System had a fake system integrity malware a few days ago got rid of it but now we have search results being redirected to junk web sites. Have had more malware and trojans pop up since I got rid of the fake system check but things look clean now except for the redirects. I could not get any logs from GMER as they were all empty but it did pop up an exception before when I ran it (Load Driver C:../../kxtdipog.sys error 0XC000010E cannot create a stable subkey under a volatile parent key) Here are my mbytes and dds logs:
Malwarebytes log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8302
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/4/2011 04:01:47
mbam-log-2011-12-04 (04-01-47).txt
Scan type: Quick scan
Objects scanned: 193424
Time elapsed: 1 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Run by HALO at 5:01:16 on 2011-12-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3581.2774 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe"
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: Groove Folder Synchronization: {2a541ae1-5bf6-4665-a8a3-cfa9672e4291} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{51fb15f4-ad27-43bc-ad4b-dd0354fb6bbd}\Icon3E5562ED7.ico
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
Trusted Zone: watchitmove.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {C9101148-151A-470D-9CE5-C163C0361EAE} - hxxp://www.ipromote.com/assets/media/toolbars/ipromote_toolbar.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{11A44DF7-6A7D-4168-8DFF-573DB7F8E5EE} : NameServer = 204.117.214.10,199.2.252.10
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Authentication Packages = msv1_0 wvauth
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\halo\application data\mozilla\firefox\profiles\akgs7kj7.default\
FF - plugin: c:\documents and settings\halo\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2010-7-30 24064]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsld7b1541a;MpKsld7b1541a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{28565789-cd0f-43f0-8336-8bca58bd244b}\mpksld7b1541a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{28565789-cd0f-43f0-8336-8bca58bd244b}\MpKsld7b1541a.sys [?]
R1 MpKsle55d2bba;MpKsle55d2bba;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{497950ba-2160-437f-8423-6478ff7dfbb5}\MpKsle55d2bba.sys [2011-12-4 29904]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2010-2-8 376688]
S1 MpKslcb6bd7e8;MpKslcb6bd7e8;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{be63d181-a450-415e-8e78-281938d2850b}\mpkslcb6bd7e8.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{be63d181-a450-415e-8e78-281938d2850b}\MpKslcb6bd7e8.sys [?]
S2 BackupService;BackupService;c:\documents and settings\halo\application data\hp simplesave application\uUACTokenSvc.exe [2011-7-3 83512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-30 136176]
S3 ATMEPVCM;Microsoft Ethernet PVC;c:\windows\system32\drivers\atmepvc.sys [2008-4-25 31360]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-30 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 RegKernelHelp;RegKernelHelp;\??\c:\program files\safe returner\regkernelhelp.sys --> c:\program files\safe returner\RegKernelHelp.sys [?]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2007-11-14 394952]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-25 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-12-04 04:33:32 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{497950ba-2160-437f-8423-6478ff7dfbb5}\MpKsle55d2bba.sys
2011-12-04 04:33:29 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{497950ba-2160-437f-8423-6478ff7dfbb5}\offreg.dll
2011-12-04 04:33:28 6823496 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{497950ba-2160-437f-8423-6478ff7dfbb5}\mpengine.dll
2011-12-03 23:32:04 -------- d-----w- C:\ComboFix
2011-12-03 04:29:00 -------- d-sha-r- C:\cmdcons
2011-12-03 04:20:11 98816 ----a-w- c:\windows\sed.exe
2011-12-03 04:20:11 518144 ----a-w- c:\windows\SWREG.exe
2011-12-03 04:20:11 256000 ----a-w- c:\windows\PEV.exe
2011-12-03 04:20:11 208896 ----a-w- c:\windows\MBR.exe
2011-12-03 01:42:51 -------- d-----w- c:\program files\ESET
2011-12-01 13:16:46 6823496 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-11-30 06:49:17 -------- d-----w- c:\documents and settings\halo\application data\QuickScan
2011-11-29 19:59:08 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-28 20:43:26 187776 -c--a-w- c:\windows\system32\dllcache\acpi.sys
2011-11-28 20:43:26 187776 ----a-w- c:\windows\system32\drivers\acpi.sys
2011-11-28 20:42:29 -------- d--h--w- c:\documents and settings\halo\application data\892F1515
.
==================== Find3M ====================
.
2011-11-10 03:33:01 256104 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-11-10 03:33:01 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-11-03 16:23:02 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-13 03:37:14 256104 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 11:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 11:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 11:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-10 04:47:20 309320 ----a-w- c:\windows\system32\drivers\TrufosAlt.sys
2011-09-06 13:25:11 1867904 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 5:07:15.15 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/29/2010 19:44:50
System Uptime: 12/3/2011 22:17:57 (7 hours ago)
.
Motherboard: Dell Inc. | | 0D883F
Processor: Intel(R) Xeon(R) CPU E5504 @ 2.00GHz | CPU1 | 1995/4800mhz
Processor: Intel(R) Xeon(R) CPU E5504 @ 2.00GHz | CPU1 | 1995/4800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 432.301 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
.
==== System Restore Points ===================
.
RP271: 9/5/2011 02:15:58 - System Checkpoint
RP272: 9/6/2011 03:16:35 - System Checkpoint
RP273: 9/7/2011 03:18:45 - System Checkpoint
RP274: 9/8/2011 05:48:20 - System Checkpoint
RP275: 9/9/2011 06:11:28 - System Checkpoint
RP276: 9/10/2011 06:55:52 - System Checkpoint
RP277: 9/11/2011 03:00:21 - Software Distribution Service 3.0
RP278: 9/12/2011 03:00:14 - Software Distribution Service 3.0
RP279: 9/13/2011 03:37:56 - System Checkpoint
RP280: 9/14/2011 03:00:30 - Software Distribution Service 3.0
RP281: 9/15/2011 03:24:52 - System Checkpoint
RP282: 9/16/2011 05:36:49 - System Checkpoint
RP283: 9/17/2011 06:28:04 - System Checkpoint
RP284: 9/18/2011 08:12:29 - System Checkpoint
RP285: 9/19/2011 10:35:07 - System Checkpoint
RP286: 9/20/2011 10:48:13 - System Checkpoint
RP287: 9/21/2011 11:24:54 - System Checkpoint
RP288: 9/22/2011 11:36:54 - System Checkpoint
RP289: 9/23/2011 12:15:38 - System Checkpoint
RP290: 9/24/2011 15:56:02 - System Checkpoint
RP291: 9/25/2011 17:21:28 - System Checkpoint
RP292: 9/26/2011 22:01:59 - System Checkpoint
RP293: 9/27/2011 22:21:45 - System Checkpoint
RP294: 9/28/2011 03:00:13 - Software Distribution Service 3.0
RP295: 9/29/2011 14:42:03 - System Checkpoint
RP296: 9/30/2011 15:36:33 - System Checkpoint
RP297: 10/1/2011 18:26:17 - System Checkpoint
RP298: 10/3/2011 13:34:52 - System Checkpoint
RP299: 10/4/2011 14:06:55 - System Checkpoint
RP300: 10/5/2011 16:03:05 - System Checkpoint
RP301: 10/6/2011 21:54:50 - System Checkpoint
RP302: 10/7/2011 22:09:59 - System Checkpoint
RP303: 10/8/2011 23:05:04 - System Checkpoint
RP304: 10/9/2011 23:06:05 - System Checkpoint
RP305: 10/11/2011 00:03:54 - System Checkpoint
RP306: 10/12/2011 00:04:06 - System Checkpoint
RP307: 10/13/2011 00:08:37 - System Checkpoint
RP308: 10/13/2011 03:00:14 - Software Distribution Service 3.0
RP309: 10/14/2011 04:55:23 - System Checkpoint
RP310: 10/15/2011 03:00:13 - Software Distribution Service 3.0
RP311: 10/16/2011 03:34:30 - System Checkpoint
RP312: 10/17/2011 05:28:40 - System Checkpoint
RP313: 10/18/2011 05:36:10 - System Checkpoint
RP314: 10/19/2011 06:16:43 - System Checkpoint
RP315: 10/20/2011 07:28:42 - System Checkpoint
RP316: 10/21/2011 13:51:58 - System Checkpoint
RP317: 10/22/2011 14:17:45 - System Checkpoint
RP318: 10/23/2011 17:20:17 - System Checkpoint
RP319: 10/24/2011 20:19:19 - System Checkpoint
RP320: 10/25/2011 21:38:18 - System Checkpoint
RP321: 10/26/2011 21:51:29 - System Checkpoint
RP322: 10/28/2011 00:22:42 - System Checkpoint
RP323: 10/29/2011 00:32:09 - System Checkpoint
RP324: 10/30/2011 01:42:21 - System Checkpoint
RP325: 10/31/2011 02:24:58 - System Checkpoint
RP326: 11/1/2011 03:19:44 - System Checkpoint
RP327: 11/2/2011 04:17:46 - System Checkpoint
RP328: 11/3/2011 06:14:58 - System Checkpoint
RP329: 11/4/2011 06:24:32 - System Checkpoint
RP330: 11/5/2011 06:27:07 - System Checkpoint
RP331: 11/6/2011 10:13:26 - System Checkpoint
RP332: 11/7/2011 11:21:28 - System Checkpoint
RP333: 11/8/2011 11:44:52 - System Checkpoint
RP334: 11/9/2011 03:00:13 - Software Distribution Service 3.0
RP335: 11/10/2011 05:33:33 - System Checkpoint
RP336: 11/11/2011 07:11:43 - System Checkpoint
RP337: 11/12/2011 03:00:14 - Software Distribution Service 3.0
RP338: 11/13/2011 03:07:03 - System Checkpoint
RP339: 11/14/2011 04:38:06 - System Checkpoint
RP340: 11/15/2011 05:47:54 - System Checkpoint
RP341: 11/16/2011 07:43:54 - System Checkpoint
RP342: 11/17/2011 08:19:16 - System Checkpoint
RP343: 11/18/2011 09:35:12 - System Checkpoint
RP344: 11/19/2011 10:19:31 - System Checkpoint
RP345: 11/20/2011 11:10:12 - System Checkpoint
RP346: 11/21/2011 12:09:29 - System Checkpoint
RP347: 11/22/2011 13:47:04 - System Checkpoint
RP348: 11/23/2011 14:49:18 - System Checkpoint
RP349: 11/24/2011 15:11:17 - System Checkpoint
RP350: 11/25/2011 15:44:49 - System Checkpoint
RP351: 11/26/2011 16:22:17 - System Checkpoint
RP352: 11/27/2011 18:02:49 - System Checkpoint
RP353: 11/28/2011 19:49:23 - System Checkpoint
RP354: 11/29/2011 17:59:56 - Removed Ad-Aware
RP355: 11/29/2011 19:55:53 - Removed Symantec AntiVirus
RP356: 11/29/2011 20:00:22 - Software Distribution Service 3.0
RP357: 12/1/2011 06:26:09 - System Checkpoint
RP358: 12/1/2011 13:16:12 - Software Distribution Service 3.0
RP359: 12/2/2011 13:34:26 - System Checkpoint
RP360: 12/2/2011 16:32:42 - Software Distribution Service 3.0
RP361: 12/3/2011 06:37:37 - Software Distribution Service 3.0
RP362: 12/4/2011 01:59:19 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.2
Apple Application Support
Apple Software Update
AutoFind 6 Common
Autofind 6 Crystal Reports Runtime
BioAPI Framework
Broadcom NetXtreme-I Netlink Driver and Management Installer
Cisco Systems VPN Client 5.0.04.0300
DCP32MMWrapper
Dell Control Point
Dell ControlPoint Security Manager
Dell ControlPoint System Manager
Dell Embassy Trust Suite by Wave Systems
Dell Security Device Driver Pack
Document Manager Lite
EMBASSY Security Center
EMBASSY Security Setup
ESC Home Page Plugin
ESET Online Scanner v3
Gemalto
Google Chrome
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB954708)
Intel® Matrix Storage Manager
InterActual Player
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 24
Map AGenT Pro
MapInfo MapX 4.0 OCX
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Milestone XProtect Smart Client 5.0d
Mozilla Firefox 8.0.1 (x86 en-US)
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6.0 Parser (KB927977)
NTRU TCG Software Stack
NVIDIA Control Panel 267.17
NVIDIA Graphics Driver 267.17
NVIDIA Install Application
NVIDIA nView 135.64
NVIDIA nView Desktop Manager
OGA Notifier 2.0.0048.0
PowerDVD DX
Preboot Manager
Private Information Manager
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE 10.3
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2483614)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Security Wizards
SO32MMWrapper
SoundMAX
Trusted Drive Manager
Tweak UI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Windows (KB971513)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB898461)
Update for Windows XP (KB961503)
Update for Windows XP (KB971029)
UPEK TouchChip Fingerprint Reader
VideoLAN VLC media player 0.8.6f
Wave Infrastructure Installer
Wave Support Software
WebFldrs XP
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
12/3/2011 05:18:14, error: PlugPlayManager [11] - The device Root\LEGACY_NPF\0000 disappeared from the system without first being prepared for removal.
12/3/2011 04:17:23, error: Service Control Manager [7034] - The BackupService service terminated unexpectedly. It has done this 1 time(s).
12/1/2011 16:27:17, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
12/1/2011 15:18:15, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
12/1/2011 14:04:12, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).
12/1/2011 14:01:10, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/1/2011 13:58:09, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/1/2011 06:10:44, error: Service Control Manager [7034] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).
12/1/2011 05:59:31, error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/29/2011 15:48:35, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/29/2011 05:15:14, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: eeCtrl Fips intelppm SAVRT SAVRTPEL SYMTDI
11/29/2011 05:13:22, error: NetBT [4311] - Initialization failed because the driver device could not be created.
11/29/2011 04:54:55, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/29/2011 04:31:37, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRT SAVRTPEL SYMTDI Tcpip
11/29/2011 04:31:37, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
11/29/2011 04:31:37, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/29/2011 04:31:37, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/29/2011 04:31:37, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
11/29/2011 03:00:51, error: System Error [1003] - Error code 10000050, parameter1 ad379000, parameter2 00000000, parameter3 80509973, parameter4 00000000.
.
==== End Of File ===========================
Malwarebytes log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8302
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/4/2011 04:01:47
mbam-log-2011-12-04 (04-01-47).txt
Scan type: Quick scan
Objects scanned: 193424
Time elapsed: 1 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Run by HALO at 5:01:16 on 2011-12-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3581.2774 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe"
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: Groove Folder Synchronization: {2a541ae1-5bf6-4665-a8a3-cfa9672e4291} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{51fb15f4-ad27-43bc-ad4b-dd0354fb6bbd}\Icon3E5562ED7.ico
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
Trusted Zone: watchitmove.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {C9101148-151A-470D-9CE5-C163C0361EAE} - hxxp://www.ipromote.com/assets/media/toolbars/ipromote_toolbar.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{11A44DF7-6A7D-4168-8DFF-573DB7F8E5EE} : NameServer = 204.117.214.10,199.2.252.10
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Authentication Packages = msv1_0 wvauth
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\halo\application data\mozilla\firefox\profiles\akgs7kj7.default\
FF - plugin: c:\documents and settings\halo\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2010-7-30 24064]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsld7b1541a;MpKsld7b1541a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{28565789-cd0f-43f0-8336-8bca58bd244b}\mpksld7b1541a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{28565789-cd0f-43f0-8336-8bca58bd244b}\MpKsld7b1541a.sys [?]
R1 MpKsle55d2bba;MpKsle55d2bba;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{497950ba-2160-437f-8423-6478ff7dfbb5}\MpKsle55d2bba.sys [2011-12-4 29904]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2010-2-8 376688]
S1 MpKslcb6bd7e8;MpKslcb6bd7e8;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{be63d181-a450-415e-8e78-281938d2850b}\mpkslcb6bd7e8.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{be63d181-a450-415e-8e78-281938d2850b}\MpKslcb6bd7e8.sys [?]
S2 BackupService;BackupService;c:\documents and settings\halo\application data\hp simplesave application\uUACTokenSvc.exe [2011-7-3 83512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-30 136176]
S3 ATMEPVCM;Microsoft Ethernet PVC;c:\windows\system32\drivers\atmepvc.sys [2008-4-25 31360]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-30 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 RegKernelHelp;RegKernelHelp;\??\c:\program files\safe returner\regkernelhelp.sys --> c:\program files\safe returner\RegKernelHelp.sys [?]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2007-11-14 394952]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-25 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-12-04 04:33:32 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{497950ba-2160-437f-8423-6478ff7dfbb5}\MpKsle55d2bba.sys
2011-12-04 04:33:29 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{497950ba-2160-437f-8423-6478ff7dfbb5}\offreg.dll
2011-12-04 04:33:28 6823496 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{497950ba-2160-437f-8423-6478ff7dfbb5}\mpengine.dll
2011-12-03 23:32:04 -------- d-----w- C:\ComboFix
2011-12-03 04:29:00 -------- d-sha-r- C:\cmdcons
2011-12-03 04:20:11 98816 ----a-w- c:\windows\sed.exe
2011-12-03 04:20:11 518144 ----a-w- c:\windows\SWREG.exe
2011-12-03 04:20:11 256000 ----a-w- c:\windows\PEV.exe
2011-12-03 04:20:11 208896 ----a-w- c:\windows\MBR.exe
2011-12-03 01:42:51 -------- d-----w- c:\program files\ESET
2011-12-01 13:16:46 6823496 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-11-30 06:49:17 -------- d-----w- c:\documents and settings\halo\application data\QuickScan
2011-11-29 19:59:08 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-28 20:43:26 187776 -c--a-w- c:\windows\system32\dllcache\acpi.sys
2011-11-28 20:43:26 187776 ----a-w- c:\windows\system32\drivers\acpi.sys
2011-11-28 20:42:29 -------- d--h--w- c:\documents and settings\halo\application data\892F1515
.
==================== Find3M ====================
.
2011-11-10 03:33:01 256104 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-11-10 03:33:01 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-11-03 16:23:02 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-13 03:37:14 256104 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 11:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 11:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 11:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-10 04:47:20 309320 ----a-w- c:\windows\system32\drivers\TrufosAlt.sys
2011-09-06 13:25:11 1867904 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 5:07:15.15 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/29/2010 19:44:50
System Uptime: 12/3/2011 22:17:57 (7 hours ago)
.
Motherboard: Dell Inc. | | 0D883F
Processor: Intel(R) Xeon(R) CPU E5504 @ 2.00GHz | CPU1 | 1995/4800mhz
Processor: Intel(R) Xeon(R) CPU E5504 @ 2.00GHz | CPU1 | 1995/4800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 432.301 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
.
==== System Restore Points ===================
.
RP271: 9/5/2011 02:15:58 - System Checkpoint
RP272: 9/6/2011 03:16:35 - System Checkpoint
RP273: 9/7/2011 03:18:45 - System Checkpoint
RP274: 9/8/2011 05:48:20 - System Checkpoint
RP275: 9/9/2011 06:11:28 - System Checkpoint
RP276: 9/10/2011 06:55:52 - System Checkpoint
RP277: 9/11/2011 03:00:21 - Software Distribution Service 3.0
RP278: 9/12/2011 03:00:14 - Software Distribution Service 3.0
RP279: 9/13/2011 03:37:56 - System Checkpoint
RP280: 9/14/2011 03:00:30 - Software Distribution Service 3.0
RP281: 9/15/2011 03:24:52 - System Checkpoint
RP282: 9/16/2011 05:36:49 - System Checkpoint
RP283: 9/17/2011 06:28:04 - System Checkpoint
RP284: 9/18/2011 08:12:29 - System Checkpoint
RP285: 9/19/2011 10:35:07 - System Checkpoint
RP286: 9/20/2011 10:48:13 - System Checkpoint
RP287: 9/21/2011 11:24:54 - System Checkpoint
RP288: 9/22/2011 11:36:54 - System Checkpoint
RP289: 9/23/2011 12:15:38 - System Checkpoint
RP290: 9/24/2011 15:56:02 - System Checkpoint
RP291: 9/25/2011 17:21:28 - System Checkpoint
RP292: 9/26/2011 22:01:59 - System Checkpoint
RP293: 9/27/2011 22:21:45 - System Checkpoint
RP294: 9/28/2011 03:00:13 - Software Distribution Service 3.0
RP295: 9/29/2011 14:42:03 - System Checkpoint
RP296: 9/30/2011 15:36:33 - System Checkpoint
RP297: 10/1/2011 18:26:17 - System Checkpoint
RP298: 10/3/2011 13:34:52 - System Checkpoint
RP299: 10/4/2011 14:06:55 - System Checkpoint
RP300: 10/5/2011 16:03:05 - System Checkpoint
RP301: 10/6/2011 21:54:50 - System Checkpoint
RP302: 10/7/2011 22:09:59 - System Checkpoint
RP303: 10/8/2011 23:05:04 - System Checkpoint
RP304: 10/9/2011 23:06:05 - System Checkpoint
RP305: 10/11/2011 00:03:54 - System Checkpoint
RP306: 10/12/2011 00:04:06 - System Checkpoint
RP307: 10/13/2011 00:08:37 - System Checkpoint
RP308: 10/13/2011 03:00:14 - Software Distribution Service 3.0
RP309: 10/14/2011 04:55:23 - System Checkpoint
RP310: 10/15/2011 03:00:13 - Software Distribution Service 3.0
RP311: 10/16/2011 03:34:30 - System Checkpoint
RP312: 10/17/2011 05:28:40 - System Checkpoint
RP313: 10/18/2011 05:36:10 - System Checkpoint
RP314: 10/19/2011 06:16:43 - System Checkpoint
RP315: 10/20/2011 07:28:42 - System Checkpoint
RP316: 10/21/2011 13:51:58 - System Checkpoint
RP317: 10/22/2011 14:17:45 - System Checkpoint
RP318: 10/23/2011 17:20:17 - System Checkpoint
RP319: 10/24/2011 20:19:19 - System Checkpoint
RP320: 10/25/2011 21:38:18 - System Checkpoint
RP321: 10/26/2011 21:51:29 - System Checkpoint
RP322: 10/28/2011 00:22:42 - System Checkpoint
RP323: 10/29/2011 00:32:09 - System Checkpoint
RP324: 10/30/2011 01:42:21 - System Checkpoint
RP325: 10/31/2011 02:24:58 - System Checkpoint
RP326: 11/1/2011 03:19:44 - System Checkpoint
RP327: 11/2/2011 04:17:46 - System Checkpoint
RP328: 11/3/2011 06:14:58 - System Checkpoint
RP329: 11/4/2011 06:24:32 - System Checkpoint
RP330: 11/5/2011 06:27:07 - System Checkpoint
RP331: 11/6/2011 10:13:26 - System Checkpoint
RP332: 11/7/2011 11:21:28 - System Checkpoint
RP333: 11/8/2011 11:44:52 - System Checkpoint
RP334: 11/9/2011 03:00:13 - Software Distribution Service 3.0
RP335: 11/10/2011 05:33:33 - System Checkpoint
RP336: 11/11/2011 07:11:43 - System Checkpoint
RP337: 11/12/2011 03:00:14 - Software Distribution Service 3.0
RP338: 11/13/2011 03:07:03 - System Checkpoint
RP339: 11/14/2011 04:38:06 - System Checkpoint
RP340: 11/15/2011 05:47:54 - System Checkpoint
RP341: 11/16/2011 07:43:54 - System Checkpoint
RP342: 11/17/2011 08:19:16 - System Checkpoint
RP343: 11/18/2011 09:35:12 - System Checkpoint
RP344: 11/19/2011 10:19:31 - System Checkpoint
RP345: 11/20/2011 11:10:12 - System Checkpoint
RP346: 11/21/2011 12:09:29 - System Checkpoint
RP347: 11/22/2011 13:47:04 - System Checkpoint
RP348: 11/23/2011 14:49:18 - System Checkpoint
RP349: 11/24/2011 15:11:17 - System Checkpoint
RP350: 11/25/2011 15:44:49 - System Checkpoint
RP351: 11/26/2011 16:22:17 - System Checkpoint
RP352: 11/27/2011 18:02:49 - System Checkpoint
RP353: 11/28/2011 19:49:23 - System Checkpoint
RP354: 11/29/2011 17:59:56 - Removed Ad-Aware
RP355: 11/29/2011 19:55:53 - Removed Symantec AntiVirus
RP356: 11/29/2011 20:00:22 - Software Distribution Service 3.0
RP357: 12/1/2011 06:26:09 - System Checkpoint
RP358: 12/1/2011 13:16:12 - Software Distribution Service 3.0
RP359: 12/2/2011 13:34:26 - System Checkpoint
RP360: 12/2/2011 16:32:42 - Software Distribution Service 3.0
RP361: 12/3/2011 06:37:37 - Software Distribution Service 3.0
RP362: 12/4/2011 01:59:19 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.2
Apple Application Support
Apple Software Update
AutoFind 6 Common
Autofind 6 Crystal Reports Runtime
BioAPI Framework
Broadcom NetXtreme-I Netlink Driver and Management Installer
Cisco Systems VPN Client 5.0.04.0300
DCP32MMWrapper
Dell Control Point
Dell ControlPoint Security Manager
Dell ControlPoint System Manager
Dell Embassy Trust Suite by Wave Systems
Dell Security Device Driver Pack
Document Manager Lite
EMBASSY Security Center
EMBASSY Security Setup
ESC Home Page Plugin
ESET Online Scanner v3
Gemalto
Google Chrome
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB954708)
Intel® Matrix Storage Manager
InterActual Player
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 24
Map AGenT Pro
MapInfo MapX 4.0 OCX
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Milestone XProtect Smart Client 5.0d
Mozilla Firefox 8.0.1 (x86 en-US)
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6.0 Parser (KB927977)
NTRU TCG Software Stack
NVIDIA Control Panel 267.17
NVIDIA Graphics Driver 267.17
NVIDIA Install Application
NVIDIA nView 135.64
NVIDIA nView Desktop Manager
OGA Notifier 2.0.0048.0
PowerDVD DX
Preboot Manager
Private Information Manager
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE 10.3
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2483614)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Security Wizards
SO32MMWrapper
SoundMAX
Trusted Drive Manager
Tweak UI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Windows (KB971513)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB898461)
Update for Windows XP (KB961503)
Update for Windows XP (KB971029)
UPEK TouchChip Fingerprint Reader
VideoLAN VLC media player 0.8.6f
Wave Infrastructure Installer
Wave Support Software
WebFldrs XP
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
12/3/2011 05:18:14, error: PlugPlayManager [11] - The device Root\LEGACY_NPF\0000 disappeared from the system without first being prepared for removal.
12/3/2011 04:17:23, error: Service Control Manager [7034] - The BackupService service terminated unexpectedly. It has done this 1 time(s).
12/1/2011 16:27:17, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
12/1/2011 15:18:15, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
12/1/2011 14:04:12, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).
12/1/2011 14:01:10, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/1/2011 13:58:09, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/1/2011 06:10:44, error: Service Control Manager [7034] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).
12/1/2011 05:59:31, error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/29/2011 15:48:35, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/29/2011 05:15:14, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: eeCtrl Fips intelppm SAVRT SAVRTPEL SYMTDI
11/29/2011 05:13:22, error: NetBT [4311] - Initialization failed because the driver device could not be created.
11/29/2011 04:54:55, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/29/2011 04:31:37, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRT SAVRTPEL SYMTDI Tcpip
11/29/2011 04:31:37, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
11/29/2011 04:31:37, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/29/2011 04:31:37, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/29/2011 04:31:37, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
11/29/2011 03:00:51, error: System Error [1003] - Error code 10000050, parameter1 ad379000, parameter2 00000000, parameter3 80509973, parameter4 00000000.
.
==== End Of File ===========================