dws199
2010-07-05, 18:02
Hi
I'm encountering the same issue as reported by Fuzz18500 where I have multiple iexplore.exe processes running at the same time and pop ups appearing when I ahev not even opened IE. When I try and kill them they autmatically reappear. I also have the issue where the Wave volume is being set down to zero every 5-10 mins.
I'm running McAfee and have tried various apps such as SpyBot but none of them detect any malware.
My DDS logs below, thanks in advance for your help
DDS (Ver_10-03-17.01) - NTFSx86
Run by dstrudwick at 15:59:23.46 on 05/07/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3053.1087 [GMT 1:00]
AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
============== Running Processes ===============
svchost.exe 4
svchost.exe 4
C:\WINDOWS\System32\svchost.exe -k Bioscrypt
C:\Program Files\Fingerprint Sensor\AtService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\ActivIdentity\ActivClient\accoca.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Common Files\Teleca Shared\logger.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\HTC\HTC Sync\Sync Manager\syncindicator.exe
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://qlikview.pkr.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=all&pf=cmdt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=all&pf=cmdt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=all&pf=cmdt
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Credential Manager for HP ProtectTools: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\hewlett-packard\iam\bin\ItIEAddIn.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] "c:\windows\system32\ctfmon.exe"
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"
mRun: [SoundMAXPnP] "c:\program files\analog devices\core\smax4pnp.exe"
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [picon] "c:\program files\common files\intel\privacy icon\PrivacyIconClient.exe" -startup
mRun: [<NO NAME>]
mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe"
mRun: [PTHOSTTR] "c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE" /Start
mRun: [CognizanceTS] "rundll32.exe" c:\progra~1\hewlet~1\iam\bin\ASTSVCC.dll,RegisterModule
mRun: [SetRefresh] "c:\program files\compaq\setrefresh\SetRefresh.exe"
mRun: [Recguard] "c:\windows\sminst\Recguard.exe"
mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
mRun: [Scheduler] "c:\windows\sminst\Scheduler.exe"
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [Synchronization Manager] "%SystemRoot%\system32\mobsync.exe" /logon
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Mobile Connectivity Suite] "c:\program files\htc\htc sync\application launcher\Application Launcher.exe" /startoptions
mRunOnce: [UninstallLockedSOSFiles] c:\docume~1\dstrud~1\locals~1\temp\UninstallLockedSOSFiles.lnk
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\dstrud~1\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{14fcfe7c-ab86-428a-9d2e-bfb6f5a7aa6e}\Icon3E5562ED7.ico
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: pkr.com\reports
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
TCP: {AE37DC66-983E-4978-836C-324691BF8A36} = 10.2.21.31,10.2.21.32
Handler: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - c:\program files\qlikview\qvprotocol\Qvp.dll
Notify: ackpbsc - c:\windows\system32\ackpbsc.dll
Notify: acunlock - c:\program files\actividentity\activclient\acunlock.dll
Notify: DeviceNP - DeviceNP.dll
Notify: igfxcui - igfxdev.dll
Notify: OneCard - c:\program files\hewlett-packard\iam\bin\ASWLNPkg.dll
AppInit_DLLs: APSHook.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll
LSA: Notification Packages = scecli ASWLNPkg
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\dstrud~1\applic~1\mozilla\firefox\profiles\yu7qg83x.default\
FF - plugin: c:\documents and settings\dstrudwick\application data\mozilla\firefox\profiles\yu7qg83x.default\extensions\maps@ovi.com\plugins\npNMapNPR.dll
FF - plugin: c:\documents and settings\dstrudwick\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [2008-10-1 109216]
R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [2008-10-1 51408]
R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [2008-10-1 12960]
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2008-3-28 24064]
R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2006-11-30 31944]
R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [2008-10-1 12528]
R2 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient\accoca.exe [2007-11-28 185896]
R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Bioscrypt [2008-4-14 14336]
R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Bioscrypt [2008-4-14 14336]
R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-10-3 1185016]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\hewlett-packard\drive encryption\HpFkCrypt.exe [2008-10-1 256544]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2009-3-10 103744]
R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2006-11-30 144960]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2006-11-30 54872]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2009-10-1 2054680]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2009-10-1 149600]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-12-18 44800]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2009-11-2 72264]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2009-11-2 34152]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2009-11-2 168776]
R3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-1-26 280344]
RUnknown ssfs0bbc;ssfs0bbc; [x]
S2 0083071257177488mcinstcleanup;McAfee Application Installer Cleanup (0083071257177488);c:\docume~1\admini~1\locals~1\temp\008307~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\admini~1\locals~1\temp\008307~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\hewlett-packard\file sanitizer\HPFSService.exe [2009-10-1 77824]
S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\msrs10.mssqlserver\reporting services\reportserver\bin\ReportingServicesService.exe [2008-7-10 1106968]
S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [2008-8-6 32256]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2008-8-6 349432]
S3 HP ProtectTools Service;HP ProtectTools Service;c:\program files\hewlett-packard\hp protecttools security manager\PTChangeFilterService.exe [2009-2-12 45056]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2010-6-30 24576]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2005-9-23 2799808]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
=============== Created Last 30 ================
2010-07-05 14:11:07 599040 ----a-w- c:\windows\system32\SET1F3.tmp
2010-07-05 14:11:07 55296 ----a-w- c:\windows\system32\SET1F2.tmp
2010-07-05 14:11:07 25600 ----a-w- c:\windows\system32\SET1F4.tmp
2010-07-05 14:11:06 916480 ----a-w- c:\windows\system32\SET1ED.tmp
2010-07-05 14:11:05 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-07-05 14:11:05 5950976 ----a-w- c:\windows\system32\SET1F1.tmp
2010-07-05 14:11:05 1985536 ----a-w- c:\windows\system32\SET1F6.tmp
2010-07-05 14:11:05 1209344 ----a-w- c:\windows\system32\SET1EE.tmp
2010-07-05 14:11:03 11076096 ----a-w- c:\windows\system32\SET1F8.tmp
2010-07-05 14:09:49 285696 ----a-w- c:\windows\system32\SET1D3.tmp
2010-07-05 14:09:49 285696 ------w- c:\windows\system32\dllcache\atmfd.dll
2010-07-05 14:02:34 0 d-----w- c:\docume~1\alluse~1\applic~1\IObit
2010-07-05 14:02:32 0 d-----w- c:\program files\IObit
2010-07-05 13:58:37 0 d-----w- c:\program files\SpywareGuard
2010-07-05 13:53:28 0 d-----w- c:\program files\SpywareBlaster
2010-07-05 12:47:48 0 d-----w- c:\program files\Trend Micro
2010-07-05 12:10:56 0 d-----w- c:\program files\BHODemon 2
2010-07-05 10:56:08 0 d-----w- c:\docume~1\alluse~1\applic~1\SecTaskMan
2010-07-05 10:56:03 0 d-----w- c:\program files\Security Task Manager
2010-07-05 10:43:49 118784 ----a-w- c:\windows\system32\chg.exe
2010-07-05 10:13:42 775168 ----a-w- c:\windows\isRS-000.tmp
2010-07-05 10:13:28 0 d-----w- c:\program files\MSSOAP
2010-07-05 10:13:16 1563008 ----a-w- c:\windows\WRSetup.dll
2010-07-05 10:13:15 0 d-----w- c:\program files\Webroot
2010-07-05 10:13:13 164 ----a-w- c:\windows\install.dat
2010-07-05 08:27:15 0 d-----w- c:\windows\SxsCaPendDel
2010-07-05 08:25:20 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-07-05 08:25:20 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-07-02 13:07:45 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-06-30 14:01:45 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2010-06-30 14:01:44 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-06-30 14:01:40 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-06-30 14:01:25 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-06-30 14:01:25 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-06-30 10:44:41 0 d-----w- c:\docume~1\dstrud~1\applic~1\Teleca
2010-06-30 10:44:29 0 d-----w- c:\docume~1\alluse~1\applic~1\HTC
2010-06-30 10:44:26 0 d-----w- c:\program files\common files\Teleca Shared
2010-06-30 10:44:26 0 d-----w- c:\docume~1\alluse~1\applic~1\Teleca
2010-06-30 10:43:53 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys
2010-06-30 10:43:53 1122664 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-06-30 10:43:51 0 d-----w- c:\program files\Spirent Communications
2010-06-30 10:43:49 0 d-----w- c:\program files\HTC
2010-06-30 10:38:52 0 d-----w- c:\windows\Downloaded Installations
2010-06-14 11:27:55 726528 ----a-w- c:\windows\system32\SET647.tmp
2010-06-11 11:02:40 0 d-----w- C:\New Folder
2010-06-11 08:28:54 0 d-----w- c:\program files\Microsoft ActiveSync
==================== Find3M ====================
2010-05-05 13:30:57 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-02 05:22:50 1851264 ------w- c:\windows\system32\dllcache\win32k.sys
2010-04-08 13:03:50 2113536 ----a-w- c:\windows\system32\SET1D6.tmp
2010-04-08 13:03:50 2113536 ------w- c:\windows\system32\dllcache\WMVCore.dll
2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll
2009-11-02 23:51:38 16384 --sha-w- c:\windows\temp\cookies\index.dat
2009-11-02 23:51:38 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2009-11-02 23:51:38 16384 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat
============= FINISH: 16:00:15.32 ===============
And the Attach.txt
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-03-17.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 02/11/2009 15:52:34
System Uptime: 07/05/2010 11:42:40 (1421 hours ago)
Motherboard: Hewlett-Packard | | 3032h
Processor: Intel Pentium III Xeon processor | XU1 PROCESSOR | 1989/1333mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 217 GiB total, 160.178 GiB free.
D: is FIXED (NTFS) - 16 GiB total, 9.788 GiB free.
E: is CDROM ()
H: is NetworkDisk (NTFS) - 1907 GiB total, 296.424 GiB free.
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP135: 07/04/2010 17:49:09 - System Checkpoint
RP136: 08/04/2010 18:06:14 - System Checkpoint
RP137: 09/04/2010 19:00:06 - System Checkpoint
RP138: 10/04/2010 19:59:38 - System Checkpoint
RP139: 11/04/2010 20:00:05 - System Checkpoint
RP140: 12/04/2010 21:00:02 - System Checkpoint
RP141: 13/04/2010 21:59:59 - System Checkpoint
RP142: 14/04/2010 22:59:56 - System Checkpoint
RP143: 15/04/2010 23:59:50 - System Checkpoint
RP144: 17/04/2010 00:59:44 - System Checkpoint
RP145: 18/04/2010 01:59:36 - System Checkpoint
RP146: 19/04/2010 14:58:29 - System Checkpoint
RP147: 20/04/2010 17:43:20 - System Checkpoint
RP148: 21/04/2010 17:45:16 - System Checkpoint
RP149: 23/04/2010 17:51:05 - System Checkpoint
RP150: 26/04/2010 12:53:32 - System Checkpoint
RP151: 27/04/2010 13:13:39 - Installed QuickTime
RP152: 28/04/2010 10:01:56 - Software Distribution Service 3.0
RP153: 29/04/2010 12:38:56 - System Checkpoint
RP154: 30/04/2010 14:49:43 - System Checkpoint
RP155: 01/05/2010 15:03:32 - System Checkpoint
RP156: 02/05/2010 16:03:29 - System Checkpoint
RP157: 03/05/2010 17:03:26 - System Checkpoint
RP158: 04/05/2010 17:43:24 - System Checkpoint
RP159: 05/05/2010 09:26:36 - Software Distribution Service 3.0
RP160: 06/05/2010 13:12:57 - System Checkpoint
RP161: 07/05/2010 19:50:08 - System Checkpoint
RP162: 11/05/2010 12:41:45 - Installed QlikView Plugin
RP163: 11/05/2010 13:04:05 - Installed QlikView Plugin
RP164: 12/05/2010 17:41:50 - System Checkpoint
RP165: 13/05/2010 17:42:41 - System Checkpoint
RP166: 14/05/2010 17:45:38 - System Checkpoint
RP167: 15/05/2010 17:49:20 - System Checkpoint
RP168: 16/05/2010 18:49:15 - System Checkpoint
RP169: 17/05/2010 18:50:17 - System Checkpoint
RP170: 18/05/2010 19:50:12 - System Checkpoint
RP171: 20/05/2010 12:22:05 - System Checkpoint
RP172: 21/05/2010 12:40:52 - System Checkpoint
RP173: 22/05/2010 12:50:59 - System Checkpoint
RP174: 23/05/2010 13:50:53 - System Checkpoint
RP175: 24/05/2010 10:24:06 - Software Distribution Service 3.0
RP176: 25/05/2010 17:44:16 - System Checkpoint
RP177: 26/05/2010 18:40:53 - System Checkpoint
RP178: 27/05/2010 19:41:52 - System Checkpoint
RP179: 28/05/2010 20:04:46 - System Checkpoint
RP180: 29/05/2010 20:08:36 - System Checkpoint
RP181: 30/05/2010 21:13:07 - System Checkpoint
RP182: 31/05/2010 21:16:44 - System Checkpoint
RP183: 01/06/2010 21:18:39 - System Checkpoint
RP184: 02/06/2010 17:13:37 - Installed Microsoft Office Visio Professional 2003
RP185: 03/06/2010 17:44:11 - System Checkpoint
RP186: 04/06/2010 17:46:52 - System Checkpoint
RP187: 07/06/2010 17:45:09 - System Checkpoint
RP188: 08/06/2010 18:13:48 - System Checkpoint
RP189: 09/06/2010 19:28:13 - System Checkpoint
RP190: 10/06/2010 20:14:40 - System Checkpoint
RP191: 11/06/2010 09:28:54 - Installed Microsoft ActiveSync
RP192: 12/06/2010 09:34:56 - System Checkpoint
RP193: 13/06/2010 10:34:53 - System Checkpoint
RP194: 14/06/2010 17:43:13 - System Checkpoint
RP195: 15/06/2010 17:43:27 - System Checkpoint
RP196: 16/06/2010 18:34:47 - System Checkpoint
RP197: 17/06/2010 19:35:47 - System Checkpoint
RP198: 18/06/2010 20:34:38 - System Checkpoint
RP199: 19/06/2010 21:34:36 - System Checkpoint
RP200: 20/06/2010 22:34:34 - System Checkpoint
RP201: 21/06/2010 23:34:34 - System Checkpoint
RP202: 23/06/2010 00:34:34 - System Checkpoint
RP203: 24/06/2010 01:34:33 - System Checkpoint
RP204: 25/06/2010 02:34:32 - System Checkpoint
RP205: 26/06/2010 03:34:31 - System Checkpoint
RP206: 27/06/2010 04:34:30 - System Checkpoint
RP207: 28/06/2010 05:34:29 - System Checkpoint
RP208: 29/06/2010 06:34:29 - System Checkpoint
RP209: 30/06/2010 07:34:29 - System Checkpoint
RP210: 30/06/2010 11:43:49 - Installed HTC Driver Installer.
RP211: 30/06/2010 11:44:06 - Installed HTC Sync.
RP212: 30/06/2010 15:01:40 - Installed Windows XP Wdf01007.
RP213: 01/07/2010 17:48:05 - System Checkpoint
RP214: 02/07/2010 18:14:10 - System Checkpoint
RP215: 03/07/2010 19:14:00 - System Checkpoint
RP216: 04/07/2010 20:17:09 - System Checkpoint
RP217: 05/07/2010 13:47:48 - Installed HiJackThis
RP218: 05/07/2010 15:10:01 - Installed Windows XP KB980218.
RP219: 05/07/2010 15:10:15 - Installed Windows Media Player KB978695.
RP220: 05/07/2010 15:10:25 - Installed Windows XP KB980195.
RP221: 05/07/2010 15:10:37 - Installed Windows XP KB979482.
RP222: 05/07/2010 15:10:47 - Installed Windows XP KB975562.
RP223: 05/07/2010 15:10:59 - Installed Windows XP KB979559.
RP224: 05/07/2010 15:11:16 - Installed Windows XP KB982381.
RP225: 05/07/2010 15:41:47 - Software Distribution Service 3.0
==== Installed Programs ======================
Acrobat.com
ActivClient 6.1 x86
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3
Amazon MP3 Downloader 1.0.9
Apple Application Support
Apple Software Update
AuthenTec Fingerprint System
BIOS Configuration for HP ProtectTools
Cisco Systems VPN Client 5.0.01.0600
Credential Manager for HP ProtectTools
Device Access Manager for HP ProtectTools
Drive Encryption for HP ProtectTools
ERUNT 1.1j
File Sanitizer For HP ProtectTools
FileZilla Client 3.3.3
Google Earth Plug-in
Google Update Helper
Handbrake 0.9.4
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952117-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB958756)
Hotfix for Windows XP (KB961118)
HP Backup and Recovery Manager
HP Help and Support
HP JavaCard for HP ProtectTools
HP ProtectTools Security Manager
HP ProtectTools Security Manager Suite
HTC Driver Installer
HTC Sync
Intel(R) Network Connections 13.5.32.0
Intel® Active Management Technology
InterVideo WinDVD 8
IrfanView (remove only)
Java(TM) 6 Update 18
Java(TM) 6 Update 7
JDownloader
Junk Mail filter update
McAfee Agent
McAfee VirusScan Enterprise
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Standard 2007
Microsoft Office Visio Professional 2003
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Books Online (English)
Microsoft SQL Server 2005 Tools
Microsoft SQL Server 2008
Microsoft SQL Server 2008 BI Development Studio
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Client Tools
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 Policies
Microsoft SQL Server 2008 Reporting Services
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files (English)
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Compact 3.5 SP1 Query Tools English
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual Studio 2005 Premier Partner Edition - ENU
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Mozilla Firefox (3.6.6)
Mozilla Thunderbird (3.0.4)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 6.0 Parser (KB933579)
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
PDFCreator
Perforce Visual Components
PKR
PKROTest
Privacy Manager for HP ProtectTools
QlikView
QlikView Plugin
QuickTime
RBTray 3.4
Riva FLV Encoder 2.0
Security Task Manager 1.7h
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Segoe UI
SoundMAX
Spybot - Search & Destroy
SpywareBlaster 4.3
SpywareGuard v2.2
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
SQLXML4
SUPER © Version 2010.bld.37 (Jan 2, 2010)
Sybase PowerDesigner 15.0
TeamViewer 5
TeraCopy 2.12
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (kb983486)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows PowerShell(TM) 1.0
Windows PowerShell(TM) 1.0 MUI pack
Windows Presentation Foundation
Windows Search 4.0
Windows Server 2003 Service Pack 2 Administration Tools Pack
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
==== Event Viewer Messages From Past Week ========
05/07/2010 15:56:08, error: Service Control Manager [7034] - The IS360service service terminated unexpectedly. It has done this 1 time(s).
05/07/2010 13:02:31, error: PlugPlayManager [11] - The device Root\LEGACY_SSIDRV\0000 disappeared from the system without first being prepared for removal.
05/07/2010 13:02:31, error: PlugPlayManager [11] - The device Root\LEGACY_SSHRMD\0000 disappeared from the system without first being prepared for removal.
05/07/2010 13:02:31, error: PlugPlayManager [11] - The device Root\LEGACY_SSFS0BBC\0000 disappeared from the system without first being prepared for removal.
05/07/2010 13:02:14, error: Service Control Manager [7034] - The Webroot Client Service service terminated unexpectedly. It has done this 1 time(s).
05/07/2010 13:02:11, error: Service Control Manager [7034] - The Webroot Spy Sweeper Engine service terminated unexpectedly. It has done this 1 time(s).
05/07/2010 12:12:44, error: Service Control Manager [7034] - The File Sanitizer for HP ProtectTools service terminated unexpectedly. It has done this 1 time(s).
04/07/2010 22:19:26, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
02/07/2010 14:12:13, error: System Error [1003] - Error code 00000006, parameter1 00000000, parameter2 00000000, parameter3 00000000, parameter4 00000000.
02/07/2010 10:28:22, error: Service Control Manager [7038] - The ReportServer service was unable to log on as CFROG\dstrudwick with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
02/07/2010 10:28:22, error: Service Control Manager [7038] - The MSSQLSERVER service was unable to log on as cfrog\dstrudwick with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
02/07/2010 10:28:22, error: Service Control Manager [7000] - The SQL Server Reporting Services (MSSQLSERVER) service failed to start due to the following error: The service did not start due to a logon failure.
02/07/2010 10:28:22, error: Service Control Manager [7000] - The SQL Server (MSSQLSERVER) service failed to start due to the following error: The service did not start due to a logon failure.
==== End Of File ===========================
I'm encountering the same issue as reported by Fuzz18500 where I have multiple iexplore.exe processes running at the same time and pop ups appearing when I ahev not even opened IE. When I try and kill them they autmatically reappear. I also have the issue where the Wave volume is being set down to zero every 5-10 mins.
I'm running McAfee and have tried various apps such as SpyBot but none of them detect any malware.
My DDS logs below, thanks in advance for your help
DDS (Ver_10-03-17.01) - NTFSx86
Run by dstrudwick at 15:59:23.46 on 05/07/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3053.1087 [GMT 1:00]
AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
============== Running Processes ===============
svchost.exe 4
svchost.exe 4
C:\WINDOWS\System32\svchost.exe -k Bioscrypt
C:\Program Files\Fingerprint Sensor\AtService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\ActivIdentity\ActivClient\accoca.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Common Files\Teleca Shared\logger.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\HTC\HTC Sync\Sync Manager\syncindicator.exe
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://qlikview.pkr.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=all&pf=cmdt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=all&pf=cmdt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=all&pf=cmdt
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Credential Manager for HP ProtectTools: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\hewlett-packard\iam\bin\ItIEAddIn.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] "c:\windows\system32\ctfmon.exe"
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"
mRun: [SoundMAXPnP] "c:\program files\analog devices\core\smax4pnp.exe"
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [picon] "c:\program files\common files\intel\privacy icon\PrivacyIconClient.exe" -startup
mRun: [<NO NAME>]
mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe"
mRun: [PTHOSTTR] "c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE" /Start
mRun: [CognizanceTS] "rundll32.exe" c:\progra~1\hewlet~1\iam\bin\ASTSVCC.dll,RegisterModule
mRun: [SetRefresh] "c:\program files\compaq\setrefresh\SetRefresh.exe"
mRun: [Recguard] "c:\windows\sminst\Recguard.exe"
mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
mRun: [Scheduler] "c:\windows\sminst\Scheduler.exe"
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [Synchronization Manager] "%SystemRoot%\system32\mobsync.exe" /logon
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Mobile Connectivity Suite] "c:\program files\htc\htc sync\application launcher\Application Launcher.exe" /startoptions
mRunOnce: [UninstallLockedSOSFiles] c:\docume~1\dstrud~1\locals~1\temp\UninstallLockedSOSFiles.lnk
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\dstrud~1\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{14fcfe7c-ab86-428a-9d2e-bfb6f5a7aa6e}\Icon3E5562ED7.ico
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: pkr.com\reports
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
TCP: {AE37DC66-983E-4978-836C-324691BF8A36} = 10.2.21.31,10.2.21.32
Handler: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - c:\program files\qlikview\qvprotocol\Qvp.dll
Notify: ackpbsc - c:\windows\system32\ackpbsc.dll
Notify: acunlock - c:\program files\actividentity\activclient\acunlock.dll
Notify: DeviceNP - DeviceNP.dll
Notify: igfxcui - igfxdev.dll
Notify: OneCard - c:\program files\hewlett-packard\iam\bin\ASWLNPkg.dll
AppInit_DLLs: APSHook.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll
LSA: Notification Packages = scecli ASWLNPkg
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\dstrud~1\applic~1\mozilla\firefox\profiles\yu7qg83x.default\
FF - plugin: c:\documents and settings\dstrudwick\application data\mozilla\firefox\profiles\yu7qg83x.default\extensions\maps@ovi.com\plugins\npNMapNPR.dll
FF - plugin: c:\documents and settings\dstrudwick\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [2008-10-1 109216]
R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [2008-10-1 51408]
R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [2008-10-1 12960]
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2008-3-28 24064]
R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2006-11-30 31944]
R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [2008-10-1 12528]
R2 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient\accoca.exe [2007-11-28 185896]
R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Bioscrypt [2008-4-14 14336]
R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Bioscrypt [2008-4-14 14336]
R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-10-3 1185016]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\hewlett-packard\drive encryption\HpFkCrypt.exe [2008-10-1 256544]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2009-3-10 103744]
R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2006-11-30 144960]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2006-11-30 54872]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2009-10-1 2054680]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2009-10-1 149600]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-12-18 44800]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2009-11-2 72264]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2009-11-2 34152]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2009-11-2 168776]
R3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-1-26 280344]
RUnknown ssfs0bbc;ssfs0bbc; [x]
S2 0083071257177488mcinstcleanup;McAfee Application Installer Cleanup (0083071257177488);c:\docume~1\admini~1\locals~1\temp\008307~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\admini~1\locals~1\temp\008307~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\hewlett-packard\file sanitizer\HPFSService.exe [2009-10-1 77824]
S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\msrs10.mssqlserver\reporting services\reportserver\bin\ReportingServicesService.exe [2008-7-10 1106968]
S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [2008-8-6 32256]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2008-8-6 349432]
S3 HP ProtectTools Service;HP ProtectTools Service;c:\program files\hewlett-packard\hp protecttools security manager\PTChangeFilterService.exe [2009-2-12 45056]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2010-6-30 24576]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2005-9-23 2799808]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
=============== Created Last 30 ================
2010-07-05 14:11:07 599040 ----a-w- c:\windows\system32\SET1F3.tmp
2010-07-05 14:11:07 55296 ----a-w- c:\windows\system32\SET1F2.tmp
2010-07-05 14:11:07 25600 ----a-w- c:\windows\system32\SET1F4.tmp
2010-07-05 14:11:06 916480 ----a-w- c:\windows\system32\SET1ED.tmp
2010-07-05 14:11:05 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-07-05 14:11:05 5950976 ----a-w- c:\windows\system32\SET1F1.tmp
2010-07-05 14:11:05 1985536 ----a-w- c:\windows\system32\SET1F6.tmp
2010-07-05 14:11:05 1209344 ----a-w- c:\windows\system32\SET1EE.tmp
2010-07-05 14:11:03 11076096 ----a-w- c:\windows\system32\SET1F8.tmp
2010-07-05 14:09:49 285696 ----a-w- c:\windows\system32\SET1D3.tmp
2010-07-05 14:09:49 285696 ------w- c:\windows\system32\dllcache\atmfd.dll
2010-07-05 14:02:34 0 d-----w- c:\docume~1\alluse~1\applic~1\IObit
2010-07-05 14:02:32 0 d-----w- c:\program files\IObit
2010-07-05 13:58:37 0 d-----w- c:\program files\SpywareGuard
2010-07-05 13:53:28 0 d-----w- c:\program files\SpywareBlaster
2010-07-05 12:47:48 0 d-----w- c:\program files\Trend Micro
2010-07-05 12:10:56 0 d-----w- c:\program files\BHODemon 2
2010-07-05 10:56:08 0 d-----w- c:\docume~1\alluse~1\applic~1\SecTaskMan
2010-07-05 10:56:03 0 d-----w- c:\program files\Security Task Manager
2010-07-05 10:43:49 118784 ----a-w- c:\windows\system32\chg.exe
2010-07-05 10:13:42 775168 ----a-w- c:\windows\isRS-000.tmp
2010-07-05 10:13:28 0 d-----w- c:\program files\MSSOAP
2010-07-05 10:13:16 1563008 ----a-w- c:\windows\WRSetup.dll
2010-07-05 10:13:15 0 d-----w- c:\program files\Webroot
2010-07-05 10:13:13 164 ----a-w- c:\windows\install.dat
2010-07-05 08:27:15 0 d-----w- c:\windows\SxsCaPendDel
2010-07-05 08:25:20 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-07-05 08:25:20 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-07-02 13:07:45 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-06-30 14:01:45 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2010-06-30 14:01:44 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-06-30 14:01:40 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-06-30 14:01:25 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-06-30 14:01:25 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-06-30 10:44:41 0 d-----w- c:\docume~1\dstrud~1\applic~1\Teleca
2010-06-30 10:44:29 0 d-----w- c:\docume~1\alluse~1\applic~1\HTC
2010-06-30 10:44:26 0 d-----w- c:\program files\common files\Teleca Shared
2010-06-30 10:44:26 0 d-----w- c:\docume~1\alluse~1\applic~1\Teleca
2010-06-30 10:43:53 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys
2010-06-30 10:43:53 1122664 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-06-30 10:43:51 0 d-----w- c:\program files\Spirent Communications
2010-06-30 10:43:49 0 d-----w- c:\program files\HTC
2010-06-30 10:38:52 0 d-----w- c:\windows\Downloaded Installations
2010-06-14 11:27:55 726528 ----a-w- c:\windows\system32\SET647.tmp
2010-06-11 11:02:40 0 d-----w- C:\New Folder
2010-06-11 08:28:54 0 d-----w- c:\program files\Microsoft ActiveSync
==================== Find3M ====================
2010-05-05 13:30:57 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-02 05:22:50 1851264 ------w- c:\windows\system32\dllcache\win32k.sys
2010-04-08 13:03:50 2113536 ----a-w- c:\windows\system32\SET1D6.tmp
2010-04-08 13:03:50 2113536 ------w- c:\windows\system32\dllcache\WMVCore.dll
2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll
2009-11-02 23:51:38 16384 --sha-w- c:\windows\temp\cookies\index.dat
2009-11-02 23:51:38 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2009-11-02 23:51:38 16384 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat
============= FINISH: 16:00:15.32 ===============
And the Attach.txt
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-03-17.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 02/11/2009 15:52:34
System Uptime: 07/05/2010 11:42:40 (1421 hours ago)
Motherboard: Hewlett-Packard | | 3032h
Processor: Intel Pentium III Xeon processor | XU1 PROCESSOR | 1989/1333mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 217 GiB total, 160.178 GiB free.
D: is FIXED (NTFS) - 16 GiB total, 9.788 GiB free.
E: is CDROM ()
H: is NetworkDisk (NTFS) - 1907 GiB total, 296.424 GiB free.
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP135: 07/04/2010 17:49:09 - System Checkpoint
RP136: 08/04/2010 18:06:14 - System Checkpoint
RP137: 09/04/2010 19:00:06 - System Checkpoint
RP138: 10/04/2010 19:59:38 - System Checkpoint
RP139: 11/04/2010 20:00:05 - System Checkpoint
RP140: 12/04/2010 21:00:02 - System Checkpoint
RP141: 13/04/2010 21:59:59 - System Checkpoint
RP142: 14/04/2010 22:59:56 - System Checkpoint
RP143: 15/04/2010 23:59:50 - System Checkpoint
RP144: 17/04/2010 00:59:44 - System Checkpoint
RP145: 18/04/2010 01:59:36 - System Checkpoint
RP146: 19/04/2010 14:58:29 - System Checkpoint
RP147: 20/04/2010 17:43:20 - System Checkpoint
RP148: 21/04/2010 17:45:16 - System Checkpoint
RP149: 23/04/2010 17:51:05 - System Checkpoint
RP150: 26/04/2010 12:53:32 - System Checkpoint
RP151: 27/04/2010 13:13:39 - Installed QuickTime
RP152: 28/04/2010 10:01:56 - Software Distribution Service 3.0
RP153: 29/04/2010 12:38:56 - System Checkpoint
RP154: 30/04/2010 14:49:43 - System Checkpoint
RP155: 01/05/2010 15:03:32 - System Checkpoint
RP156: 02/05/2010 16:03:29 - System Checkpoint
RP157: 03/05/2010 17:03:26 - System Checkpoint
RP158: 04/05/2010 17:43:24 - System Checkpoint
RP159: 05/05/2010 09:26:36 - Software Distribution Service 3.0
RP160: 06/05/2010 13:12:57 - System Checkpoint
RP161: 07/05/2010 19:50:08 - System Checkpoint
RP162: 11/05/2010 12:41:45 - Installed QlikView Plugin
RP163: 11/05/2010 13:04:05 - Installed QlikView Plugin
RP164: 12/05/2010 17:41:50 - System Checkpoint
RP165: 13/05/2010 17:42:41 - System Checkpoint
RP166: 14/05/2010 17:45:38 - System Checkpoint
RP167: 15/05/2010 17:49:20 - System Checkpoint
RP168: 16/05/2010 18:49:15 - System Checkpoint
RP169: 17/05/2010 18:50:17 - System Checkpoint
RP170: 18/05/2010 19:50:12 - System Checkpoint
RP171: 20/05/2010 12:22:05 - System Checkpoint
RP172: 21/05/2010 12:40:52 - System Checkpoint
RP173: 22/05/2010 12:50:59 - System Checkpoint
RP174: 23/05/2010 13:50:53 - System Checkpoint
RP175: 24/05/2010 10:24:06 - Software Distribution Service 3.0
RP176: 25/05/2010 17:44:16 - System Checkpoint
RP177: 26/05/2010 18:40:53 - System Checkpoint
RP178: 27/05/2010 19:41:52 - System Checkpoint
RP179: 28/05/2010 20:04:46 - System Checkpoint
RP180: 29/05/2010 20:08:36 - System Checkpoint
RP181: 30/05/2010 21:13:07 - System Checkpoint
RP182: 31/05/2010 21:16:44 - System Checkpoint
RP183: 01/06/2010 21:18:39 - System Checkpoint
RP184: 02/06/2010 17:13:37 - Installed Microsoft Office Visio Professional 2003
RP185: 03/06/2010 17:44:11 - System Checkpoint
RP186: 04/06/2010 17:46:52 - System Checkpoint
RP187: 07/06/2010 17:45:09 - System Checkpoint
RP188: 08/06/2010 18:13:48 - System Checkpoint
RP189: 09/06/2010 19:28:13 - System Checkpoint
RP190: 10/06/2010 20:14:40 - System Checkpoint
RP191: 11/06/2010 09:28:54 - Installed Microsoft ActiveSync
RP192: 12/06/2010 09:34:56 - System Checkpoint
RP193: 13/06/2010 10:34:53 - System Checkpoint
RP194: 14/06/2010 17:43:13 - System Checkpoint
RP195: 15/06/2010 17:43:27 - System Checkpoint
RP196: 16/06/2010 18:34:47 - System Checkpoint
RP197: 17/06/2010 19:35:47 - System Checkpoint
RP198: 18/06/2010 20:34:38 - System Checkpoint
RP199: 19/06/2010 21:34:36 - System Checkpoint
RP200: 20/06/2010 22:34:34 - System Checkpoint
RP201: 21/06/2010 23:34:34 - System Checkpoint
RP202: 23/06/2010 00:34:34 - System Checkpoint
RP203: 24/06/2010 01:34:33 - System Checkpoint
RP204: 25/06/2010 02:34:32 - System Checkpoint
RP205: 26/06/2010 03:34:31 - System Checkpoint
RP206: 27/06/2010 04:34:30 - System Checkpoint
RP207: 28/06/2010 05:34:29 - System Checkpoint
RP208: 29/06/2010 06:34:29 - System Checkpoint
RP209: 30/06/2010 07:34:29 - System Checkpoint
RP210: 30/06/2010 11:43:49 - Installed HTC Driver Installer.
RP211: 30/06/2010 11:44:06 - Installed HTC Sync.
RP212: 30/06/2010 15:01:40 - Installed Windows XP Wdf01007.
RP213: 01/07/2010 17:48:05 - System Checkpoint
RP214: 02/07/2010 18:14:10 - System Checkpoint
RP215: 03/07/2010 19:14:00 - System Checkpoint
RP216: 04/07/2010 20:17:09 - System Checkpoint
RP217: 05/07/2010 13:47:48 - Installed HiJackThis
RP218: 05/07/2010 15:10:01 - Installed Windows XP KB980218.
RP219: 05/07/2010 15:10:15 - Installed Windows Media Player KB978695.
RP220: 05/07/2010 15:10:25 - Installed Windows XP KB980195.
RP221: 05/07/2010 15:10:37 - Installed Windows XP KB979482.
RP222: 05/07/2010 15:10:47 - Installed Windows XP KB975562.
RP223: 05/07/2010 15:10:59 - Installed Windows XP KB979559.
RP224: 05/07/2010 15:11:16 - Installed Windows XP KB982381.
RP225: 05/07/2010 15:41:47 - Software Distribution Service 3.0
==== Installed Programs ======================
Acrobat.com
ActivClient 6.1 x86
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3
Amazon MP3 Downloader 1.0.9
Apple Application Support
Apple Software Update
AuthenTec Fingerprint System
BIOS Configuration for HP ProtectTools
Cisco Systems VPN Client 5.0.01.0600
Credential Manager for HP ProtectTools
Device Access Manager for HP ProtectTools
Drive Encryption for HP ProtectTools
ERUNT 1.1j
File Sanitizer For HP ProtectTools
FileZilla Client 3.3.3
Google Earth Plug-in
Google Update Helper
Handbrake 0.9.4
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952117-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB958756)
Hotfix for Windows XP (KB961118)
HP Backup and Recovery Manager
HP Help and Support
HP JavaCard for HP ProtectTools
HP ProtectTools Security Manager
HP ProtectTools Security Manager Suite
HTC Driver Installer
HTC Sync
Intel(R) Network Connections 13.5.32.0
Intel® Active Management Technology
InterVideo WinDVD 8
IrfanView (remove only)
Java(TM) 6 Update 18
Java(TM) 6 Update 7
JDownloader
Junk Mail filter update
McAfee Agent
McAfee VirusScan Enterprise
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Standard 2007
Microsoft Office Visio Professional 2003
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Books Online (English)
Microsoft SQL Server 2005 Tools
Microsoft SQL Server 2008
Microsoft SQL Server 2008 BI Development Studio
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Client Tools
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 Policies
Microsoft SQL Server 2008 Reporting Services
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files (English)
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Compact 3.5 SP1 Query Tools English
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual Studio 2005 Premier Partner Edition - ENU
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Mozilla Firefox (3.6.6)
Mozilla Thunderbird (3.0.4)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 6.0 Parser (KB933579)
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
PDFCreator
Perforce Visual Components
PKR
PKROTest
Privacy Manager for HP ProtectTools
QlikView
QlikView Plugin
QuickTime
RBTray 3.4
Riva FLV Encoder 2.0
Security Task Manager 1.7h
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Segoe UI
SoundMAX
Spybot - Search & Destroy
SpywareBlaster 4.3
SpywareGuard v2.2
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
SQLXML4
SUPER © Version 2010.bld.37 (Jan 2, 2010)
Sybase PowerDesigner 15.0
TeamViewer 5
TeraCopy 2.12
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (kb983486)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows PowerShell(TM) 1.0
Windows PowerShell(TM) 1.0 MUI pack
Windows Presentation Foundation
Windows Search 4.0
Windows Server 2003 Service Pack 2 Administration Tools Pack
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
==== Event Viewer Messages From Past Week ========
05/07/2010 15:56:08, error: Service Control Manager [7034] - The IS360service service terminated unexpectedly. It has done this 1 time(s).
05/07/2010 13:02:31, error: PlugPlayManager [11] - The device Root\LEGACY_SSIDRV\0000 disappeared from the system without first being prepared for removal.
05/07/2010 13:02:31, error: PlugPlayManager [11] - The device Root\LEGACY_SSHRMD\0000 disappeared from the system without first being prepared for removal.
05/07/2010 13:02:31, error: PlugPlayManager [11] - The device Root\LEGACY_SSFS0BBC\0000 disappeared from the system without first being prepared for removal.
05/07/2010 13:02:14, error: Service Control Manager [7034] - The Webroot Client Service service terminated unexpectedly. It has done this 1 time(s).
05/07/2010 13:02:11, error: Service Control Manager [7034] - The Webroot Spy Sweeper Engine service terminated unexpectedly. It has done this 1 time(s).
05/07/2010 12:12:44, error: Service Control Manager [7034] - The File Sanitizer for HP ProtectTools service terminated unexpectedly. It has done this 1 time(s).
04/07/2010 22:19:26, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
02/07/2010 14:12:13, error: System Error [1003] - Error code 00000006, parameter1 00000000, parameter2 00000000, parameter3 00000000, parameter4 00000000.
02/07/2010 10:28:22, error: Service Control Manager [7038] - The ReportServer service was unable to log on as CFROG\dstrudwick with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
02/07/2010 10:28:22, error: Service Control Manager [7038] - The MSSQLSERVER service was unable to log on as cfrog\dstrudwick with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
02/07/2010 10:28:22, error: Service Control Manager [7000] - The SQL Server Reporting Services (MSSQLSERVER) service failed to start due to the following error: The service did not start due to a logon failure.
02/07/2010 10:28:22, error: Service Control Manager [7000] - The SQL Server (MSSQLSERVER) service failed to start due to the following error: The service did not start due to a logon failure.
==== End Of File ===========================