Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.01.31.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Taylor Bills :: DFXX6GK1 [administrator]
1/31/2012 10:39:25 AM
mbam-log-2012-01-31 (10-39-25).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System |
Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225966
Time elapsed: 20 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
GMER 1.0.15.15641 -
http://www.gmer.net
Rootkit quick scan 2012-01-31 11:28:54
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 ->
\Device\Ide\IdeDeviceP0T0L0-3 ST3250318AS rev.CC45
Running: gmer.exe; Driver:
C:\DOCUME~1\TAYLOR~1\LOCALS~1\Temp\awlyapog.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 TDL4@MBR
code has been found <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 00:
rootkit-like behavior
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0
89A822C6
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP0T0L0-3
89A822C6
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1
89A822C6
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-e
89A822C6
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15641 -
http://www.gmer.net
Rootkit scan 2012-01-31 11:56:49
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 ->
\Device\Ide\IdePort0 ST3250318AS rev.CC45
Running: gmer.exe; Driver:
C:\DOCUME~1\TAYLOR~1\LOCALS~1\Temp\awlyapog.sys
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\svchost.exe[612]
kernel32.dll!WriteFile 7C810E27 5 Bytes JMP 006A000C
.text C:\WINDOWS\system32\svchost.exe[612]
USER32.dll!GetCursorPos 7E42974E 5 Bytes JMP 00D7000A
.text C:\WINDOWS\system32\svchost.exe[612]
USER32.dll!WindowFromPoint 7E429766 5 Bytes JMP 00D8000A
.text C:\WINDOWS\system32\svchost.exe[612]
USER32.dll!GetForegroundWindow 7E429823 5 Bytes JMP 00D9000A
.text C:\WINDOWS\system32\svchost.exe[612]
ole32.dll!CoCreateInstance 774FF1BC 5 Bytes JMP 00C9000A
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0
89A842C6
Device \Driver\atapi -> DriverStartIo
\Device\Ide\IdeDeviceP0T0L0-3 89A842C6
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1
89A842C6
Device \Driver\atapi -> DriverStartIo
\Device\Ide\IdeDeviceP1T0L0-e 89A842C6
Device \FileSystem\Fastfat \Fat
B7618D20
AttachedDevice \FileSystem\Fastfat \Fat
fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0
TDL4@MBR code has been found <--
ROOTKIT !!!
Disk \Device\Harddisk0\DR0
sector 00: rootkit-like behavior
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_17
Run by Taylor Bills at 12:02:14 on 2012-01-31
Microsoft Windows XP Professional
5.1.2600.3.1252.1.1033.18.2046.1211 [GMT -5:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated*
{17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated*
{EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.live.com
mDefault_Page_URL = hxxp://www.dell.com
mStart Page = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} -
c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection:
{53707962-6f74-2d53-2644-206d7942484f} -
c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} -
c:\program files\microsoft\search enhancement pack\search
helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper:
{9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program
files\common files\microsoft shared\windows
live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar:
{95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg
secure search\9.0.0.18\AVG Secure Search_toolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper:
{dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program
files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper:
{e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program
files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class:
{e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program
files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar:
{21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program
files\windows live\toolbar\wltcore.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233}
- c:\program files\avg secure search\9.0.0.18\AVG Secure
Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe"
/background
mRun: [SoundMAXPnP] c:\program files\analog
devices\core\smax4pnp.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe"
-hide -runkey
mRun: [NvCplDaemon] RUNDLL32.EXE
c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
-login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe
/installquiet
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
dRun: [DWQueuedReporting]
"c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program
files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program
files\windows live\writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
{53707962-6F74-2D53-2644-206D7942484F} -
c:\progra~1\spybot~1\SDHelper.dll
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4D51455C-A513-40AB-97C0-57B8FB5954A6} :
DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
c:\program files\avg\avg9\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -
c:\program files\common files\avg secure
search\viprotocolinstaller\9.0.1\ViProtocol.dll
Notify: avgrsstarter - avgrsstx.dll
SEH: Windows Desktop Search Namespace Manager:
{56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program
files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1
www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\taylor bills\application
data\mozilla\firefox\profiles\ccjlh1nj.default\
FF - prefs.js: keyword.URL -
hxxp://isearch.avg.com/search?cid=%7B74010240-18c6-4919-a5fc-72
4b6bd4c12e%7D&mid=673eb5a2634298266b1eb8818f5e061c-159fe39
ce932a5d91e36590ab67d288bc0130b56&ds=AVG&v=9.0.0.18.1&lang
=us&pr=fr&d=2011-12-12%2013%3A01%3A56&sap=ku&q=
FF - component: c:\documents and settings\all users\application
data\avg secure search\9.0.0.18\components\toolbarhomewmp.dll
FF - component: c:\program
files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\program files\microsoft
silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SFAUDIO;Sonic Focus DSP
Driver;c:\windows\system32\drivers\sfaudio.sys [2009-12-8 24064]
R1 AvgLdx86;AVG Free AVI Loader Driver
x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-25 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver
x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-25 29712]
R1 AvgTdiX;AVG Free Network
Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-25
243152]
R1 MpFilter;Microsoft Malware Protection
Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24
165648]
R3 k57w2k;Broadcom NetLink (TM) Gigabit
Ethernet;c:\windows\system32\drivers\k57xp32.sys [2009-12-8
176640]
R3 pneteth;PdaNet
Broadband;c:\windows\system32\drivers\pneteth.sys [2011-11-27
13440]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter
Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2011-8-20
642432]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys
[2011-8-20 50704]
S4 AVG Security Toolbar Service;AVG Security Toolbar
Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe
[2010-10-26 167264]
S4 avg9emc;AVG Free E-mail Scanner;c:\program
files\avg\avg9\avgemc.exe [2010-7-15 921952]
S4 avg9wd;AVG Free WatchDog;c:\program
files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
S4 LiveTurbineMessageService;Turbine Message Service -
Live;"c:\program files\turbine\turbine download
manager\turbinemessageservice.exe" --> c:\program
files\turbine\turbine download manager\TurbineMessageService.exe
[?]
S4 LiveTurbineNetworkService;Turbine Network Service -
Live;"c:\program files\turbine\turbine download
manager\turbinenetworkservice.exe" --> c:\program
files\turbine\turbine download manager\TurbineNetworkService.exe
[?]
S4 nvUpdatusService;NVIDIA Update Service Daemon;c:\program
files\nvidia corporation\nvidia updatus\daemonu.exe [2011-9-17
2253120]
S4 vToolbarUpdater;vToolbarUpdater;c:\program files\common
files\avg secure search\vtoolbarupdater\9.0.1\ToolbarUpdater.exe
[2011-12-12 855904]
S4 WSWNA3100;WSWNA3100;c:\program
files\netgear\wna3100\WifiSvc.exe [2011-8-20 285152]
.
=============== Created Last 30 ================
.
2012-01-31 16:58:44 6557240 ----a-w- c:\documents and
settings\all users\application data\microsoft\microsoft
antimalware\definition
updates\{a43fafb3-1361-4ef1-bc55-b6e70f8ad4be}\mpengine.dll
2012-01-31 15:37:58 20464 ----a-w-
c:\windows\system32\drivers\mbam.sys
2012-01-31 15:31:13 -------- d-----w- c:\documents and
settings\taylor bills\local settings\application data\PCHealth
2012-01-24 15:17:48 -------- d-----w-
c:\windows\system32\wbem\repository\FS
2012-01-24 15:17:48 -------- d-----w-
c:\windows\system32\wbem\Repository
.
==================== Find3M
====================
.
2011-12-08 09:34:43 404640 ----a-w-
c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-05 19:08:54 286052 ----a-w-
c:\windows\system32\nvdrsdb1.bin
2011-12-05 19:08:54 286052 ----a-w-
c:\windows\system32\nvdrsdb0.bin
2011-12-05 19:08:54 1 ----a-w-
c:\windows\system32\nvdrssel.bin
2011-11-25 05:26:04 13440 ----a-w-
c:\windows\system32\drivers\pneteth.sys
2011-11-23 13:29:56 1868544 ----a-w-
c:\windows\system32\win32k.sys
.
=================== ROOTKIT
====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer,
http://www.gmer.net
Windows 5.1.2600 Disk: ST3250318AS rev.CC45 -> Harddisk0\DR0 ->
\Device\Ide\IdeDeviceP0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN
[0x89A6D49F]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8];
CMP EAX, [0x89a74738]; MOV EAX, [0x89a748ac]; PUSH EBX; PUSH
ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20;
MOV [EBP+0x8], EAX; }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] ->
\Device\Harddisk0\DR0[0x89DF1AB8]
3 CLASSPNP[0xB80E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] ->
[0x89CBE228]
\Driver\atapi[0x89D11AE8] -> IRP_MJ_CREATE -> 0x89A6D49F
error: Read A device attached to the system is not functioning.
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX;
MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ;
REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV
BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x89A6D2C6
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 12:04:47.39 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 12/25/2009 9:07:05 AM
System Uptime: 1/31/2012 11:57:15 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0T656F
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz | CPU |
2925/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 165.379 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP545: 10/16/2011 12:58:58 AM - Software Distribution Service 3.0
RP546: 10/17/2011 1:54:02 AM - System Checkpoint
RP547: 10/17/2011 11:11:27 AM - Software Distribution Service 3.0
RP548: 10/18/2011 11:11:22 AM - Software Distribution Service 3.0
RP549: 10/19/2011 11:10:57 AM - Software Distribution Service 3.0
RP550: 10/20/2011 11:10:54 AM - Software Distribution Service 3.0
RP551: 10/21/2011 11:10:54 AM - Software Distribution Service 3.0
RP552: 10/22/2011 11:11:07 AM - Software Distribution Service 3.0
RP553: 10/23/2011 3:25:03 AM - Software Distribution Service 3.0
RP554: 10/24/2011 12:51:37 AM - Software Distribution Service 3.0
RP555: 10/24/2011 9:07:47 AM - Avg Update
RP556: 10/25/2011 12:51:29 AM - Software Distribution Service 3.0
RP557: 10/26/2011 12:51:20 AM - Software Distribution Service 3.0
RP558: 10/27/2011 12:51:02 AM - Software Distribution Service 3.0
RP559: 10/28/2011 12:52:45 AM - Software Distribution Service 3.0
RP560: 10/31/2011 11:43:19 PM - Software Distribution Service 3.0
RP561: 11/1/2011 11:38:05 PM - Software Distribution Service 3.0
RP562: 11/2/2011 11:38:12 PM - Software Distribution Service 3.0
RP563: 11/3/2011 11:38:10 PM - Software Distribution Service 3.0
RP564: 11/4/2011 11:39:18 PM - Software Distribution Service 3.0
RP565: 11/5/2011 10:38:43 PM - Software Distribution Service 3.0
RP566: 11/6/2011 1:23:42 AM - Software Distribution Service 3.0
RP567: 11/7/2011 2:45:50 AM - System Checkpoint
RP568: 11/7/2011 3:14:20 AM - Software Distribution Service 3.0
RP569: 11/8/2011 3:13:57 AM - Software Distribution Service 3.0
RP570: 11/9/2011 3:13:55 AM - Software Distribution Service 3.0
RP571: 11/10/2011 3:00:18 AM - Software Distribution Service 3.0
RP572: 11/10/2011 5:04:52 AM - Software Distribution Service 3.0
RP573: 11/11/2011 3:00:15 AM - Software Distribution Service 3.0
RP574: 11/11/2011 10:03:07 AM - Software Distribution Service 3.0
RP575: 11/12/2011 9:56:10 AM - Software Distribution Service 3.0
RP576: 11/13/2011 2:24:59 AM - Software Distribution Service 3.0
RP577: 11/13/2011 9:56:08 AM - Software Distribution Service 3.0
RP578: 11/14/2011 9:56:11 AM - Software Distribution Service 3.0
RP579: 11/15/2011 9:56:17 AM - Software Distribution Service 3.0
RP580: 11/16/2011 9:56:19 AM - Software Distribution Service 3.0
RP581: 11/17/2011 9:56:14 AM - Software Distribution Service 3.0
RP582: 11/18/2011 9:56:24 AM - Software Distribution Service 3.0
RP583: 11/19/2011 9:56:20 AM - Software Distribution Service 3.0
RP584: 11/20/2011 1:43:38 AM - Software Distribution Service 3.0
RP585: 11/21/2011 6:39:01 AM - System Checkpoint
RP586: 11/22/2011 12:21:04 AM - Software Distribution Service 3.0
RP587: 11/23/2011 12:20:55 AM - Software Distribution Service 3.0
RP588: 11/24/2011 12:20:59 AM - Software Distribution Service 3.0
RP589: 11/25/2011 2:54:19 AM - System Checkpoint
RP590: 11/25/2011 5:56:46 PM - Software Distribution Service 3.0
RP591: 11/27/2011 10:42:17 PM - Unsigned driver install
RP592: 11/28/2011 1:50:05 AM - Software Distribution Service 3.0
RP593: 11/29/2011 7:12:23 AM - Software Distribution Service 3.0
RP594: 11/30/2011 8:06:29 AM - System Checkpoint
RP595: 11/30/2011 8:43:51 AM - Software Distribution Service 3.0
RP596: 12/1/2011 9:27:15 AM - Software Distribution Service 3.0
RP597: 12/2/2011 11:38:56 AM - Avg Update
RP598: 12/2/2011 11:43:08 AM - Software Distribution Service 3.0
RP599: 12/3/2011 2:27:52 PM - Software Distribution Service 3.0
RP600: 12/4/2011 2:28:01 AM - Software Distribution Service 3.0
RP601: 12/5/2011 1:21:27 PM - Software Distribution Service 3.0
RP602: 12/5/2011 2:03:45 PM - Removed Broadcom Management
Programs.
RP603: 12/5/2011 2:05:22 PM - Removed QuickTime
RP604: 12/6/2011 4:02:24 PM - Software Distribution Service 3.0
RP605: 12/7/2011 4:42:28 PM - Software Distribution Service 3.0
RP606: 12/9/2011 12:08:26 AM - Software Distribution Service 3.0
RP607: 12/10/2011 11:35:39 AM - Software Distribution Service 3.0
RP608: 12/11/2011 5:33:55 PM - Software Distribution Service 3.0
RP609: 12/12/2011 1:01:41 PM - Avg Update
RP610: 12/12/2011 11:54:25 PM - Software Distribution Service 3.0
RP611: 12/13/2011 1:37:33 PM - Avg Update
RP612: 12/14/2011 1:04:24 PM - Software Distribution Service 3.0
RP613: 12/14/2011 8:25:31 PM - Software Distribution Service 3.0
RP614: 12/15/2011 7:21:19 PM - Software Distribution Service 3.0
RP615: 12/16/2011 11:58:01 PM - Software Distribution Service 3.0
RP616: 12/18/2011 3:16:38 AM - Software Distribution Service 3.0
RP617: 12/19/2011 8:01:56 PM - Software Distribution Service 3.0
RP618: 12/20/2011 8:32:43 PM - System Checkpoint
RP619: 12/21/2011 4:03:12 PM - Software Distribution Service 3.0
RP620: 12/22/2011 11:44:03 PM - Software Distribution Service 3.0
RP621: 12/24/2011 2:12:14 PM - Software Distribution Service 3.0
RP622: 12/26/2011 4:22:38 PM - Software Distribution Service 3.0
RP623: 12/27/2011 3:00:18 AM - Software Distribution Service 3.0
RP624: 12/28/2011 3:45:43 AM - Software Distribution Service 3.0
RP625: 12/29/2011 3:52:23 AM - System Checkpoint
RP626: 12/29/2011 3:42:03 PM - Software Distribution Service 3.0
RP627: 12/30/2011 11:36:01 PM - Software Distribution Service 3.0
RP628: 1/1/2012 6:27:11 PM - Software Distribution Service 3.0
RP629: 1/2/2012 8:00:11 PM - System Checkpoint
RP630: 1/3/2012 1:21:43 AM - Software Distribution Service 3.0
RP631: 1/4/2012 1:39:55 AM - System Checkpoint
RP632: 1/4/2012 3:57:59 PM - Software Distribution Service 3.0
RP633: 1/5/2012 3:59:39 PM - System Checkpoint
RP634: 1/5/2012 11:42:26 PM - Software Distribution Service 3.0
RP635: 1/7/2012 1:36:28 AM - Software Distribution Service 3.0
RP636: 1/8/2012 1:58:45 AM - Software Distribution Service 3.0
RP637: 1/12/2012 6:17:13 PM - Software Distribution Service 3.0
RP638: 1/12/2012 7:39:59 PM - Software Distribution Service 3.0
RP639: 1/13/2012 8:01:47 PM - System Checkpoint
RP640: 1/13/2012 11:06:22 PM - Software Distribution Service 3.0
RP641: 1/15/2012 12:42:09 PM - Software Distribution Service 3.0
RP642: 1/24/2012 10:11:25 AM - Restore Operation
RP643: 1/24/2012 10:24:19 AM - Software Distribution Service 3.0
RP644: 1/27/2012 2:44:49 PM - Software Distribution Service 3.0
RP645: 1/30/2012 12:22:27 PM - Software Distribution Service 3.0
RP646: 1/31/2012 3:00:16 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Apple Mobile Device Support
Apple Software Update
AVG Free 9.0
Bonjour
Free PDF Tablet 0.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB953955)
Hotfix for Windows XP (KB954434)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB958347)
Hotfix for Windows XP (KB959252)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB968764)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Java(TM) 6 Update 17
Junk Mail filter update
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2000 Professional
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WinUsb 1.0
Mozilla Firefox (3.6.25)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB927977)
NETGEAR WNA3100 wireless USB 2.0 adapter
NVIDIA Control Panel 285.58
NVIDIA Graphics Driver 285.58
NVIDIA Install Application
NVIDIA nView 135.95
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.11.0621
NVIDIA Update 1.5.20
NVIDIA Update Components
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2482017)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2559049)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2586448)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618444)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Skype™ 5.5
Spybot - Search & Destroy
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB898461)
Update for Windows XP (KB951618-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Ventrilo Client
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Presentation Foundation
Windows Search 4.0
World of Warcraft
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
1/27/2012 2:50:59 PM, error: DCOM [10005] - DCOM got error
"%1058" attempting to start the service SeaPort with arguments
"-Service" in order to run the server:
{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
1/27/2012 2:46:48 PM, error: Windows Update Agent [20] -
Installation Failure: Windows failed to install the following update with
error 0x80070643: Security Update for Microsoft .NET Framework 3.5
SP1 on Windows XP, Server 2003, Vista, Server 2008 x86
(KB2657424).
1/27/2012 2:46:35 PM, error: Windows Update Agent [20] -
Installation Failure: Windows failed to install the following update with
error 0x80070643: Security Update for Microsoft .NET Framework 1.1
SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86
(KB2656353).
1/27/2012 2:46:27 PM, error: Windows Update Agent [20] -
Installation Failure: Windows failed to install the following update with
error 0x80070643: Security Update for Microsoft Visual C++ 2005
Service Pack 1 Redistributable Package (KB973923).
1/27/2012 2:46:27 PM, error: Windows Update Agent [20] -
Installation Failure: Windows failed to install the following update with
error 0x80070643: Security Update for Microsoft .NET Framework 2.0
SP2 on Windows Server 2003 and Windows XP x86 (KB2656352).
1/24/2012 10:20:10 AM, error: Service Control Manager [7024] - The
Windows Search service terminated with service-specific error
2147749155 (0x80040D23).
1/24/2012 10:11:27 AM, error: DCOM [10005] - DCOM got error
"%1084" attempting to start the service EventSystem with arguments
"" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
1/24/2012 10:08:41 AM, error: DCOM [10005] - DCOM got error
"%1084" attempting to start the service netman with arguments "" in
order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/24/2012 10:08:28 AM, error: Service Control Manager [7026] - The
following boot-start or system-start driver(s) failed to load: AFD
AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec MpFilter MRxSmb
NetBIOS NetBT RasAcd Rdbss Tcpip
1/24/2012 10:08:28 AM, error: Service Control Manager [7001] - The
TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: A device attached to the
system is not functioning.
1/24/2012 10:08:28 AM, error: Service Control Manager [7001] - The
IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: A device attached to the
system is not functioning.
1/24/2012 10:08:27 AM, error: Service Control Manager [7001] - The
DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: A device attached
to the system is not functioning.
1/24/2012 10:08:27 AM, error: Service Control Manager [7001] - The
DHCP Client service depends on the NetBios over Tcpip service which
failed to start because of the following error: A device attached to the
system is not functioning.
.
==== End Of File ===========================