an 18 year old is always going where he should not.
mbam log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7955
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
10/15/2011 4:25:48 PM
mbam-log-2011-10-15 (16-25-25).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 269750
Time elapsed: 1 hour(s), 18 minute(s), 8 second(s)
Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 12
Registry Values Infected: 7
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 16
Memory Processes Infected:
c:\program files\mp3tube toolbar\mp3tubesvc.exe (Adware.Mp3Tube) -> 452 -> No action taken.
c:\program files\mp3tube toolbar\mp3tubevideotomp3.exe (Adware.Mp3Tube) -> 4928 -> No action taken.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mp3Tube Toolbar Service (Adware.Mp3Tube) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar (PUP.Zugo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\FREEZEFROGSA (Adware.FreezeFrog) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mp3Tube (Adware.Mp3Tube) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FREEzeFrogSA (Adware.FreezeFrog) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mp3Tube Toolbar (Adware.Mp3Tube) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HOMEPAGE PROTECTION SERVICE (Adware.Mp3Tube) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\QUESTSCAN (Adware.QuestScan) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\QUESTSCAN (Adware.QuestScan) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Value: {46897C77-E7A6-4C33-BFFB-E9C2E2718942} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Value: {46897C77-E7A6-4c33-BFFB-E9C2E2718942} -> No action taken.
HKEY_CURRENT_USER\Software\freezefrogsa\actionurl_current_version (Adware.FreezeFrog) -> Value: actionurl_current_version -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FREEzeFrogSA (Adware.FreezeFrog) -> Value: FREEzeFrogSA -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Homepage Protection Service\UninstallString (Adware.Mp3Tube) -> Value: UninstallString -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestScan\DisplayName (Adware.QuestScan) -> Value: DisplayName -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestScan\DllPath (Adware.QuestScan) -> Value: DllPath -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> No action taken.
c:\program files\mp3tube toolbar (Adware.Mp3Tube) -> No action taken.
c:\programdata\freezefrogsa (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0 (Adware.FreezeFrog) -> No action taken.
Files Infected:
c:\program files\mp3tube toolbar\mp3tubesvc.exe (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\mp3tubevideotomp3.exe (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\mp3tubetb.dll (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\ffmpeg.exe (Adware.Mp3Tube) -> No action taken.
c:\program files\questscan\questscan.exe (Adware.Agent.Gen) -> No action taken.
c:\program files\startnow toolbar\startnowtoolbaruninstall.exe (PUP.Zugo) -> No action taken.
c:\program files\mozilla firefox\searchplugins\Mp3Tube.xml (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\ShowMsg.exe (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\uninstall.exe (Adware.Mp3Tube) -> No action taken.
c:\programdata\freezefrogsa\freezefrogsa.dat (Adware.FreezeFrog) -> No action taken.
c:\programdata\freezefrogsa\freezefrogsaau.dat (Adware.FreezeFrog) -> No action taken.
c:\programdata\freezefrogsa\freezefrogsa_kyf.dat (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0\copyright.txt (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0\freezefrogsacb.exe (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0\freezefrogsahook.dll (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0\freezefroguninstaller.exe (Adware.FreezeFrog) -> No action taken.
GMER log:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-15 18:20:28
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK1665GSX rev.GJ002D
Running: v9hxckes.exe; Driver: C:\Users\Benjamin\AppData\Local\Temp\pwldqpow.sys
---- System - GMER 1.0.15 ----
SSDT 93EF31F0 ZwAlertResumeThread
SSDT 93EF3478 ZwAlertThread
SSDT 93F246C0 ZwAllocateVirtualMemory
SSDT 87AB58F0 ZwAlpcConnectPort
SSDT 94317710 ZwAssignProcessToJobObject
SSDT 94317620 ZwCreateMutant
SSDT 93EF33C8 ZwCreateSymbolicLinkObject
SSDT 93F02A98 ZwCreateThread
SSDT 94360B78 ZwDebugActiveProcess
SSDT 93F24890 ZwDuplicateObject
SSDT 93F244E0 ZwFreeVirtualMemory
SSDT 94317960 ZwImpersonateAnonymousToken
SSDT 94317D08 ZwImpersonateThread
SSDT 87AB5878 ZwLoadDriver
SSDT 93F243E0 ZwMapViewOfSection
SSDT 943173D8 ZwOpenEvent
SSDT 93F02960 ZwOpenProcess
SSDT 93F247B0 ZwOpenProcessToken
SSDT 94317218 ZwOpenSection
SSDT 93F02870 ZwOpenThread
SSDT 943178B0 ZwProtectVirtualMemory
SSDT 93EF3820 ZwResumeThread
SSDT 93F24130 ZwSetContextThread
SSDT 93F24210 ZwSetInformationProcess
SSDT 943170D0 ZwSetSystemInformation
SSDT 943172F8 ZwSuspendProcess
SSDT 93EF3D08 ZwSuspendThread
SSDT 93F02B78 ZwTerminateProcess
SSDT 93F24050 ZwTerminateThread
SSDT 93F24300 ZwUnmapViewOfSection
SSDT 93F245D0 ZwWriteVirtualMemory
SSDT 943175C8 ZwCreateThreadEx
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 11D 81CAF8A0 8 Bytes [F0, 31, EF, 93, 78, 34, EF, ...]
.text ntkrnlpa.exe!KeSetEvent + 131 81CAF8B4 4 Bytes [C0, 46, F2, 93] {ROL BYTE [ESI-0xe], 0x93}
.text ntkrnlpa.exe!KeSetEvent + 13D 81CAF8C0 4 Bytes [F0, 58, AB, 87]
.text ntkrnlpa.exe!KeSetEvent + 191 81CAF914 4 Bytes CALL B342099A
.text ntkrnlpa.exe!KeSetEvent + 1F5 81CAF978 4 Bytes [20, 76, 31, 94] {AND [ESI+0x31], DH; XCHG ESP, EAX}
.text ...
? System32\drivers\fnwuvhcd.sys The system cannot find the path specified. !
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8CE05340, 0x28B977, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe[160] USER32.dll!EndPaint 772BA28F 5 Bytes JMP 104A7D10 C:\Program Files\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
.text C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe[160] USER32.dll!BeginPaint 772BA2A3 5 Bytes JMP 104A7CA0 C:\Program Files\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74227817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7427A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7422BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7421F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [742275E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7421E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74258395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7422DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7421FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7421FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [742171CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [742ACAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7424C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7421D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74216853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7421687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74222AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
---- EOF - GMER 1.0.15 ----
Attach Log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume1
Install Date: 3/30/2011 3:32:53 PM
System Uptime: 10/15/2011 5:22:40 PM (1 hours ago)
.
Motherboard: Dell Inc. | |
Processor: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz | Microprocessor | 1000/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 89.663 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP149: 10/4/2011 9:46:35 AM - Device Driver Package Install: Xerox Printers
RP150: 10/8/2011 5:38:31 AM - Scheduled Checkpoint
RP151: 10/9/2011 2:54:50 AM - Scheduled Checkpoint
RP152: 10/10/2011 5:51:34 AM - Scheduled Checkpoint
RP153: 10/11/2011 12:00:09 AM - Scheduled Checkpoint
RP154: 10/12/2011 12:00:04 AM - Scheduled Checkpoint
RP155: 10/13/2011 7:14:47 AM - Scheduled Checkpoint
RP156: 10/14/2011 2:00:26 AM - Scheduled Checkpoint
RP157: 10/14/2011 3:00:28 AM - Windows Update
RP158: 10/15/2011 5:30:54 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Amazon Kindle
BFlix Toolbar
Crossrider Web Apps
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
IspAssistant-Mp3Tube
Java Auto Updater
Java(TM) 6 Update 26
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Mozilla Firefox 6.0.2 (x86 en-US)
RuneScape Launcher 1.0.4
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SwiftKit
Symantec Endpoint Protection
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Veoh Giraffic Video Accelerator
Veoh Web Player
VLC media player 1.0.1
Xerox Support Centre
Xvid Video Codec
Yontoo Layers Runtime 1.10.01
.
==== Event Viewer Messages From Past Week ========
.
10/9/2011 6:39:30 PM, Error: EventLog [6008] - The previous system shutdown at 6:33:53 PM on 10/9/2011 was unexpected.
10/15/2011 5:30:40 PM, Error: Microsoft-Windows-GroupPolicy [1058] - The processing of Group Policy failed. Windows attempted to read the file \\hedrick.local\sysvol\hedrick.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: a) Name Resolution/Network Connectivity to the current domain controller. b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). c) The Distributed File System (DFS) client has been disabled.
10/15/2011 5:30:36 PM, Error: Microsoft-Windows-GroupPolicy [1006] - The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
10/15/2011 5:23:59 PM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
10/15/2011 5:23:34 PM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain HEDRICK due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
10/15/2011 4:26:45 PM, Error: Service Control Manager [7034] - The Mp3Tube Toolbar Updater Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
DSS Log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/1/2011 6:52:25 PM
System Uptime: 10/15/2011 12:46:48 PM (2 hours ago)
.
Motherboard: FOXCONN | | 2AB1
Processor: AMD Phenom(tm) II X4 830 Processor | CPU 1 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 919 GiB total, 741.801 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1.585 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 466 GiB total, 75.073 GiB free.
J: is Removable
M: is NetworkDisk (NTFS) - 466 GiB total, 119.012 GiB free.
N: is Removable
S: is NetworkDisk (NTFS) - 466 GiB total, 119.012 GiB free.
Y: is NetworkDisk (NTFS) - 466 GiB total, 119.012 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C6100 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C6100 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 7300 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Officejet 7300 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
RP105: 9/28/2011 11:52:01 AM - Windows Update
RP106: 10/6/2011 12:05:19 AM - Scheduled Checkpoint
RP107: 10/13/2011 5:56:10 PM - Scheduled Checkpoint
RP108: 10/14/2011 10:03:56 AM - Windows Update
RP109: 10/14/2011 10:38:44 AM - Removed Java 2 Runtime Environment, SE v1.4.1_07
RP110: 10/14/2011 11:05:00 AM - Installed Java(TM) 6 Update 27
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7300
7300_Help
7300Trb
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Agatha Christie - Peril at End House
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Amazon Kindle
AMD VISION Engine Control Center
Apple Application Support
Apple Software Update
Bejeweled 2 Deluxe
Blackhawk Striker 2
Blasterball 3
Blio
BookHound 7ce 7.09
Bounce Symphony
BufferChm
Build-a-lot 2
C6100
c6100_Help
Cake Mania
CarMD
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Copy
CyberLink DVD Suite Deluxe
D3DX10
Destinations
DeviceDiscovery
Diner Dash 2 Restaurant Rescue
DocProc
Dora's World Adventure
DVD Menu Pack for HP MediaSmart Video
Escape Rosecliff Island
Family Tree Maker 2010
Farm Frenzy
FATE
Fax
Final Drive Nitro
Google Chrome
Google Earth Plug-in
Google SketchUp 8
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
GPL Ghostscript 8.64
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.1.1.0
HP Customer Experience Enhancements
HP Game Console
HP Games
HP MediaSmart DVD
HP MediaSmart Photo
HP MediaSmart Video
HP MediaSmart/TouchSmart Netflix
HP Odometer
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
HydraVision
InstaRate
Java Auto Updater
Java(TM) 6 Update 27
Jewel Quest Solitaire 2
Junk Mail filter update
Kobo
LabelPrint
LightScribe System Software
LiveUpdate 3.3 (Symantec Corporation)
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Microlife BPA 3.2 English
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Suite 2006
Microsoft Digital Image Suite 2006 Editor
Microsoft Digital Image Suite 2006 Library
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook Gadgets for Windows SideShow
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft WSE 3.0
Microsoft WSE 3.0 Runtime
Movie Theme Pack for HP MediaSmart Video
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Mystery P.I. - The London Caper
Norton Online Backup
OLYMPUS CAMEDIA Master 4.1
Online Hold'em Inspector 3.19d2
PDF Complete Special Edition
Penguins!
PictureMover
PixiePack Codec Pack
Plants vs. Zombies
PlayReady PC Runtime x86
Poker Superstars III
PokerTracker 3 (remove only)
Polar Bowler
Polar Golfer
PostgreSQL 8.3
PowerDirector
PressReader
QuickBooks
QuickBooks Pro 2009
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recovery Manager
RoboForm 7-5-5 (All Users)
Roxio BackOnTrack
Roxio Burn
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2011
Roxio PhotoShow
Roxio Video Capture USB
Scan
ScanToPDF 4.1
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SmartFTP Client Setup Files 4.0 (x64) (remove only)
SmartSound Common Data
SmartSound Quicktracks 5
SmartWebPrinting
SolutionCenter
Status
SupportSoft Assisted Service
SureThing CD Labeler Deluxe 5
SureThing CD Labeler SE - Sonic
TiVo Desktop 2.8.2
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Virtual Families
Virtual Villagers 4 - The Tree of Life
Visual Studio 2005 Tools for Office Second Edition Runtime
WebReg
Wheel of Fortune 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
10/15/2011 12:48:56 PM, Error: Service Control Manager [7000] - The AODDriver4.0 service failed to start due to the following error: The system cannot find the path specified.
10/15/2011 12:48:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
10/14/2011 10:54:22 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
10/14/2011 10:54:22 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
.
==== End Of File ===========================
mbam log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7955
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
10/15/2011 4:25:48 PM
mbam-log-2011-10-15 (16-25-25).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 269750
Time elapsed: 1 hour(s), 18 minute(s), 8 second(s)
Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 12
Registry Values Infected: 7
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 16
Memory Processes Infected:
c:\program files\mp3tube toolbar\mp3tubesvc.exe (Adware.Mp3Tube) -> 452 -> No action taken.
c:\program files\mp3tube toolbar\mp3tubevideotomp3.exe (Adware.Mp3Tube) -> 4928 -> No action taken.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mp3Tube Toolbar Service (Adware.Mp3Tube) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar (PUP.Zugo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\FREEZEFROGSA (Adware.FreezeFrog) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mp3Tube (Adware.Mp3Tube) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FREEzeFrogSA (Adware.FreezeFrog) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mp3Tube Toolbar (Adware.Mp3Tube) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HOMEPAGE PROTECTION SERVICE (Adware.Mp3Tube) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\QUESTSCAN (Adware.QuestScan) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\QUESTSCAN (Adware.QuestScan) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Value: {46897C77-E7A6-4C33-BFFB-E9C2E2718942} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Value: {46897C77-E7A6-4c33-BFFB-E9C2E2718942} -> No action taken.
HKEY_CURRENT_USER\Software\freezefrogsa\actionurl_current_version (Adware.FreezeFrog) -> Value: actionurl_current_version -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FREEzeFrogSA (Adware.FreezeFrog) -> Value: FREEzeFrogSA -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Homepage Protection Service\UninstallString (Adware.Mp3Tube) -> Value: UninstallString -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestScan\DisplayName (Adware.QuestScan) -> Value: DisplayName -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestScan\DllPath (Adware.QuestScan) -> Value: DllPath -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> No action taken.
c:\program files\mp3tube toolbar (Adware.Mp3Tube) -> No action taken.
c:\programdata\freezefrogsa (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0 (Adware.FreezeFrog) -> No action taken.
Files Infected:
c:\program files\mp3tube toolbar\mp3tubesvc.exe (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\mp3tubevideotomp3.exe (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\mp3tubetb.dll (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\ffmpeg.exe (Adware.Mp3Tube) -> No action taken.
c:\program files\questscan\questscan.exe (Adware.Agent.Gen) -> No action taken.
c:\program files\startnow toolbar\startnowtoolbaruninstall.exe (PUP.Zugo) -> No action taken.
c:\program files\mozilla firefox\searchplugins\Mp3Tube.xml (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\ShowMsg.exe (Adware.Mp3Tube) -> No action taken.
c:\program files\mp3tube toolbar\uninstall.exe (Adware.Mp3Tube) -> No action taken.
c:\programdata\freezefrogsa\freezefrogsa.dat (Adware.FreezeFrog) -> No action taken.
c:\programdata\freezefrogsa\freezefrogsaau.dat (Adware.FreezeFrog) -> No action taken.
c:\programdata\freezefrogsa\freezefrogsa_kyf.dat (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0\copyright.txt (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0\freezefrogsacb.exe (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0\freezefrogsahook.dll (Adware.FreezeFrog) -> No action taken.
c:\program files\freezefrog\bin\2.0.15.0\freezefroguninstaller.exe (Adware.FreezeFrog) -> No action taken.
GMER log:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-15 18:20:28
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK1665GSX rev.GJ002D
Running: v9hxckes.exe; Driver: C:\Users\Benjamin\AppData\Local\Temp\pwldqpow.sys
---- System - GMER 1.0.15 ----
SSDT 93EF31F0 ZwAlertResumeThread
SSDT 93EF3478 ZwAlertThread
SSDT 93F246C0 ZwAllocateVirtualMemory
SSDT 87AB58F0 ZwAlpcConnectPort
SSDT 94317710 ZwAssignProcessToJobObject
SSDT 94317620 ZwCreateMutant
SSDT 93EF33C8 ZwCreateSymbolicLinkObject
SSDT 93F02A98 ZwCreateThread
SSDT 94360B78 ZwDebugActiveProcess
SSDT 93F24890 ZwDuplicateObject
SSDT 93F244E0 ZwFreeVirtualMemory
SSDT 94317960 ZwImpersonateAnonymousToken
SSDT 94317D08 ZwImpersonateThread
SSDT 87AB5878 ZwLoadDriver
SSDT 93F243E0 ZwMapViewOfSection
SSDT 943173D8 ZwOpenEvent
SSDT 93F02960 ZwOpenProcess
SSDT 93F247B0 ZwOpenProcessToken
SSDT 94317218 ZwOpenSection
SSDT 93F02870 ZwOpenThread
SSDT 943178B0 ZwProtectVirtualMemory
SSDT 93EF3820 ZwResumeThread
SSDT 93F24130 ZwSetContextThread
SSDT 93F24210 ZwSetInformationProcess
SSDT 943170D0 ZwSetSystemInformation
SSDT 943172F8 ZwSuspendProcess
SSDT 93EF3D08 ZwSuspendThread
SSDT 93F02B78 ZwTerminateProcess
SSDT 93F24050 ZwTerminateThread
SSDT 93F24300 ZwUnmapViewOfSection
SSDT 93F245D0 ZwWriteVirtualMemory
SSDT 943175C8 ZwCreateThreadEx
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 11D 81CAF8A0 8 Bytes [F0, 31, EF, 93, 78, 34, EF, ...]
.text ntkrnlpa.exe!KeSetEvent + 131 81CAF8B4 4 Bytes [C0, 46, F2, 93] {ROL BYTE [ESI-0xe], 0x93}
.text ntkrnlpa.exe!KeSetEvent + 13D 81CAF8C0 4 Bytes [F0, 58, AB, 87]
.text ntkrnlpa.exe!KeSetEvent + 191 81CAF914 4 Bytes CALL B342099A
.text ntkrnlpa.exe!KeSetEvent + 1F5 81CAF978 4 Bytes [20, 76, 31, 94] {AND [ESI+0x31], DH; XCHG ESP, EAX}
.text ...
? System32\drivers\fnwuvhcd.sys The system cannot find the path specified. !
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8CE05340, 0x28B977, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe[160] USER32.dll!EndPaint 772BA28F 5 Bytes JMP 104A7D10 C:\Program Files\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
.text C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe[160] USER32.dll!BeginPaint 772BA2A3 5 Bytes JMP 104A7CA0 C:\Program Files\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74227817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7427A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7422BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7421F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [742275E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7421E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74258395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7422DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7421FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7421FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [742171CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [742ACAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7424C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7421D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74216853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7421687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[4028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74222AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
---- EOF - GMER 1.0.15 ----
Attach Log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume1
Install Date: 3/30/2011 3:32:53 PM
System Uptime: 10/15/2011 5:22:40 PM (1 hours ago)
.
Motherboard: Dell Inc. | |
Processor: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz | Microprocessor | 1000/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 89.663 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP149: 10/4/2011 9:46:35 AM - Device Driver Package Install: Xerox Printers
RP150: 10/8/2011 5:38:31 AM - Scheduled Checkpoint
RP151: 10/9/2011 2:54:50 AM - Scheduled Checkpoint
RP152: 10/10/2011 5:51:34 AM - Scheduled Checkpoint
RP153: 10/11/2011 12:00:09 AM - Scheduled Checkpoint
RP154: 10/12/2011 12:00:04 AM - Scheduled Checkpoint
RP155: 10/13/2011 7:14:47 AM - Scheduled Checkpoint
RP156: 10/14/2011 2:00:26 AM - Scheduled Checkpoint
RP157: 10/14/2011 3:00:28 AM - Windows Update
RP158: 10/15/2011 5:30:54 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Amazon Kindle
BFlix Toolbar
Crossrider Web Apps
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
IspAssistant-Mp3Tube
Java Auto Updater
Java(TM) 6 Update 26
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Mozilla Firefox 6.0.2 (x86 en-US)
RuneScape Launcher 1.0.4
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SwiftKit
Symantec Endpoint Protection
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Veoh Giraffic Video Accelerator
Veoh Web Player
VLC media player 1.0.1
Xerox Support Centre
Xvid Video Codec
Yontoo Layers Runtime 1.10.01
.
==== Event Viewer Messages From Past Week ========
.
10/9/2011 6:39:30 PM, Error: EventLog [6008] - The previous system shutdown at 6:33:53 PM on 10/9/2011 was unexpected.
10/15/2011 5:30:40 PM, Error: Microsoft-Windows-GroupPolicy [1058] - The processing of Group Policy failed. Windows attempted to read the file \\hedrick.local\sysvol\hedrick.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: a) Name Resolution/Network Connectivity to the current domain controller. b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). c) The Distributed File System (DFS) client has been disabled.
10/15/2011 5:30:36 PM, Error: Microsoft-Windows-GroupPolicy [1006] - The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
10/15/2011 5:23:59 PM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
10/15/2011 5:23:34 PM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain HEDRICK due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
10/15/2011 4:26:45 PM, Error: Service Control Manager [7034] - The Mp3Tube Toolbar Updater Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
DSS Log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/1/2011 6:52:25 PM
System Uptime: 10/15/2011 12:46:48 PM (2 hours ago)
.
Motherboard: FOXCONN | | 2AB1
Processor: AMD Phenom(tm) II X4 830 Processor | CPU 1 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 919 GiB total, 741.801 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1.585 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 466 GiB total, 75.073 GiB free.
J: is Removable
M: is NetworkDisk (NTFS) - 466 GiB total, 119.012 GiB free.
N: is Removable
S: is NetworkDisk (NTFS) - 466 GiB total, 119.012 GiB free.
Y: is NetworkDisk (NTFS) - 466 GiB total, 119.012 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C6100 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C6100 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 7300 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Officejet 7300 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
RP105: 9/28/2011 11:52:01 AM - Windows Update
RP106: 10/6/2011 12:05:19 AM - Scheduled Checkpoint
RP107: 10/13/2011 5:56:10 PM - Scheduled Checkpoint
RP108: 10/14/2011 10:03:56 AM - Windows Update
RP109: 10/14/2011 10:38:44 AM - Removed Java 2 Runtime Environment, SE v1.4.1_07
RP110: 10/14/2011 11:05:00 AM - Installed Java(TM) 6 Update 27
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7300
7300_Help
7300Trb
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Agatha Christie - Peril at End House
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Amazon Kindle
AMD VISION Engine Control Center
Apple Application Support
Apple Software Update
Bejeweled 2 Deluxe
Blackhawk Striker 2
Blasterball 3
Blio
BookHound 7ce 7.09
Bounce Symphony
BufferChm
Build-a-lot 2
C6100
c6100_Help
Cake Mania
CarMD
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Copy
CyberLink DVD Suite Deluxe
D3DX10
Destinations
DeviceDiscovery
Diner Dash 2 Restaurant Rescue
DocProc
Dora's World Adventure
DVD Menu Pack for HP MediaSmart Video
Escape Rosecliff Island
Family Tree Maker 2010
Farm Frenzy
FATE
Fax
Final Drive Nitro
Google Chrome
Google Earth Plug-in
Google SketchUp 8
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
GPL Ghostscript 8.64
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.1.1.0
HP Customer Experience Enhancements
HP Game Console
HP Games
HP MediaSmart DVD
HP MediaSmart Photo
HP MediaSmart Video
HP MediaSmart/TouchSmart Netflix
HP Odometer
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
HydraVision
InstaRate
Java Auto Updater
Java(TM) 6 Update 27
Jewel Quest Solitaire 2
Junk Mail filter update
Kobo
LabelPrint
LightScribe System Software
LiveUpdate 3.3 (Symantec Corporation)
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Microlife BPA 3.2 English
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Suite 2006
Microsoft Digital Image Suite 2006 Editor
Microsoft Digital Image Suite 2006 Library
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook Gadgets for Windows SideShow
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft WSE 3.0
Microsoft WSE 3.0 Runtime
Movie Theme Pack for HP MediaSmart Video
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Mystery P.I. - The London Caper
Norton Online Backup
OLYMPUS CAMEDIA Master 4.1
Online Hold'em Inspector 3.19d2
PDF Complete Special Edition
Penguins!
PictureMover
PixiePack Codec Pack
Plants vs. Zombies
PlayReady PC Runtime x86
Poker Superstars III
PokerTracker 3 (remove only)
Polar Bowler
Polar Golfer
PostgreSQL 8.3
PowerDirector
PressReader
QuickBooks
QuickBooks Pro 2009
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recovery Manager
RoboForm 7-5-5 (All Users)
Roxio BackOnTrack
Roxio Burn
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2011
Roxio PhotoShow
Roxio Video Capture USB
Scan
ScanToPDF 4.1
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SmartFTP Client Setup Files 4.0 (x64) (remove only)
SmartSound Common Data
SmartSound Quicktracks 5
SmartWebPrinting
SolutionCenter
Status
SupportSoft Assisted Service
SureThing CD Labeler Deluxe 5
SureThing CD Labeler SE - Sonic
TiVo Desktop 2.8.2
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Virtual Families
Virtual Villagers 4 - The Tree of Life
Visual Studio 2005 Tools for Office Second Edition Runtime
WebReg
Wheel of Fortune 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
10/15/2011 12:48:56 PM, Error: Service Control Manager [7000] - The AODDriver4.0 service failed to start due to the following error: The system cannot find the path specified.
10/15/2011 12:48:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
10/14/2011 10:54:22 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
10/14/2011 10:54:22 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
.
==== End Of File ===========================