"File Loader", loader.exe/smss.exe, iexplore.exe, and Volume Control bugs.
As several other users have posted about, I too seem to be having a problem with this "Black Internet" File Loader program that I have witnessed do the following:
- Mutes the system volume by turning the Wave category down to zero.
- Opens several instances of iexplore.exe that can be ended via the Task Manager but simply reappear.
- Has added loader.exe and smss.exe to the list of processes seen in Task Manager.
- My active window (usually FireFox) loses focus occasionally and I have to click it again so I can continue typing.
Like the other reports, I use FireFox exclusively as my browser.
I have a unique twist on the infection, though, that when I woke up today I saw that I had 4 Internet Explorer pop ups but also an error notification that "File Loader has caused a problem and needs to close". I was able to end the IE processes and they did NOT return during the duration that I had the computer on. However, once I installed Spybot S&D and rebooted, they came back and now cannot be terminated.
Like other users before me I have run virus scanners and they turn up blank. I am not sure as to the severity of the infection but after reading about things such as rootkits I would like to try and get this infection removed without having to reformat my OS and/or HD. As for what I have done personally to try and stifle the infection, I have attempted to disable it via Task Manager as well as using StartupCPL to try and end the processes at startup, neither one worked.
I have completed all the necessary steps as per the sticky ("Before you post a log) and here are the DDS.txt and Attach.txt logs requested:
DDS LOG
DDS (Ver_10-03-17.01) - NTFSx86
Run by HP_Administrator at 13:22:25.98 on Tue 07/06/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1982.1115 [GMT -5:00]
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
============== Running Processes ===============
svchost.exe 4
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe 4
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\dvrmstoolbox\dvrmsfilewatcherservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Borland\InterBase\bin\ibguard.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\WZCBDL Service\WZCBDLS.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\trutil01.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\MCTCIDUtil.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\TEMP\Google Toolbar\gtb4.tmp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HP\KBD\KBD.EXE
C:\Documents and Settings\HP_Administrator\Desktop\dds.scr
C:\WINDOWS\ALCXMNTR.EXE
============== Pseudo HJT Report ===============
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uSearch Bar = hxxp://www.google.com/ie
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MCTCIDUtil] c:\windows\system32\MCTCIDUtil.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [D-Link Air USB Utility] c:\program files\d-link\air usb utility\AirCFG.exe
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
mRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\isuspm.exe" -scheduler
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [amd_dc_opt] "c:\program files\amd\amd_dc_opt\amd_dc_opt.exe"
mRun: [trutil0] c:\windows\system32\trutil01.exe
mRun: [PinnacleDriverCheck] c:\windows\system32\\PSDrvCheck.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mPolicies-system: EnableLUA = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\hp_administrator\start menu\programs\imvu\Run IMVU.lnk
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: trymedia.com
DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.87.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} - hxxp://asp.mathxl.com/wizmodules/testgen/installers/TestGenXInstall.cab
DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} - hxxp://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
DPF: {64D01C7F-810D-446E-A07E-16C764235644} - hxxp://zone.msn.com/bingame/amad/default/atomaders.cab
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/chnz/default/mjolauncher.cab
DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} - hxxp://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} - hxxp://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab
DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab
DPF: {EEC9DBCC-04AD-4A1B-BEA7-C6DAD9515D5A} - hxxp://asp.mathxl.com/books/_Players/EconPlayer.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\hp_adm~1\applic~1\mozilla\firefox\profiles\t445rp2p.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - component: c:\documents and settings\hp_administrator\application
data\mozilla\firefox\profiles\t445rp2p.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\google\google gears\firefox\lib\ff35\gears.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeploytk.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npnul32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPOFFICE.DLL
FF - plugin: c:\program files\mozilla firefox\plugins\npRACtrl.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\progra~1\mozill~1\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\progra~1\mozill~1\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\progra~1\mozill~1\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\progra~1\mozill~1\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\progra~1\mozill~1\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\progra~1\mozill~1\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\progra~1\mozill~1\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-7-6 64288]
R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-1-3 11608]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2009-1-3 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-1-3 151297]
R2 DVRMSFileWatcherService;DVRMSFileWatcherService;c:\program files\dvrmstoolbox\DVRMSFileWatcherService.exe [2006-6-2 32768]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-6-21 1352832]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 NIOC;NIOC Service;c:\windows\system32\NIOC.sys [2002-9-27 22912]
R2 ppsio2;PPDevice;c:\windows\system32\drivers\ppsio2.sys [2008-1-23 23200]
R2 WZCBDLService;WZCBDL Service;c:\program files\wzcbdl service\WZCBDLS.exe [2002-3-19 36864]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2006-8-22 31744]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-1-3 52056]
R3 PRISM_USB;D-Link Air DWL-122 Wireless USB Adapter Driver;c:\windows\system32\drivers\PRISMUSB.sys [2006-6-2 636416]
R3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [2006-6-9 223128]
R3 xMrMINI;xMrMINI;c:\windows\system32\drivers\xMrMINI.sys [2009-8-3 247808]
R3 xVGAMINI;xVGAMINI;c:\windows\system32\drivers\xVGAMINI.sys [2009-8-3 253184]
R3 xVGAUSB;USB 2.0 VGA DEVICE-1;c:\windows\system32\drivers\xvgausb.sys [2009-8-3 34944]
S2 gupdate1c997c7df809ca6;Google Update Service (gupdate1c997c7df809ca6);c:\program files\google\update\GoogleUpdate.exe [2009-2-25 133104]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
=============== Created Last 30 ================
2010-07-06 18:12:30 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-06 17:57:45 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-07-06 17:57:45 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-07-06 17:47:33 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{90FF8911-FC06-4E49-8959-C3CF1CA226BB}
==================== Find3M ====================
2010-06-17 21:22:10 8654 ----a-w- c:\docume~1\hp_adm~1\applic~1\wklnhst.dat
2006-10-24 05:29:02 2199552 ----a-w- c:\program files\tb_triforce_1_6.dll
2006-10-24 05:11:06 3223552 ----a-w- c:\program files\tb_toad_1_2.dll
2006-10-24 04:38:10 4542464 ----a-w- c:\program files\tb_peach_1_2.dll
2001-09-10 15:00:26 139264 ----a-w- c:\windows\inf\i386\Rtscan.dll
2001-09-10 14:10:36 61440 ----a-w- c:\windows\inf\i386\onetUSD.dll
2001-08-18 00:43:24 32768 ----a-w- c:\windows\inf\i386\Wiamicro.dll
2001-08-04 00:29:18 13824 ----a-w- c:\windows\inf\i386\usbscan.sys
2001-06-29 14:10:24 163840 ----a-w- c:\windows\inf\i386\viceo.dll
2010-03-22 03:40:38 12208 --sha-w- c:\windows\system32\KGyGaAvL.sys
============= FINISH: 13:23:12.76 ===============
Attach LOG
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-03-17.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/2/2006 7:30:28 PM
System Uptime: 7/6/2010 1:16:01 PM (0 hours ago)
Motherboard: MSI | | AMETHYST-M
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket 939 | 2188/200mhz
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket 939 | 2188/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 271 GiB total, 43.535 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.46 GiB free.
E: is CDROM ()
F: is CDROM (CDFS)
G: is Removable
H: is Removable
I: is Removable
J: is Removable
L: is CDROM ()
M: is CDROM (CDFS)
N: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP1260: 4/7/2010 11:27:59 PM - System Checkpoint
RP1261: 4/9/2010 1:02:43 AM - System Checkpoint
RP1262: 4/10/2010 3:37:31 AM - System Checkpoint
RP1263: 4/11/2010 7:28:49 AM - System Checkpoint
RP1264: 4/12/2010 11:28:50 AM - System Checkpoint
RP1265: 4/13/2010 3:28:50 PM - System Checkpoint
RP1266: 4/14/2010 3:30:07 PM - System Checkpoint
RP1267: 4/15/2010 7:11:13 PM - System Checkpoint
RP1268: 4/16/2010 7:31:10 PM - System Checkpoint
RP1269: 4/17/2010 7:32:36 PM - System Checkpoint
RP1270: 4/18/2010 11:32:36 PM - System Checkpoint
RP1271: 4/20/2010 3:30:55 AM - System Checkpoint
RP1272: 4/21/2010 3:32:37 AM - System Checkpoint
RP1273: 4/22/2010 7:33:02 AM - System Checkpoint
RP1274: 4/23/2010 11:29:34 AM - System Checkpoint
RP1275: 4/24/2010 11:34:01 AM - System Checkpoint
RP1276: 4/25/2010 11:34:20 AM - System Checkpoint
RP1277: 4/26/2010 3:30:46 PM - System Checkpoint
RP1278: 4/27/2010 7:01:10 PM - System Checkpoint
RP1279: 4/28/2010 7:30:05 PM - System Checkpoint
RP1280: 4/29/2010 7:33:20 PM - System Checkpoint
RP1281: 4/30/2010 7:34:09 PM - System Checkpoint
RP1282: 5/1/2010 11:34:11 PM - System Checkpoint
RP1283: 5/2/2010 11:35:10 PM - System Checkpoint
RP1284: 5/3/2010 11:35:25 PM - System Checkpoint
RP1285: 5/4/2010 11:35:47 PM - System Checkpoint
RP1286: 5/5/2010 11:36:12 PM - System Checkpoint
RP1287: 5/6/2010 11:50:39 PM - System Checkpoint
RP1288: 5/8/2010 4:06:45 AM - System Checkpoint
RP1289: 5/9/2010 7:36:55 AM - System Checkpoint
RP1290: 5/10/2010 7:37:35 AM - System Checkpoint
RP1291: 5/11/2010 11:35:37 AM - System Checkpoint
RP1292: 5/12/2010 11:37:50 AM - System Checkpoint
RP1293: 5/13/2010 3:37:47 PM - System Checkpoint
RP1294: 5/14/2010 3:38:04 PM - System Checkpoint
RP1295: 5/15/2010 4:53:35 PM - System Checkpoint
RP1296: 5/16/2010 11:20:25 PM - System Checkpoint
RP1297: 5/18/2010 12:53:06 AM - System Checkpoint
RP1298: 5/19/2010 1:33:00 AM - System Checkpoint
RP1299: 5/20/2010 4:53:59 AM - System Checkpoint
RP1300: 5/21/2010 7:48:24 AM - System Checkpoint
RP1301: 5/22/2010 11:48:23 AM - System Checkpoint
RP1302: 5/23/2010 3:48:24 PM - System Checkpoint
RP1303: 5/24/2010 7:48:23 PM - System Checkpoint
RP1304: 5/25/2010 9:03:02 PM - System Checkpoint
RP1305: 5/26/2010 11:48:31 PM - System Checkpoint
RP1306: 5/27/2010 11:49:26 PM - System Checkpoint
RP1307: 5/29/2010 4:15:56 AM - System Checkpoint
RP1308: 5/30/2010 7:49:26 AM - System Checkpoint
RP1309: 5/31/2010 12:29:39 PM - System Checkpoint
RP1310: 6/1/2010 5:07:37 PM - System Checkpoint
RP1311: 6/2/2010 8:01:20 PM - System Checkpoint
RP1312: 6/4/2010 12:37:46 AM - System Checkpoint
RP1313: 6/5/2010 1:40:08 AM - System Checkpoint
RP1314: 6/6/2010 5:39:25 AM - System Checkpoint
RP1315: 6/7/2010 5:40:27 AM - System Checkpoint
RP1316: 6/8/2010 9:40:29 AM - System Checkpoint
RP1317: 6/9/2010 9:41:07 AM - System Checkpoint
RP1318: 6/10/2010 1:40:32 PM - System Checkpoint
RP1319: 6/11/2010 1:40:45 PM - System Checkpoint
RP1320: 6/12/2010 1:41:10 PM - System Checkpoint
RP1321: 6/13/2010 5:40:55 PM - System Checkpoint
RP1322: 6/14/2010 10:47:06 PM - System Checkpoint
RP1323: 6/15/2010 11:08:51 PM - System Checkpoint
RP1324: 6/17/2010 12:54:04 AM - System Checkpoint
RP1325: 6/18/2010 4:54:00 AM - System Checkpoint
RP1326: 6/19/2010 8:54:02 AM - System Checkpoint
RP1327: 6/20/2010 12:54:03 PM - System Checkpoint
RP1328: 6/21/2010 4:54:00 PM - System Checkpoint
RP1329: 6/22/2010 8:54:01 PM - System Checkpoint
RP1330: 6/24/2010 12:54:05 AM - System Checkpoint
RP1331: 6/25/2010 12:57:33 AM - System Checkpoint
RP1332: 6/26/2010 1:08:38 AM - System Checkpoint
RP1333: 6/27/2010 4:54:08 AM - System Checkpoint
RP1334: 6/28/2010 4:55:05 AM - System Checkpoint
RP1335: 6/29/2010 8:55:06 AM - System Checkpoint
RP1336: 6/30/2010 9:43:31 AM - System Checkpoint
RP1337: 6/30/2010 9:23:50 PM - Configured easy Internet sign-up
RP1338: 6/30/2010 9:35:55 PM - Configured Hidden & Dangerous 2
RP1339: 6/30/2010 10:07:59 PM - Removed Ask Toolbar.
RP1340: 7/2/2010 2:24:04 AM - System Checkpoint
RP1341: 7/3/2010 4:51:43 AM - System Checkpoint
RP1342: 7/4/2010 4:55:43 AM - System Checkpoint
RP1343: 7/5/2010 8:55:09 AM - System Checkpoint
==== Installed Programs ======================
2Wire Wireless Client
Ad-Aware
Adobe Acrobat 5.0
Adobe AIR
Adobe Anchor Service CS3
Adobe Anchor Service CS4
Adobe Asset Services CS3
Adobe Bridge 1.0
Adobe Bridge CS3
Adobe Bridge CS4
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color Common Settings
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe Common File Installer
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS3
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash CS3
Adobe Flash CS3 Professional
Adobe Flash Media Encoder 2.5
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Center 2.0
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Premiere Pro 2.0
Adobe Reader 7.0
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos 1.0
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Update Manager CS4
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Agere Systems PCI-SV92PP Soft Modem
AiO_Scan
AiO_Scan_CDA
AiOSoftware
AiOSoftwareNPI
Air USB Utility
AMD Dual-Core Optimizer
ATI Control Panel
ATI Display Driver
AutoUpdate
Avira AntiVir Personal - Free Antivirus
Babarosa Gif Animator 3.6 (Remove only)
BitLord 1.1
Borland C++Builder 6
BufferChm
CameraDrivers
CamStudio
Camtasia Studio 3
Camtasia Studio 5
Compatibility Pack for the 2007 Office system
Connect
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
D-Fend v2
DefilerPak 1.22 (Remove Only)
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DiscAPI (Studio 10)
DISCover
DivX
DocProc
DocumentViewer
DocumentViewerQFolder
DVRMSToolbox
Edmark 2D 3D Blox
ERUNT 1.1j
EXPStudio Audio Editor FREE 3.99a
Fax
Fax_CDA
FL Studio 6
Flash Decompiler
FTP Surfer
FullDPAppQFolder
Garry's Mod
GemMaster Mystic
Google Earth
Google Gears
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
Google Video Uploader
GraphicsGale FreeEdition version 1.93.09
Half-Life(R) 2
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB952287)
HP Boot Optimizer
HP Deskjet 5400 series
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP DVD Play 1.0
HP Image Zone Express
HP Imaging Device Functions 6.0
HP Multimedia Keyboard Software
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Cameras 5.0
HP Photosmart for Media Center PC
HP Photosmart Premier Software 6.0
HP PSC & OfficeJet 5.3.A
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HP Web Helper
HPDeskjet5400Series
HPProductAssistant
HpSdpAppCoreApp
HUNT 1.0
Image Resizer Powertoy for Windows XP
InstantShareDevices
InterActual Player
InterBase 6.5
InterVideo DeviceService
InterVideo WinDVD 8
J2SE Runtime Environment 5.0 Update 5
Java(TM) 6 Update 11
Junk Mail filter update
Kid Pix Deluxe 3
kuler
Lernout & Hauspie TruVoice American English TTS Engine
LightScribe 1.4.62.1
LimeWire 5.1.3
Macromedia Dreamweaver 8
Macromedia Extension Manager
Macromedia Flash MX 2004
Macromedia Shockwave Player
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft Application Error Reporting
Microsoft Away Mode
Microsoft Choice Guard
Microsoft Money 2006
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour
Microsoft Office Professional Edition 2003
Microsoft Office Standard Edition 2003
Microsoft Plus! for Windows XP
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Mozilla Firefox (3.5.10)
MP3 Audio Sound Recoder 1.42
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB925673)
MTV Music Generator
muvee autoProducer 4.5
muvee autoProducer unPlugged 1.2
MyDSC2
NanoQuest
NewCopy
NewCopy_CDA
NIOC Service
OneTouch Version 3.0
OptionalContentQFolder
Otto
PanoStandAlone
PaperPort 7.02
PDF Settings CS4
PhotoGallery
Photoshop Camera Raw
Pinnacle Instant DVD Recorder
Portal
proDAD Heroglyph 2.5
Project64 1.6
PS2
PSPrinters08
PSTAPlugin
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
RandMap
RAPID (Studio 10)
Readme
Remove IntelliMover Demo
Ricochet Lost Worlds
Roblox for HP_Administrator
Robot Arena
Robot Arena 2
Robot Wars Extreme Destruction
Robot Wars: Arenas of Destruction
RPG Maker 2000 1.05
RTP for RM2K (Png, Wav, Midi, Fonts)
Scan
ScannerCopy
ScreenPrint32 v3.5
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB960714)
SEE2 USB 2.0 VGA Adapter (Multiple) 9.02.0311.1153
Segoe UI
SkinsHP1
Skype™ 3.6
SmartFTP Client
SmartFTP Client 2.5 Setup Files (remove only)
SmartFTP Client 3.0 Setup Files (remove only)
SmartSound Quicktracks Plugin
SolutionCenter
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Source SDK Base
Spybot - Search & Destroy
Status
Steam
Steam(TM)
Stella 2.5.1
Studio 10
Studio 10 Bonus DVD
Suite Shared Configuration CS4
SWiSHmax
The Typing of The Dead
TrayApp
Trillian
Turbo Lister 2
Ulead VideoStudio 11
Uninstall TONKA Monster Trucks
Unload
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB953356)
Update for Windows XP (KB955839)
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
VideoStudio
VisiBroker for Cpp 4.5
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 0.9.8a
WebFldrs XP
WebReg
Winamp (remove only)
Windows Communication Foundation
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Live Writer
Windows Media Connect
Windows Media Format Runtime
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892050
Windows XP Hotfix - KB893066
Windows XP Media Center Edition 2005 KB908250
WinFF v0.28
WinRAR archiver
WZCBDL Service
XML Paper Specification Shared Components Pack 1.0
XviD MPEG-4 Video Codec
Yahoo! Install Manager
Zombie Driver
==== Event Viewer Messages From Past Week ========
7/6/2010 10:10:34 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer GBARDIN that believes that it is the master browser
for the domain on transport NetBT_Tcpip_{AB0F7788-10E2-4D56-9. The master browser is stopping or an election is being forced.
7/2/2010 10:27:23 PM, error: NetBT [4321] - The name "HOME :1d" could not be registered on the Interface with IP address 192.168.1.71. The machine with the IP
address 192.168.1.64 did not allow the name to be claimed by this machine.
6/30/2010 9:09:44 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'.
NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
6/30/2010 9:08:59 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
6/30/2010 10:23:02 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server:
{9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
==== End Of File ===========================
Thanks in advance,
RMIII
Originally Posted by IndiGenus
