport
Device ID: ROOT\MS_BRIDGEMP\0000
Manufacturer: Microsoft
Name: MAC Bridge Miniport
PNP Device ID: ROOT\MS_BRIDGEMP\0000
Service: BridgeMP
==== System Restore Points ===================
RP1290: 8/1/2010 1:25:04 AM - System Checkpoint
RP1291: 8/2/2010 1:37:37 AM - System Checkpoint
RP1292: 8/2/2010 11:21:35 PM - Software Distribution Service 3.0
RP1293: 8/5/2010 10:28:05 PM - System Checkpoint
RP1294: 8/8/2010 11:14:40 PM - System Checkpoint
RP1295: 8/11/2010 10:21:24 PM - System Checkpoint
RP1296: 8/12/2010 10:23:37 PM - System Checkpoint
RP1297: 8/12/2010 11:32:51 PM - Software Distribution Service 3.0
RP1298: 8/15/2010 2:08:05 AM - System Checkpoint
RP1299: 8/16/2010 2:15:57 AM - System Checkpoint
RP1300: 8/22/2010 3:44:26 PM - System Checkpoint
RP1301: 8/25/2010 9:51:31 PM - System Checkpoint
RP1302: 8/28/2010 8:01:29 PM - System Checkpoint
RP1303: 8/29/2010 8:38:14 PM - System Checkpoint
RP1304: 8/30/2010 9:27:05 PM - System Checkpoint
RP1305: 8/31/2010 9:28:31 PM - System Checkpoint
RP1306: 9/3/2010 7:30:31 PM - System Checkpoint
RP1307: 9/4/2010 8:30:58 PM - System Checkpoint
RP1308: 9/12/2010 9:50:32 PM - System Checkpoint
RP1309: 9/15/2010 10:55:46 PM - Software Distribution Service 3.0
RP1310: 9/17/2010 8:48:56 PM - System Checkpoint
RP1311: 9/18/2010 9:36:20 PM - System Checkpoint
RP1312: 9/19/2010 9:59:03 PM - System Checkpoint
RP1313: 9/21/2010 9:19:54 PM - System Checkpoint
RP1314: 9/22/2010 10:16:56 PM - System Checkpoint
RP1315: 9/23/2010 7:04:51 AM - Software Distribution Service 3.0
RP1316: 9/25/2010 7:04:42 PM - System Checkpoint
RP1317: 9/26/2010 8:06:35 AM - Installed Java(TM) 6 Update 20
RP1318: 9/26/2010 8:07:07 AM - Installed OpenOffice.org 3.2
RP1319: 9/27/2010 8:47:15 AM - System Checkpoint
RP1320: 9/28/2010 11:44:04 PM - Software Distribution Service 3.0
RP1321: 10/2/2010 6:37:13 PM - System Checkpoint
RP1322: 10/3/2010 6:53:41 PM - System Checkpoint
RP1323: 10/4/2010 9:25:51 PM - System Checkpoint
RP1324: 10/5/2010 11:45:43 PM - System Checkpoint
RP1325: 10/7/2010 11:25:04 PM - Software Distribution Service 3.0
RP1326: 10/9/2010 7:26:46 PM - System Checkpoint
RP1327: 10/10/2010 7:46:02 PM - System Checkpoint
RP1328: 10/11/2010 8:46:08 PM - System Checkpoint
RP1329: 10/13/2010 9:24:28 PM - System Checkpoint
RP1330: 10/14/2010 11:22:17 PM - Software Distribution Service 3.0
RP1331: 10/16/2010 8:23:35 PM - System Checkpoint
RP1332: 10/17/2010 9:05:51 PM - System Checkpoint
RP1333: 10/20/2010 7:51:48 PM - System Checkpoint
RP1334: 10/21/2010 8:47:19 PM - System Checkpoint
RP1335: 10/22/2010 10:00:42 PM - System Checkpoint
RP1336: 10/24/2010 1:52:40 AM - Installed Java(TM) 6 Update 22
==== Installed Programs ======================
3Com NIC Diagnostics
3ivx D4 4.5.1 (remove only)
AC3Filter (remove only)
ACDSee
Ad-Aware SE Personal
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 7.0.8
Adobe Stock Photos 1.0
aiofw
aioprnt
aioscnnr
AKoff Music Composer
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AsfTools 3.1 (remove only)
avast! Free Antivirus
AVI to MPEG Converter
AVIcodec (remove only)
Belkin N Wireless USB Adapter Setup
BitTorrent
BLM 2.5.3
Bonjour
C4USelfUpdater
center
CleanUp!
Codec Pack - All In 1 6.0.3.0
Creative MediaSource
Creative System Information
Critical Update for Windows Media Player 11 (KB959772)
DataPilot
DataPilot USB Driver Pack
Direct Show Ogg Vorbis Filter (remove only)
DivX Codec 3.1alpha release
Easy CD & DVD Creator 6
eMule
EQ2MAP Updater 0.9.7
ESPN Java Check
ESPN RunTime
EVEREST Ultimate Edition v5.01
EverQuest II
FavOrg
ffdshow [rev 2527] [2008-12-19]
FinePixViewer Ver.4.2
FLV Player 2.0 (build 25)
Forté Agent
FUJIFILM USB Driver
GetBot
GSpot Codec Information Appliance
HijackThis 1.99.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
ImageMixer VCD2 for FinePix
Intel A/V Codecs V2.0
InterVideo DVDCopy5
iPhone Configuration Utility
iPod for Windows 2005-11-17
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 7
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) SE Runtime Environment 6 Update 1
KODAK AiO Home Center
ksDIP
Lexmark Supplies Monitor
Lexmark Z25-Z35
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Master Cook Deluxe
MasterCook Deluxe
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office XP Standard for Students and Teachers
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MicroStaff WINASPI
MidiNotate Musician
Mozilla Firefox (3.0.10)
Mozilla Firefox (3.6.11)
MP3 WAV Converter 2.68
Mpeg Layer3 Codec FHG-Radium v1.263
MSN Music Assistant
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
Nostromo Array Programming Software
NVIDIA Drivers
On2 VP3 Video for Windows Codec
OpenOffice.org 3.2
Pixia
PreReq
QuickTime
RAW FILE CONVERTER LE
RealPlayer
Red Swoosh
SeaTools for Windows
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SimilarImages
SkillJam SecurePlayer
Sound Blaster Audigy 2 ZS
Spelling Dictionaries For Adobe Reader Package
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
SpywareBlaster 4.1
TVAnts 1.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB Universal Driver
VCW VicMan's Photo Editor 7.9
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WD Diagnostics
WD Firewire HID Driver
WebFldrs XP
Winamp (remove only)
Windows 7 Upgrade Advisor
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB822603
Windows XP Service Pack 3
WinRAR archiver
Xilisoft DVD to iPod Converter
XviD MPEG-4 Video Codec
YASA DVD to MP4 Converter v2.9 (build 044)
YASA MP4 Video Converter v3.2 (build 0051)
==== Event Viewer Messages From Past Week ========
10/24/2010 10:56:30 AM, error: Service Control Manager [7034]* - The NVIDIA Display Driver Service service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:30 AM, error: Service Control Manager [7034]* - The Kodak AiO Network Discovery Service service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:30 AM, error: Service Control Manager [7034]* - The Java Quick Starter service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:29 AM, error: Service Control Manager [7034]* - The Creative Service for CDROM Access service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:29 AM, error: Service Control Manager [7034]* - The Bonjour Service service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:29 AM, error: Service Control Manager [7031]* - The Apple Mobile Device service terminated unexpectedly.* It has done this 1 time(s).* The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The Telephony service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The System Event Notification service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The Remote Access Connection Manager service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The Network Location Awareness (NLA) service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The Cryptographic Services service terminated unexpectedly.* It has done this 4 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The COM+ Event System service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7031]* - The Windows Time service terminated unexpectedly.* It has done this 1 time(s).* The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/24/2010 10:47:34 AM, error: Service Control Manager [7031]* - The Windows Management Instrumentation service terminated unexpectedly.* It has done this 8 time(s).* The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/24/2010 10:03:08 AM, error: Service Control Manager [7000]* - The 6to4 service failed to start due to the following error:* The system cannot find the path specified.
10/24/2010 1:39:07 AM, error: DCOM [10005]* - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/22/2010 9:33:43 PM, error: DCOM [10005]* - DCOM got error "%1055" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
10/22/2010 9:33:43 PM, error: DCOM [10005]* - DCOM got error "%1055" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
10/22/2010 9:33:43 PM, error: DCOM [10005]* - DCOM got error "%1055" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
10/22/2010 9:33:43 PM, error: DCOM [10005]* - DCOM got error "%1055" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/22/2010 9:33:41 PM, error: Service Control Manager [7000]* - The TCAITDI Protocol service failed to start due to the following error:* The system cannot find the file specified.
10/22/2010 9:33:41 PM, error: Service Control Manager [7000]* - The tcaicchg service failed to start due to the following error:* The system cannot find the file specified.
10/22/2010 9:33:41 PM, error: Service Control Manager [7000]* - The PfModNT service failed to start due to the following error:* The system cannot find the file specified.
10/22/2010 9:33:10 PM, error: iviVD [9]* - The device, \Device\Scsi\iviVD1, did not respond within the timeout period.
==== End Of File ===========================
www.malwarebytes.org
Database version: 4937
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
10/24/2010 11:13:35 AM
mbam-log-2010-10-24 (11-13-35).txt
Scan type: Quick scan
Objects scanned: 153496
Time elapsed: 7 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\herjek.config (Malware.Trace) -> Quarantined and deleted successfully.
GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-10-24 12:08:12
Windows 5.1.2600 Service Pack 3
Running: srxsv2jd.exe; Driver: C:\DOCUME~1\Tom\LOCALS~1\Temp\kgroypow.sys
---- System - GMER 1.0.15 ----
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwClose [0xECC9FCF0]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwCreateKey [0xECC9FBAC]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwDeleteKey [0xECCA0160]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwDeleteValueKey [0xECCA008A]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwDuplicateObject [0xECC9F782]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwOpenKey [0xECC9FC86]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwOpenProcess [0xECC9F6C2]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwOpenThread [0xECC9F726]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwQueryValueKey [0xECC9FDA6]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwRenameKey [0xECCA022E]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwRestoreKey [0xECC9FD66]
SSDT*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwSetValueKey [0xECC9FEE6]
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwCreateProcessEx [0xECCACBAE]
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwCreateSection [0xECCAC9D2]
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ZwLoadDriver [0xECCACB0C]
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** NtCreateSection
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ObInsertObject
Code*********** \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)*************************************************************** ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
PAGE*********** ntkrnlpa.exe!ZwLoadDriver*************************************************************************************************************************** 805795FA 7 Bytes* JMP ECCACB10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE*********** ntkrnlpa.exe!NtCreateSection************************************************************************************************************************ 805A075C 7 Bytes* JMP ECCAC9D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE*********** ntkrnlpa.exe!ObMakeTemporaryObject****************************************************************************************************************** 805B1CE0 5 Bytes* JMP ECCA85D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE*********** ntkrnlpa.exe!ObInsertObject************************************************************************************************************************* 805B8B58 5 Bytes* JMP ECCA9FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE*********** ntkrnlpa.exe!ZwCreateProcessEx********************************************************************************************************************** 805C73EA 7 Bytes* JMP ECCACBB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
?************** omtl.sys******************************************************************************************************************************************** The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text********** C:\WINDOWS\System32\svchost.exe[1176] ntdll.dll!NtProtectVirtualMemory****************************************************************************** 7C90D6EE 5 Bytes* JMP 00D0000A
.text********** C:\WINDOWS\System32\svchost.exe[1176] ntdll.dll!NtWriteVirtualMemory******************************************************************************** 7C90DFAE 5 Bytes* JMP 00D1000A
.text********** C:\WINDOWS\System32\svchost.exe[1176] ntdll.dll!KiUserExceptionDispatcher*************************************************************************** 7C90E47C 5 Bytes* JMP 00CF000C
.text********** C:\WINDOWS\System32\svchost.exe[1176] USER32.dll!GetCursorPos*************************************************************************************** 7E42974E 5 Bytes* JMP 0171000A
.text********** C:\WINDOWS\System32\svchost.exe[1176] ole32.dll!CoCreateInstance************************************************************************************ 774FF1AC 5 Bytes* JMP 00EA000A
.text********** C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1796] kernel32.dll!SetUnhandledExceptionFilter************************************************** 7C84495D 4 Bytes* [C2, 04, 00, 90] {RET 0x4; NOP }
.text********** C:\WINDOWS\Explorer.EXE[1808] ntdll.dll!NtProtectVirtualMemory************************************************************************************** 7C90D6EE 5 Bytes* JMP 00C9000A
.text********** C:\WINDOWS\Explorer.EXE[1808] ntdll.dll!NtWriteVirtualMemory**************************************************************************************** 7C90DFAE 5 Bytes* JMP 00D2000A
.text********** C:\WINDOWS\Explorer.EXE[1808] ntdll.dll!KiUserExceptionDispatcher*********************************************************************************** 7C90E47C 5 Bytes* JMP 00C8000C
---- User IAT/EAT - GMER 1.0.15 ----
IAT************ C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW]**************************************** 003B0002
IAT************ C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW]********************************************** 003B0000
---- Devices - GMER 1.0.15 ----
Device********* \FileSystem\Ntfs \Ntfs****************************************************************************************************************************** aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice* \FileSystem\Ntfs \Ntfs****************************************************************************************************************************** aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice* \Driver\Tcpip \Device\Ip**************************************************************************************************************************** aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice* \Driver\Tcpip \Device\Tcp*************************************************************************************************************************** aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice* \Driver\Tcpip \Device\Udp*************************************************************************************************************************** aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice* \Driver\Tcpip \Device\RawIp************************************************************************************************************************* aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device********* \Driver\viasraid -> DriverStartIo \Device\Scsi\viasraid1******************************************************************************************** 8705C292
Device********* \Device\Scsi\viasraid1Port3Path0Target0Lun0 -> \??\SCSI#Disk&Ven_VIA_SATA&Prod__RAID_0&Rev_#4&17c50b7c&0&000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}* device not found
---- Modules - GMER 1.0.15 ----
Module********* (noname) (*** hidden *** )************************************************************************************************************************** 02000000-03F8F000 (33091584 bytes)***********************************************************************************
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-10-21.02) - NTFSx86*
Run by Tom at 12:12:16.81 on Sun 10/24/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Home Edition* 5.1.2600.3.1252.1.1033.18.1023.284 [GMT -7:00]
AV: The Shield Deluxe Antivirus *On-access scanning disabled* (Outdated)** {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: avast! Antivirus *On-access scanning enabled* (Updated)** {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\RSSoft\RedSwoosh.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\F5D8053v4\BelkinWCUI.exe
C:\Program Files\Belkin\Nostromo\nost_LM.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tom\Desktop\dds.scr
============== Pseudo HJT Report ===============
uSearch Page = About:Blank
uSearch Bar = About:Blank
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = About:Blank
uSearchMigratedDefaultURL = 687474703a2f2f7777772e476f6f676c652e636f6d2f
mSearch Bar = about:blank
mSearchMigratedDefaultURL = 687474703a2f2f7777772e476f6f676c652e636f6d2f
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = About:Blank
mSearchURL = about:blank
mSearchAssistant = about:blank
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {e3bb3f2a-8f67-4b96-a432-8190258c0fd1} - c:\windows\system32\rqRKEXnO.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &ESPN: {ae6f2894-af10-4c9c-b16e-1dfc6ff8c0c6} - c:\program files\espn\toolbar\DIGToolBar.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [RemoteCenter] c:\program files\creative\mediasource\remotecontrol\RCMan.EXE
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Red Swoosh] c:\program files\rssoft\RedSwoosh.exe /S
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r
mRun: [CTDVDDET] c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDet.EXE
mRun: [CTHelper] CTHELPER.EXE
mRun: [SBDrvDet] c:\program files\creative\sb drive det\SBDrvDet.exe /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [RoxioEngineUtility] "c:\program files\common files\roxio shared\system\EngUtil.exe"
mRun: [RoxioDragToDisc] "c:\program files\roxio\easy cd creator 6\dragtodisc\DrgToDsc.exe"
mRun: [RoxioAudioCentral] "c:\program files\roxio\easy cd creator 6\audiocentral\RxMon.exe"
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [DIGServices] c:\program files\espnruntime\DIGServices.exe** /brand=ESPN** /priority=0** /poll=24
mRun: [LXSUPMON] c:\windows\system32\LXSUPMON.EXE RUN
mRun: [WD Button Manager] WDBtnMgr.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [Conime] %windir%\system32\conime.exe
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\tom\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\tom\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\belkin~1.lnk - c:\program files\belkin\f5d8053v4\BelkinWCUI.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\loadou~1.lnk - c:\program files\belkin\nostromo\nost_LM.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: aol.com\free
Trusted Zone: microsoft.com\v4.windowsupdate
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: microsoft.com\www
DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - hxxps://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.viewpoint.com/cgi-bin/installer.v4/vet_install_popup.pl?1&6&04.00.08.43&unknown&unknown&http://www.toyota.com/vehicles/2005/prius/key_features/pc/index.html
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Notify: WRNotifier - WRLogonNTF.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\rqRKEXnO
LSA: Notification Packages = scecli c:\windows\system32\kejajumo.dll
============= SERVICES / DRIVERS ===============
R0 viasraid;viasraid;c:\windows\system32\drivers\VIASRAID.SYS [2010-5-13 77056]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-5-31 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-5-31 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-31 40384]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2010-9-13 308656]
R2 PfDetNT;PfDetNT;c:\windows\system32\drivers\pfmodnt.sys [2004-12-4 16168]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-31 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-31 40384]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2009-1-12 517632]
S1 MpKsl8e8849bf;MpKsl8e8849bf;\??\c:\windows\system32\mpenginestore\mpksl8e8849bf.sys --> c:\windows\system32\mpenginestore\MpKsl8e8849bf.sys [?]
S2 tcaicchg;tcaicchg;\??\c:\windows\system32\tcaicchg.sys --> c:\windows\system32\tcaicchg.sys [?]
S2 TCAITDI;TCAITDI Protocol;c:\windows\system32\drivers\tcaitdi.sys --> c:\windows\system32\drivers\TCAITDI.sys [?]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [2003-7-23 22821]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\program files\lavalys\everest ultimate edition\kerneld.wnt --> c:\program files\lavalys\everest ultimate edition\kerneld.wnt [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2008-12-23 552448]
=============== Created Last 30 ================
2010-10-24 08:50:42*** --------*** d-----w-*** c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2010-10-24 08:50:40*** --------*** d-----w-*** c:\program files\McAfee Security Scan
2010-10-15 05:40:07*** 974848*** -c----w-*** c:\windows\system32\dllcache\mfc42.dll
2010-10-15 05:40:07*** 953856*** -c----w-*** c:\windows\system32\dllcache\mfc40u.dll
2010-10-15 05:39:58*** 617472*** -c----w-*** c:\windows\system32\dllcache\comctl32.dll
2010-10-04 18:50:10*** --------*** d-----w-*** c:\program files\iTunes
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-10-04 18:48:04*** 159744*** ----a-w-*** c:\program files\internet explorer\plugins\npqtplugin.dll
2010-10-04 18:46:00*** --------*** d-----w-*** c:\program files\Bonjour
2010-09-26 15:43:59*** --------*** d-----w-*** c:\docume~1\tom\applic~1\OpenOffice.org
2010-09-26 15:07:51*** --------*** d-----w-*** c:\program files\JRE
2010-09-26 15:07:11*** --------*** d-----w-*** c:\program files\OpenOffice.org 3
2010-09-26 15:06:54*** 472808*** ----a-w-*** c:\windows\system32\deployJava1.dll
2010-09-26 03:29:51*** 421888*** ----a-w-*** c:\windows\system32\EKIJ5000MON.dll
2010-09-26 03:29:51*** 196608*** ----a-w-*** c:\windows\system32\spool\prtprocs\w32x86\EKIJ5000PPR.dll
2010-09-26 03:29:51*** 131072*** ----a-w-*** c:\windows\system32\EKIJCOINST09.dll
==================== Find3M* ====================
2010-09-18 19:23:26*** 974848*** ----a-w-*** c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25*** 974848*** ----a-w-*** c:\windows\system32\mfc42.dll
2010-09-18 06:53:25*** 954368*** ----a-w-*** c:\windows\system32\mfc40.dll
2010-09-18 06:53:25*** 953856*** ----a-w-*** c:\windows\system32\mfc40u.dll
2010-09-15 09:29:49*** 73728*** ----a-w-*** c:\windows\system32\javacpl.cpl
2010-09-10 05:58:08*** 916480*** ----a-w-*** c:\windows\system32\wininet.dll
2010-09-10 05:58:06*** 43520*** ----a-w-*** c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06*** 1469440*** ----a-w-*** c:\windows\system32\inetcpl.cpl
2010-09-08 18:17:46*** 94208*** ----a-w-*** c:\windows\system32\QuickTimeVR.qtx
2010-09-08 18:17:46*** 69632*** ----a-w-*** c:\windows\system32\QuickTime.qts
2010-09-07 15:12:17*** 38848*** ----a-w-*** c:\windows\avastSS.scr
2010-09-01 11:51:14*** 285824*** ----a-w-*** c:\windows\system32\atmfd.dll
2010-08-31 13:42:52*** 1852800*** ----a-w-*** c:\windows\system32\win32k.sys
2010-08-27 08:02:29*** 119808*** ----a-w-*** c:\windows\system32\t2embed.dll
2010-08-27 05:57:43*** 99840*** ----a-w-*** c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45*** 5120*** ----a-w-*** c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04*** 617472*** ----a-w-*** c:\windows\system32\comctl32.dll
2010-08-17 13:17:06*** 58880*** ----a-w-*** c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00*** 590848*** ----a-w-*** c:\windows\system32\rpcrt4.dll
2010-07-28 01:44:10*** 91424*** ----a-w-*** c:\windows\system32\dnssd.dll
2010-07-28 01:44:10*** 107808*** ----a-w-*** c:\windows\system32\dns-sd.exe
============= FINISH: 12:13:23.48 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-10-21.02)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 6/26/2006 5:00:51 PM
System Uptime: 10/24/2010 11:14:49 AM (1 hours ago)
Motherboard: ASUSTeK Computer Inc. |* | SK8V
Processor: AMD Athlon(tm) 64 FX-51 Processor | Socket 754 | 2202/200mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 224 GiB total, 157.514 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: RAID Controller
Device ID: PCI\VEN_105A&DEV_3373&SUBSYS_80F51043&REV_02\3&267A616A&0&40
Manufacturer:
Name: RAID Controller
PNP Device ID: PCI\VEN_105A&DEV_3373&SUBSYS_80F51043&REV_02\3&267A616A&0&40
Service:
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 3Com Gigabit LOM (3C940)
Device ID: PCI\VEN_10B7&DEV_1700&SUBSYS_80EB1043&REV_12\3&267A616A&0&50
Manufacturer: 3Com
Name: 3Com Gigabit LOM (3C940)
PNP Device ID: PCI\VEN_10B7&DEV_1700&SUBSYS_80EB1043&REV_12\3&267A616A&0&50
Service: EL2000
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: MAC Bridge Miniport
Device ID: ROOT\MS_BRIDGEMP\0000
Manufacturer: Microsoft
Name: MAC Bridge Miniport
PNP Device ID: ROOT\MS_BRIDGEMP\0000
Service: BridgeMP
==== System Restore Points ===================
RP1290: 8/1/2010 1:25:04 AM - System Checkpoint
RP1291: 8/2/2010 1:37:37 AM - System Checkpoint
RP1292: 8/2/2010 11:21:35 PM - Software Distribution Service 3.0
RP1293: 8/5/2010 10:28:05 PM - System Checkpoint
RP1294: 8/8/2010 11:14:40 PM - System Checkpoint
RP1295: 8/11/2010 10:21:24 PM - System Checkpoint
RP1296: 8/12/2010 10:23:37 PM - System Checkpoint
RP1297: 8/12/2010 11:32:51 PM - Software Distribution Service 3.0
RP1298: 8/15/2010 2:08:05 AM - System Checkpoint
RP1299: 8/16/2010 2:15:57 AM - System Checkpoint
RP1300: 8/22/2010 3:44:26 PM - System Checkpoint
RP1301: 8/25/2010 9:51:31 PM - System Checkpoint
RP1302: 8/28/2010 8:01:29 PM - System Checkpoint
RP1303: 8/29/2010 8:38:14 PM - System Checkpoint
RP1304: 8/30/2010 9:27:05 PM - System Checkpoint
RP1305: 8/31/2010 9:28:31 PM - System Checkpoint
RP1306: 9/3/2010 7:30:31 PM - System Checkpoint
RP1307: 9/4/2010 8:30:58 PM - System Checkpoint
RP1308: 9/12/2010 9:50:32 PM - System Checkpoint
RP1309: 9/15/2010 10:55:46 PM - Software Distribution Service 3.0
RP1310: 9/17/2010 8:48:56 PM - System Checkpoint
RP1311: 9/18/2010 9:36:20 PM - System Checkpoint
RP1312: 9/19/2010 9:59:03 PM - System Checkpoint
RP1313: 9/21/2010 9:19:54 PM - System Checkpoint
RP1314: 9/22/2010 10:16:56 PM - System Checkpoint
RP1315: 9/23/2010 7:04:51 AM - Software Distribution Service 3.0
RP1316: 9/25/2010 7:04:42 PM - System Checkpoint
RP1317: 9/26/2010 8:06:35 AM - Installed Java(TM) 6 Update 20
RP1318: 9/26/2010 8:07:07 AM - Installed OpenOffice.org 3.2
RP1319: 9/27/2010 8:47:15 AM - System Checkpoint
RP1320: 9/28/2010 11:44:04 PM - Software Distribution Service 3.0
RP1321: 10/2/2010 6:37:13 PM - System Checkpoint
RP1322: 10/3/2010 6:53:41 PM - System Checkpoint
RP1323: 10/4/2010 9:25:51 PM - System Checkpoint
RP1324: 10/5/2010 11:45:43 PM - System Checkpoint
RP1325: 10/7/2010 11:25:04 PM - Software Distribution Service 3.0
RP1326: 10/9/2010 7:26:46 PM - System Checkpoint
RP1327: 10/10/2010 7:46:02 PM - System Checkpoint
RP1328: 10/11/2010 8:46:08 PM - System Checkpoint
RP1329: 10/13/2010 9:24:28 PM - System Checkpoint
RP1330: 10/14/2010 11:22:17 PM - Software Distribution Service 3.0
RP1331: 10/16/2010 8:23:35 PM - System Checkpoint
RP1332: 10/17/2010 9:05:51 PM - System Checkpoint
RP1333: 10/20/2010 7:51:48 PM - System Checkpoint
RP1334: 10/21/2010 8:47:19 PM - System Checkpoint
RP1335: 10/22/2010 10:00:42 PM - System Checkpoint
RP1336: 10/24/2010 1:52:40 AM - Installed Java(TM) 6 Update 22
==== Installed Programs ======================
3Com NIC Diagnostics
3ivx D4 4.5.1 (remove only)
AC3Filter (remove only)
ACDSee
Ad-Aware SE Personal
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 7.0.8
Adobe Stock Photos 1.0
aiofw
aioprnt
aioscnnr
AKoff Music Composer
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AsfTools 3.1 (remove only)
avast! Free Antivirus
AVI to MPEG Converter
AVIcodec (remove only)
Belkin N Wireless USB Adapter Setup
BitTorrent
BLM 2.5.3
Bonjour
C4USelfUpdater
center
CleanUp!
Codec Pack - All In 1 6.0.3.0
Creative MediaSource
Creative System Information
Critical Update for Windows Media Player 11 (KB959772)
DataPilot
DataPilot USB Driver Pack
Direct Show Ogg Vorbis Filter (remove only)
DivX Codec 3.1alpha release
Easy CD & DVD Creator 6
eMule
EQ2MAP Updater 0.9.7
ESPN Java Check
ESPN RunTime
EVEREST Ultimate Edition v5.01
EverQuest II
FavOrg
ffdshow [rev 2527] [2008-12-19]
FinePixViewer Ver.4.2
FLV Player 2.0 (build 25)
Forté Agent
FUJIFILM USB Driver
GetBot
GSpot Codec Information Appliance
HijackThis 1.99.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
ImageMixer VCD2 for FinePix
Intel A/V Codecs V2.0
InterVideo DVDCopy5
iPhone Configuration Utility
iPod for Windows 2005-11-17
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 7
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) SE Runtime Environment 6 Update 1
KODAK AiO Home Center
ksDIP
Lexmark Supplies Monitor
Lexmark Z25-Z35
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Master Cook Deluxe
MasterCook Deluxe
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office XP Standard for Students and Teachers
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MicroStaff WINASPI
MidiNotate Musician
Mozilla Firefox (3.0.10)
Mozilla Firefox (3.6.11)
MP3 WAV Converter 2.68
Mpeg Layer3 Codec FHG-Radium v1.263
MSN Music Assistant
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
Nostromo Array Programming Software
NVIDIA Drivers
On2 VP3 Video for Windows Codec
OpenOffice.org 3.2
Pixia
PreReq
QuickTime
RAW FILE CONVERTER LE
RealPlayer
Red Swoosh
SeaTools for Windows
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SimilarImages
SkillJam SecurePlayer
Sound Blaster Audigy 2 ZS
Spelling Dictionaries For Adobe Reader Package
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
SpywareBlaster 4.1
TVAnts 1.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB Universal Driver
VCW VicMan's Photo Editor 7.9
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WD Diagnostics
WD Firewire HID Driver
WebFldrs XP
Winamp (remove only)
Windows 7 Upgrade Advisor
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB822603
Windows XP Service Pack 3
WinRAR archiver
Xilisoft DVD to iPod Converter
XviD MPEG-4 Video Codec
YASA DVD to MP4 Converter v2.9 (build 044)
YASA MP4 Video Converter v3.2 (build 0051)
==== Event Viewer Messages From Past Week ========
10/24/2010 10:56:30 AM, error: Service Control Manager [7034]* - The NVIDIA Display Driver Service service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:30 AM, error: Service Control Manager [7034]* - The Kodak AiO Network Discovery Service service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:30 AM, error: Service Control Manager [7034]* - The Java Quick Starter service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:29 AM, error: Service Control Manager [7034]* - The Creative Service for CDROM Access service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:29 AM, error: Service Control Manager [7034]* - The Bonjour Service service terminated unexpectedly.* It has done this 1 time(s).
10/24/2010 10:56:29 AM, error: Service Control Manager [7031]* - The Apple Mobile Device service terminated unexpectedly.* It has done this 1 time(s).* The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The Telephony service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The System Event Notification service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The Remote Access Connection Manager service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The Network Location Awareness (NLA) service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The Cryptographic Services service terminated unexpectedly.* It has done this 4 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7034]* - The COM+ Event System service terminated unexpectedly.* It has done this 8 time(s).
10/24/2010 10:47:34 AM, error: Service Control Manager [7031]* - The Windows Time service terminated unexpectedly.* It has done this 1 time(s).* The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/24/2010 10:47:34 AM, error: Service Control Manager [7031]* - The Windows Management Instrumentation service terminated unexpectedly.* It has done this 8 time(s).* The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/24/2010 10:03:08 AM, error: Service Control Manager [7000]* - The 6to4 service failed to start due to the following error:* The system cannot find the path specified.
10/24/2010 1:39:07 AM, error: DCOM [10005]* - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/22/2010 9:33:43 PM, error: DCOM [10005]* - DCOM got error "%1055" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
10/22/2010 9:33:43 PM, error: DCOM [10005]* - DCOM got error "%1055" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
10/22/2010 9:33:43 PM, error: DCOM [10005]* - DCOM got error "%1055" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
10/22/2010 9:33:43 PM, error: DCOM [10005]* - DCOM got error "%1055" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/22/2010 9:33:41 PM, error: Service Control Manager [7000]* - The TCAITDI Protocol service failed to start due to the following error:* The system cannot find the file specified.
10/22/2010 9:33:41 PM, error: Service Control Manager [7000]* - The tcaicchg service failed to start due to the following error:* The system cannot find the file specified.
10/22/2010 9:33:41 PM, error: Service Control Manager [7000]* - The PfModNT service failed to start due to the following error:* The system cannot find the file specified.
10/22/2010 9:33:10 PM, error: iviVD [9]* - The device, \Device\Scsi\iviVD1, did not respond within the timeout period.
==== End Of File ===========================