MBAM Log:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.15.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
khermanson :: ADELEP [administrator]
11/15/2012 9:40:45 AM
mbam-log-2012-11-15 (09-40-45).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 715901
Time elapsed: 1 hour(s), 48 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\System Volume Information\_restore{55356021-C966-4E4B-A715-75105CF0B9C7}\RP822\A0048509.exe (Trojan.LameShield) -> Quarantined and deleted successfully.
(end)
GMER.LOG
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-11-15 11:58:13
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST380011A rev.8.16
Running: krnkffun.exe; Driver: C:\DOCUME~1\ADMIN~1.LSN\LOCALS~1\Temp\uxtdrpod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
---- EOF - GMER 1.0.15 ----
DDS logs:
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.7.2
Run by admin at 13:01:18 on 2012-11-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.519 [GMT -6:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
============== Running Processes ================
.
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\WINNT\System32\alg.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINNT\system32\hphmon05.exe
C:\WINNT\system32\hkcmd.exe
C:\WINNT\system32\igfxpers.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINNT\system32\ctfmon.exe
C:\WINNT\system32\igfxsrvc.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\system32\svchost.exe -k DcomLaunch
C:\WINNT\system32\svchost.exe -k rpcss
C:\WINNT\System32\svchost.exe -k netsvcs
C:\WINNT\system32\svchost.exe -k NetworkService
C:\WINNT\system32\svchost.exe -k LocalService
C:\WINNT\system32\svchost.exe -k LocalService
C:\WINNT\system32\svchost.exe -k netsvcs
C:\WINNT\System32\svchost.exe -k HPZ12
C:\WINNT\System32\svchost.exe -k HPZ12
C:\WINNT\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.legalassist.org/
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: <No Name>: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AcroIEToolbarHelper Class: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
mRun: [Synchronization Manager] mobsync.exe /logon
mRun: [SC_DAEMON] "c:\program files\mailshell spamcatcher universal desktop client\sc_daemon.exe"
mRun: [OE_Plugin_Startup] "c:\program files\mailshell spamcatcher universal desktop client\Launcher.exe"
mRun: [Share-to-Web Namespace Daemon] c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HPDJ Taskbar Utility] c:\winnt\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [HPHUPD05] c:\program files\hewlett-packard\\{5372b9a6-6e51-4f90-9b40-e0a3b8475c4e}\hphupd05.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe"
mRun: [HPHmon05] c:\winnt\system32\hphmon05.exe
mRun: [igfxtray] c:\winnt\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\winnt\system32\hkcmd.exe
mRun: [igfxpers] c:\winnt\system32\igfxpers.exe
mRun: [QuickFinder Scheduler] "c:\program files\corel\wordperfect office x4\programs\QFSCHD140.EXE"
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
dRunOnce: [^SetupICWDesktop] c:\program files\internet explorer\connection wizard\icwconn1.exe /desktop
dRunOnce: [tscuninstall] c:\winnt\system32\tscupgrd.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\winnt\installer\{ac76ba86-1033-0000-ba7e-000000000002}\SC_Acrobat.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Windows\System: CompatibleRUPSecurity = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Open with WordPerfect - c:\program files\corel\wordperfect office x4\programs\WPLauncher.hta
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxp://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - hxxp://software-dl.real.com/157d37c333621a912406/netzip/RdxIE601.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1132007159500
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132065967140
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} - hxxps://www1.gotomeeting.com/default/applets/g2mdlax.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
TCP: Interfaces\{730475C2-769E-4930-BEDB-799399D41193} : NameServer = 192.168.2.4,192.168.2.5,192.168.2.6
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: igfxcui - igfxdev.dll
Notify: PCANotify - PCANotify.dll
Notify: wzcnotif - wzcdlg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winnt\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\admin.lsnd\application data\mozilla\firefox\profiles\6x6or03l.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.legalassist.org/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\winnt\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\winnt\system32\npDeployJava1.dll
FF - plugin: c:\winnt\system32\npptools.dll
FF - ExtSQL: 2012-10-10 17:08; {0153E448-190B-4987-BDE1-F256CADA672F}; c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
.
============= SERVICES / DRIVERS ===============
.
R0 Achernar;Achernar - SCSI Command Filters;c:\winnt\system32\drivers\Achernar.sys [2006-4-24 16855]
R1 AW_HOST;AW_HOST;c:\winnt\system32\drivers\AW_HOST5.sys [2003-10-23 16984]
R2 awhost32;pcAnywhere Host Service;c:\program files\symantec\pcanywhere\awhost32.exe [2005-5-20 106496]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2011-6-2 108392]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2011-6-2 108392]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2011-6-2 1839776]
R3 Aldebaran;Aldebaran - SCSI Command Filters;c:\winnt\system32\drivers\Aldebaran.sys [2006-4-24 21808]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-9-27 106656]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20121114.008\NAVENG.SYS [2012-11-15 92704]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20121114.008\NAVEX15.SYS [2012-11-15 1601184]
S3 COH_Mon;COH_Mon;c:\winnt\system32\drivers\COH_Mon.sys [2011-6-2 23888]
S3 NPF;WinPcap Packet Driver (NPF);c:\winnt\system32\drivers\npf.sys [2012-11-14 50704]
S3 usbhub20;USB 2.0 Root Hub Support;c:\winnt\system32\drivers\usbhub20.sys [2005-11-14 49776]
S3 VPREMOTE;VPRemote Install Bootstrap Service;c:\temp\clt-inst\vpremote.exe --> c:\temp\clt-inst\vpremote.exe [?]
S4 SpamCatcherUniversal;SpamCatcherUniversal;"c:\program files\mailshell spamcatcher universal desktop client\spamcatcher.exe" -d "c:\program files\mailshell spamcatcher universal desktop client\conf\\" --> c:\program files\mailshell spamcatcher universal desktop client\spamcatcher.exe [?]
.
=============== File Associations ===============
.
ShellExec: LightningViewer.exe: View="c:\program files\corel\wordperfect lightning\programs\LightningNavigator.exe" "-ViewDocument" "%1"
ShellExec: wordpad.exe: print="c:\program files\windows nt\accessories\WORDPAD.EXE"/p "%1"
ShellExec: wordpad.exe: printto="c:\program files\windows nt\accessories\WORDPAD.EXE"/pt "%1" "%2" "%3" "%4"
.
=============== Created Last 30 ================
.
2012-11-15 13:28:33 -------- d-sha-r- C:\cmdcons
2012-11-15 13:22:28 98816 ----a-w- c:\winnt\sed.exe
2012-11-15 13:22:28 256000 ----a-w- c:\winnt\PEV.exe
2012-11-15 13:22:28 208896 ----a-w- c:\winnt\MBR.exe
2012-11-15 13:22:14 -------- d-s---w- C:\ComboFix
2012-11-14 20:33:07 -------- d-----w- c:\documents and settings\admin.lsnd\application data\Malwarebytes
2012-11-14 20:32:39 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-11-14 20:32:26 22856 ----a-w- c:\winnt\system32\drivers\mbam.sys
2012-11-14 20:32:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-14 18:50:36 -------- d-----w- c:\documents and settings\all users\application data\AC62295460A1D4A80000AC617CFDDFA4
2012-11-14 18:49:47 50704 ----a-w- c:\winnt\system32\drivers\npf.sys
2012-11-14 18:49:46 281104 ----a-w- c:\winnt\system32\wpcap.dll
2012-11-14 18:49:45 100880 ----a-w- c:\winnt\system32\Packet.dll
.
==================== Find3M ====================
.
2012-11-14 19:44:20 60808 -c--a-w- c:\winnt\system32\S32EVNT1.DLL
2012-11-14 19:44:20 125488 -c--a-w- c:\winnt\system32\drivers\SYMEVENT.SYS
2012-11-13 19:46:49 1682 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys
2012-10-10 22:02:57 93672 ----a-w- c:\winnt\system32\WindowsAccessBridge.dll
2012-10-10 22:02:52 821736 ----a-w- c:\winnt\system32\npDeployJava1.dll
2012-10-10 22:02:52 746984 ----a-w- c:\winnt\system32\deployJava1.dll
2012-10-10 22:02:52 143872 ----a-w- c:\winnt\system32\javacpl.cpl
2012-10-10 21:57:59 73656 ----a-w- c:\winnt\system32\FlashPlayerCPLApp.cpl
2012-10-10 21:57:59 696760 ----a-w- c:\winnt\system32\FlashPlayerApp.exe
2012-08-30 20:29:36 81920 ------w- c:\winnt\system32\ieencode.dll
2012-08-28 15:14:53 916992 ----a-w- c:\winnt\system32\wininet.dll
2012-08-28 15:14:53 43520 ------w- c:\winnt\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\winnt\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ------w- c:\winnt\system32\html.iec
2012-08-24 13:53:22 177664 ----a-w- c:\winnt\system32\wintrust.dll
2012-08-21 13:29:19 2192896 ----a-w- c:\winnt\system32\ntoskrnl.exe
2012-08-21 12:58:06 2069632 ----a-w- c:\winnt\system32\ntkrnlpa.exe
.
============= FINISH: 13:02:33.36 ===============
attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/21/2009 4:07:29 PM
System Uptime: 11/15/2012 11:46:16 AM (2 hours ago)
.
Motherboard: Dell Computer Corp. | | 0C7018
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 41.493 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP762: 9/13/2012 12:35:12 PM - System Checkpoint
RP763: 9/14/2012 1:30:19 PM - System Checkpoint
RP764: 9/15/2012 2:30:26 PM - System Checkpoint
RP765: 9/16/2012 3:30:21 PM - System Checkpoint
RP766: 9/17/2012 4:30:26 PM - System Checkpoint
RP767: 9/18/2012 5:30:21 PM - System Checkpoint
RP768: 9/19/2012 6:30:21 PM - System Checkpoint
RP769: 9/20/2012 7:30:26 PM - System Checkpoint
RP770: 9/21/2012 8:30:38 PM - System Checkpoint
RP771: 9/22/2012 9:30:32 PM - System Checkpoint
RP772: 9/23/2012 10:30:22 PM - System Checkpoint
RP773: 9/24/2012 11:30:23 PM - System Checkpoint
RP774: 9/26/2012 12:30:21 AM - System Checkpoint
RP775: 9/27/2012 1:30:22 AM - System Checkpoint
RP776: 9/28/2012 1:34:24 AM - System Checkpoint
RP777: 9/29/2012 2:34:24 AM - System Checkpoint
RP778: 9/30/2012 3:34:26 AM - System Checkpoint
RP779: 10/1/2012 4:34:30 AM - System Checkpoint
RP780: 10/2/2012 5:34:34 AM - System Checkpoint
RP781: 10/3/2012 6:34:28 AM - System Checkpoint
RP782: 10/4/2012 5:05:42 PM - System Checkpoint
RP783: 10/5/2012 5:16:16 PM - System Checkpoint
RP784: 10/6/2012 6:16:21 PM - System Checkpoint
RP785: 10/7/2012 7:16:19 PM - System Checkpoint
RP786: 10/8/2012 7:58:44 PM - System Checkpoint
RP787: 10/9/2012 8:58:44 PM - System Checkpoint
RP788: 10/10/2012 1:53:56 PM - Software Distribution Service 3.0
RP789: 10/10/2012 4:05:41 PM - Software Distribution Service 3.0
RP790: 10/10/2012 5:02:42 PM - Installed Java 7 Update 7
RP791: 10/11/2012 6:02:42 PM - System Checkpoint
RP792: 10/12/2012 7:02:42 PM - System Checkpoint
RP793: 10/13/2012 8:02:42 PM - System Checkpoint
RP794: 10/14/2012 9:02:49 PM - System Checkpoint
RP795: 10/15/2012 10:02:43 PM - System Checkpoint
RP796: 10/16/2012 11:02:44 PM - System Checkpoint
RP797: 10/18/2012 12:02:45 AM - System Checkpoint
RP798: 10/19/2012 12:33:09 AM - System Checkpoint
RP799: 10/20/2012 1:33:05 AM - System Checkpoint
RP800: 10/21/2012 2:33:03 AM - System Checkpoint
RP801: 10/22/2012 3:33:00 AM - System Checkpoint
RP802: 10/23/2012 4:30:27 AM - System Checkpoint
RP803: 10/24/2012 5:30:26 AM - System Checkpoint
RP804: 10/26/2012 1:17:25 PM - System Checkpoint
RP805: 10/27/2012 1:23:03 PM - System Checkpoint
RP806: 10/28/2012 2:22:30 PM - System Checkpoint
RP807: 10/29/2012 5:22:59 PM - System Checkpoint
RP808: 10/30/2012 5:25:42 PM - System Checkpoint
RP809: 10/31/2012 6:22:32 PM - System Checkpoint
RP810: 11/1/2012 7:22:29 PM - System Checkpoint
RP811: 11/2/2012 8:22:40 PM - System Checkpoint
RP812: 11/3/2012 8:22:31 PM - System Checkpoint
RP813: 11/4/2012 9:22:43 PM - System Checkpoint
RP814: 11/5/2012 10:22:29 PM - System Checkpoint
RP815: 11/6/2012 11:22:29 PM - System Checkpoint
RP816: 11/8/2012 12:22:26 AM - System Checkpoint
RP817: 11/9/2012 1:22:27 AM - System Checkpoint
RP818: 11/10/2012 2:22:30 AM - System Checkpoint
RP819: 11/11/2012 3:22:31 AM - System Checkpoint
RP820: 11/12/2012 4:22:24 AM - System Checkpoint
RP821: 11/13/2012 5:22:32 AM - System Checkpoint
RP822: 11/14/2012 6:22:19 AM - System Checkpoint
RP823: 11/15/2012 6:29:47 AM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP BiDi Channel Components Installer
Acrobat.com
Ad-Aware SE Personal
Adobe Acrobat 7.0 Standard
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
AnswerWorks Runtime
Compatibility Pack for the 2007 Office system
Corel WordPerfect Office - iFilter
Critical Update for Windows Media Player 11 (KB959772)
Hotfix for MDAC 2.53 (KB911562)
Hotfix for MDAC 2.53 (KB927779)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Commercial Scanjet 5590 TWAIN Driver
HP Memories Disc
HP Photo and Imaging 2.5 - Scanjet 5590 Series
HP Software Update
HPScanjet5590Corporate11
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Connections Drivers
Java 7 Update 7
Java Auto Updater
LiveReg (Symantec Corporation)
LiveUpdate 3.3 (Symantec Corporation)
Macromedia Shockwave Player
Mailshell Anti-Spam Universal
Malwarebytes Anti-Malware version 1.65.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB947742)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel Viewer 2003
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook 2003
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OGA Notifier 2.0.0048.0
Photosmart 140,240,7200,7600,7700,7900 Series
Presto! PageManager 7.11
PS7200
PSShortcutsP
PSUsage
QFolder
Readiris Pro 8
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealPopup
RealUpgrade 1.1
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2482017)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2497640)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2530548)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2559049)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2586448)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2731847-v2)
Security Update for Windows XP (KB2744842)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
ShareIns
SoundMAX
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Spybot - Search & Destroy 1.3
Symantec Endpoint Protection
Symantec pcAnywhere
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
WebFldrs
WebFldrs XP
WebIQ Technology Engine
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Service Pack 3
WinZip
WordPerfect Lightning
WordPerfect Lightning - EN
WordPerfect Lightning - IPM
WordPerfect Lightning - Messages
WordPerfect Lightning - MSOM
WordPerfect Office 2000 Hot Fix
WordPerfect Office X4
WordPerfect Office X4 - Common
WordPerfect Office X4 - Content
WordPerfect Office X4 - EN
WordPerfect Office X4 - Filters
WordPerfect Office X4 - Graphics
WordPerfect Office X4 - ICA
WordPerfect Office X4 - IPM
WordPerfect Office X4 - IPM EN
WordPerfect Office X4 - Migration Manager
WordPerfect Office X4 - PerfectExperts
WordPerfect Office X4 - PR
WordPerfect Office X4 - QP
WordPerfect Office X4 - Skins
WordPerfect Office X4 - System
WordPerfect Office X4 - WP
.
==== Event Viewer Messages From Past Week ========
.
11/14/2012 4:14:58 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde
11/14/2012 2:52:57 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/14/2012 2:51:12 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AW_HOST eeCtrl Fips intelppm SPBBCDrv SRTSP SRTSPX SYMTDI
11/14/2012 2:15:01 PM, error: Srv [2020] - The server was unable to allocate from the system paged pool because the pool was empty.
11/14/2012 12:53:39 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Symantec Management Client service to connect.
11/14/2012 12:53:39 PM, error: Service Control Manager [7000] - The Symantec Management Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/14/2012 12:53:38 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Symantec Settings Manager service to connect.
11/14/2012 12:53:37 PM, error: Service Control Manager [7031] - The Symantec Settings Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
11/14/2012 12:53:36 PM, error: Service Control Manager [7031] - The Symantec Management Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
11/14/2012 12:53:36 PM, error: Service Control Manager [7031] - The Symantec Event Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 200 milliseconds: Restart the service.
11/14/2012 12:53:36 PM, error: Service Control Manager [7031] - The Symantec Endpoint Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/14/2012 12:53:36 PM, error: Service Control Manager [7000] - The pcAnywhere Host Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/14/2012 12:53:33 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the pcAnywhere Host Service service to connect.
11/14/2012 12:53:31 PM, error: Service Control Manager [7034] - The Protexis Licensing V2 service terminated unexpectedly. It has done this 1 time(s).
11/14/2012 12:53:31 PM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
11/14/2012 12:53:31 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
11/14/2012 12:53:31 PM, error: Service Control Manager [7031] - The pcAnywhere Host Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/14/2012 1:55:20 PM, error: SideBySide [59] - Generate Activation Context failed for c:\program files\real\realplayer\plugins\authmgr.dll. Reference error message: Error Message is unavailable .
11/13/2012 11:28:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
11/13/2012 11:28:23 PM, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/13/2012 11:28:23 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
11/12/2012 2:35:32 PM, error: NETLOGON [5719] - No Domain Controller is available for domain LSND due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
.
==== End Of File ===========================
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.15.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
khermanson :: ADELEP [administrator]
11/15/2012 9:40:45 AM
mbam-log-2012-11-15 (09-40-45).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 715901
Time elapsed: 1 hour(s), 48 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\System Volume Information\_restore{55356021-C966-4E4B-A715-75105CF0B9C7}\RP822\A0048509.exe (Trojan.LameShield) -> Quarantined and deleted successfully.
(end)
GMER.LOG
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-11-15 11:58:13
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST380011A rev.8.16
Running: krnkffun.exe; Driver: C:\DOCUME~1\ADMIN~1.LSN\LOCALS~1\Temp\uxtdrpod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
---- EOF - GMER 1.0.15 ----
DDS logs:
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.7.2
Run by admin at 13:01:18 on 2012-11-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.519 [GMT -6:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
============== Running Processes ================
.
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\WINNT\System32\alg.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINNT\system32\hphmon05.exe
C:\WINNT\system32\hkcmd.exe
C:\WINNT\system32\igfxpers.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINNT\system32\ctfmon.exe
C:\WINNT\system32\igfxsrvc.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\system32\svchost.exe -k DcomLaunch
C:\WINNT\system32\svchost.exe -k rpcss
C:\WINNT\System32\svchost.exe -k netsvcs
C:\WINNT\system32\svchost.exe -k NetworkService
C:\WINNT\system32\svchost.exe -k LocalService
C:\WINNT\system32\svchost.exe -k LocalService
C:\WINNT\system32\svchost.exe -k netsvcs
C:\WINNT\System32\svchost.exe -k HPZ12
C:\WINNT\System32\svchost.exe -k HPZ12
C:\WINNT\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.legalassist.org/
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: <No Name>: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AcroIEToolbarHelper Class: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
mRun: [Synchronization Manager] mobsync.exe /logon
mRun: [SC_DAEMON] "c:\program files\mailshell spamcatcher universal desktop client\sc_daemon.exe"
mRun: [OE_Plugin_Startup] "c:\program files\mailshell spamcatcher universal desktop client\Launcher.exe"
mRun: [Share-to-Web Namespace Daemon] c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HPDJ Taskbar Utility] c:\winnt\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [HPHUPD05] c:\program files\hewlett-packard\\{5372b9a6-6e51-4f90-9b40-e0a3b8475c4e}\hphupd05.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe"
mRun: [HPHmon05] c:\winnt\system32\hphmon05.exe
mRun: [igfxtray] c:\winnt\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\winnt\system32\hkcmd.exe
mRun: [igfxpers] c:\winnt\system32\igfxpers.exe
mRun: [QuickFinder Scheduler] "c:\program files\corel\wordperfect office x4\programs\QFSCHD140.EXE"
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
dRunOnce: [^SetupICWDesktop] c:\program files\internet explorer\connection wizard\icwconn1.exe /desktop
dRunOnce: [tscuninstall] c:\winnt\system32\tscupgrd.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\winnt\installer\{ac76ba86-1033-0000-ba7e-000000000002}\SC_Acrobat.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Windows\System: CompatibleRUPSecurity = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Open with WordPerfect - c:\program files\corel\wordperfect office x4\programs\WPLauncher.hta
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxp://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - hxxp://software-dl.real.com/157d37c333621a912406/netzip/RdxIE601.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1132007159500
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132065967140
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} - hxxps://www1.gotomeeting.com/default/applets/g2mdlax.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
TCP: Interfaces\{730475C2-769E-4930-BEDB-799399D41193} : NameServer = 192.168.2.4,192.168.2.5,192.168.2.6
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: igfxcui - igfxdev.dll
Notify: PCANotify - PCANotify.dll
Notify: wzcnotif - wzcdlg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winnt\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\admin.lsnd\application data\mozilla\firefox\profiles\6x6or03l.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.legalassist.org/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\winnt\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\winnt\system32\npDeployJava1.dll
FF - plugin: c:\winnt\system32\npptools.dll
FF - ExtSQL: 2012-10-10 17:08; {0153E448-190B-4987-BDE1-F256CADA672F}; c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
.
============= SERVICES / DRIVERS ===============
.
R0 Achernar;Achernar - SCSI Command Filters;c:\winnt\system32\drivers\Achernar.sys [2006-4-24 16855]
R1 AW_HOST;AW_HOST;c:\winnt\system32\drivers\AW_HOST5.sys [2003-10-23 16984]
R2 awhost32;pcAnywhere Host Service;c:\program files\symantec\pcanywhere\awhost32.exe [2005-5-20 106496]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2011-6-2 108392]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2011-6-2 108392]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2011-6-2 1839776]
R3 Aldebaran;Aldebaran - SCSI Command Filters;c:\winnt\system32\drivers\Aldebaran.sys [2006-4-24 21808]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-9-27 106656]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20121114.008\NAVENG.SYS [2012-11-15 92704]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20121114.008\NAVEX15.SYS [2012-11-15 1601184]
S3 COH_Mon;COH_Mon;c:\winnt\system32\drivers\COH_Mon.sys [2011-6-2 23888]
S3 NPF;WinPcap Packet Driver (NPF);c:\winnt\system32\drivers\npf.sys [2012-11-14 50704]
S3 usbhub20;USB 2.0 Root Hub Support;c:\winnt\system32\drivers\usbhub20.sys [2005-11-14 49776]
S3 VPREMOTE;VPRemote Install Bootstrap Service;c:\temp\clt-inst\vpremote.exe --> c:\temp\clt-inst\vpremote.exe [?]
S4 SpamCatcherUniversal;SpamCatcherUniversal;"c:\program files\mailshell spamcatcher universal desktop client\spamcatcher.exe" -d "c:\program files\mailshell spamcatcher universal desktop client\conf\\" --> c:\program files\mailshell spamcatcher universal desktop client\spamcatcher.exe [?]
.
=============== File Associations ===============
.
ShellExec: LightningViewer.exe: View="c:\program files\corel\wordperfect lightning\programs\LightningNavigator.exe" "-ViewDocument" "%1"
ShellExec: wordpad.exe: print="c:\program files\windows nt\accessories\WORDPAD.EXE"/p "%1"
ShellExec: wordpad.exe: printto="c:\program files\windows nt\accessories\WORDPAD.EXE"/pt "%1" "%2" "%3" "%4"
.
=============== Created Last 30 ================
.
2012-11-15 13:28:33 -------- d-sha-r- C:\cmdcons
2012-11-15 13:22:28 98816 ----a-w- c:\winnt\sed.exe
2012-11-15 13:22:28 256000 ----a-w- c:\winnt\PEV.exe
2012-11-15 13:22:28 208896 ----a-w- c:\winnt\MBR.exe
2012-11-15 13:22:14 -------- d-s---w- C:\ComboFix
2012-11-14 20:33:07 -------- d-----w- c:\documents and settings\admin.lsnd\application data\Malwarebytes
2012-11-14 20:32:39 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-11-14 20:32:26 22856 ----a-w- c:\winnt\system32\drivers\mbam.sys
2012-11-14 20:32:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-14 18:50:36 -------- d-----w- c:\documents and settings\all users\application data\AC62295460A1D4A80000AC617CFDDFA4
2012-11-14 18:49:47 50704 ----a-w- c:\winnt\system32\drivers\npf.sys
2012-11-14 18:49:46 281104 ----a-w- c:\winnt\system32\wpcap.dll
2012-11-14 18:49:45 100880 ----a-w- c:\winnt\system32\Packet.dll
.
==================== Find3M ====================
.
2012-11-14 19:44:20 60808 -c--a-w- c:\winnt\system32\S32EVNT1.DLL
2012-11-14 19:44:20 125488 -c--a-w- c:\winnt\system32\drivers\SYMEVENT.SYS
2012-11-13 19:46:49 1682 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys
2012-10-10 22:02:57 93672 ----a-w- c:\winnt\system32\WindowsAccessBridge.dll
2012-10-10 22:02:52 821736 ----a-w- c:\winnt\system32\npDeployJava1.dll
2012-10-10 22:02:52 746984 ----a-w- c:\winnt\system32\deployJava1.dll
2012-10-10 22:02:52 143872 ----a-w- c:\winnt\system32\javacpl.cpl
2012-10-10 21:57:59 73656 ----a-w- c:\winnt\system32\FlashPlayerCPLApp.cpl
2012-10-10 21:57:59 696760 ----a-w- c:\winnt\system32\FlashPlayerApp.exe
2012-08-30 20:29:36 81920 ------w- c:\winnt\system32\ieencode.dll
2012-08-28 15:14:53 916992 ----a-w- c:\winnt\system32\wininet.dll
2012-08-28 15:14:53 43520 ------w- c:\winnt\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\winnt\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ------w- c:\winnt\system32\html.iec
2012-08-24 13:53:22 177664 ----a-w- c:\winnt\system32\wintrust.dll
2012-08-21 13:29:19 2192896 ----a-w- c:\winnt\system32\ntoskrnl.exe
2012-08-21 12:58:06 2069632 ----a-w- c:\winnt\system32\ntkrnlpa.exe
.
============= FINISH: 13:02:33.36 ===============
attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/21/2009 4:07:29 PM
System Uptime: 11/15/2012 11:46:16 AM (2 hours ago)
.
Motherboard: Dell Computer Corp. | | 0C7018
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 41.493 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP762: 9/13/2012 12:35:12 PM - System Checkpoint
RP763: 9/14/2012 1:30:19 PM - System Checkpoint
RP764: 9/15/2012 2:30:26 PM - System Checkpoint
RP765: 9/16/2012 3:30:21 PM - System Checkpoint
RP766: 9/17/2012 4:30:26 PM - System Checkpoint
RP767: 9/18/2012 5:30:21 PM - System Checkpoint
RP768: 9/19/2012 6:30:21 PM - System Checkpoint
RP769: 9/20/2012 7:30:26 PM - System Checkpoint
RP770: 9/21/2012 8:30:38 PM - System Checkpoint
RP771: 9/22/2012 9:30:32 PM - System Checkpoint
RP772: 9/23/2012 10:30:22 PM - System Checkpoint
RP773: 9/24/2012 11:30:23 PM - System Checkpoint
RP774: 9/26/2012 12:30:21 AM - System Checkpoint
RP775: 9/27/2012 1:30:22 AM - System Checkpoint
RP776: 9/28/2012 1:34:24 AM - System Checkpoint
RP777: 9/29/2012 2:34:24 AM - System Checkpoint
RP778: 9/30/2012 3:34:26 AM - System Checkpoint
RP779: 10/1/2012 4:34:30 AM - System Checkpoint
RP780: 10/2/2012 5:34:34 AM - System Checkpoint
RP781: 10/3/2012 6:34:28 AM - System Checkpoint
RP782: 10/4/2012 5:05:42 PM - System Checkpoint
RP783: 10/5/2012 5:16:16 PM - System Checkpoint
RP784: 10/6/2012 6:16:21 PM - System Checkpoint
RP785: 10/7/2012 7:16:19 PM - System Checkpoint
RP786: 10/8/2012 7:58:44 PM - System Checkpoint
RP787: 10/9/2012 8:58:44 PM - System Checkpoint
RP788: 10/10/2012 1:53:56 PM - Software Distribution Service 3.0
RP789: 10/10/2012 4:05:41 PM - Software Distribution Service 3.0
RP790: 10/10/2012 5:02:42 PM - Installed Java 7 Update 7
RP791: 10/11/2012 6:02:42 PM - System Checkpoint
RP792: 10/12/2012 7:02:42 PM - System Checkpoint
RP793: 10/13/2012 8:02:42 PM - System Checkpoint
RP794: 10/14/2012 9:02:49 PM - System Checkpoint
RP795: 10/15/2012 10:02:43 PM - System Checkpoint
RP796: 10/16/2012 11:02:44 PM - System Checkpoint
RP797: 10/18/2012 12:02:45 AM - System Checkpoint
RP798: 10/19/2012 12:33:09 AM - System Checkpoint
RP799: 10/20/2012 1:33:05 AM - System Checkpoint
RP800: 10/21/2012 2:33:03 AM - System Checkpoint
RP801: 10/22/2012 3:33:00 AM - System Checkpoint
RP802: 10/23/2012 4:30:27 AM - System Checkpoint
RP803: 10/24/2012 5:30:26 AM - System Checkpoint
RP804: 10/26/2012 1:17:25 PM - System Checkpoint
RP805: 10/27/2012 1:23:03 PM - System Checkpoint
RP806: 10/28/2012 2:22:30 PM - System Checkpoint
RP807: 10/29/2012 5:22:59 PM - System Checkpoint
RP808: 10/30/2012 5:25:42 PM - System Checkpoint
RP809: 10/31/2012 6:22:32 PM - System Checkpoint
RP810: 11/1/2012 7:22:29 PM - System Checkpoint
RP811: 11/2/2012 8:22:40 PM - System Checkpoint
RP812: 11/3/2012 8:22:31 PM - System Checkpoint
RP813: 11/4/2012 9:22:43 PM - System Checkpoint
RP814: 11/5/2012 10:22:29 PM - System Checkpoint
RP815: 11/6/2012 11:22:29 PM - System Checkpoint
RP816: 11/8/2012 12:22:26 AM - System Checkpoint
RP817: 11/9/2012 1:22:27 AM - System Checkpoint
RP818: 11/10/2012 2:22:30 AM - System Checkpoint
RP819: 11/11/2012 3:22:31 AM - System Checkpoint
RP820: 11/12/2012 4:22:24 AM - System Checkpoint
RP821: 11/13/2012 5:22:32 AM - System Checkpoint
RP822: 11/14/2012 6:22:19 AM - System Checkpoint
RP823: 11/15/2012 6:29:47 AM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP BiDi Channel Components Installer
Acrobat.com
Ad-Aware SE Personal
Adobe Acrobat 7.0 Standard
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
AnswerWorks Runtime
Compatibility Pack for the 2007 Office system
Corel WordPerfect Office - iFilter
Critical Update for Windows Media Player 11 (KB959772)
Hotfix for MDAC 2.53 (KB911562)
Hotfix for MDAC 2.53 (KB927779)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Commercial Scanjet 5590 TWAIN Driver
HP Memories Disc
HP Photo and Imaging 2.5 - Scanjet 5590 Series
HP Software Update
HPScanjet5590Corporate11
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Connections Drivers
Java 7 Update 7
Java Auto Updater
LiveReg (Symantec Corporation)
LiveUpdate 3.3 (Symantec Corporation)
Macromedia Shockwave Player
Mailshell Anti-Spam Universal
Malwarebytes Anti-Malware version 1.65.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB947742)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel Viewer 2003
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook 2003
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OGA Notifier 2.0.0048.0
Photosmart 140,240,7200,7600,7700,7900 Series
Presto! PageManager 7.11
PS7200
PSShortcutsP
PSUsage
QFolder
Readiris Pro 8
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealPopup
RealUpgrade 1.1
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2482017)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2497640)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2530548)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2559049)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2586448)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2731847-v2)
Security Update for Windows XP (KB2744842)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
ShareIns
SoundMAX
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Spybot - Search & Destroy 1.3
Symantec Endpoint Protection
Symantec pcAnywhere
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
WebFldrs
WebFldrs XP
WebIQ Technology Engine
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Service Pack 3
WinZip
WordPerfect Lightning
WordPerfect Lightning - EN
WordPerfect Lightning - IPM
WordPerfect Lightning - Messages
WordPerfect Lightning - MSOM
WordPerfect Office 2000 Hot Fix
WordPerfect Office X4
WordPerfect Office X4 - Common
WordPerfect Office X4 - Content
WordPerfect Office X4 - EN
WordPerfect Office X4 - Filters
WordPerfect Office X4 - Graphics
WordPerfect Office X4 - ICA
WordPerfect Office X4 - IPM
WordPerfect Office X4 - IPM EN
WordPerfect Office X4 - Migration Manager
WordPerfect Office X4 - PerfectExperts
WordPerfect Office X4 - PR
WordPerfect Office X4 - QP
WordPerfect Office X4 - Skins
WordPerfect Office X4 - System
WordPerfect Office X4 - WP
.
==== Event Viewer Messages From Past Week ========
.
11/14/2012 4:14:58 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde
11/14/2012 2:52:57 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/14/2012 2:51:12 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AW_HOST eeCtrl Fips intelppm SPBBCDrv SRTSP SRTSPX SYMTDI
11/14/2012 2:15:01 PM, error: Srv [2020] - The server was unable to allocate from the system paged pool because the pool was empty.
11/14/2012 12:53:39 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Symantec Management Client service to connect.
11/14/2012 12:53:39 PM, error: Service Control Manager [7000] - The Symantec Management Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/14/2012 12:53:38 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Symantec Settings Manager service to connect.
11/14/2012 12:53:37 PM, error: Service Control Manager [7031] - The Symantec Settings Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
11/14/2012 12:53:36 PM, error: Service Control Manager [7031] - The Symantec Management Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
11/14/2012 12:53:36 PM, error: Service Control Manager [7031] - The Symantec Event Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 200 milliseconds: Restart the service.
11/14/2012 12:53:36 PM, error: Service Control Manager [7031] - The Symantec Endpoint Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/14/2012 12:53:36 PM, error: Service Control Manager [7000] - The pcAnywhere Host Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/14/2012 12:53:33 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the pcAnywhere Host Service service to connect.
11/14/2012 12:53:31 PM, error: Service Control Manager [7034] - The Protexis Licensing V2 service terminated unexpectedly. It has done this 1 time(s).
11/14/2012 12:53:31 PM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
11/14/2012 12:53:31 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
11/14/2012 12:53:31 PM, error: Service Control Manager [7031] - The pcAnywhere Host Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/14/2012 1:55:20 PM, error: SideBySide [59] - Generate Activation Context failed for c:\program files\real\realplayer\plugins\authmgr.dll. Reference error message: Error Message is unavailable .
11/13/2012 11:28:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
11/13/2012 11:28:23 PM, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/13/2012 11:28:23 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
11/12/2012 2:35:32 PM, error: NETLOGON [5719] - No Domain Controller is available for domain LSND due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
.
==== End Of File ===========================